@skylabs-digital/react-identity-access 2.21.0 → 2.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/index.es.js +387 -356
  2. package/dist/index.es.js.map +1 -1
  3. package/dist/index.js +2 -2
  4. package/dist/index.js.map +1 -1
  5. package/dist/providers/AuthProvider.d.ts.map +1 -1
  6. package/dist/services/SessionManager.d.ts +6 -0
  7. package/dist/services/SessionManager.d.ts.map +1 -1
  8. package/package.json +1 -1
package/dist/index.es.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import { jsx as s, Fragment as _, jsxs as d } from "react/jsx-runtime";
2
- import { createContext as fe, useMemo as Z, useState as T, useCallback as se, useEffect as ee, useContext as le, useRef as Ke } from "react";
3
- import { useLocation as ke, Navigate as Se, useNavigate as gt, useSearchParams as mt } from "react-router-dom";
2
+ import { createContext as me, useMemo as Z, useState as T, useCallback as ie, useEffect as ee, useContext as le, useRef as Ke } from "react";
3
+ import { useLocation as Ae, Navigate as Te, useNavigate as gt, useSearchParams as mt } from "react-router-dom";
4
4
  class ce {
5
5
  constructor(e, t = 1e4) {
6
6
  this.baseUrl = e.replace(/\/$/, ""), this.timeout = t;
@@ -13,19 +13,19 @@ class ce {
13
13
  }
14
14
  async executeRequest(e, t, r, i) {
15
15
  const o = `${this.baseUrl}${t.startsWith("/") ? t : `/${t}`}`, a = (i == null ? void 0 : i.timeout) || this.timeout;
16
- let f = {
16
+ let h = {
17
17
  "Content-Type": "application/json",
18
18
  ...i == null ? void 0 : i.headers
19
19
  };
20
20
  if (!(i != null && i.skipAuth) && this.sessionManager) {
21
21
  const c = await this.sessionManager.getValidAccessToken();
22
- f = { ...f, Authorization: `Bearer ${c}` };
22
+ h = { ...h, Authorization: `Bearer ${c}` };
23
23
  }
24
24
  const g = new AbortController(), w = setTimeout(() => g.abort(), a);
25
25
  try {
26
26
  const c = await fetch(o, {
27
27
  method: e,
28
- headers: f,
28
+ headers: h,
29
29
  body: r ? JSON.stringify(r) : void 0,
30
30
  signal: g.signal
31
31
  });
@@ -109,7 +109,7 @@ class ze {
109
109
  })).data;
110
110
  }
111
111
  }
112
- const Fe = fe(null);
112
+ const Fe = me(null);
113
113
  function yr({ config: n, children: e }) {
114
114
  const t = Z(
115
115
  () => {
@@ -132,7 +132,7 @@ function yr({ config: n, children: e }) {
132
132
  } catch {
133
133
  return null;
134
134
  }
135
- }), [o, a] = T(!r), [f, g] = T(null), w = Z(() => {
135
+ }), [o, a] = T(!r), [h, g] = T(null), w = Z(() => {
136
136
  const p = () => {
137
137
  c();
138
138
  };
@@ -142,10 +142,10 @@ function yr({ config: n, children: e }) {
142
142
  // App info
143
143
  appInfo: r,
144
144
  isAppLoading: o,
145
- appError: f,
145
+ appError: h,
146
146
  retryApp: p
147
147
  };
148
- }, [n, r, o, f]), c = se(
148
+ }, [n, r, o, h]), c = ie(
149
149
  async (p = !1) => {
150
150
  if (!(!p && t.enabled && r))
151
151
  try {
@@ -170,7 +170,7 @@ function yr({ config: n, children: e }) {
170
170
  }
171
171
  },
172
172
  [n.baseUrl, n.appId, t, r]
173
- ), I = se(async () => {
173
+ ), I = ie(async () => {
174
174
  if (!(!t.enabled || !r))
175
175
  try {
176
176
  const p = localStorage.getItem(t.storageKey);
@@ -194,7 +194,7 @@ function yr({ config: n, children: e }) {
194
194
  r ? I() : c();
195
195
  }, []), /* @__PURE__ */ s(Fe.Provider, { value: w, children: e });
196
196
  }
197
- function ve() {
197
+ function ke() {
198
198
  const n = le(Fe);
199
199
  if (!n)
200
200
  throw new Error("useApp must be used within an AppProvider");
@@ -203,8 +203,8 @@ function ve() {
203
203
  function Ze() {
204
204
  return le(Fe);
205
205
  }
206
- const wr = ve;
207
- class ie extends Error {
206
+ const wr = ke;
207
+ class se extends Error {
208
208
  constructor(e, t) {
209
209
  const r = {
210
210
  token_expired: "Refresh token has expired",
@@ -228,7 +228,7 @@ class wt extends Error {
228
228
  }
229
229
  const oe = class oe {
230
230
  constructor(e = {}) {
231
- this.refreshPromise = null, this.refreshQueue = [], this.proactiveTimerId = null, this.backgroundRetryTimerId = null, this.isDestroyed = !1, e.tenantSlug !== void 0 ? this.storageKey = e.tenantSlug ? `auth_tokens_${e.tenantSlug}` : "auth_tokens" : this.storageKey = e.storageKey || "auth_tokens", this.autoRefresh = e.autoRefresh ?? !0, this.refreshThreshold = e.refreshThreshold || 3e5, this.onRefreshFailed = e.onRefreshFailed, this.onSessionExpired = e.onSessionExpired, this.baseUrl = e.baseUrl || "", this.proactiveRefreshMargin = e.proactiveRefreshMargin ?? 6e4, this.refreshQueueTimeout = e.refreshQueueTimeout ?? 1e4, this.maxRefreshRetries = e.maxRefreshRetries ?? 3, this.retryBackoffBase = e.retryBackoffBase ?? 1e3, this.tokenStorage = e.tokenStorage || this.createTokenStorage(this.storageKey), this.scheduleProactiveRefresh();
231
+ this.refreshPromise = null, this.refreshQueue = [], this.proactiveTimerId = null, this.backgroundRetryTimerId = null, this.isDestroyed = !1, this.sessionGeneration = 0, e.tenantSlug !== void 0 ? this.storageKey = e.tenantSlug ? `auth_tokens_${e.tenantSlug}` : "auth_tokens" : this.storageKey = e.storageKey || "auth_tokens", this.autoRefresh = e.autoRefresh ?? !0, this.refreshThreshold = e.refreshThreshold || 3e5, this.onRefreshFailed = e.onRefreshFailed, this.onSessionExpired = e.onSessionExpired, this.baseUrl = e.baseUrl || "", this.proactiveRefreshMargin = e.proactiveRefreshMargin ?? 6e4, this.refreshQueueTimeout = e.refreshQueueTimeout ?? 1e4, this.maxRefreshRetries = e.maxRefreshRetries ?? 3, this.retryBackoffBase = e.retryBackoffBase ?? 1e3, this.tokenStorage = e.tokenStorage || this.createTokenStorage(this.storageKey), this.scheduleProactiveRefresh();
232
232
  }
233
233
  /**
234
234
  * Get or create a SessionManager instance for the given config.
@@ -299,8 +299,8 @@ const oe = class oe {
299
299
  const t = e.expiresAt || (e.expiresIn ? Date.now() + e.expiresIn * 1e3 : void 0) || oe.extractJwtExpiry(e.accessToken), r = {
300
300
  ...e,
301
301
  expiresAt: t
302
- };
303
- this.tokenStorage.set(r), this.scheduleProactiveRefresh();
302
+ }, i = this.tokenStorage.get() || {};
303
+ this.tokenStorage.set({ ...i, ...r }), this.scheduleProactiveRefresh();
304
304
  }
305
305
  getTokens() {
306
306
  const { accessToken: e, refreshToken: t, expiresAt: r, expiresIn: i, tokenType: o } = this.tokenStorage.get() || {};
@@ -350,15 +350,29 @@ const oe = class oe {
350
350
  backgroundRefresh() {
351
351
  if (this.isDestroyed) return;
352
352
  const e = this.getTokens();
353
- e != null && e.refreshToken && (this.refreshPromise || this.startRefreshAndResolveQueue(e.refreshToken).then(() => {
354
- }).catch((t) => {
355
- t instanceof ie || (console.warn(
353
+ if (!(e != null && e.refreshToken) || this.refreshPromise) return;
354
+ const t = this.sessionGeneration;
355
+ this.startRefreshAndResolveQueue(e.refreshToken).then(() => {
356
+ }).catch((r) => {
357
+ r instanceof se || this.sessionGeneration === t && (console.warn(
356
358
  "[SessionManager] Background refresh failed, retrying in 30s:",
357
- t.message
359
+ r.message
358
360
  ), this.backgroundRetryTimerId = setTimeout(() => {
359
361
  this.backgroundRefresh();
360
362
  }, 3e4));
361
- }));
363
+ });
364
+ }
365
+ /**
366
+ * Wait for any in-progress token refresh to settle.
367
+ * Returns true if refresh succeeded, false if it failed or no refresh was pending.
368
+ */
369
+ async waitForPendingRefresh() {
370
+ if (!this.refreshPromise) return !1;
371
+ try {
372
+ return await this.refreshPromise, !0;
373
+ } catch {
374
+ return !1;
375
+ }
362
376
  }
363
377
  // --- Core: getValidAccessToken with queue + timeout ---
364
378
  /**
@@ -372,13 +386,13 @@ const oe = class oe {
372
386
  async getValidAccessToken() {
373
387
  const e = this.getTokens();
374
388
  if (!(e != null && e.accessToken)) {
375
- const t = new ie("token_invalid", "No tokens available");
389
+ const t = new se("token_invalid", "No tokens available");
376
390
  throw this.handleSessionExpired(t), t;
377
391
  }
378
392
  if (!this.shouldRefreshToken(e) && !this.isTokenExpired(e))
379
393
  return e.accessToken;
380
394
  if (!e.refreshToken) {
381
- const t = new ie("token_invalid", "No refresh token available");
395
+ const t = new se("token_invalid", "No refresh token available");
382
396
  throw this.handleSessionExpired(t), t;
383
397
  }
384
398
  return this.refreshPromise ? this.enqueueForToken() : this.startRefreshAndResolveQueue(e.refreshToken);
@@ -390,7 +404,7 @@ const oe = class oe {
390
404
  try {
391
405
  return { Authorization: `Bearer ${await this.getValidAccessToken()}` };
392
406
  } catch (e) {
393
- return e instanceof ie && this.onRefreshFailed && this.onRefreshFailed(), {};
407
+ return e instanceof se && this.onRefreshFailed && this.onRefreshFailed(), {};
394
408
  }
395
409
  }
396
410
  enqueueForToken() {
@@ -410,7 +424,7 @@ const oe = class oe {
410
424
  return this.resolveQueue(r), r;
411
425
  } catch (t) {
412
426
  const r = t instanceof Error ? t : new Error("Token refresh failed");
413
- throw r instanceof ie ? (this.rejectQueue(r), this.handleSessionExpired(r)) : this.rejectQueue(r), r;
427
+ throw r instanceof se ? (this.rejectQueue(r), this.handleSessionExpired(r)) : this.rejectQueue(r), r;
414
428
  } finally {
415
429
  this.refreshPromise = null;
416
430
  }
@@ -430,19 +444,23 @@ const oe = class oe {
430
444
  // --- Refresh with retry + error classification ---
431
445
  async executeRefreshWithRetry(e) {
432
446
  let t;
433
- for (let r = 0; r <= this.maxRefreshRetries; r++)
447
+ const r = this.sessionGeneration;
448
+ for (let i = 0; i <= this.maxRefreshRetries; i++) {
449
+ if (this.sessionGeneration !== r)
450
+ throw new se("token_invalid", "Session cleared during refresh");
434
451
  try {
435
- await this.performTokenRefresh(e);
452
+ await this.performTokenRefresh(e, r);
436
453
  return;
437
- } catch (i) {
438
- const o = i instanceof Error ? i : new Error(String(i));
439
- if (o instanceof ie)
440
- throw o;
441
- if (t = o, r < this.maxRefreshRetries) {
442
- const a = this.retryBackoffBase * Math.pow(2, r);
443
- await this.sleep(a);
454
+ } catch (o) {
455
+ const a = o instanceof Error ? o : new Error(String(o));
456
+ if (a instanceof se)
457
+ throw a;
458
+ if (t = a, i < this.maxRefreshRetries) {
459
+ const h = this.retryBackoffBase * Math.pow(2, i);
460
+ await this.sleep(h);
444
461
  }
445
462
  }
463
+ }
446
464
  throw new wt(this.maxRefreshRetries + 1, t);
447
465
  }
448
466
  /**
@@ -450,35 +468,37 @@ const oe = class oe {
450
468
  * Throws SessionExpiredError for fatal errors (no retry).
451
469
  * Throws generic Error for transient errors (will be retried).
452
470
  */
453
- async performTokenRefresh(e) {
471
+ async performTokenRefresh(e, t) {
454
472
  if (!this.baseUrl)
455
473
  throw new Error("Base URL not configured for token refresh");
456
- const t = `${this.baseUrl}/auth/refresh`;
457
- let r;
474
+ const r = `${this.baseUrl}/auth/refresh`;
475
+ let i;
458
476
  try {
459
- r = await fetch(t, {
477
+ i = await fetch(r, {
460
478
  method: "POST",
461
479
  headers: { "Content-Type": "application/json" },
462
480
  body: JSON.stringify({ refreshToken: e })
463
481
  });
464
- } catch (o) {
465
- throw o instanceof Error ? o : new Error("Network error during token refresh");
482
+ } catch (a) {
483
+ throw a instanceof Error ? a : new Error("Network error during token refresh");
466
484
  }
467
- if (!r.ok) {
468
- let o = "";
485
+ if (!i.ok) {
486
+ let a = "";
469
487
  try {
470
- const a = await r.json();
471
- o = (a.message || a.error || "").toLowerCase();
488
+ const h = await i.json();
489
+ a = (h.message || h.error || "").toLowerCase();
472
490
  } catch {
473
- o = r.statusText.toLowerCase();
491
+ a = i.statusText.toLowerCase();
474
492
  }
475
- throw r.status === 401 ? o.includes("expired") ? new ie("token_expired") : o.includes("invalid") ? new ie("token_invalid") : new ie("token_invalid", `Unauthorized: ${o}`) : r.status === 400 ? o.includes("inactive") ? new ie("user_inactive") : new Error(`Token refresh failed (400): ${o}`) : new Error(`Token refresh failed: ${r.status} ${o}`);
493
+ throw i.status === 401 ? a.includes("expired") ? new se("token_expired") : a.includes("invalid") ? new se("token_invalid") : new se("token_invalid", `Unauthorized: ${a}`) : i.status === 400 ? a.includes("inactive") ? new se("user_inactive") : a.includes("expired") || a.includes("invalid") ? new se("token_invalid", a) : new Error(`Token refresh failed (400): ${a}`) : new Error(`Token refresh failed: ${i.status} ${a}`);
476
494
  }
477
- const i = await r.json();
495
+ if (this.sessionGeneration !== t)
496
+ throw new se("token_invalid", "Session cleared during refresh");
497
+ const o = await i.json();
478
498
  this.setTokens({
479
- accessToken: i.accessToken,
480
- refreshToken: i.refreshToken || e,
481
- expiresIn: i.expiresIn
499
+ accessToken: o.accessToken,
500
+ refreshToken: o.refreshToken || e,
501
+ expiresIn: o.expiresIn
482
502
  });
483
503
  }
484
504
  // --- Session expiry handler ---
@@ -500,8 +520,8 @@ const oe = class oe {
500
520
  }
501
521
  // --- Session lifecycle ---
502
522
  clearSession() {
503
- this.cancelProactiveTimer(), this.clearTokens(), this.clearUser();
504
- const e = new ie("token_invalid", "Session cleared");
523
+ this.sessionGeneration++, this.cancelProactiveTimer(), this.clearTokens();
524
+ const e = new se("token_invalid", "Session cleared");
505
525
  this.rejectQueue(e);
506
526
  }
507
527
  /**
@@ -510,7 +530,7 @@ const oe = class oe {
510
530
  */
511
531
  destroy() {
512
532
  this.isDestroyed = !0, oe.instances.delete(this.storageKey), this.cancelProactiveTimer();
513
- const e = new ie("token_invalid", "SessionManager destroyed");
533
+ const e = new se("token_invalid", "SessionManager destroyed");
514
534
  this.rejectQueue(e);
515
535
  }
516
536
  // --- JWT helpers ---
@@ -549,7 +569,7 @@ const oe = class oe {
549
569
  }
550
570
  };
551
571
  oe.instances = /* @__PURE__ */ new Map();
552
- let we = oe;
572
+ let Se = oe;
553
573
  class bt {
554
574
  constructor(e) {
555
575
  this.httpService = e;
@@ -722,7 +742,7 @@ class St {
722
742
  });
723
743
  }
724
744
  }
725
- class be {
745
+ class ve {
726
746
  constructor(e, t, r) {
727
747
  this.httpService = e, this.appId = t, this.sessionManager = r;
728
748
  }
@@ -830,7 +850,7 @@ function xt(n, e, t) {
830
850
  const r = e.split(".");
831
851
  return r.length === 2 ? `${n}.${e}` : r.length >= 3 ? (r[0] = n, r.join(".")) : null;
832
852
  }
833
- const pe = "_auth";
853
+ const ge = "_auth";
834
854
  function We(n) {
835
855
  const e = JSON.stringify(n);
836
856
  return btoa(e).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
@@ -849,7 +869,7 @@ function At(n) {
849
869
  function Pt() {
850
870
  if (typeof window > "u")
851
871
  return console.log("[CrossDomainAuth] SSR environment, skipping URL token extraction"), null;
852
- const e = new URLSearchParams(window.location.search).get(pe);
872
+ const e = new URLSearchParams(window.location.search).get(ge);
853
873
  if (console.log("[CrossDomainAuth] extractAuthTokensFromUrl called", {
854
874
  hasAuthParam: !!e,
855
875
  searchParams: window.location.search,
@@ -866,14 +886,14 @@ function Pt() {
866
886
  function Rt() {
867
887
  if (typeof window > "u") return;
868
888
  const n = new URL(window.location.href);
869
- n.searchParams.delete(pe), console.log("[CrossDomainAuth] Clearing auth tokens from URL", {
889
+ n.searchParams.delete(ge), console.log("[CrossDomainAuth] Clearing auth tokens from URL", {
870
890
  oldUrl: window.location.href,
871
891
  newUrl: n.toString()
872
892
  }), window.history.replaceState({}, "", n.toString());
873
893
  }
874
- const De = fe(null);
894
+ const De = me(null);
875
895
  function br({ config: n, children: e }) {
876
- const { baseUrl: t, appInfo: r, appId: i } = ve(), o = se(() => typeof window > "u" ? null : kt(
896
+ const { baseUrl: t, appInfo: r, appId: i } = ke(), o = ie(() => typeof window > "u" ? null : kt(
877
897
  {
878
898
  tenantMode: n.tenantMode || "selector",
879
899
  baseDomain: n.baseDomain,
@@ -885,11 +905,11 @@ function br({ config: n, children: e }) {
885
905
  search: window.location.search
886
906
  },
887
907
  window.localStorage
888
- ), [n.tenantMode, n.baseDomain, n.selectorParam, n.fixedTenantSlug]), [a, f] = T(() => o()), g = Z(
908
+ ), [n.tenantMode, n.baseDomain, n.selectorParam, n.fixedTenantSlug]), [a, h] = T(() => o()), g = Z(
889
909
  () => {
890
- var h, C, S;
910
+ var f, C, S;
891
911
  return {
892
- enabled: ((h = n.cache) == null ? void 0 : h.enabled) ?? !0,
912
+ enabled: ((f = n.cache) == null ? void 0 : f.enabled) ?? !0,
893
913
  ttl: ((C = n.cache) == null ? void 0 : C.ttl) ?? 5 * 60 * 1e3,
894
914
  // 5 minutes default
895
915
  storageKey: ((S = n.cache) == null ? void 0 : S.storageKey) ?? `tenant_cache_${a || "default"}`
@@ -900,9 +920,9 @@ function br({ config: n, children: e }) {
900
920
  if (n.initialTenant) return n.initialTenant;
901
921
  if (!g.enabled || !a) return null;
902
922
  try {
903
- const h = localStorage.getItem(g.storageKey);
904
- if (!h) return null;
905
- const C = JSON.parse(h);
923
+ const f = localStorage.getItem(g.storageKey);
924
+ if (!f) return null;
925
+ const C = JSON.parse(f);
906
926
  return Date.now() - C.timestamp < g.ttl && C.tenantSlug === a ? C.data : (localStorage.removeItem(g.storageKey), null);
907
927
  } catch {
908
928
  return null;
@@ -910,21 +930,21 @@ function br({ config: n, children: e }) {
910
930
  }), [I, p] = T(!w && !n.initialTenant), [x, R] = T(null), [F, E] = T(null), [A, u] = T(!1), [k, m] = T(null);
911
931
  ee(() => {
912
932
  if (n.tenantMode === "fixed") return;
913
- const h = o();
914
- f(h);
933
+ const f = o();
934
+ h(f);
915
935
  }, [o, n.tenantMode]);
916
- const M = (r == null ? void 0 : r.settingsSchema) || null, L = se(
917
- async (h, C = !1) => {
918
- if (!(!C && g.enabled && w && w.domain === h))
936
+ const M = (r == null ? void 0 : r.settingsSchema) || null, L = ie(
937
+ async (f, C = !1) => {
938
+ if (!(!C && g.enabled && w && w.domain === f))
919
939
  try {
920
940
  p(!0), R(null);
921
- const S = new ce(t), y = await new be(S, i).getPublicTenantInfo(h);
941
+ const S = new ce(t), y = await new ve(S, i).getPublicTenantInfo(f);
922
942
  if (c(y), g.enabled)
923
943
  try {
924
944
  const v = {
925
945
  data: y,
926
946
  timestamp: Date.now(),
927
- tenantSlug: h
947
+ tenantSlug: f
928
948
  };
929
949
  localStorage.setItem(g.storageKey, JSON.stringify(v));
930
950
  } catch (v) {
@@ -938,56 +958,56 @@ function br({ config: n, children: e }) {
938
958
  }
939
959
  },
940
960
  [t, i, g, w]
941
- ), D = se(async () => {
961
+ ), D = ie(async () => {
942
962
  if (!(!g.enabled || !w || !a))
943
963
  try {
944
- const h = localStorage.getItem(g.storageKey);
945
- if (!h) return;
946
- const C = JSON.parse(h);
964
+ const f = localStorage.getItem(g.storageKey);
965
+ if (!f) return;
966
+ const C = JSON.parse(f);
947
967
  if (Date.now() - C.timestamp > g.ttl * 0.5) {
948
- const b = new ce(t), v = await new be(b, i).getPublicTenantInfo(a);
968
+ const b = new ce(t), v = await new ve(b, i).getPublicTenantInfo(a);
949
969
  c(v);
950
- const j = {
970
+ const G = {
951
971
  data: v,
952
972
  timestamp: Date.now(),
953
973
  tenantSlug: a
954
974
  };
955
- localStorage.setItem(g.storageKey, JSON.stringify(j));
975
+ localStorage.setItem(g.storageKey, JSON.stringify(G));
956
976
  }
957
- } catch (h) {
958
- console.warn("Background tenant refresh failed:", h);
977
+ } catch (f) {
978
+ console.warn("Background tenant refresh failed:", f);
959
979
  }
960
- }, [t, i, g, w, a]), P = se(async () => {
980
+ }, [t, i, g, w, a]), P = ie(async () => {
961
981
  if (w != null && w.id)
962
982
  try {
963
983
  u(!0), m(null);
964
- const h = new ce(t), S = await new be(h, w.appId).getTenantSettings(w.id);
984
+ const f = new ce(t), S = await new ve(f, w.appId).getTenantSettings(w.id);
965
985
  E(S);
966
- } catch (h) {
967
- const C = h instanceof Error ? h : new Error("Failed to load tenant settings");
986
+ } catch (f) {
987
+ const C = f instanceof Error ? f : new Error("Failed to load tenant settings");
968
988
  m(C), E(null);
969
989
  } finally {
970
990
  u(!1);
971
991
  }
972
- }, [t, w]), U = se(() => {
992
+ }, [t, w]), U = ie(() => {
973
993
  P();
974
- }, [P]), l = se(
975
- (h) => {
994
+ }, [P]), l = ie(
995
+ (f) => {
976
996
  if (!M)
977
997
  return { isValid: !0, errors: [] };
978
998
  const C = [];
979
999
  try {
980
1000
  return M.properties && Object.entries(M.properties).forEach(([S, b]) => {
981
1001
  var v;
982
- const y = h[S];
1002
+ const y = f[S];
983
1003
  if ((v = M.required) != null && v.includes(S) && y == null) {
984
1004
  C.push(`Field '${S}' is required`);
985
1005
  return;
986
1006
  }
987
1007
  if (y != null) {
988
1008
  if (b.type) {
989
- const j = b.type, Q = typeof y;
990
- j === "string" && Q !== "string" ? C.push(`Field '${S}' must be a string`) : (j === "number" || j === "integer") && Q !== "number" ? C.push(`Field '${S}' must be a number`) : j === "boolean" && Q !== "boolean" ? C.push(`Field '${S}' must be a boolean`) : j === "array" && !Array.isArray(y) && C.push(`Field '${S}' must be an array`);
1009
+ const G = b.type, Q = typeof y;
1010
+ G === "string" && Q !== "string" ? C.push(`Field '${S}' must be a string`) : (G === "number" || G === "integer") && Q !== "number" ? C.push(`Field '${S}' must be a number`) : G === "boolean" && Q !== "boolean" ? C.push(`Field '${S}' must be a boolean`) : G === "array" && !Array.isArray(y) && C.push(`Field '${S}' must be an array`);
991
1011
  }
992
1012
  b.minLength !== void 0 && typeof y == "string" && y.length < b.minLength && C.push(
993
1013
  `Field '${S}' must be at least ${b.minLength} characters long`
@@ -1013,8 +1033,8 @@ function br({ config: n, children: e }) {
1013
1033
  }, [n.initialTenant, a, w, L, D]), ee(() => {
1014
1034
  w != null && w.id ? P() : (E(null), m(null), u(!1));
1015
1035
  }, [w == null ? void 0 : w.id, P]);
1016
- const N = se(
1017
- (h, C) => {
1036
+ const N = ie(
1037
+ (f, C) => {
1018
1038
  const { mode: S = "reload", tokens: b, redirectPath: y } = C || {}, v = n.tenantMode || "selector";
1019
1039
  if (v === "fixed") {
1020
1040
  console.warn(
@@ -1023,36 +1043,36 @@ function br({ config: n, children: e }) {
1023
1043
  ), y && (window.location.href = y);
1024
1044
  return;
1025
1045
  }
1026
- if (localStorage.setItem("tenant", h), v === "subdomain") {
1027
- const j = window.location.hostname, Q = xt(
1028
- h,
1029
- j,
1046
+ if (localStorage.setItem("tenant", f), v === "subdomain") {
1047
+ const G = window.location.hostname, Q = xt(
1048
+ f,
1049
+ G,
1030
1050
  n.baseDomain
1031
1051
  );
1032
1052
  if (!Q) {
1033
1053
  console.warn(
1034
1054
  "[TenantProvider] Cannot switch subdomain, invalid hostname:",
1035
- j
1055
+ G
1036
1056
  );
1037
1057
  return;
1038
1058
  }
1039
1059
  const O = y || window.location.pathname, q = new URL(`${window.location.protocol}//${Q}${O}`);
1040
1060
  new URLSearchParams(window.location.search).forEach((B, X) => {
1041
- X !== pe && q.searchParams.set(X, B);
1042
- }), b && q.searchParams.set(pe, We(b)), window.location.href = q.toString();
1061
+ X !== ge && q.searchParams.set(X, B);
1062
+ }), b && q.searchParams.set(ge, We(b)), window.location.href = q.toString();
1043
1063
  } else if (v === "selector") {
1044
- const j = y || window.location.pathname, Q = new URLSearchParams(window.location.search);
1045
- if (Q.set(n.selectorParam || "tenant", h), Q.delete(pe), b && Q.set(pe, We(b)), S === "reload") {
1046
- const O = `${j}?${Q.toString()}${window.location.hash}`;
1064
+ const G = y || window.location.pathname, Q = new URLSearchParams(window.location.search);
1065
+ if (Q.set(n.selectorParam || "tenant", f), Q.delete(ge), b && Q.set(ge, We(b)), S === "reload") {
1066
+ const O = `${G}?${Q.toString()}${window.location.hash}`;
1047
1067
  window.location.href = O;
1048
1068
  } else {
1049
- const O = `${j}?${Q.toString()}${window.location.hash}`;
1050
- window.history.pushState({}, "", O), f(h), L(h);
1069
+ const O = `${G}?${Q.toString()}${window.location.hash}`;
1070
+ window.history.pushState({}, "", O), h(f), L(f);
1051
1071
  }
1052
1072
  }
1053
1073
  },
1054
1074
  [n.tenantMode, n.selectorParam, n.baseDomain, L]
1055
- ), $ = Z(() => ({
1075
+ ), H = Z(() => ({
1056
1076
  // Tenant info
1057
1077
  tenant: w,
1058
1078
  tenantSlug: a,
@@ -1084,20 +1104,20 @@ function br({ config: n, children: e }) {
1084
1104
  N,
1085
1105
  l
1086
1106
  ]);
1087
- return /* @__PURE__ */ s(De.Provider, { value: $, children: e });
1107
+ return /* @__PURE__ */ s(De.Provider, { value: H, children: e });
1088
1108
  }
1089
- function ge() {
1109
+ function ye() {
1090
1110
  const n = le(De);
1091
1111
  if (!n)
1092
1112
  throw new Error("useTenant must be used within a TenantProvider");
1093
1113
  return n;
1094
1114
  }
1095
- function xe() {
1115
+ function Pe() {
1096
1116
  return le(De);
1097
1117
  }
1098
- const Sr = ge;
1118
+ const Sr = ye;
1099
1119
  function vr() {
1100
- const { settings: n, settingsSchema: e, isSettingsLoading: t, settingsError: r, validateSettings: i } = ge();
1120
+ const { settings: n, settingsSchema: e, isSettingsLoading: t, settingsError: r, validateSettings: i } = ye();
1101
1121
  return {
1102
1122
  settings: n,
1103
1123
  settingsSchema: e,
@@ -1106,8 +1126,8 @@ function vr() {
1106
1126
  validateSettings: i
1107
1127
  };
1108
1128
  }
1109
- function me() {
1110
- const { tenant: n, tenantSlug: e, isTenantLoading: t, tenantError: r, retryTenant: i } = ge();
1129
+ function we() {
1130
+ const { tenant: n, tenantSlug: e, isTenantLoading: t, tenantError: r, retryTenant: i } = ye();
1111
1131
  return {
1112
1132
  tenant: n,
1113
1133
  tenantSlug: e,
@@ -1116,12 +1136,12 @@ function me() {
1116
1136
  retry: i
1117
1137
  };
1118
1138
  }
1119
- const Ne = fe(null);
1139
+ const Ne = me(null);
1120
1140
  function Tr({ config: n = {}, children: e }) {
1121
- const { appId: t, baseUrl: r } = ve(), { tenant: i, tenantSlug: o, switchTenant: a } = ge(), [f, g] = T(n.initialRoles || []), [w, c] = T(!n.initialRoles), [I, p] = T(null), [x, R] = T(!1), [F, E] = T(null), [A, u] = T(0), [k, m] = T(() => {
1141
+ const { appId: t, baseUrl: r } = ke(), { tenant: i, tenantSlug: o, switchTenant: a } = ye(), [h, g] = T(n.initialRoles || []), [w, c] = T(!n.initialRoles), [I, p] = T(null), [x, R] = T(!1), [F, E] = T(null), [A, u] = T(0), [k, m] = T(() => {
1122
1142
  try {
1123
- const G = localStorage.getItem("userTenants");
1124
- return G ? JSON.parse(G) : [];
1143
+ const V = localStorage.getItem("userTenants");
1144
+ return V ? JSON.parse(V) : [];
1125
1145
  } catch {
1126
1146
  return [];
1127
1147
  }
@@ -1130,10 +1150,10 @@ function Tr({ config: n = {}, children: e }) {
1130
1150
  "[AuthProvider] SYNC: URL tokens found, will block isAuthReady until user loaded"
1131
1151
  ));
1132
1152
  const [P, U] = T(() => {
1133
- const G = D.current.urlTokens !== null;
1134
- return console.log("[AuthProvider] SYNC: isLoadingAfterUrlTokens initial:", G), G;
1153
+ const V = D.current.urlTokens !== null;
1154
+ return console.log("[AuthProvider] SYNC: isLoadingAfterUrlTokens initial:", V), V;
1135
1155
  }), l = Z(() => {
1136
- const G = we.getInstance({
1156
+ const V = Se.getInstance({
1137
1157
  tenantSlug: o,
1138
1158
  baseUrl: r,
1139
1159
  refreshQueueTimeout: n.refreshQueueTimeout,
@@ -1147,29 +1167,33 @@ function Tr({ config: n = {}, children: e }) {
1147
1167
  n.onSessionExpired ? n.onSessionExpired(he) : n.onRefreshFailed && n.onRefreshFailed();
1148
1168
  }
1149
1169
  });
1150
- return D.current.urlTokens && (console.log("[AuthProvider] SYNC: Saving URL tokens to session manager"), G.setTokens({
1170
+ return D.current.urlTokens && (console.log("[AuthProvider] SYNC: Saving URL tokens to session manager"), V.setTokens({
1151
1171
  accessToken: D.current.urlTokens.accessToken,
1152
1172
  refreshToken: D.current.urlTokens.refreshToken,
1153
1173
  expiresIn: D.current.urlTokens.expiresIn
1154
- }), console.log("[AuthProvider] SYNC: Session valid:", G.hasValidSession())), G;
1155
- }, [o, r, n.refreshQueueTimeout, n.proactiveRefreshMargin]), [N, $] = T(() => D.current.urlTokens ? !1 : l.hasValidSession()), h = D.current.done && !P && !N, C = Z(() => {
1156
- const G = new ce(r);
1157
- return G.setSessionManager(l), G;
1158
- }, [r, l]), S = Z(() => new bt(new ce(r)), [r]), b = Z(() => new St(C, l), [C, l]), y = Z(() => new _e(new ce(r)), [r]), v = Z(() => I || l.getUser(), [I, l]), j = Z(() => v != null && v.roleId && f.find((G) => G.id === v.roleId) || null, [v, f]), Q = Z(() => (j == null ? void 0 : j.permissions) || [], [j]), O = Z(() => l.hasValidSession() && I !== null, [l, I]), q = 5 * 60 * 1e3, W = Z(() => {
1159
- const G = async (H = !1) => {
1174
+ }), console.log("[AuthProvider] SYNC: Session valid:", V.hasValidSession())), V;
1175
+ }, [o, r, n.refreshQueueTimeout, n.proactiveRefreshMargin]), [N, H] = T(() => {
1176
+ if (D.current.urlTokens) return !1;
1177
+ const V = l.getTokens();
1178
+ return V ? l.hasValidSession() || !!V.refreshToken : !1;
1179
+ }), f = D.current.done && !P && !N, C = Z(() => {
1180
+ const V = new ce(r);
1181
+ return V.setSessionManager(l), V;
1182
+ }, [r, l]), S = Z(() => new bt(new ce(r)), [r]), b = Z(() => new St(C, l), [C, l]), y = Z(() => new _e(new ce(r)), [r]), v = Z(() => I || l.getUser(), [I, l]), G = Z(() => v != null && v.roleId && h.find((V) => V.id === v.roleId) || null, [v, h]), Q = Z(() => (G == null ? void 0 : G.permissions) || [], [G]), O = Z(() => l.hasValidSession() && I !== null, [l, I]), q = 5 * 60 * 1e3, W = Z(() => {
1183
+ const V = async ($ = !1) => {
1160
1184
  try {
1161
1185
  if (!l.hasValidSession())
1162
1186
  return;
1163
1187
  const z = Date.now();
1164
- if (!H && z - A < q && I)
1188
+ if (!$ && z - A < q && I)
1165
1189
  return;
1166
- const V = l.getUserId();
1167
- if (!V) {
1190
+ const j = l.getUserId();
1191
+ if (!j) {
1168
1192
  console.warn("[AuthProvider] No userId available in token or storage");
1169
1193
  return;
1170
1194
  }
1171
1195
  R(!0), E(null);
1172
- const J = await b.getUserById(V);
1196
+ const J = await b.getUserById(j);
1173
1197
  p(J), l.setUser(J), u(Date.now());
1174
1198
  } catch (z) {
1175
1199
  const Y = z instanceof Error ? z : new Error("Failed to load user data");
@@ -1178,19 +1202,19 @@ function Tr({ config: n = {}, children: e }) {
1178
1202
  R(!1);
1179
1203
  }
1180
1204
  }, he = async () => {
1181
- await G();
1182
- }, Ae = async (H) => {
1205
+ await V();
1206
+ }, fe = async ($) => {
1183
1207
  var qe;
1184
- const { username: z, password: Y, tenantSlug: V, redirectPath: J } = H;
1208
+ const { username: z, password: Y, tenantSlug: j, redirectPath: J } = $;
1185
1209
  let te = i == null ? void 0 : i.id, re = o, ne = l;
1186
- V && (te = (await new be(C, t).getPublicTenantInfo(V)).id, re = V);
1210
+ j && (te = (await new ve(C, t).getPublicTenantInfo(j)).id, re = j);
1187
1211
  const K = await S.login({
1188
1212
  username: z,
1189
1213
  password: Y,
1190
1214
  appId: t,
1191
1215
  tenantId: te
1192
- }), ye = V && V !== o;
1193
- if (ye && (ne = new we({
1216
+ }), be = j && j !== o;
1217
+ if (be && (ne = new Se({
1194
1218
  tenantSlug: re,
1195
1219
  baseUrl: r
1196
1220
  })), ne.setTokens({
@@ -1200,9 +1224,9 @@ function Tr({ config: n = {}, children: e }) {
1200
1224
  }), K.user) {
1201
1225
  ne.setUser(K.user), p(K.user);
1202
1226
  try {
1203
- await G();
1204
- } catch (Te) {
1205
- console.warn("Failed to load complete user data after login:", Te);
1227
+ await V();
1228
+ } catch (xe) {
1229
+ console.warn("Failed to load complete user data after login:", xe);
1206
1230
  }
1207
1231
  }
1208
1232
  if (K.tenants && K.tenants.length > 0) {
@@ -1219,83 +1243,83 @@ function Tr({ config: n = {}, children: e }) {
1219
1243
  refreshToken: K.refreshToken,
1220
1244
  expiresIn: K.expiresIn
1221
1245
  };
1222
- if (ye && re)
1246
+ if (be && re)
1223
1247
  return a(re, { tokens: Ee, redirectPath: J }), K;
1224
1248
  if (J && J !== window.location.pathname)
1225
1249
  return a(re || o || "", { tokens: Ee, redirectPath: J }), K;
1226
1250
  if (!Ie && K.tenants && K.tenants.length > 0) {
1227
- const Te = H.autoSwitch !== !1 && n.autoSwitchSingleTenant !== !1;
1228
- if (K.tenants.length === 1 && Te) {
1251
+ const xe = $.autoSwitch !== !1 && n.autoSwitchSingleTenant !== !1;
1252
+ if (K.tenants.length === 1 && xe) {
1229
1253
  const Oe = K.tenants[0];
1230
1254
  return a(Oe.subdomain, { tokens: Ee, redirectPath: J }), K;
1231
1255
  } else K.tenants.length > 1 && n.onTenantSelectionRequired && n.onTenantSelectionRequired(K.tenants);
1232
1256
  }
1233
1257
  return K;
1234
- }, Pe = async (H) => {
1235
- const { email: z, phoneNumber: Y, name: V, password: J, lastName: te, tenantId: re } = H;
1258
+ }, pe = async ($) => {
1259
+ const { email: z, phoneNumber: Y, name: j, password: J, lastName: te, tenantId: re } = $;
1236
1260
  if (!z && !Y)
1237
1261
  throw new Error("Either email or phoneNumber is required");
1238
- if (!V || !J)
1262
+ if (!j || !J)
1239
1263
  throw new Error("Name and password are required");
1240
1264
  const ne = re ?? (i == null ? void 0 : i.id);
1241
1265
  return await S.signup({
1242
1266
  email: z,
1243
1267
  phoneNumber: Y,
1244
- name: V,
1268
+ name: j,
1245
1269
  password: J,
1246
1270
  tenantId: ne,
1247
1271
  lastName: te,
1248
1272
  appId: t
1249
1273
  });
1250
- }, rt = async (H) => {
1251
- const { email: z, phoneNumber: Y, name: V, password: J, tenantName: te, lastName: re } = H;
1274
+ }, rt = async ($) => {
1275
+ const { email: z, phoneNumber: Y, name: j, password: J, tenantName: te, lastName: re } = $;
1252
1276
  if (!z && !Y)
1253
1277
  throw new Error("Either email or phoneNumber is required");
1254
- if (!V || !J || !te)
1278
+ if (!j || !J || !te)
1255
1279
  throw new Error("Name, password, and tenantName are required");
1256
1280
  return await S.signupTenantAdmin({
1257
1281
  email: z,
1258
1282
  phoneNumber: Y,
1259
- name: V,
1283
+ name: j,
1260
1284
  password: J,
1261
1285
  tenantName: te,
1262
1286
  appId: t,
1263
1287
  lastName: re
1264
1288
  });
1265
- }, nt = async (H) => {
1266
- const { currentPassword: z, newPassword: Y } = H, V = await l.getAuthHeaders();
1267
- await S.changePassword({ currentPassword: z, newPassword: Y }, V);
1268
- }, st = async (H) => {
1269
- const { email: z, tenantId: Y } = H, V = Y ?? (i == null ? void 0 : i.id);
1270
- if (!V)
1289
+ }, nt = async ($) => {
1290
+ const { currentPassword: z, newPassword: Y } = $, j = await l.getAuthHeaders();
1291
+ await S.changePassword({ currentPassword: z, newPassword: Y }, j);
1292
+ }, st = async ($) => {
1293
+ const { email: z, tenantId: Y } = $, j = Y ?? (i == null ? void 0 : i.id);
1294
+ if (!j)
1271
1295
  throw new Error("tenantId is required for password reset");
1272
- await S.requestPasswordReset({ email: z, tenantId: V });
1273
- }, it = async (H) => {
1274
- const { token: z, newPassword: Y } = H;
1296
+ await S.requestPasswordReset({ email: z, tenantId: j });
1297
+ }, it = async ($) => {
1298
+ const { token: z, newPassword: Y } = $;
1275
1299
  await S.confirmPasswordReset({ token: z, newPassword: Y });
1276
- }, ot = async (H) => {
1277
- const { email: z, frontendUrl: Y, name: V, lastName: J, tenantId: te } = H, re = te ?? (i == null ? void 0 : i.id);
1300
+ }, ot = async ($) => {
1301
+ const { email: z, frontendUrl: Y, name: j, lastName: J, tenantId: te } = $, re = te ?? (i == null ? void 0 : i.id);
1278
1302
  if (!re)
1279
1303
  throw new Error("tenantId is required for magic link authentication");
1280
1304
  return await S.sendMagicLink({
1281
1305
  email: z,
1282
1306
  tenantId: re,
1283
1307
  frontendUrl: Y,
1284
- name: V,
1308
+ name: j,
1285
1309
  lastName: J,
1286
1310
  appId: t
1287
1311
  });
1288
- }, at = async (H) => {
1289
- const { token: z, email: Y, tenantSlug: V } = H;
1312
+ }, at = async ($) => {
1313
+ const { token: z, email: Y, tenantSlug: j } = $;
1290
1314
  let J = i == null ? void 0 : i.id, te = o, re = l;
1291
- V && (J = (await new be(C, t).getPublicTenantInfo(V)).id, te = V);
1315
+ j && (J = (await new ve(C, t).getPublicTenantInfo(j)).id, te = j);
1292
1316
  const ne = await S.verifyMagicLink({
1293
1317
  token: z,
1294
1318
  email: Y,
1295
1319
  appId: t,
1296
1320
  tenantId: J
1297
- }), K = V && V !== o;
1298
- if (K && (re = new we({
1321
+ }), K = j && j !== o;
1322
+ if (K && (re = new Se({
1299
1323
  tenantSlug: te,
1300
1324
  baseUrl: r
1301
1325
  })), re.setTokens({
@@ -1305,9 +1329,9 @@ function Tr({ config: n = {}, children: e }) {
1305
1329
  }), ne.user) {
1306
1330
  re.setUser(ne.user), p(ne.user);
1307
1331
  try {
1308
- await G();
1309
- } catch (ye) {
1310
- console.warn("Failed to load complete user data after magic link login:", ye);
1332
+ await V();
1333
+ } catch (be) {
1334
+ console.warn("Failed to load complete user data after magic link login:", be);
1311
1335
  }
1312
1336
  }
1313
1337
  return K && te && te !== o && a(te, {
@@ -1318,15 +1342,15 @@ function Tr({ config: n = {}, children: e }) {
1318
1342
  }
1319
1343
  }), ne;
1320
1344
  }, lt = async () => {
1321
- const H = l.getTokens();
1322
- if (!(H != null && H.refreshToken))
1345
+ const $ = l.getTokens();
1346
+ if (!($ != null && $.refreshToken))
1323
1347
  throw new Error("No refresh token available");
1324
1348
  const z = await S.refreshToken({
1325
- refreshToken: H.refreshToken
1349
+ refreshToken: $.refreshToken
1326
1350
  });
1327
1351
  l.setTokens({
1328
1352
  accessToken: z.accessToken,
1329
- refreshToken: z.refreshToken || H.refreshToken,
1353
+ refreshToken: z.refreshToken || $.refreshToken,
1330
1354
  expiresIn: z.expiresIn
1331
1355
  });
1332
1356
  }, ct = () => {
@@ -1335,29 +1359,29 @@ function Tr({ config: n = {}, children: e }) {
1335
1359
  localStorage.removeItem("userTenants");
1336
1360
  } catch {
1337
1361
  }
1338
- }, dt = (H) => {
1339
- l.setTokens(H);
1362
+ }, dt = ($) => {
1363
+ l.setTokens($);
1340
1364
  }, ut = () => l.hasValidSession(), ht = () => {
1341
1365
  l.clearSession(), p(null), E(null);
1342
- }, pt = async () => {
1366
+ }, ft = async () => {
1343
1367
  if (t)
1344
1368
  try {
1345
1369
  c(!0);
1346
- const { roles: H } = await y.getRolesByApp(t);
1347
- g(H);
1348
- } catch (H) {
1349
- console.error("Failed to fetch roles:", H);
1370
+ const { roles: $ } = await y.getRolesByApp(t);
1371
+ g($);
1372
+ } catch ($) {
1373
+ console.error("Failed to fetch roles:", $);
1350
1374
  } finally {
1351
1375
  c(!1);
1352
1376
  }
1353
- }, ft = async () => {
1354
- await pt();
1355
- }, Re = (H) => {
1377
+ }, pt = async () => {
1378
+ await ft();
1379
+ }, Re = ($) => {
1356
1380
  if (!Q || Q.length === 0)
1357
1381
  return !1;
1358
- if (typeof H == "string")
1359
- return Q.includes(H);
1360
- const z = `${H.resource}.${H.action}`;
1382
+ if (typeof $ == "string")
1383
+ return Q.includes($);
1384
+ const z = `${$.resource}.${$.action}`;
1361
1385
  return Q.includes(z);
1362
1386
  };
1363
1387
  return {
@@ -1365,8 +1389,8 @@ function Tr({ config: n = {}, children: e }) {
1365
1389
  isAuthenticated: O,
1366
1390
  sessionManager: l,
1367
1391
  authenticatedHttpService: C,
1368
- login: Ae,
1369
- signup: Pe,
1392
+ login: fe,
1393
+ signup: pe,
1370
1394
  signupTenantAdmin: rt,
1371
1395
  sendMagicLink: ot,
1372
1396
  verifyMagicLink: at,
@@ -1381,48 +1405,48 @@ function Tr({ config: n = {}, children: e }) {
1381
1405
  currentUser: I,
1382
1406
  isUserLoading: x,
1383
1407
  userError: F,
1384
- loadUserData: G,
1408
+ loadUserData: V,
1385
1409
  refreshUser: he,
1386
- isAuthInitializing: !h,
1387
- isAuthReady: h,
1388
- userRole: j,
1410
+ isAuthInitializing: !f,
1411
+ isAuthReady: f,
1412
+ userRole: G,
1389
1413
  userPermissions: Q,
1390
- availableRoles: f,
1414
+ availableRoles: h,
1391
1415
  rolesLoading: w,
1392
1416
  hasPermission: Re,
1393
- hasAnyPermission: (H) => H.some((z) => Re(z)),
1394
- hasAllPermissions: (H) => H.every((z) => Re(z)),
1417
+ hasAnyPermission: ($) => $.some((z) => Re(z)),
1418
+ hasAllPermissions: ($) => $.every((z) => Re(z)),
1395
1419
  getUserPermissionStrings: () => Q || [],
1396
- refreshRoles: ft,
1420
+ refreshRoles: pt,
1397
1421
  // RFC-004: Multi-tenant user membership
1398
1422
  userTenants: k,
1399
1423
  hasTenantContext: M,
1400
- switchToTenant: async (H, z) => {
1401
- const { redirectPath: Y } = z || {}, V = l.getTokens();
1402
- if (!(V != null && V.refreshToken))
1424
+ switchToTenant: async ($, z) => {
1425
+ const { redirectPath: Y } = z || {}, j = l.getTokens();
1426
+ if (!(j != null && j.refreshToken))
1403
1427
  throw new Error("No refresh token available for tenant switch");
1404
1428
  const J = await S.switchTenant({
1405
- refreshToken: V.refreshToken,
1406
- tenantId: H
1429
+ refreshToken: j.refreshToken,
1430
+ tenantId: $
1407
1431
  });
1408
1432
  l.setTokens({
1409
1433
  accessToken: J.accessToken,
1410
- refreshToken: V.refreshToken,
1434
+ refreshToken: j.refreshToken,
1411
1435
  // Keep the same refresh token
1412
1436
  expiresIn: J.expiresIn
1413
1437
  }), p(J.user), l.setUser(J.user), L(!0);
1414
- const te = k.find((re) => re.id === H);
1438
+ const te = k.find((re) => re.id === $);
1415
1439
  te && a(te.subdomain, {
1416
1440
  tokens: {
1417
1441
  accessToken: J.accessToken,
1418
- refreshToken: V.refreshToken,
1442
+ refreshToken: j.refreshToken,
1419
1443
  expiresIn: J.expiresIn
1420
1444
  },
1421
1445
  redirectPath: Y
1422
1446
  });
1423
1447
  },
1424
1448
  refreshUserTenants: async () => {
1425
- const H = await l.getAuthHeaders(), z = await S.getUserTenants(H);
1449
+ const $ = await l.getAuthHeaders(), z = await S.getUserTenants($);
1426
1450
  m(z);
1427
1451
  try {
1428
1452
  localStorage.setItem("userTenants", JSON.stringify(z));
@@ -1442,14 +1466,14 @@ function Tr({ config: n = {}, children: e }) {
1442
1466
  i,
1443
1467
  o,
1444
1468
  a,
1445
- f,
1469
+ h,
1446
1470
  I,
1447
1471
  x,
1448
1472
  F,
1449
1473
  k,
1450
1474
  M,
1451
- h,
1452
- j,
1475
+ f,
1476
+ G,
1453
1477
  Q,
1454
1478
  A,
1455
1479
  q
@@ -1458,8 +1482,8 @@ function Tr({ config: n = {}, children: e }) {
1458
1482
  !n.initialRoles && t && (async () => {
1459
1483
  try {
1460
1484
  c(!0);
1461
- const he = new ce(r), Ae = new _e(he), { roles: Pe } = await Ae.getRolesByApp(t);
1462
- g(Pe);
1485
+ const he = new ce(r), fe = new _e(he), { roles: pe } = await fe.getRolesByApp(t);
1486
+ g(pe);
1463
1487
  } catch (he) {
1464
1488
  console.error("Failed to fetch roles:", he);
1465
1489
  } finally {
@@ -1469,27 +1493,34 @@ function Tr({ config: n = {}, children: e }) {
1469
1493
  }, [t, r, n.initialRoles]);
1470
1494
  const [B, X] = T(!1);
1471
1495
  return ee(() => {
1472
- B || (X(!0), D.current.urlTokens && (console.log("[AuthProvider] EFFECT: Cleaning up URL after sync token processing"), Rt(), U(!0), console.log("[AuthProvider] EFFECT: Loading user data (blocking isAuthReady)..."), W.loadUserData().catch((G) => {
1473
- console.error("[AuthProvider] Failed to load user data:", G);
1496
+ B || (X(!0), D.current.urlTokens && (console.log("[AuthProvider] EFFECT: Cleaning up URL after sync token processing"), Rt(), U(!0), console.log("[AuthProvider] EFFECT: Loading user data (blocking isAuthReady)..."), W.loadUserData().catch((V) => {
1497
+ console.error("[AuthProvider] Failed to load user data:", V);
1474
1498
  }).finally(() => {
1475
1499
  console.log("[AuthProvider] EFFECT: User data loaded, releasing isAuthReady"), U(!1);
1476
1500
  })));
1477
1501
  }, [W, B]), ee(() => {
1478
- const G = l.getUser();
1479
- G && l.hasValidSession() ? (p(G), $(!1)) : l.hasValidSession() || $(!1);
1502
+ let V = !1;
1503
+ return (async () => {
1504
+ var pe;
1505
+ if (!l.hasValidSession() && ((pe = l.getTokens()) != null && pe.refreshToken) && await l.waitForPendingRefresh(), V) return;
1506
+ const fe = l.getUser();
1507
+ fe && l.hasValidSession() && p(fe), H(!1);
1508
+ })(), () => {
1509
+ V = !0;
1510
+ };
1480
1511
  }, [l]), ee(() => {
1481
1512
  B && (D.current.urlTokens || (!I && !x && l.hasValidSession() ? (console.log("[AuthProvider] Auto-loading user data..."), W.loadUserData().catch(() => {
1482
1513
  }).finally(() => {
1483
- $(!1);
1484
- })) : I && $(!1)));
1514
+ H(!1);
1515
+ })) : I && H(!1)));
1485
1516
  }, [I, x, W, l, B]), ee(() => {
1486
1517
  if (!l.hasValidSession() || !I)
1487
1518
  return;
1488
- const G = setInterval(() => {
1519
+ const V = setInterval(() => {
1489
1520
  W.loadUserData().catch(() => {
1490
1521
  });
1491
1522
  }, q);
1492
- return () => clearInterval(G);
1523
+ return () => clearInterval(V);
1493
1524
  }, [l, I, W, q]), /* @__PURE__ */ s(Ne.Provider, { value: W, children: e });
1494
1525
  }
1495
1526
  function ue() {
@@ -1581,9 +1612,9 @@ class It {
1581
1612
  })).data;
1582
1613
  }
1583
1614
  }
1584
- const Ue = fe(null);
1615
+ const Ue = me(null);
1585
1616
  function kr({ config: n = {}, children: e }) {
1586
- const t = Ze(), r = xe(), i = (t == null ? void 0 : t.baseUrl) ?? "", o = (t == null ? void 0 : t.appId) ?? "", a = (r == null ? void 0 : r.tenant) ?? null, [f, g] = T([]), [w, c] = T(!1), [I, p] = T(null), [x, R] = T(!1), F = Z(() => {
1617
+ const t = Ze(), r = Pe(), i = (t == null ? void 0 : t.baseUrl) ?? "", o = (t == null ? void 0 : t.appId) ?? "", a = (r == null ? void 0 : r.tenant) ?? null, [h, g] = T([]), [w, c] = T(!1), [I, p] = T(null), [x, R] = T(!1), F = Z(() => {
1587
1618
  const u = new ce(i);
1588
1619
  return new It(u);
1589
1620
  }, [i]), E = async () => {
@@ -1610,16 +1641,16 @@ function kr({ config: n = {}, children: e }) {
1610
1641
  }, [a == null ? void 0 : a.id, i, o, n.refreshInterval]);
1611
1642
  const A = Z(() => {
1612
1643
  const u = (D) => {
1613
- const P = f.find((U) => U.key === D);
1644
+ const P = h.find((U) => U.key === D);
1614
1645
  return (P == null ? void 0 : P.value) === !0;
1615
- }, k = (D) => f.find((P) => P.key === D), m = (D) => {
1616
- const P = f.find((U) => U.key === D);
1646
+ }, k = (D) => h.find((P) => P.key === D), m = (D) => {
1647
+ const P = h.find((U) => U.key === D);
1617
1648
  return P ? P.value ? "enabled" : "disabled" : "not_found";
1618
1649
  }, M = async () => {
1619
1650
  await E();
1620
1651
  }, L = !!(i && o) && (x || !(a != null && a.id));
1621
1652
  return {
1622
- featureFlags: f,
1653
+ featureFlags: h,
1623
1654
  loading: w,
1624
1655
  error: I,
1625
1656
  isReady: L,
@@ -1628,7 +1659,7 @@ function kr({ config: n = {}, children: e }) {
1628
1659
  getFlagState: m,
1629
1660
  refresh: M
1630
1661
  };
1631
- }, [f, w, I, i, o, a == null ? void 0 : a.id, x]);
1662
+ }, [h, w, I, i, o, a == null ? void 0 : a.id, x]);
1632
1663
  return /* @__PURE__ */ s(Ue.Provider, { value: A, children: e });
1633
1664
  }
1634
1665
  function Et() {
@@ -1706,20 +1737,20 @@ class Mt {
1706
1737
  )).data;
1707
1738
  }
1708
1739
  }
1709
- const $e = fe(void 0);
1740
+ const $e = me(void 0);
1710
1741
  function xr({ config: n = {}, children: e }) {
1711
- const t = Ze(), r = xe(), i = (t == null ? void 0 : t.baseUrl) ?? "", o = (r == null ? void 0 : r.tenant) ?? null, [a, f] = T(null), [g, w] = T(!1), [c, I] = T(null), [p, x] = T(!1), R = Z(() => {
1742
+ const t = Ze(), r = Pe(), i = (t == null ? void 0 : t.baseUrl) ?? "", o = (r == null ? void 0 : r.tenant) ?? null, [a, h] = T(null), [g, w] = T(!1), [c, I] = T(null), [p, x] = T(!1), R = Z(() => {
1712
1743
  const A = new ce(i);
1713
1744
  return new Mt(A);
1714
1745
  }, [i]), F = async () => {
1715
1746
  if (!(o != null && o.id)) {
1716
- f(null);
1747
+ h(null);
1717
1748
  return;
1718
1749
  }
1719
1750
  w(!0), I(null);
1720
1751
  try {
1721
1752
  const A = await R.getTenantSubscriptionFeatures(o.id);
1722
- f(A);
1753
+ h(A);
1723
1754
  } catch (A) {
1724
1755
  const u = A instanceof Error ? A.message : "Failed to fetch subscription";
1725
1756
  I(u), n.onError && n.onError(A instanceof Error ? A : new Error(u));
@@ -1792,7 +1823,7 @@ const He = {
1792
1823
  admin: { tenant: "required", auth: "required", userType: ae.TENANT_ADMIN },
1793
1824
  // Fully open
1794
1825
  open: { tenant: "optional", auth: "optional" }
1795
- }, Be = fe(null);
1826
+ }, Be = me(null);
1796
1827
  function Ar({ config: n = {}, children: e }) {
1797
1828
  const t = Z(() => {
1798
1829
  const r = {
@@ -1925,7 +1956,7 @@ function Rr({
1925
1956
  requiredPermissions: r,
1926
1957
  requireAllPermissions: i = !1
1927
1958
  }) {
1928
- const { hasValidSession: o, sessionManager: a, hasPermission: f, hasAnyPermission: g, hasAllPermissions: w } = ue();
1959
+ const { hasValidSession: o, sessionManager: a, hasPermission: h, hasAnyPermission: g, hasAllPermissions: w } = ue();
1929
1960
  if (!o())
1930
1961
  return /* @__PURE__ */ s(_, { children: e || /* @__PURE__ */ s(Ve, {}) });
1931
1962
  const c = a.getUser();
@@ -1934,7 +1965,7 @@ function Rr({
1934
1965
  if (t && !Dt(c.userType, t))
1935
1966
  return /* @__PURE__ */ s(je, { userType: c.userType, minUserType: t });
1936
1967
  if (r && r.length > 0 && !(i ? w(r) : g(r))) {
1937
- const p = r.filter((x) => !f(x)).map((x) => typeof x == "string" ? x : x.name);
1968
+ const p = r.filter((x) => !h(x)).map((x) => typeof x == "string" ? x : x.name);
1938
1969
  return /* @__PURE__ */ s(je, { missingPermissions: p });
1939
1970
  }
1940
1971
  return /* @__PURE__ */ s(_, { children: n });
@@ -2035,7 +2066,7 @@ function Ir({
2035
2066
  requireAllPermissions: i = !1,
2036
2067
  fallback: o
2037
2068
  }) {
2038
- const { hasValidSession: a, sessionManager: f, hasPermission: g, hasAnyPermission: w, hasAllPermissions: c } = ue(), I = ke();
2069
+ const { hasValidSession: a, sessionManager: h, hasPermission: g, hasAnyPermission: w, hasAllPermissions: c } = ue(), I = Ae();
2039
2070
  if (ee(() => {
2040
2071
  process.env.NODE_ENV === "development" && console.warn(
2041
2072
  "[react-identity-access] ProtectedRoute is deprecated. Use AuthenticatedZone or AdminZone from ZoneRoute instead."
@@ -2043,11 +2074,11 @@ function Ir({
2043
2074
  }, []), !a())
2044
2075
  return o ? /* @__PURE__ */ s(_, { children: o }) : /* @__PURE__ */ d(_, { children: [
2045
2076
  /* @__PURE__ */ s(Nt, { redirectPath: e }),
2046
- /* @__PURE__ */ s(Se, { to: e, state: { from: I.pathname }, replace: !0 })
2077
+ /* @__PURE__ */ s(Te, { to: e, state: { from: I.pathname }, replace: !0 })
2047
2078
  ] });
2048
- const p = f.getUser();
2079
+ const p = h.getUser();
2049
2080
  if (!p)
2050
- return /* @__PURE__ */ s(Se, { to: e, state: { from: I.pathname }, replace: !0 });
2081
+ return /* @__PURE__ */ s(Te, { to: e, state: { from: I.pathname }, replace: !0 });
2051
2082
  if (t && !Ct(p.userType, t))
2052
2083
  return /* @__PURE__ */ s(
2053
2084
  Ge,
@@ -2100,14 +2131,14 @@ const Ut = ({ redirectPath: n }) => /* @__PURE__ */ s(
2100
2131
  }
2101
2132
  );
2102
2133
  function Er({ children: n, redirectTo: e = "/", fallback: t }) {
2103
- const { tenant: r, isLoading: i, error: o } = me(), a = ke();
2134
+ const { tenant: r, isLoading: i, error: o } = we(), a = Ae();
2104
2135
  return ee(() => {
2105
2136
  process.env.NODE_ENV === "development" && console.warn(
2106
2137
  "[react-identity-access] TenantRoute is deprecated. Use TenantZone from ZoneRoute instead."
2107
2138
  );
2108
2139
  }, []), i || o ? null : r ? /* @__PURE__ */ s(_, { children: n }) : t ? /* @__PURE__ */ s(_, { children: t }) : /* @__PURE__ */ d(_, { children: [
2109
2140
  /* @__PURE__ */ s(Ut, { redirectPath: e }),
2110
- /* @__PURE__ */ s(Se, { to: e, state: { from: a.pathname }, replace: !0 })
2141
+ /* @__PURE__ */ s(Te, { to: e, state: { from: a.pathname }, replace: !0 })
2111
2142
  ] });
2112
2143
  }
2113
2144
  const $t = ({ redirectPath: n }) => /* @__PURE__ */ s(
@@ -2148,14 +2179,14 @@ const $t = ({ redirectPath: n }) => /* @__PURE__ */ s(
2148
2179
  }
2149
2180
  );
2150
2181
  function Mr({ children: n, redirectTo: e = "/dashboard", fallback: t }) {
2151
- const { tenant: r, isLoading: i, error: o } = me(), a = ke();
2182
+ const { tenant: r, isLoading: i, error: o } = we(), a = Ae();
2152
2183
  return ee(() => {
2153
2184
  process.env.NODE_ENV === "development" && console.warn(
2154
2185
  "[react-identity-access] LandingRoute is deprecated. Use PublicZone from ZoneRoute instead."
2155
2186
  );
2156
2187
  }, []), i || o ? null : r ? t ? /* @__PURE__ */ s(_, { children: t }) : /* @__PURE__ */ d(_, { children: [
2157
2188
  /* @__PURE__ */ s($t, { redirectPath: e }),
2158
- /* @__PURE__ */ s(Se, { to: e, state: { from: a.pathname }, replace: !0 })
2189
+ /* @__PURE__ */ s(Te, { to: e, state: { from: a.pathname }, replace: !0 })
2159
2190
  ] }) : /* @__PURE__ */ s(_, { children: n });
2160
2191
  }
2161
2192
  function Ht(n, e) {
@@ -2189,13 +2220,13 @@ const de = ({
2189
2220
  userType: i,
2190
2221
  requiredPermissions: o,
2191
2222
  requireAllPermissions: a = !0,
2192
- returnTo: f,
2223
+ returnTo: h,
2193
2224
  onAccessDenied: g,
2194
2225
  redirectTo: w,
2195
2226
  loadingFallback: c,
2196
2227
  accessDeniedFallback: I
2197
2228
  }) => {
2198
- const p = ke(), { isAuthenticated: x, isAuthInitializing: R, currentUser: F, userPermissions: E } = ue(), { tenant: A, isTenantLoading: u } = ge(), k = Ft(), m = Z(() => {
2229
+ const p = Ae(), { isAuthenticated: x, isAuthInitializing: R, currentUser: F, userPermissions: E } = ue(), { tenant: A, isTenantLoading: u } = ye(), k = Ft(), m = Z(() => {
2199
2230
  if (e)
2200
2231
  return k.presets[e];
2201
2232
  }, [e, k.presets]), M = Z(
@@ -2242,10 +2273,10 @@ const de = ({
2242
2273
  if (ee(() => {
2243
2274
  U && (g ? g(U) : k.onAccessDenied && k.onAccessDenied(U));
2244
2275
  }, [U, g, k]), ee(() => {
2245
- U && f && zt(f, p.pathname + p.search, k.returnToStorage);
2276
+ U && h && zt(h, p.pathname + p.search, k.returnToStorage);
2246
2277
  }, [
2247
2278
  U,
2248
- f,
2279
+ h,
2249
2280
  p.pathname,
2250
2281
  p.search,
2251
2282
  k.returnToStorage
@@ -2257,12 +2288,12 @@ const de = ({
2257
2288
  return /* @__PURE__ */ s(_, { children: l });
2258
2289
  const N = Ot(
2259
2290
  P,
2260
- f,
2291
+ h,
2261
2292
  p.pathname + p.search,
2262
2293
  k.returnToParam,
2263
2294
  k.returnToStorage
2264
2295
  );
2265
- return /* @__PURE__ */ s(Se, { to: N, replace: !0 });
2296
+ return /* @__PURE__ */ s(Te, { to: N, replace: !0 });
2266
2297
  }
2267
2298
  return /* @__PURE__ */ s(_, { children: n });
2268
2299
  }, Lr = (n) => /* @__PURE__ */ s(de, { tenant: "required", ...n }), Fr = (n) => /* @__PURE__ */ s(de, { tenant: "forbidden", ...n }), Dr = (n) => /* @__PURE__ */ s(de, { auth: "required", ...n }), Nr = (n) => /* @__PURE__ */ s(de, { auth: "forbidden", ...n }), Cr = (n) => /* @__PURE__ */ s(de, { auth: "required", userType: ae.TENANT_ADMIN, ...n }), Ur = (n) => /* @__PURE__ */ s(de, { auth: "required", userType: ae.USER, ...n }), $r = (n) => /* @__PURE__ */ s(de, { tenant: "optional", auth: "optional", ...n }), Hr = (n) => /* @__PURE__ */ s(de, { tenant: "required", auth: "required", ...n }), Br = (n) => /* @__PURE__ */ s(de, { tenant: "required", auth: "optional", ...n }), qr = (n) => /* @__PURE__ */ s(de, { tenant: "required", auth: "forbidden", ...n }), _t = () => /* @__PURE__ */ d(
@@ -2288,8 +2319,8 @@ function Or({
2288
2319
  allowedPlans: t,
2289
2320
  requiredFeature: r
2290
2321
  }) {
2291
- const { subscription: i, hasAllowedPlan: o, isFeatureEnabled: a, loading: f } = Lt();
2292
- return f ? /* @__PURE__ */ s(
2322
+ const { subscription: i, hasAllowedPlan: o, isFeatureEnabled: a, loading: h } = Lt();
2323
+ return h ? /* @__PURE__ */ s(
2293
2324
  "div",
2294
2325
  {
2295
2326
  style: {
@@ -2511,17 +2542,17 @@ function _r({
2511
2542
  onError: i,
2512
2543
  onForgotPassword: o,
2513
2544
  onSignupClick: a,
2514
- onMagicLinkClick: f,
2545
+ onMagicLinkClick: h,
2515
2546
  showForgotPassword: g = !0,
2516
2547
  showSignupLink: w = !0,
2517
2548
  showMagicLinkOption: c = !0,
2518
2549
  className: I
2519
2550
  }) {
2520
- const [p, x] = T(""), [R, F] = T(""), [E, A] = T(!1), [u, k] = T(!1), [m, M] = T(""), [L, D] = T({}), { login: P } = ue(), { tenant: U } = me(), l = { ...Qt, ...n }, N = { ...Kt, ...e }, $ = { ...Gt, ...t }, h = () => {
2551
+ const [p, x] = T(""), [R, F] = T(""), [E, A] = T(!1), [u, k] = T(!1), [m, M] = T(""), [L, D] = T({}), { login: P } = ue(), { tenant: U } = we(), l = { ...Qt, ...n }, N = { ...Kt, ...e }, H = { ...Gt, ...t }, f = () => {
2521
2552
  const y = {};
2522
2553
  return p.trim() || (y.username = !0), R.trim() || (y.password = !0), D(y), Object.keys(y).length === 0;
2523
2554
  }, C = async (y) => {
2524
- if (y.preventDefault(), !!h()) {
2555
+ if (y.preventDefault(), !!f()) {
2525
2556
  if (!(U != null && U.id)) {
2526
2557
  M("Tenant not found");
2527
2558
  return;
@@ -2535,8 +2566,8 @@ function _r({
2535
2566
  });
2536
2567
  r == null || r(v);
2537
2568
  } catch (v) {
2538
- const j = v.message || l.errorMessage;
2539
- M(j), i == null || i(j);
2569
+ const G = v.message || l.errorMessage;
2570
+ M(G), i == null || i(G);
2540
2571
  } finally {
2541
2572
  k(!1);
2542
2573
  }
@@ -2600,7 +2631,7 @@ function _r({
2600
2631
  style: N.passwordToggle,
2601
2632
  disabled: u,
2602
2633
  "aria-label": E ? "Hide password" : "Show password",
2603
- children: E ? $.hidePassword : $.showPassword
2634
+ children: E ? H.hidePassword : H.showPassword
2604
2635
  }
2605
2636
  )
2606
2637
  ] })
@@ -2614,7 +2645,7 @@ function _r({
2614
2645
  l.magicLinkText,
2615
2646
  " "
2616
2647
  ] }),
2617
- /* @__PURE__ */ s("a", { onClick: f, style: N.link, children: l.magicLinkLink })
2648
+ /* @__PURE__ */ s("a", { onClick: h, style: N.link, children: l.magicLinkLink })
2618
2649
  ] }),
2619
2650
  c && (g || w) && /* @__PURE__ */ s("div", { style: N.divider, children: "•" }),
2620
2651
  g && /* @__PURE__ */ s("a", { onClick: o, style: N.link, children: l.forgotPasswordLink }),
@@ -2762,17 +2793,17 @@ function Wr({
2762
2793
  onError: i,
2763
2794
  onLoginClick: o,
2764
2795
  onMagicLinkClick: a,
2765
- showLoginLink: f = !0,
2796
+ showLoginLink: h = !0,
2766
2797
  showMagicLinkOption: g = !0,
2767
2798
  className: w
2768
2799
  }) {
2769
- const [c, I] = T(""), [p, x] = T(""), [R, F] = T(""), [E, A] = T(""), [u, k] = T(""), [m, M] = T(""), [L, D] = T(""), [P, U] = T(!1), [l, N] = T(""), [$, h] = T({}), { signup: C, signupTenantAdmin: S } = ue(), { tenant: b } = me(), y = { ...Zt, ...n }, v = { ...Jt, ...e }, j = () => {
2800
+ const [c, I] = T(""), [p, x] = T(""), [R, F] = T(""), [E, A] = T(""), [u, k] = T(""), [m, M] = T(""), [L, D] = T(""), [P, U] = T(!1), [l, N] = T(""), [H, f] = T({}), { signup: C, signupTenantAdmin: S } = ue(), { tenant: b } = we(), y = { ...Zt, ...n }, v = { ...Jt, ...e }, G = () => {
2770
2801
  const B = {};
2771
- return c.trim() || (B.name = !0), !R.trim() && !E.trim() && (B.email = !0, B.phoneNumber = !0), u.trim() || (B.password = !0), m.trim() || (B.confirmPassword = !0), t === "tenant" && !L.trim() && (B.tenantName = !0), h(B), Object.keys(B).length === 0;
2802
+ return c.trim() || (B.name = !0), !R.trim() && !E.trim() && (B.email = !0, B.phoneNumber = !0), u.trim() || (B.password = !0), m.trim() || (B.confirmPassword = !0), t === "tenant" && !L.trim() && (B.tenantName = !0), f(B), Object.keys(B).length === 0;
2772
2803
  }, Q = async (B) => {
2773
- if (B.preventDefault(), !!j()) {
2804
+ if (B.preventDefault(), !!G()) {
2774
2805
  if (u !== m) {
2775
- N(y.passwordMismatchError), h({ confirmPassword: !0 });
2806
+ N(y.passwordMismatchError), f({ confirmPassword: !0 });
2776
2807
  return;
2777
2808
  }
2778
2809
  if (t === "user" && !(b != null && b.id)) {
@@ -2798,15 +2829,15 @@ function Wr({
2798
2829
  lastName: p || void 0
2799
2830
  }), r == null || r(X);
2800
2831
  } catch (X) {
2801
- const G = X.message || y.errorMessage;
2802
- N(G), i == null || i(G);
2832
+ const V = X.message || y.errorMessage;
2833
+ N(V), i == null || i(V);
2803
2834
  } finally {
2804
2835
  U(!1);
2805
2836
  }
2806
2837
  }
2807
2838
  }, O = (B) => ({
2808
2839
  ...v.input,
2809
- ...$[B] ? v.inputError : {}
2840
+ ...H[B] ? v.inputError : {}
2810
2841
  }), q = () => ({
2811
2842
  ...v.button,
2812
2843
  ...P ? v.buttonLoading : {},
@@ -2825,7 +2856,7 @@ function Wr({
2825
2856
  type: "text",
2826
2857
  value: c,
2827
2858
  onChange: (B) => {
2828
- I(B.target.value), $.name && h((X) => ({ ...X, name: !1 }));
2859
+ I(B.target.value), H.name && f((X) => ({ ...X, name: !1 }));
2829
2860
  },
2830
2861
  placeholder: y.namePlaceholder,
2831
2862
  style: O("name"),
@@ -2859,7 +2890,7 @@ function Wr({
2859
2890
  type: "email",
2860
2891
  value: R,
2861
2892
  onChange: (B) => {
2862
- F(B.target.value), $.email && h((X) => ({ ...X, email: !1, phoneNumber: !1 }));
2893
+ F(B.target.value), H.email && f((X) => ({ ...X, email: !1, phoneNumber: !1 }));
2863
2894
  },
2864
2895
  placeholder: y.emailPlaceholder,
2865
2896
  style: O("email"),
@@ -2877,7 +2908,7 @@ function Wr({
2877
2908
  type: "tel",
2878
2909
  value: E,
2879
2910
  onChange: (B) => {
2880
- A(B.target.value), $.phoneNumber && h((X) => ({ ...X, email: !1, phoneNumber: !1 }));
2911
+ A(B.target.value), H.phoneNumber && f((X) => ({ ...X, email: !1, phoneNumber: !1 }));
2881
2912
  },
2882
2913
  placeholder: y.phoneNumberPlaceholder,
2883
2914
  style: O("phoneNumber"),
@@ -2907,7 +2938,7 @@ function Wr({
2907
2938
  type: "password",
2908
2939
  value: u,
2909
2940
  onChange: (B) => {
2910
- k(B.target.value), $.password && h((X) => ({ ...X, password: !1 }));
2941
+ k(B.target.value), H.password && f((X) => ({ ...X, password: !1 }));
2911
2942
  },
2912
2943
  placeholder: y.passwordPlaceholder,
2913
2944
  style: O("password"),
@@ -2925,7 +2956,7 @@ function Wr({
2925
2956
  type: "password",
2926
2957
  value: m,
2927
2958
  onChange: (B) => {
2928
- M(B.target.value), $.confirmPassword && h((X) => ({ ...X, confirmPassword: !1 })), l === y.passwordMismatchError && N("");
2959
+ M(B.target.value), H.confirmPassword && f((X) => ({ ...X, confirmPassword: !1 })), l === y.passwordMismatchError && N("");
2929
2960
  },
2930
2961
  placeholder: y.confirmPasswordPlaceholder,
2931
2962
  style: O("confirmPassword"),
@@ -2943,7 +2974,7 @@ function Wr({
2943
2974
  type: "text",
2944
2975
  value: L,
2945
2976
  onChange: (B) => {
2946
- D(B.target.value), $.tenantName && h((X) => ({ ...X, tenantName: !1 }));
2977
+ D(B.target.value), H.tenantName && f((X) => ({ ...X, tenantName: !1 }));
2947
2978
  },
2948
2979
  placeholder: y.tenantNamePlaceholder,
2949
2980
  style: O("tenantName"),
@@ -2954,7 +2985,7 @@ function Wr({
2954
2985
  /* @__PURE__ */ s("button", { type: "submit", disabled: !W || P, style: q(), children: P ? y.loadingText : y.submitButton }),
2955
2986
  l && /* @__PURE__ */ s("div", { style: v.errorText, children: l })
2956
2987
  ] }),
2957
- (f || g) && /* @__PURE__ */ d("div", { style: v.linkContainer, children: [
2988
+ (h || g) && /* @__PURE__ */ d("div", { style: v.linkContainer, children: [
2958
2989
  g && /* @__PURE__ */ d("div", { children: [
2959
2990
  /* @__PURE__ */ d("span", { style: v.divider, children: [
2960
2991
  y.magicLinkText,
@@ -2962,8 +2993,8 @@ function Wr({
2962
2993
  ] }),
2963
2994
  /* @__PURE__ */ s("a", { onClick: a, style: v.link, children: y.magicLinkLink })
2964
2995
  ] }),
2965
- g && f && /* @__PURE__ */ s("div", { style: v.divider, children: "•" }),
2966
- f && /* @__PURE__ */ d("div", { children: [
2996
+ g && h && /* @__PURE__ */ s("div", { style: v.divider, children: "•" }),
2997
+ h && /* @__PURE__ */ d("div", { children: [
2967
2998
  /* @__PURE__ */ d("span", { style: v.divider, children: [
2968
2999
  y.loginText,
2969
3000
  " "
@@ -3102,11 +3133,11 @@ function Vr({
3102
3133
  onLoginClick: i,
3103
3134
  onSignupClick: o,
3104
3135
  showTraditionalLinks: a = !0,
3105
- className: f,
3136
+ className: h,
3106
3137
  verifyToken: g,
3107
3138
  frontendUrl: w
3108
3139
  }) {
3109
- const [c, I] = T(""), [p, x] = T(""), [R, F] = T(""), [E, A] = T(!1), [u, k] = T(!1), [m, M] = T(""), [L, D] = T(""), [P, U] = T({}), [l, N] = T(!1), { sendMagicLink: $, verifyMagicLink: h } = ue(), { tenant: C } = me(), S = { ...Yt, ...n }, b = { ...Xt, ...e };
3140
+ const [c, I] = T(""), [p, x] = T(""), [R, F] = T(""), [E, A] = T(!1), [u, k] = T(!1), [m, M] = T(""), [L, D] = T(""), [P, U] = T({}), [l, N] = T(!1), { sendMagicLink: H, verifyMagicLink: f } = ue(), { tenant: C } = we(), S = { ...Yt, ...n }, b = { ...Xt, ...e };
3110
3141
  ee(() => {
3111
3142
  g && y(g);
3112
3143
  }, [g]);
@@ -3117,7 +3148,7 @@ function Vr({
3117
3148
  }
3118
3149
  k(!0), M("");
3119
3150
  try {
3120
- const W = await h({
3151
+ const W = await f({
3121
3152
  token: q,
3122
3153
  email: c
3123
3154
  // tenantId inferred from context automatically
@@ -3132,7 +3163,7 @@ function Vr({
3132
3163
  }, v = () => {
3133
3164
  const q = {};
3134
3165
  return c.trim() || (q.email = !0), l && !p.trim() && (q.name = !0), U(q), Object.keys(q).length === 0;
3135
- }, j = async (q) => {
3166
+ }, G = async (q) => {
3136
3167
  if (q.preventDefault(), !!v()) {
3137
3168
  if (!(C != null && C.id)) {
3138
3169
  M("Tenant not found");
@@ -3140,7 +3171,7 @@ function Vr({
3140
3171
  }
3141
3172
  A(!0), M(""), D("");
3142
3173
  try {
3143
- const W = w || (typeof window < "u" ? window.location.origin : ""), B = await $({
3174
+ const W = w || (typeof window < "u" ? window.location.origin : ""), B = await H({
3144
3175
  email: c,
3145
3176
  tenantId: C.id,
3146
3177
  frontendUrl: W,
@@ -3163,13 +3194,13 @@ function Vr({
3163
3194
  ...E || u ? b.buttonLoading : {},
3164
3195
  ...!c || E || u ? b.buttonDisabled : {}
3165
3196
  });
3166
- return u ? /* @__PURE__ */ d("div", { className: f, style: b.container, children: [
3197
+ return u ? /* @__PURE__ */ d("div", { className: h, style: b.container, children: [
3167
3198
  /* @__PURE__ */ s("h2", { style: b.title, children: S.verifyingText }),
3168
3199
  /* @__PURE__ */ s("div", { style: { textAlign: "center", padding: "2rem" }, children: /* @__PURE__ */ s("div", { style: { fontSize: "1rem", color: "#6b7280" }, children: "Please wait while we verify your magic link..." }) })
3169
- ] }) : /* @__PURE__ */ d("div", { className: f, style: b.container, children: [
3200
+ ] }) : /* @__PURE__ */ d("div", { className: h, style: b.container, children: [
3170
3201
  /* @__PURE__ */ s("h2", { style: b.title, children: S.title }),
3171
3202
  /* @__PURE__ */ s("p", { style: b.description, children: S.description }),
3172
- /* @__PURE__ */ d("form", { onSubmit: j, style: b.form, children: [
3203
+ /* @__PURE__ */ d("form", { onSubmit: G, style: b.form, children: [
3173
3204
  /* @__PURE__ */ d("div", { style: b.fieldGroup, children: [
3174
3205
  /* @__PURE__ */ s("label", { style: b.label, children: S.emailLabel }),
3175
3206
  /* @__PURE__ */ s(
@@ -3424,7 +3455,7 @@ function jr({
3424
3455
  onError: i,
3425
3456
  onRetry: o,
3426
3457
  onBackToLogin: a,
3427
- className: f,
3458
+ className: h,
3428
3459
  token: g,
3429
3460
  email: w,
3430
3461
  appId: c,
@@ -3522,7 +3553,7 @@ function jr({
3522
3553
  return null;
3523
3554
  }
3524
3555
  };
3525
- return /* @__PURE__ */ d("div", { style: k.container, className: f, children: [
3556
+ return /* @__PURE__ */ d("div", { style: k.container, className: h, children: [
3526
3557
  /* @__PURE__ */ s("style", { children: `
3527
3558
  @keyframes spin {
3528
3559
  0% { transform: rotate(0deg); }
@@ -3655,10 +3686,10 @@ function Gr({
3655
3686
  onSuccess: i,
3656
3687
  onError: o,
3657
3688
  onBackToLogin: a,
3658
- onModeChange: f,
3689
+ onModeChange: h,
3659
3690
  className: g
3660
3691
  }) {
3661
- const [w, c] = T(""), [I, p] = T(r), [x, R] = T(""), [F, E] = T(""), [A, u] = T(!1), [k, m] = T(""), [M, L] = T(""), [D, P] = T({}), { requestPasswordReset: U, confirmPasswordReset: l } = ue(), { tenant: N } = me(), $ = { ...ir, ...n }, h = { ...or, ...e }, C = () => {
3692
+ const [w, c] = T(""), [I, p] = T(r), [x, R] = T(""), [F, E] = T(""), [A, u] = T(!1), [k, m] = T(""), [M, L] = T(""), [D, P] = T({}), { requestPasswordReset: U, confirmPasswordReset: l } = ue(), { tenant: N } = we(), H = { ...ir, ...n }, f = { ...or, ...e }, C = () => {
3662
3693
  const O = {};
3663
3694
  return w.trim() || (O.email = !0), P(O), Object.keys(O).length === 0;
3664
3695
  }, S = () => {
@@ -3672,9 +3703,9 @@ function Gr({
3672
3703
  }
3673
3704
  u(!0), m(""), L("");
3674
3705
  try {
3675
- await U({ email: w, tenantId: N.id }), L($.successMessage), i == null || i();
3706
+ await U({ email: w, tenantId: N.id }), L(H.successMessage), i == null || i();
3676
3707
  } catch (q) {
3677
- const W = q.message || $.errorMessage;
3708
+ const W = q.message || H.errorMessage;
3678
3709
  m(W), o == null || o(W);
3679
3710
  } finally {
3680
3711
  u(!1);
@@ -3683,34 +3714,34 @@ function Gr({
3683
3714
  }, y = async (O) => {
3684
3715
  if (O.preventDefault(), !!S()) {
3685
3716
  if (x !== F) {
3686
- m($.passwordMismatchError), P({ confirmPassword: !0 });
3717
+ m(H.passwordMismatchError), P({ confirmPassword: !0 });
3687
3718
  return;
3688
3719
  }
3689
3720
  u(!0), m(""), L("");
3690
3721
  try {
3691
- await l({ token: I, newPassword: x }), L($.resetSuccessMessage), i == null || i();
3722
+ await l({ token: I, newPassword: x }), L(H.resetSuccessMessage), i == null || i();
3692
3723
  } catch (q) {
3693
- const W = q.message || $.errorMessage;
3724
+ const W = q.message || H.errorMessage;
3694
3725
  m(W), o == null || o(W);
3695
3726
  } finally {
3696
3727
  u(!1);
3697
3728
  }
3698
3729
  }
3699
3730
  }, v = (O) => ({
3700
- ...h.input,
3701
- ...D[O] ? h.inputError : {}
3702
- }), j = () => ({
3703
- ...h.button,
3704
- ...A ? h.buttonLoading : {}
3731
+ ...f.input,
3732
+ ...D[O] ? f.inputError : {}
3733
+ }), G = () => ({
3734
+ ...f.button,
3735
+ ...A ? f.buttonLoading : {}
3705
3736
  });
3706
3737
  if (t === "reset") {
3707
3738
  const O = I && x && F;
3708
- return /* @__PURE__ */ d("div", { className: g, style: h.container, children: [
3709
- /* @__PURE__ */ s("h2", { style: h.title, children: $.resetTitle }),
3710
- /* @__PURE__ */ s("p", { style: h.subtitle, children: $.resetSubtitle }),
3711
- /* @__PURE__ */ d("form", { onSubmit: y, style: h.form, children: [
3712
- /* @__PURE__ */ d("div", { style: h.fieldGroup, children: [
3713
- /* @__PURE__ */ s("label", { style: h.label, children: $.tokenLabel }),
3739
+ return /* @__PURE__ */ d("div", { className: g, style: f.container, children: [
3740
+ /* @__PURE__ */ s("h2", { style: f.title, children: H.resetTitle }),
3741
+ /* @__PURE__ */ s("p", { style: f.subtitle, children: H.resetSubtitle }),
3742
+ /* @__PURE__ */ d("form", { onSubmit: y, style: f.form, children: [
3743
+ /* @__PURE__ */ d("div", { style: f.fieldGroup, children: [
3744
+ /* @__PURE__ */ s("label", { style: f.label, children: H.tokenLabel }),
3714
3745
  /* @__PURE__ */ s(
3715
3746
  "input",
3716
3747
  {
@@ -3719,14 +3750,14 @@ function Gr({
3719
3750
  onChange: (q) => {
3720
3751
  p(q.target.value), D.token && P((W) => ({ ...W, token: !1 }));
3721
3752
  },
3722
- placeholder: $.tokenPlaceholder,
3753
+ placeholder: H.tokenPlaceholder,
3723
3754
  style: v("token"),
3724
3755
  disabled: A
3725
3756
  }
3726
3757
  )
3727
3758
  ] }),
3728
- /* @__PURE__ */ d("div", { style: h.fieldGroup, children: [
3729
- /* @__PURE__ */ s("label", { style: h.label, children: $.newPasswordLabel }),
3759
+ /* @__PURE__ */ d("div", { style: f.fieldGroup, children: [
3760
+ /* @__PURE__ */ s("label", { style: f.label, children: H.newPasswordLabel }),
3730
3761
  /* @__PURE__ */ s(
3731
3762
  "input",
3732
3763
  {
@@ -3735,23 +3766,23 @@ function Gr({
3735
3766
  onChange: (q) => {
3736
3767
  R(q.target.value), D.newPassword && P((W) => ({ ...W, newPassword: !1 }));
3737
3768
  },
3738
- placeholder: $.newPasswordPlaceholder,
3769
+ placeholder: H.newPasswordPlaceholder,
3739
3770
  style: v("newPassword"),
3740
3771
  disabled: A
3741
3772
  }
3742
3773
  )
3743
3774
  ] }),
3744
- /* @__PURE__ */ d("div", { style: h.fieldGroup, children: [
3745
- /* @__PURE__ */ s("label", { style: h.label, children: $.confirmPasswordLabel }),
3775
+ /* @__PURE__ */ d("div", { style: f.fieldGroup, children: [
3776
+ /* @__PURE__ */ s("label", { style: f.label, children: H.confirmPasswordLabel }),
3746
3777
  /* @__PURE__ */ s(
3747
3778
  "input",
3748
3779
  {
3749
3780
  type: "password",
3750
3781
  value: F,
3751
3782
  onChange: (q) => {
3752
- E(q.target.value), D.confirmPassword && P((W) => ({ ...W, confirmPassword: !1 })), k === $.passwordMismatchError && m("");
3783
+ E(q.target.value), D.confirmPassword && P((W) => ({ ...W, confirmPassword: !1 })), k === H.passwordMismatchError && m("");
3753
3784
  },
3754
- placeholder: $.confirmPasswordPlaceholder,
3785
+ placeholder: H.confirmPasswordPlaceholder,
3755
3786
  style: v("confirmPassword"),
3756
3787
  disabled: A
3757
3788
  }
@@ -3763,31 +3794,31 @@ function Gr({
3763
3794
  type: "submit",
3764
3795
  disabled: !O || A,
3765
3796
  style: {
3766
- ...j(),
3767
- ...!O || A ? h.buttonDisabled : {}
3797
+ ...G(),
3798
+ ...!O || A ? f.buttonDisabled : {}
3768
3799
  },
3769
- children: A ? $.resetLoadingText : $.resetSubmitButton
3800
+ children: A ? H.resetLoadingText : H.resetSubmitButton
3770
3801
  }
3771
3802
  ),
3772
- k && /* @__PURE__ */ s("div", { style: h.errorText, children: k }),
3773
- M && /* @__PURE__ */ s("div", { style: h.successText, children: M })
3803
+ k && /* @__PURE__ */ s("div", { style: f.errorText, children: k }),
3804
+ M && /* @__PURE__ */ s("div", { style: f.successText, children: M })
3774
3805
  ] }),
3775
- /* @__PURE__ */ d("div", { style: h.linkContainer, children: [
3776
- /* @__PURE__ */ s("a", { onClick: a, style: h.link, children: $.backToLoginLink }),
3777
- f && /* @__PURE__ */ d(_, { children: [
3806
+ /* @__PURE__ */ d("div", { style: f.linkContainer, children: [
3807
+ /* @__PURE__ */ s("a", { onClick: a, style: f.link, children: H.backToLoginLink }),
3808
+ h && /* @__PURE__ */ d(_, { children: [
3778
3809
  /* @__PURE__ */ s("span", { style: { margin: "0 0.5rem", color: "#6b7280" }, children: "•" }),
3779
- /* @__PURE__ */ s("a", { onClick: () => f("request"), style: h.link, children: "Request New Link" })
3810
+ /* @__PURE__ */ s("a", { onClick: () => h("request"), style: f.link, children: "Request New Link" })
3780
3811
  ] })
3781
3812
  ] })
3782
3813
  ] });
3783
3814
  }
3784
3815
  const Q = w;
3785
- return /* @__PURE__ */ d("div", { className: g, style: h.container, children: [
3786
- /* @__PURE__ */ s("h2", { style: h.title, children: $.title }),
3787
- /* @__PURE__ */ s("p", { style: h.subtitle, children: $.subtitle }),
3788
- /* @__PURE__ */ d("form", { onSubmit: b, style: h.form, children: [
3789
- /* @__PURE__ */ d("div", { style: h.fieldGroup, children: [
3790
- /* @__PURE__ */ s("label", { style: h.label, children: $.emailLabel }),
3816
+ return /* @__PURE__ */ d("div", { className: g, style: f.container, children: [
3817
+ /* @__PURE__ */ s("h2", { style: f.title, children: H.title }),
3818
+ /* @__PURE__ */ s("p", { style: f.subtitle, children: H.subtitle }),
3819
+ /* @__PURE__ */ d("form", { onSubmit: b, style: f.form, children: [
3820
+ /* @__PURE__ */ d("div", { style: f.fieldGroup, children: [
3821
+ /* @__PURE__ */ s("label", { style: f.label, children: H.emailLabel }),
3791
3822
  /* @__PURE__ */ s(
3792
3823
  "input",
3793
3824
  {
@@ -3796,7 +3827,7 @@ function Gr({
3796
3827
  onChange: (O) => {
3797
3828
  c(O.target.value), D.email && P((q) => ({ ...q, email: !1 }));
3798
3829
  },
3799
- placeholder: $.emailPlaceholder,
3830
+ placeholder: H.emailPlaceholder,
3800
3831
  style: v("email"),
3801
3832
  disabled: A
3802
3833
  }
@@ -3808,20 +3839,20 @@ function Gr({
3808
3839
  type: "submit",
3809
3840
  disabled: !Q || A,
3810
3841
  style: {
3811
- ...j(),
3812
- ...!Q || A ? h.buttonDisabled : {}
3842
+ ...G(),
3843
+ ...!Q || A ? f.buttonDisabled : {}
3813
3844
  },
3814
- children: A ? $.loadingText : $.submitButton
3845
+ children: A ? H.loadingText : H.submitButton
3815
3846
  }
3816
3847
  ),
3817
- k && /* @__PURE__ */ s("div", { style: h.errorText, children: k }),
3818
- M && /* @__PURE__ */ s("div", { style: h.successText, children: M })
3848
+ k && /* @__PURE__ */ s("div", { style: f.errorText, children: k }),
3849
+ M && /* @__PURE__ */ s("div", { style: f.successText, children: M })
3819
3850
  ] }),
3820
- /* @__PURE__ */ d("div", { style: h.linkContainer, children: [
3821
- /* @__PURE__ */ s("a", { onClick: a, style: h.link, children: $.backToLoginLink }),
3822
- f && /* @__PURE__ */ d(_, { children: [
3851
+ /* @__PURE__ */ d("div", { style: f.linkContainer, children: [
3852
+ /* @__PURE__ */ s("a", { onClick: a, style: f.link, children: H.backToLoginLink }),
3853
+ h && /* @__PURE__ */ d(_, { children: [
3823
3854
  /* @__PURE__ */ s("span", { style: { margin: "0 0.5rem", color: "#6b7280" }, children: "•" }),
3824
- /* @__PURE__ */ s("a", { onClick: () => f("reset"), style: h.link, children: "I have a token" })
3855
+ /* @__PURE__ */ s("a", { onClick: () => h("reset"), style: f.link, children: "I have a token" })
3825
3856
  ] })
3826
3857
  ] })
3827
3858
  ] });
@@ -3878,9 +3909,9 @@ function Qr({
3878
3909
  errorFallback: t,
3879
3910
  requireTenant: r = !0
3880
3911
  }) {
3881
- const { isAppLoading: i, appError: o, retryApp: a } = ve(), f = xe(), g = Ce(), w = Je(), c = Ye(), I = (f == null ? void 0 : f.isTenantLoading) ?? !1, p = (f == null ? void 0 : f.tenantError) ?? null, x = (f == null ? void 0 : f.tenantSlug) ?? null, R = (f == null ? void 0 : f.retryTenant) ?? (() => {
3882
- }), F = (g == null ? void 0 : g.isAuthReady) ?? !0, E = (w == null ? void 0 : w.isReady) ?? !0, A = (c == null ? void 0 : c.isReady) ?? !0, u = r && f && x, L = i || u && I || g && !F || w && !E || c && !A, D = o || (u ? p : null), P = () => {
3883
- o && a(), p && f && R();
3912
+ const { isAppLoading: i, appError: o, retryApp: a } = ke(), h = Pe(), g = Ce(), w = Je(), c = Ye(), I = (h == null ? void 0 : h.isTenantLoading) ?? !1, p = (h == null ? void 0 : h.tenantError) ?? null, x = (h == null ? void 0 : h.tenantSlug) ?? null, R = (h == null ? void 0 : h.retryTenant) ?? (() => {
3913
+ }), F = (g == null ? void 0 : g.isAuthReady) ?? !0, E = (w == null ? void 0 : w.isReady) ?? !0, A = (c == null ? void 0 : c.isReady) ?? !0, u = r && h && x, L = i || u && I || g && !F || w && !E || c && !A, D = o || (u ? p : null), P = () => {
3914
+ o && a(), p && h && R();
3884
3915
  };
3885
3916
  if (L)
3886
3917
  return /* @__PURE__ */ s(_, { children: e || /* @__PURE__ */ s(ar, {}) });
@@ -3891,8 +3922,8 @@ function Qr({
3891
3922
  return /* @__PURE__ */ s(_, { children: n });
3892
3923
  }
3893
3924
  function Kr(n = !0) {
3894
- const { isAppLoading: e, appError: t, retryApp: r, appInfo: i } = ve(), o = xe(), a = Ce(), f = Je(), g = Ye(), w = (o == null ? void 0 : o.isTenantLoading) ?? !1, c = (o == null ? void 0 : o.tenantError) ?? null, I = (o == null ? void 0 : o.tenant) ?? null, p = (o == null ? void 0 : o.tenantSlug) ?? null, x = (o == null ? void 0 : o.retryTenant) ?? (() => {
3895
- }), R = (a == null ? void 0 : a.isAuthReady) ?? !0, F = (f == null ? void 0 : f.isReady) ?? !0, E = (g == null ? void 0 : g.isReady) ?? !0, A = n && o && p, M = e || A && w || a && !R || f && !F || g && !E, L = t || (A ? c : null);
3925
+ const { isAppLoading: e, appError: t, retryApp: r, appInfo: i } = ke(), o = Pe(), a = Ce(), h = Je(), g = Ye(), w = (o == null ? void 0 : o.isTenantLoading) ?? !1, c = (o == null ? void 0 : o.tenantError) ?? null, I = (o == null ? void 0 : o.tenant) ?? null, p = (o == null ? void 0 : o.tenantSlug) ?? null, x = (o == null ? void 0 : o.retryTenant) ?? (() => {
3926
+ }), R = (a == null ? void 0 : a.isAuthReady) ?? !0, F = (h == null ? void 0 : h.isReady) ?? !0, E = (g == null ? void 0 : g.isReady) ?? !0, A = n && o && p, M = e || A && w || a && !R || h && !F || g && !E, L = t || (A ? c : null);
3896
3927
  return {
3897
3928
  isLoading: M,
3898
3929
  error: L,
@@ -3904,7 +3935,7 @@ function Kr(n = !0) {
3904
3935
  app: { isLoading: e, error: t, data: i },
3905
3936
  tenant: o ? { isLoading: w, error: c, data: I } : null,
3906
3937
  auth: a ? { isReady: R } : null,
3907
- featureFlags: f ? { isReady: F } : null,
3938
+ featureFlags: h ? { isReady: F } : null,
3908
3939
  subscription: g ? { isReady: E } : null
3909
3940
  };
3910
3941
  }
@@ -3916,7 +3947,7 @@ function Zr({
3916
3947
  dropdownClassName: i = "",
3917
3948
  itemClassName: o = "",
3918
3949
  renderItem: a,
3919
- placeholder: f = "Select tenant",
3950
+ placeholder: h = "Select tenant",
3920
3951
  disabled: g = !1,
3921
3952
  showCurrentTenant: w = !0
3922
3953
  }) {
@@ -3955,7 +3986,7 @@ function Zr({
3955
3986
  opacity: g ? 0.6 : 1
3956
3987
  },
3957
3988
  children: [
3958
- A ? A.name : f,
3989
+ A ? A.name : h,
3959
3990
  /* @__PURE__ */ s("span", { style: { marginLeft: 8 }, children: I ? "▲" : "▼" })
3960
3991
  ]
3961
3992
  }
@@ -4260,7 +4291,7 @@ function tn(n = {}) {
4260
4291
  zoneRoots: e = {},
4261
4292
  returnToParam: t = tt,
4262
4293
  returnToStorage: r = "url"
4263
- } = n, i = gt(), [o, a] = mt(), { isAuthenticated: f, currentUser: g } = ue(), { tenant: w } = ge(), c = Z(() => ({ ...He, ...e }), [e]), I = !!w, p = g == null ? void 0 : g.userType, x = Z(() => {
4294
+ } = n, i = gt(), [o, a] = mt(), { isAuthenticated: h, currentUser: g } = ue(), { tenant: w } = ye(), c = Z(() => ({ ...He, ...e }), [e]), I = !!w, p = g == null ? void 0 : g.userType, x = Z(() => {
4264
4295
  switch (r) {
4265
4296
  case "url":
4266
4297
  return o.get(t);
@@ -4271,7 +4302,7 @@ function tn(n = {}) {
4271
4302
  default:
4272
4303
  return null;
4273
4304
  }
4274
- }, [r, o, t]), R = se(() => {
4305
+ }, [r, o, t]), R = ie(() => {
4275
4306
  switch (r) {
4276
4307
  case "url": {
4277
4308
  const u = new URLSearchParams(o);
@@ -4285,7 +4316,7 @@ function tn(n = {}) {
4285
4316
  localStorage.removeItem(Le);
4286
4317
  break;
4287
4318
  }
4288
- }, [r, o, t, a]), F = se(
4319
+ }, [r, o, t, a]), F = ie(
4289
4320
  (u) => {
4290
4321
  switch (r) {
4291
4322
  case "url": {
@@ -4302,13 +4333,13 @@ function tn(n = {}) {
4302
4333
  }
4303
4334
  },
4304
4335
  [r, o, t, a]
4305
- ), E = se(
4336
+ ), E = ie(
4306
4337
  (u) => {
4307
4338
  const k = c[u] || c.default;
4308
4339
  i(k);
4309
4340
  },
4310
4341
  [i, c]
4311
- ), A = se(() => I ? f ? p === ae.TENANT_ADMIN ? c.tenantAdmin : c.tenantUser : c.tenantGuest : f ? p === ae.TENANT_ADMIN ? c.publicAdmin : c.publicUser : c.publicGuest, [I, f, p, c]);
4342
+ ), A = ie(() => I ? h ? p === ae.TENANT_ADMIN ? c.tenantAdmin : c.tenantUser : c.tenantGuest : h ? p === ae.TENANT_ADMIN ? c.publicAdmin : c.publicUser : c.publicGuest, [I, h, p, c]);
4312
4343
  return {
4313
4344
  returnToUrl: x,
4314
4345
  clearReturnTo: R,
@@ -4352,14 +4383,14 @@ export {
4352
4383
  Fr as PublicZone,
4353
4384
  _e as RoleApiService,
4354
4385
  Ar as RoutingProvider,
4355
- ie as SessionExpiredError,
4356
- we as SessionManager,
4386
+ se as SessionExpiredError,
4387
+ Se as SessionManager,
4357
4388
  Wr as SignupForm,
4358
4389
  Mt as SubscriptionApiService,
4359
4390
  Or as SubscriptionGuard,
4360
4391
  Yr as SubscriptionPlanApiService,
4361
4392
  xr as SubscriptionProvider,
4362
- be as TenantApiService,
4393
+ ve as TenantApiService,
4363
4394
  Hr as TenantAuthenticatedZone,
4364
4395
  qr as TenantGuestZone,
4365
4396
  Br as TenantOpenZone,
@@ -4375,7 +4406,7 @@ export {
4375
4406
  de as ZoneRoute,
4376
4407
  rn as buildRedirectUrl,
4377
4408
  wr as useApi,
4378
- ve as useApp,
4409
+ ke as useApp,
4379
4410
  Kr as useAppLoaderState,
4380
4411
  ue as useAuth,
4381
4412
  Et as useFeatureFlags,
@@ -4383,9 +4414,9 @@ export {
4383
4414
  Ft as useRoutingOptional,
4384
4415
  vr as useSettings,
4385
4416
  Lt as useSubscription,
4386
- ge as useTenant,
4387
- me as useTenantInfo,
4388
- xe as useTenantOptional,
4417
+ ye as useTenant,
4418
+ we as useTenantInfo,
4419
+ Pe as useTenantOptional,
4389
4420
  Sr as useTenantSettings,
4390
4421
  tn as useZoneNavigation
4391
4422
  };