@reauth-dev/sdk 0.1.0 → 0.2.0

package/dist/index.js

@@ -26,9 +26,27 @@ __export(src_exports, {
 });
 module.exports = __toCommonJS(src_exports);
 
+// src/types.ts
+var DEFAULT_TIMEOUT_MS = 1e4;
+
 // src/client.ts
+function assertHttpsUrl(url) {
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    throw new Error("URL must use HTTPS");
+  }
+  if (parsed.protocol !== "https:") {
+    throw new Error("URL must use HTTPS");
+  }
+}
 function createReauthClient(config) {
   const { domain } = config;
+  if (config.timeout !== void 0 && (!Number.isFinite(config.timeout) || config.timeout <= 0)) {
+    throw new Error("timeout must be a positive finite number in milliseconds");
+  }
+  const timeoutMs = config.timeout ?? DEFAULT_TIMEOUT_MS;
   const baseUrl = `https://reauth.${domain}/api/public`;
   return {
     /**
@@ -47,35 +65,47 @@ function createReauthClient(config) {
      */
     async getSession() {
       const res = await fetch(`${baseUrl}/auth/session`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to get session: ${res.status}`);
+      }
       return res.json();
     },
     /**
      * Refresh the access token using the refresh token.
      * Call this when getSession() returns valid: false but no error_code.
-     * @returns true if refresh succeeded, false otherwise
+     * @throws Error on failed refresh (401) or server error
      */
     async refresh() {
       const res = await fetch(`${baseUrl}/auth/refresh`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to refresh: ${res.status}`);
+      }
     },
     /**
      * Get an access token for Bearer authentication.
      * Use this when calling your own API that uses local token verification.
      *
-     * @returns TokenResponse with access token, or null if not authenticated
+     * @returns TokenResponse with access token, or null if not authenticated or network unreachable
+     * @throws Error on server errors (non-401 HTTP status codes) or request timeout
      *
      * @example
      * ```typescript
-     * const tokenResponse = await reauth.getToken();
-     * if (tokenResponse) {
-     *   fetch('/api/data', {
-     *     headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
-     *   });
+     * try {
+     *   const tokenResponse = await reauth.getToken();
+     *   if (tokenResponse) {
+     *     fetch('/api/data', {
+     *       headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
+     *     });
+     *   }
+     * } catch (err) {
+     *   // Server error or timeout — do not log the user out
      * }
      * ```
      */
@@ -83,7 +113,8 @@ function createReauthClient(config) {
       try {
         const res = await fetch(`${baseUrl}/auth/token`, {
           method: "GET",
-          credentials: "include"
+          credentials: "include",
+          signal: AbortSignal.timeout(timeoutMs)
         });
         if (!res.ok) {
           if (res.status === 401) return null;
@@ -95,29 +126,38 @@ function createReauthClient(config) {
           expiresIn: data.expires_in,
           tokenType: data.token_type
         };
-      } catch {
-        return null;
+      } catch (err) {
+        if (err instanceof TypeError) return null;
+        throw err;
       }
     },
     /**
      * Log out the user by clearing all session cookies.
+     * @throws Error on server error
      */
     async logout() {
-      await fetch(`${baseUrl}/auth/logout`, {
+      const res = await fetch(`${baseUrl}/auth/logout`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to logout: ${res.status}`);
+      }
     },
     /**
      * Delete the user's own account (self-service).
-     * @returns true if deletion succeeded, false otherwise
+     * @throws Error on permission denied or server error
      */
     async deleteAccount() {
       const res = await fetch(`${baseUrl}/auth/account`, {
         method: "DELETE",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to delete account: ${res.status}`);
+      }
     },
     // ========================================================================
     // Billing Methods
@@ -125,12 +165,16 @@ function createReauthClient(config) {
     /**
      * Get available subscription plans for the domain.
      * Only returns public plans sorted by display order.
+     * @throws Error on server error
      */
     async getPlans() {
       const res = await fetch(`${baseUrl}/billing/plans`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      if (!res.ok) return [];
+      if (!res.ok) {
+        throw new Error(`Failed to get plans: ${res.status}`);
+      }
       const data = await res.json();
       return data.map(
         (p) => ({
@@ -143,8 +187,17 @@ function createReauthClient(config) {
           interval: p.interval,
           intervalCount: p.interval_count,
           trialDays: p.trial_days,
-          features: p.features,
-          displayOrder: p.display_order
+          features: p.features.map((f) => ({
+            code: f.code,
+            name: f.name,
+            featureType: f.feature_type,
+            numericValue: f.numeric_value,
+            unitLabel: f.unit_label
+          })),
+          displayOrder: p.display_order,
+          creditsAmount: p.credits_amount,
+          planType: p.plan_type,
+          contactUrl: p.contact_url
         })
       );
     },
@@ -153,8 +206,12 @@ function createReauthClient(config) {
      */
     async getSubscription() {
       const res = await fetch(`${baseUrl}/billing/subscription`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to get subscription: ${res.status}`);
+      }
       const data = await res.json();
       return {
         id: data.id,
@@ -178,6 +235,7 @@ function createReauthClient(config) {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           plan_code: planCode,
           success_url: successUrl,
@@ -206,6 +264,7 @@ function createReauthClient(config) {
         currentUrl,
         currentUrl
       );
+      assertHttpsUrl(checkoutUrl);
       window.location.href = checkoutUrl;
     },
     /**
@@ -220,6 +279,7 @@ function createReauthClient(config) {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           return_url: returnUrl || window.location.href
         })
@@ -228,18 +288,22 @@ function createReauthClient(config) {
         throw new Error("Failed to open billing portal");
       }
       const data = await res.json();
+      assertHttpsUrl(data.portal_url);
       window.location.href = data.portal_url;
     },
     /**
      * Cancel the user's subscription at period end.
-     * @returns true if cancellation succeeded
+     * @throws Error on failure or server error
      */
     async cancelSubscription() {
       const res = await fetch(`${baseUrl}/billing/cancel`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to cancel subscription: ${res.status}`);
+      }
     },
     // ========================================================================
     // Balance Methods
@@ -250,13 +314,15 @@ function createReauthClient(config) {
      */
     async getBalance() {
       const res = await fetch(`${baseUrl}/balance`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
       if (!res.ok) {
         if (res.status === 401) throw new Error("Not authenticated");
         throw new Error(`Failed to get balance: ${res.status}`);
       }
-      return res.json();
+      const data = await res.json();
+      return { balance: data.balance };
     },
     /**
      * Get the current user's balance transaction history.
@@ -270,7 +336,7 @@ function createReauthClient(config) {
       const qs = params.toString();
       const res = await fetch(
         `${baseUrl}/balance/transactions${qs ? `?${qs}` : ""}`,
-        { credentials: "include" }
+        { credentials: "include", signal: AbortSignal.timeout(timeoutMs) }
       );
       if (!res.ok) {
         if (res.status === 401) throw new Error("Not authenticated");

package/dist/index.mjs

@@ -1,6 +1,7 @@
 import {
   createReauthClient
-} from "./chunk-JX2J36FS.mjs";
+} from "./chunk-DMNMTW2C.mjs";
+import "./chunk-EY5LQCDG.mjs";
 
 // src/errors.ts
 var ReauthErrorCode = /* @__PURE__ */ ((ReauthErrorCode2) => {

package/dist/react/index.d.mts

@@ -1,14 +1,24 @@
-import { R as ReauthConfig, c as User } from '../types-D8oOYbeC.mjs';
+import { R as ReauthConfig, c as User } from '../types-BqZzje-y.mjs';
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import { ReactNode } from 'react';
 
+type UseAuthOptions = ReauthConfig & {
+    /**
+     * Interval in milliseconds to refresh the session. Set to 0 to disable.
+     * Default: 5 minutes (300000ms)
+     */
+    refreshInterval?: number;
+};
 /**
  * React hook for authentication state management.
  *
  * @example
  * ```typescript
  * function MyComponent() {
- *   const { user, loading, login, logout } = useAuth({ domain: 'yourdomain.com' });
+ *   const { user, loading, login, logout } = useAuth({
+ *     domain: 'yourdomain.com',
+ *     refreshInterval: 60000, // Refresh every minute (optional, default: 5 min)
+ *   });
  *
  *   if (loading) return <div>Loading...</div>;
  *   if (!user) return <button onClick={login}>Sign in</button>;
@@ -22,7 +32,7 @@ import { ReactNode } from 'react';
  * }
  * ```
  */
-declare function useAuth(config: ReauthConfig): {
+declare function useAuth(config: UseAuthOptions): {
     login: () => void;
     logout: () => Promise<void>;
     refetch: () => Promise<void>;
@@ -44,7 +54,7 @@ type AuthContextType = {
     refetch: () => Promise<void>;
 };
 type AuthProviderProps = {
-    config: ReauthConfig;
+    config: UseAuthOptions;
     children: ReactNode;
 };
 /**
@@ -120,4 +130,4 @@ type ProtectedRouteProps = {
  */
 declare function ProtectedRoute({ children, fallback, onUnauthenticated, onWaitlist, }: ProtectedRouteProps): react_jsx_runtime.JSX.Element | null;
 
-export { AuthProvider, ProtectedRoute, useAuth, useAuthContext };
+export { AuthProvider, ProtectedRoute, type UseAuthOptions, useAuth, useAuthContext };

package/dist/react/index.d.ts

@@ -1,14 +1,24 @@
-import { R as ReauthConfig, c as User } from '../types-D8oOYbeC.js';
+import { R as ReauthConfig, c as User } from '../types-BqZzje-y.js';
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import { ReactNode } from 'react';
 
+type UseAuthOptions = ReauthConfig & {
+    /**
+     * Interval in milliseconds to refresh the session. Set to 0 to disable.
+     * Default: 5 minutes (300000ms)
+     */
+    refreshInterval?: number;
+};
 /**
  * React hook for authentication state management.
  *
  * @example
  * ```typescript
  * function MyComponent() {
- *   const { user, loading, login, logout } = useAuth({ domain: 'yourdomain.com' });
+ *   const { user, loading, login, logout } = useAuth({
+ *     domain: 'yourdomain.com',
+ *     refreshInterval: 60000, // Refresh every minute (optional, default: 5 min)
+ *   });
  *
  *   if (loading) return <div>Loading...</div>;
  *   if (!user) return <button onClick={login}>Sign in</button>;
@@ -22,7 +32,7 @@ import { ReactNode } from 'react';
  * }
  * ```
  */
-declare function useAuth(config: ReauthConfig): {
+declare function useAuth(config: UseAuthOptions): {
     login: () => void;
     logout: () => Promise<void>;
     refetch: () => Promise<void>;
@@ -44,7 +54,7 @@ type AuthContextType = {
     refetch: () => Promise<void>;
 };
 type AuthProviderProps = {
-    config: ReauthConfig;
+    config: UseAuthOptions;
     children: ReactNode;
 };
 /**
@@ -120,4 +130,4 @@ type ProtectedRouteProps = {
  */
 declare function ProtectedRoute({ children, fallback, onUnauthenticated, onWaitlist, }: ProtectedRouteProps): react_jsx_runtime.JSX.Element | null;
 
-export { AuthProvider, ProtectedRoute, useAuth, useAuthContext };
+export { AuthProvider, ProtectedRoute, type UseAuthOptions, useAuth, useAuthContext };