@sanity/sdk 0.0.0-rc.5 → 0.0.0-rc.6

package/dist/index.d.ts

@@ -260,6 +260,8 @@ export declare interface AuthConfig {
   token?: string
 }
 
+declare type AuthMethodOptions = 'localstorage' | 'cookie' | undefined
+
 /**
  * Configuration for an authentication provider
  * @public
@@ -322,6 +324,7 @@ export declare interface AuthStoreState {
     loginUrl: string
     callbackUrl: string | undefined
     providedToken: string | undefined
+    authMethod: AuthMethodOptions
   }
   dashboardContext?: DashboardContext
 }
@@ -391,6 +394,7 @@ export declare interface ClientState {
   clients: {
     [TKey in string]?: SanityClient
   }
+  authMethod?: 'localstorage' | 'cookie'
 }
 
 /**
@@ -1865,6 +1869,13 @@ export declare interface SanityConfig extends DatasetHandle {
    * @remarks Merged with parent configurations when using createChild
    */
   auth?: AuthConfig
+  /**
+   * Studio mode configuration for use of the SDK in a Sanity Studio
+   * @remarks Controls whether studio mode features are enabled
+   */
+  studioMode?: {
+    enabled: boolean
+  }
 }
 
 export {SanityDocument}

package/dist/index.js

@@ -277,41 +277,6 @@ const refreshStampedToken = ({ state }) => {
       state.set("setRefreshStampedTokenError", { authState: { type: AuthStateType.ERROR, error } });
     }
   });
-}, subscribeToStateAndFetchCurrentUser = ({
-  state
-}) => {
-  const { clientFactory, apiHost } = state.get().options;
-  return state.observable.pipe(
-    map(({ authState }) => authState),
-    filter(
-      (authState) => authState.type === AuthStateType.LOGGED_IN && !authState.currentUser
-    ),
-    map((authState) => authState.token),
-    distinctUntilChanged()
-  ).pipe(
-    map(
-      (token) => clientFactory({
-        apiVersion: DEFAULT_API_VERSION$1,
-        requestTagPrefix: REQUEST_TAG_PREFIX,
-        token,
-        ignoreBrowserTokenWarning: !0,
-        useProjectHostname: !1,
-        ...apiHost && { apiHost }
-      })
-    ),
-    switchMap(
-      (client) => client.observable.request({ uri: "/users/me", method: "GET" })
-    )
-  ).subscribe({
-    next: (currentUser) => {
-      state.set("setCurrentUser", (prev) => ({
-        authState: prev.authState.type === AuthStateType.LOGGED_IN ? { ...prev.authState, currentUser } : prev.authState
-      }));
-    },
-    error: (error) => {
-      state.set("setError", { authState: { type: AuthStateType.ERROR, error } });
-    }
-  });
 };
 function getAuthCode(callbackUrl, locationHref) {
   const loc = new URL(locationHref, DEFAULT_BASE), callbackLocation = callbackUrl ? new URL(callbackUrl, DEFAULT_BASE) : void 0, callbackLocationMatches = callbackLocation ? loc.pathname.toLowerCase().startsWith(callbackLocation.pathname.toLowerCase()) : !0;
@@ -365,7 +330,61 @@ function getCleanedUrl(locationUrl) {
   const loc = new URL(locationUrl);
   return loc.hash = "", loc.searchParams.delete("sid"), loc.searchParams.delete("url"), loc.toString();
 }
-const subscribeToStorageEventsAndSetToken = ({
+async function checkForCookieAuth(projectId, clientFactory) {
+  if (!projectId) return !1;
+  try {
+    return typeof (await clientFactory({
+      projectId
+    }).request({
+      uri: "/users/me",
+      withCredentials: !0,
+      tag: "users.get-current"
+    }))?.id == "string";
+  } catch {
+    return !1;
+  }
+}
+function getStudioTokenFromLocalStorage(storageArea, projectId) {
+  if (!storageArea || !projectId) return null;
+  const studioStorageKey = `__studio_auth_token_${projectId}`;
+  return getTokenFromStorage(storageArea, studioStorageKey) || null;
+}
+const subscribeToStateAndFetchCurrentUser = ({
+  state
+}) => {
+  const { clientFactory, apiHost } = state.get().options;
+  return state.observable.pipe(
+    map(({ authState }) => authState),
+    filter(
+      (authState) => authState.type === AuthStateType.LOGGED_IN && !authState.currentUser
+    ),
+    map((authState) => authState.token),
+    distinctUntilChanged()
+  ).pipe(
+    map(
+      (token) => clientFactory({
+        apiVersion: DEFAULT_API_VERSION$1,
+        requestTagPrefix: REQUEST_TAG_PREFIX,
+        token,
+        ignoreBrowserTokenWarning: !0,
+        useProjectHostname: !1,
+        ...apiHost && { apiHost }
+      })
+    ),
+    switchMap(
+      (client) => client.observable.request({ uri: "/users/me", method: "GET" })
+    )
+  ).subscribe({
+    next: (currentUser) => {
+      state.set("setCurrentUser", (prev) => ({
+        authState: prev.authState.type === AuthStateType.LOGGED_IN ? { ...prev.authState, currentUser } : prev.authState
+      }));
+    },
+    error: (error) => {
+      state.set("setError", { authState: { type: AuthStateType.ERROR, error } });
+    }
+  });
+}, subscribeToStorageEventsAndSetToken = ({
   state
 }) => {
   const { storageArea, storageKey } = state.get().options;
@@ -413,7 +432,10 @@ const authStore = {
       console.error("Failed to parse dashboard context from initial location:", err);
     }
     isInDashboard || (storageArea = storageArea ?? getDefaultStorage());
-    const token = getTokenFromStorage(storageArea, storageKey);
+    let token, authMethod;
+    instance.config.studioMode?.enabled ? (token = getStudioTokenFromLocalStorage(storageArea, instance.config.projectId), token ? authMethod = "localstorage" : checkForCookieAuth(instance.config.projectId, clientFactory).then((isCookieAuthEnabled) => {
+      isCookieAuthEnabled && (authMethod = "cookie");
+    })) : (token = getTokenFromStorage(storageArea, storageKey), token && (authMethod = "localstorage"));
     let authState;
     return providedToken ? authState = { type: AuthStateType.LOGGED_IN, token: providedToken, currentUser: null } : getAuthCode(callbackUrl, initialLocationHref) || getTokenFromLocation(initialLocationHref) ? authState = { type: AuthStateType.LOGGING_IN, isExchangingToken: !1 } : token && !isInDashboard ? authState = { type: AuthStateType.LOGGED_IN, token, currentUser: null } : authState = { type: AuthStateType.LOGGED_OUT, isDestroyingSession: !1 }, {
       authState,
@@ -427,7 +449,8 @@ const authStore = {
         clientFactory,
         initialLocationHref,
         storageKey,
-        storageArea
+        storageArea,
+        authMethod
       }
     };
   },
@@ -448,6 +471,9 @@ const authStore = {
   createStateSourceAction(
     ({ state: { authState } }) => authState.type === AuthStateType.LOGGED_IN ? authState.token : null
   )
+), getAuthMethodState = bindActionGlobally(
+  authStore,
+  createStateSourceAction(({ state: { options } }) => options.authMethod)
 ), getLoginUrlState = bindActionGlobally(
   authStore,
   createStateSourceAction(({ state: { options } }) => options.loginUrl)
@@ -552,11 +578,15 @@ const authStore = {
     token: getTokenState(instance).getCurrent()
   }),
   initialize(context) {
-    const subscription = listenToToken(context);
-    return () => subscription.unsubscribe();
+    const subscription = listenToToken(context), authMethodSubscription = listenToAuthMethod(context);
+    return () => {
+      subscription.unsubscribe(), authMethodSubscription.unsubscribe();
+    };
   }
 }, listenToToken = ({ instance, state }) => getTokenState(instance).observable.subscribe((token) => {
   state.set("setTokenAndResetClients", { token, clients: {} });
+}), listenToAuthMethod = ({ instance, state }) => getAuthMethodState(instance).observable.subscribe((authMethod) => {
+  state.set("setAuthMethod", { authMethod });
 }), getClientConfigKey = (options) => JSON.stringify(pick(options, ...allowedKeys)), getClient = bindActionGlobally(
   clientStore,
   ({ state, instance }, options) => {
@@ -567,15 +597,17 @@ const authStore = {
         `The client options provided contains unsupported properties: ${listFormatter.format(disallowedKeys)}. Allowed keys are: ${listFormatter.format(allowedKeys)}.`
       );
     }
-    const { token, clients } = state.get(), projectId = options.projectId ?? instance.config.projectId, dataset = options.dataset ?? instance.config.dataset, apiHost = options.apiHost ?? instance.config.auth?.apiHost, effectiveOptions = {
+    const tokenFromState = state.get().token, { clients, authMethod } = state.get(), projectId = options.projectId ?? instance.config.projectId, dataset = options.dataset ?? instance.config.dataset, apiHost = options.apiHost ?? instance.config.auth?.apiHost, effectiveOptions = {
       ...DEFAULT_CLIENT_CONFIG,
       ...(options.scope === "global" || !projectId) && { useProjectHostname: !1 },
-      ...token && { token },
+      token: authMethod === "cookie" ? void 0 : tokenFromState ?? void 0,
       ...options,
       ...projectId && { projectId },
       ...dataset && { dataset },
       ...apiHost && { apiHost }
-    }, key = getClientConfigKey(effectiveOptions);
+    };
+    effectiveOptions.token === null || typeof effectiveOptions.token > "u" ? (delete effectiveOptions.token, authMethod === "cookie" && (effectiveOptions.withCredentials = !0)) : delete effectiveOptions.withCredentials;
+    const key = getClientConfigKey(effectiveOptions);
     if (clients[key]) return clients[key];
     const client = createClient(effectiveOptions);
     return state.set("addClient", (prev) => ({ clients: { ...prev.clients, [key]: client } })), client;
@@ -5105,7 +5137,7 @@ function createGroqSearchFilter(query) {
     `${finalIncrementalToken}${WILDCARD_TOKEN}`
   ), `[@] match text::query("${processedTokens.join(" ").replace(/"/g, '\\"')}")`;
 }
-var version = "0.0.0-rc.5";
+var version = "0.0.0-rc.6";
 const CORE_SDK_VERSION = getEnv("PKG_VERSION") || `${version}-development`;
 export {
   AuthStateType,