@sanvika/auth 2.9.0 → 2.9.2

package/dist/index.js

@@ -20,6 +20,7 @@ var DEFAULT_AVATAR_SVG = `data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/200
 // authFlow.js
 var DEFAULT_AUTH_URL = "https://auth.sanvikaproduction.com";
 var DEVICE_ID_STORAGE_KEY = "sanvika_deviceId";
+var MOBILE_DEVICE_ID_STORAGE_KEY = "deviceId";
 function randomDeviceId() {
   try {
     if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") {
@@ -44,6 +45,22 @@ function getOrCreateWebDeviceId() {
   }
   return deviceId;
 }
+async function resolveLogoutDeviceId(persistence) {
+  if (persistence == null ? void 0 : persistence.getItem) {
+    try {
+      const mobileId = await persistence.getItem(MOBILE_DEVICE_ID_STORAGE_KEY);
+      if (mobileId) {
+        return mobileId;
+      }
+      const webId = await persistence.getItem(DEVICE_ID_STORAGE_KEY);
+      if (webId) {
+        return webId;
+      }
+    } catch {
+    }
+  }
+  return getOrCreateWebDeviceId();
+}
 async function checkMobile({
   authBaseUrl = DEFAULT_AUTH_URL,
   mobile,
@@ -163,10 +180,13 @@ function SanvikaAuthProvider({
   children,
   clientId,
   redirectUri,
+  /** RN embedded LoginScreen: skip callbackUrl on check-mobile/login APIs (OAuth URI still used for /authorize links). */
+  embeddedLogin = false,
   dashboardPath,
   authBaseUrl = DEFAULT_AUTH_URL,
   persistence: persistenceProp
 }) {
+  const apiCallbackUrl = embeddedLogin ? void 0 : redirectUri;
   const persistence = useMemo(() => {
     return persistenceProp || createDefaultWebPersistence();
   }, [persistenceProp]);
@@ -215,10 +235,10 @@ function SanvikaAuthProvider({
         mobile,
         deviceId: resolvedDeviceId,
         clientId,
-        callbackUrl: redirectUri
+        callbackUrl: apiCallbackUrl
       });
     },
-    [authBaseUrl, clientId, redirectUri]
+    [authBaseUrl, clientId, apiCallbackUrl]
   );
   const login = async ({
     mobile,
@@ -249,7 +269,7 @@ function SanvikaAuthProvider({
         userAgent: userAgent || (typeof navigator !== "undefined" ? navigator.userAgent : void 0),
         deviceName,
         clientId,
-        callbackUrl: redirectUri,
+        callbackUrl: apiCallbackUrl,
         resolveDeviceId
       });
     }
@@ -267,12 +287,14 @@ function SanvikaAuthProvider({
   );
   const logout = async () => {
     try {
+      const deviceId = await resolveLogoutDeviceId(persistence);
       await fetch(`${authBaseUrl}/api/auth/logout`, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
           ...accessToken ? { Authorization: `Bearer ${accessToken}` } : {}
-        }
+        },
+        body: JSON.stringify(deviceId ? { deviceId } : {})
       });
     } catch (e) {
       console.error("[SanvikaAuth] Logout API error:", e);
@@ -651,7 +673,7 @@ function friendlyError(code) {
     case "INVALID_PASSWORD":
       return "Incorrect password.";
     case "RATE_LIMIT_EXCEEDED":
-      return "Too many attempts. Please try again in 15 minutes.";
+      return "Too many attempts. Please wait and try again.";
     case "SERVER_ERROR":
       return "Auth service error. Please try again.";
     default:
@@ -844,6 +866,7 @@ export {
   DEFAULT_AUTH_URL,
   DEFAULT_AVATAR_SVG,
   DEVICE_ID_STORAGE_KEY,
+  MOBILE_DEVICE_ID_STORAGE_KEY,
   STORAGE_KEYS,
   SanvikaAccountButton,
   SanvikaAdminLogin,
@@ -854,5 +877,6 @@ export {
   getOrCreateWebDeviceId,
   postLogin,
   randomDeviceId,
+  resolveLogoutDeviceId,
   useSanvikaAuth
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sanvika/auth",
-  "version": "2.9.0",
+  "version": "2.9.2",
   "description": "Sanvika Auth SDK — React components/hooks + server-side token verification and user proxy",
   "type": "module",
   "main": "dist/index.js",