npm - @skylabs-digital/react-identity-access - Versions diffs - 3.2.1 → 3.2.2 - Mend

@skylabs-digital/react-identity-access 3.2.1 → 3.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index.es.js +355 -339
package/dist/index.es.js.map +1 -1
package/dist/index.js +2 -2
package/dist/index.js.map +1 -1
package/dist/providers/AuthProvider.d.ts.map +1 -1
package/dist/services/AuthApiService.d.ts +2 -1
package/dist/services/AuthApiService.d.ts.map +1 -1
package/package.json +1 -1

package/dist/index.es.js CHANGED Viewed

@@ -1,6 +1,6 @@
-import { jsx as s, Fragment as B, jsxs as f } from "react/jsx-runtime";
-import me, { createContext as fe, useState as N, useRef as Ee, useCallback as te, useMemo as V, useEffect as re, useContext as ne } from "react";
-import { useLocation as xe, Navigate as be, useNavigate as wt, useSearchParams as vt } from "react-router-dom";
+import { jsx as s, Fragment as U, jsxs as f } from "react/jsx-runtime";
+import me, { createContext as fe, useState as N, useRef as ye, useCallback as te, useMemo as V, useEffect as re, useContext as ne } from "react";
+import { useLocation as xe, Navigate as we, useNavigate as vt, useSearchParams as Tt } from "react-router-dom";
 class he {
   constructor(e, t = 1e4) {
     this.baseUrl = e.replace(/\/$/, ""), this.timeout = t;
@@ -98,10 +98,10 @@ class Je {
     return (await this.httpService.get(`/apps/${e}/export-config`)).data;
   }
 }
-const $e = fe(null), Tt = 5 * 60 * 1e3;
-function Sr({ config: r, children: e }) {
+const $e = fe(null), St = 5 * 60 * 1e3;
+function kr({ config: r, children: e }) {
   var k, m, g;
-  const { appId: t, baseUrl: n } = r, i = (((k = r.cache) == null ? void 0 : k.enabled) ?? !0) && !!t, a = ((m = r.cache) == null ? void 0 : m.ttl) ?? Tt, l = ((g = r.cache) == null ? void 0 : g.storageKey) ?? (t ? `app_cache_${t}` : ""), [d, T] = N(() => {
+  const { appId: t, baseUrl: n } = r, i = (((k = r.cache) == null ? void 0 : k.enabled) ?? !0) && !!t, a = ((m = r.cache) == null ? void 0 : m.ttl) ?? St, l = ((g = r.cache) == null ? void 0 : g.storageKey) ?? (t ? `app_cache_${t}` : ""), [d, T] = N(() => {
     if (!i) return null;
     try {
       const b = localStorage.getItem(l);
@@ -111,7 +111,7 @@ function Sr({ config: r, children: e }) {
     } catch {
       return null;
     }
-  }), [A, c] = N(!!t && !d), [S, h] = N(null), x = Ee(d);
+  }), [A, c] = N(!!t && !d), [S, h] = N(null), x = ye(d);
   x.current = d;
   const P = te(
     async (b = !1) => {
@@ -182,7 +182,7 @@ function Ae() {
 function Ue() {
   return ne($e);
 }
-const kr = Ae;
+const Er = Ae;
 class ee extends Error {
   constructor(e, t) {
     const n = {
@@ -193,12 +193,12 @@ class ee extends Error {
     super(t || n[e]), this.name = "SessionExpiredError", this.reason = e;
   }
 }
-class St extends Error {
+class kt extends Error {
   constructor(e) {
     super(`Token refresh timed out after ${e}ms`), this.name = "TokenRefreshTimeoutError", this.timeoutMs = e;
   }
 }
-class kt extends Error {
+class Et extends Error {
   constructor(e, t) {
     super(
       `Token refresh failed after ${e} attempts: ${(t == null ? void 0 : t.message) || "Unknown error"}`
@@ -207,10 +207,10 @@ class kt extends Error {
 }
 class oe extends Error {
   constructor(e, t, n) {
-    super(`Invalid configuration "${e}": ${n} (received: ${Et(t)})`), this.name = "ConfigurationError", this.field = e, this.received = t;
+    super(`Invalid configuration "${e}": ${n} (received: ${xt(t)})`), this.name = "ConfigurationError", this.field = e, this.received = t;
   }
 }
-function Et(r) {
+function xt(r) {
   if (r === void 0) return "undefined";
   try {
     const e = JSON.stringify(r);
@@ -235,19 +235,19 @@ function Ke(r) {
   const e = Re(r), t = e == null ? void 0 : e.payload.exp;
   return typeof t == "number" ? t * 1e3 : void 0;
 }
-function xt(r, e) {
+function At(r, e) {
   var n;
   const t = (n = Re(r)) == null ? void 0 : n.payload[e];
   return typeof t == "string" ? t : void 0;
 }
-const At = /^(javascript|data|vbscript|file):/i, Rt = /^https?:\/\//i;
-function Pt(r, e = "baseUrl") {
+const Rt = /^(javascript|data|vbscript|file):/i, Pt = /^https?:\/\//i;
+function It(r, e = "baseUrl") {
   if (!(r == null || r === "")) {
     if (typeof r != "string")
       throw new oe(e, r, "must be a string");
-    if (At.test(r))
+    if (Rt.test(r))
       throw new oe(e, r, "dangerous URL scheme is not allowed");
-    if (!Rt.test(r))
+    if (!Pt.test(r))
       throw new oe(e, r, "must start with http:// or https://");
   }
 }
@@ -265,7 +265,7 @@ function Ye(r, e) {
   if (e !== void 0 && typeof e != "boolean")
     throw new oe(r, e, "must be a boolean");
 }
-function It(r, e = "accessToken") {
+function Lt(r, e = "accessToken") {
   if (typeof r != "string" || r.length === 0)
     throw new oe(e, r, "must be a non-empty string");
   if (!r.includes(".")) return;
@@ -283,11 +283,11 @@ function It(r, e = "accessToken") {
       "JWT header or payload is not valid base64url-encoded JSON"
     );
 }
-function Lt(r) {
+function Ft(r) {
   if (r !== void 0 && (typeof r != "number" || !Number.isFinite(r) || r <= 0))
     throw new oe("expiresIn", r, "must be a finite positive number (seconds)");
 }
-function Ft(r) {
+function Nt(r) {
   if (r !== void 0 && (typeof r != "number" || !Number.isFinite(r) || r <= 0))
     throw new oe(
       "expiresAt",
@@ -321,7 +321,7 @@ const ie = class ie {
     return e.storageKey || "auth_tokens";
   }
   static validateConfig(e) {
-    Pt(e.baseUrl), Ye("enableCookieSession", e.enableCookieSession), Ye("autoRefresh", e.autoRefresh), ge("refreshThreshold", e.refreshThreshold, { min: 0 }), ge("proactiveRefreshMargin", e.proactiveRefreshMargin, { min: 0 }), ge("refreshQueueTimeout", e.refreshQueueTimeout, { min: 1 }), ge("maxRefreshRetries", e.maxRefreshRetries, { min: 0 }), ge("retryBackoffBase", e.retryBackoffBase, { min: 1 });
+    It(e.baseUrl), Ye("enableCookieSession", e.enableCookieSession), Ye("autoRefresh", e.autoRefresh), ge("refreshThreshold", e.refreshThreshold, { min: 0 }), ge("proactiveRefreshMargin", e.proactiveRefreshMargin, { min: 0 }), ge("refreshQueueTimeout", e.refreshQueueTimeout, { min: 1 }), ge("maxRefreshRetries", e.maxRefreshRetries, { min: 0 }), ge("retryBackoffBase", e.retryBackoffBase, { min: 1 });
   }
   /** Update mutable config (callbacks, baseUrl) on an existing instance. */
   updateConfig(e) {
@@ -390,9 +390,9 @@ const ie = class ie {
   }
   // --- Token CRUD ---
   setTokens(e) {
-    if (It(e.accessToken, "accessToken"), e.refreshToken !== void 0 && typeof e.refreshToken != "string")
+    if (Lt(e.accessToken, "accessToken"), e.refreshToken !== void 0 && typeof e.refreshToken != "string")
       throw new oe("refreshToken", e.refreshToken, "must be a string");
-    Lt(e.expiresIn), Ft(e.expiresAt);
+    Ft(e.expiresIn), Nt(e.expiresAt);
     const t = e.expiresAt || (e.expiresIn ? Date.now() + e.expiresIn * 1e3 : void 0) || Ke(e.accessToken), n = {
       ...e,
       expiresAt: t
@@ -570,7 +570,7 @@ const ie = class ie {
     return new Promise((e, t) => {
       const n = setTimeout(() => {
         const i = this.refreshQueue.findIndex((a) => a.timeoutId === n);
-        i !== -1 && this.refreshQueue.splice(i, 1), t(new St(this.refreshQueueTimeout));
+        i !== -1 && this.refreshQueue.splice(i, 1), t(new kt(this.refreshQueueTimeout));
       }, this.refreshQueueTimeout);
       this.refreshQueue.push({ resolve: e, reject: t, timeoutId: n });
     });
@@ -620,7 +620,7 @@ const ie = class ie {
         }
       }
     }
-    throw new kt(this.maxRefreshRetries + 1, t);
+    throw new Et(this.maxRefreshRetries + 1, t);
   }
   /**
    * Single refresh attempt with error classification.
@@ -639,7 +639,7 @@ const ie = class ie {
     const n = this.getTokens();
     if (n != null && n.accessToken && !this.isTokenExpired(n) && !this.shouldRefreshToken(n))
       return;
-    const i = (n == null ? void 0 : n.refreshToken) || e, a = `${this.baseUrl}/auth/refresh`, l = xt(i, "deviceId"), d = { refreshToken: i };
+    const i = (n == null ? void 0 : n.refreshToken) || e, a = `${this.baseUrl}/auth/refresh`, l = At(i, "deviceId"), d = { refreshToken: i };
     l && (d.deviceId = l);
     let T;
     try {
@@ -729,9 +729,9 @@ const ie = class ie {
 };
 ie.instances = /* @__PURE__ */ new Map(), ie.MAX_BACKGROUND_FAILURES = 3;
 let Me = ie;
-class Nt {
+class Ct {
   constructor(e) {
-    this.httpService = e, this.pendingVerifications = /* @__PURE__ */ new Map(), this.pendingMagicLinks = /* @__PURE__ */ new Map();
+    this.httpService = e, this.verificationCache = /* @__PURE__ */ new Map(), this.VERIFY_CACHE_TTL_MS = 6e4, this.pendingMagicLinks = /* @__PURE__ */ new Map();
   }
   // Public endpoints - no auth required.
   // Must pass `{ skipAuth: true }` so HttpService does NOT call
@@ -780,12 +780,24 @@ class Nt {
     return this.pendingMagicLinks.set(t, i), i;
   }
   async verifyMagicLink(e) {
-    const t = e.token, n = this.pendingVerifications.get(t);
-    if (n) return n;
-    const i = this.httpService.post("/auth/magic-link/verify", e, { skipAuth: !0 }).finally(() => {
-      this.pendingVerifications.delete(t);
-    });
-    return this.pendingVerifications.set(t, i), i;
+    const t = e.token, n = this.verificationCache.get(t);
+    if (n) return n.promise;
+    const i = this.httpService.post(
+      "/auth/magic-link/verify",
+      e,
+      { skipAuth: !0 }
+    ), a = { promise: i };
+    return this.verificationCache.set(t, a), i.then(
+      () => {
+        a.timer = setTimeout(
+          () => this.verificationCache.delete(t),
+          this.VERIFY_CACHE_TTL_MS
+        );
+      },
+      () => {
+        this.verificationCache.delete(t);
+      }
+    ), i;
   }
   async confirmPasswordReset(e) {
     await this.httpService.post("/auth/password-reset/confirm", e, { skipAuth: !0 });
@@ -794,7 +806,7 @@ class Nt {
     await this.httpService.post("/auth/change-password", e);
   }
 }
-class Ct {
+class Dt {
   constructor(e) {
     this.httpService = e;
   }
@@ -830,7 +842,7 @@ class Ct {
     return { roles: n.data, meta: n.meta };
   }
 }
-class Dt {
+class Mt {
   constructor(e) {
     this.httpService = e;
   }
@@ -853,7 +865,7 @@ class Dt {
     await this.httpService.delete(`/users/${e}`);
   }
 }
-class ye {
+class be {
   constructor(e, t) {
     this.httpService = e, this.appId = t;
   }
@@ -897,7 +909,7 @@ class ye {
     )).data;
   }
 }
-function Mt(r, e) {
+function $t(r, e) {
   if (r === "localhost" || r.startsWith("127.") || r.startsWith("192.168."))
     return null;
   if (e) {
@@ -913,24 +925,24 @@ function Mt(r, e) {
   const n = r.split(".");
   return n.length >= 3 && n[0] !== "www" ? n[0] : null;
 }
-function $t(r, e = "tenant", t) {
+function Ut(r, e = "tenant", t) {
   const i = new URLSearchParams(r).get(e);
   return i ? (t && t.setItem("tenant", i), i) : t ? t.getItem("tenant") : null;
 }
-function Ut(r, e, t) {
+function Bt(r, e, t) {
   const { tenantMode: n, baseDomain: i, selectorParam: a, fixedTenantSlug: l } = r;
-  return n === "fixed" ? l || null : n === "subdomain" ? Mt(e.hostname, i) : n === "selector" ? $t(e.search, a, t) : null;
+  return n === "fixed" ? l || null : n === "subdomain" ? $t(e.hostname, i) : n === "selector" ? Ut(e.search, a, t) : null;
 }
-function Bt(r, e, t) {
+function _t(r, e, t) {
   if (t)
     return `${r}.${t}`;
   const n = e.split(".");
   return n.length === 2 ? `${r}.${e}` : n.length >= 3 ? (n[0] = r, n.join(".")) : null;
 }
 const Be = fe(null);
-function Er({ config: r, children: e }) {
+function xr({ config: r, children: e }) {
   var j, Z, $;
-  const { baseUrl: t, appInfo: n, appId: i } = Ae(), a = te(() => typeof window > "u" ? null : Ut(
+  const { baseUrl: t, appInfo: n, appId: i } = Ae(), a = te(() => typeof window > "u" ? null : Bt(
     {
       tenantMode: r.tenantMode || "selector",
       baseDomain: r.baseDomain,
@@ -949,9 +961,9 @@ function Er({ config: r, children: e }) {
     if (r.initialTenant) return r.initialTenant;
     if (!S.enabled || !l) return null;
     try {
-      const U = localStorage.getItem(S.storageKey);
-      if (!U) return null;
-      const L = JSON.parse(U);
+      const B = localStorage.getItem(S.storageKey);
+      if (!B) return null;
+      const L = JSON.parse(B);
       return Date.now() - L.timestamp < S.ttl && L.tenantSlug === l ? L.data : (localStorage.removeItem(S.storageKey), null);
     } catch {
       return null;
@@ -959,21 +971,21 @@ function Er({ config: r, children: e }) {
   }), [P, I] = N(!h && !r.initialTenant), [R, k] = N(null), [m, g] = N(null), [b, C] = N(!1), [o, p] = N(null);
   re(() => {
     if (r.tenantMode === "fixed") return;
-    const U = a();
-    d(U);
+    const B = a();
+    d(B);
   }, [a, r.tenantMode]);
   const E = (n == null ? void 0 : n.settingsSchema) || null, y = te(
-    async (U, L = !1) => {
-      if (!(!L && S.enabled && h && h.subdomain === U))
+    async (B, L = !1) => {
+      if (!(!L && S.enabled && h && h.subdomain === B))
         try {
           I(!0), k(null);
-          const q = new he(t), W = await new ye(q, i).getPublicTenantInfo(U);
+          const q = new he(t), W = await new be(q, i).getPublicTenantInfo(B);
           if (x(W), S.enabled)
             try {
               const K = {
                 data: W,
                 timestamp: Date.now(),
-                tenantSlug: U
+                tenantSlug: B
               };
               localStorage.setItem(S.storageKey, JSON.stringify(K));
             } catch (K) {
@@ -990,11 +1002,11 @@ function Er({ config: r, children: e }) {
   ), u = te(async () => {
     if (!(!S.enabled || !h || !l))
       try {
-        const U = localStorage.getItem(S.storageKey);
-        if (!U) return;
-        const L = JSON.parse(U);
+        const B = localStorage.getItem(S.storageKey);
+        if (!B) return;
+        const L = JSON.parse(B);
         if (Date.now() - L.timestamp > S.ttl * 0.5) {
-          const _ = new he(t), K = await new ye(_, i).getPublicTenantInfo(l);
+          const _ = new he(t), K = await new be(_, i).getPublicTenantInfo(l);
           x(K);
           const Y = {
             data: K,
@@ -1003,17 +1015,17 @@ function Er({ config: r, children: e }) {
           };
           localStorage.setItem(S.storageKey, JSON.stringify(Y));
         }
-      } catch (U) {
-        process.env.NODE_ENV === "development" && console.warn("[TenantProvider] Background tenant refresh failed:", U);
+      } catch (B) {
+        process.env.NODE_ENV === "development" && console.warn("[TenantProvider] Background tenant refresh failed:", B);
       }
   }, [t, i, S, h, l]), v = te(async () => {
     if (h != null && h.id)
       try {
         C(!0), p(null);
-        const U = new he(t), q = await new ye(U, h.appId).getTenantSettings(h.id);
+        const B = new he(t), q = await new be(B, h.appId).getTenantSettings(h.id);
         g(q);
-      } catch (U) {
-        const L = U instanceof Error ? U : new Error("Failed to load tenant settings");
+      } catch (B) {
+        const L = B instanceof Error ? B : new Error("Failed to load tenant settings");
         p(L), g(null);
       } finally {
         C(!1);
@@ -1021,14 +1033,14 @@ function Er({ config: r, children: e }) {
   }, [t, h]), D = te(() => {
     v();
   }, [v]), se = te(
-    (U) => {
+    (B) => {
       if (!E)
         return { isValid: !0, errors: [] };
       const L = [];
       try {
         return E.properties && Object.entries(E.properties).forEach(([q, _]) => {
           var K;
-          const W = U[q];
+          const W = B[q];
           if ((K = E.required) != null && K.includes(q) && W == null) {
             L.push(`Field '${q}' is required`);
             return;
@@ -1063,7 +1075,7 @@ function Er({ config: r, children: e }) {
     h != null && h.id ? v() : (g(null), p(null), C(!1));
   }, [h == null ? void 0 : h.id, v]);
   const F = te(
-    (U, L) => {
+    (B, L) => {
       const { mode: q = "reload", redirectPath: _ } = L || {}, W = r.tenantMode || "selector";
       if (W === "fixed") {
         process.env.NODE_ENV === "development" && console.warn(
@@ -1072,9 +1084,9 @@ function Er({ config: r, children: e }) {
         ), _ && (window.location.href = _);
         return;
       }
-      if (localStorage.setItem("tenant", U), W === "subdomain") {
-        const K = window.location.hostname, Y = Bt(
-          U,
+      if (localStorage.setItem("tenant", B), W === "subdomain") {
+        const K = window.location.hostname, Y = _t(
+          B,
           K,
           r.baseDomain
         );
@@ -1085,18 +1097,18 @@ function Er({ config: r, children: e }) {
           );
           return;
         }
-        const le = _ || window.location.pathname, Te = new URL(`${window.location.protocol}//${Y}${le}`);
+        const le = _ || window.location.pathname, Se = new URL(`${window.location.protocol}//${Y}${le}`);
         new URLSearchParams(window.location.search).forEach((Fe, Ne) => {
-          Te.searchParams.set(Ne, Fe);
-        }), window.location.href = Te.toString();
+          Se.searchParams.set(Ne, Fe);
+        }), window.location.href = Se.toString();
       } else if (W === "selector") {
         const K = _ || window.location.pathname, Y = new URLSearchParams(window.location.search);
-        if (Y.set(r.selectorParam || "tenant", U), q === "reload") {
+        if (Y.set(r.selectorParam || "tenant", B), q === "reload") {
           const le = `${K}?${Y.toString()}${window.location.hash}`;
           window.location.href = le;
         } else {
           const le = `${K}?${Y.toString()}${window.location.hash}`;
-          window.history.pushState({}, "", le), d(U), y(U);
+          window.history.pushState({}, "", le), d(B), y(B);
         }
       }
     },
@@ -1135,7 +1147,7 @@ function Er({ config: r, children: e }) {
   ]);
   return /* @__PURE__ */ s(Be.Provider, { value: H, children: e });
 }
-function ve() {
+function Te() {
   const r = ne(Be);
   if (!r)
     throw new Error("useTenant must be used within a TenantProvider");
@@ -1144,9 +1156,9 @@ function ve() {
 function pe() {
   return ne(Be);
 }
-const xr = ve;
-function Ar() {
-  const { settings: r, settingsSchema: e, isSettingsLoading: t, settingsError: n, validateSettings: i } = ve();
+const Ar = Te;
+function Rr() {
+  const { settings: r, settingsSchema: e, isSettingsLoading: t, settingsError: n, validateSettings: i } = Te();
   return {
     settings: r,
     settingsSchema: e,
@@ -1156,7 +1168,7 @@ function Ar() {
   };
 }
 function ot() {
-  const { tenant: r, tenantSlug: e, isTenantLoading: t, tenantError: n, retryTenant: i } = ve();
+  const { tenant: r, tenantSlug: e, isTenantLoading: t, tenantError: n, retryTenant: i } = Te();
   return {
     tenant: r,
     tenantSlug: e,
@@ -1166,7 +1178,7 @@ function ot() {
   };
 }
 const _e = "userTenants";
-function _t() {
+function Ot() {
   try {
     const r = localStorage.getItem(_e);
     return r ? JSON.parse(r) : [];
@@ -1187,14 +1199,14 @@ function et() {
   }
 }
 const Pe = fe(null), Ie = fe(null);
-function Rr({ config: r = {}, children: e }) {
+function Pr({ config: r = {}, children: e }) {
   const t = Ue(), n = pe(), i = (t == null ? void 0 : t.baseUrl) ?? r.baseUrl ?? "", a = (t == null ? void 0 : t.appId) ?? r.appId, l = (n == null ? void 0 : n.tenant) ?? null, d = (n == null ? void 0 : n.tenantSlug) ?? null, T = (n == null ? void 0 : n.switchTenant) ?? (() => {
   });
   if (!i)
     throw new Error(
       "[AuthProvider] baseUrl is required. Provide it via AppProvider or AuthConfig.baseUrl."
     );
-  const [A, c] = N(r.initialRoles || []), [S, h] = N(!r.initialRoles), [x, P] = N(null), [I, R] = N(!1), [k, m] = N(null), [g, b] = N(() => _t()), C = Ee({ done: !1 });
+  const [A, c] = N(r.initialRoles || []), [S, h] = N(!r.initialRoles), [x, P] = N(null), [I, R] = N(!1), [k, m] = N(null), [g, b] = N(() => Ot()), C = ye({ done: !1 });
   C.current.done || (C.current.done = !0);
   const o = V(() => Me.getInstance({
     baseUrl: i,
@@ -1216,18 +1228,18 @@ function Rr({ config: r = {}, children: e }) {
     const w = new he(i);
     return w.setSessionManager(o), w;
   }, [i, o]), v = V(
-    () => new Nt(u),
+    () => new Ct(u),
     [u]
   ), D = V(
-    () => new Dt(u),
+    () => new Mt(u),
     [u]
   ), se = V(
-    () => new Ct(u),
+    () => new Dt(u),
     [u]
   ), F = V(() => x != null && x.roleId && A.find((w) => w.id === x.roleId) || null, [x, A]), H = V(() => (F == null ? void 0 : F.permissions) || [], [F]), j = V(
     () => o.hasValidSession() && x !== null,
     [o, x]
-  ), Z = V(() => (x == null ? void 0 : x.tenantId) != null, [x]), $ = Ee(null), U = async (w = !1) => {
+  ), Z = V(() => (x == null ? void 0 : x.tenantId) != null, [x]), $ = ye(null), B = ye(/* @__PURE__ */ new Set()), L = async (w = !1) => {
     try {
       if (!o.hasValidSession() || !w && x) return;
       const M = o.getUserId();
@@ -1244,17 +1256,17 @@ function Rr({ config: r = {}, children: e }) {
     } finally {
       R(!1);
     }
-  }, L = async (w) => {
+  }, q = async (w) => {
     var He;
-    const { username: M, password: z, tenantSlug: O, redirectPath: Q } = w;
-    let X = l == null ? void 0 : l.id, J = d;
-    O && (X = (await new ye(u, a).getPublicTenantInfo(O)).id, J = O);
+    const { username: M, password: z, tenantSlug: O, redirectPath: J } = w;
+    let X = l == null ? void 0 : l.id, Q = d;
+    O && (X = (await new be(u, a).getPublicTenantInfo(O)).id, Q = O);
     const G = await v.login({
       username: M,
       password: z,
       appId: a,
       tenantId: X
-    }), Se = O && O !== d;
+    }), ke = O && O !== d;
     if (o.setTokens({
       accessToken: G.accessToken,
       refreshToken: G.refreshToken,
@@ -1262,100 +1274,104 @@ function Rr({ config: r = {}, children: e }) {
     }), G.user) {
       o.setUser(G.user), P(G.user);
       try {
-        await U();
-      } catch (ke) {
-        process.env.NODE_ENV === "development" && console.warn("[AuthProvider] Failed to load complete user data after login:", ke);
+        await L();
+      } catch (Ee) {
+        process.env.NODE_ENV === "development" && console.warn("[AuthProvider] Failed to load complete user data after login:", Ee);
       }
     }
     G.tenants && G.tenants.length > 0 && (b(G.tenants), Xe(G.tenants));
     const Ge = ((He = G.user) == null ? void 0 : He.tenantId) !== null;
-    if (Se && J)
-      return T(J, { redirectPath: Q }), G;
-    if (Q && Q !== window.location.pathname)
-      return T(J || d || "", { redirectPath: Q }), G;
+    if (ke && Q)
+      return T(Q, { redirectPath: J }), G;
+    if (J && J !== window.location.pathname)
+      return T(Q || d || "", { redirectPath: J }), G;
     if (!Ge && G.tenants && G.tenants.length > 0) {
-      const ke = w.autoSwitch !== !1 && r.autoSwitchSingleTenant !== !1;
-      if (G.tenants.length === 1 && ke) {
+      const Ee = w.autoSwitch !== !1 && r.autoSwitchSingleTenant !== !1;
+      if (G.tenants.length === 1 && Ee) {
         const Qe = G.tenants[0];
-        return T(Qe.subdomain, { redirectPath: Q }), G;
+        return T(Qe.subdomain, { redirectPath: J }), G;
       } else G.tenants.length > 1 && r.onTenantSelectionRequired && r.onTenantSelectionRequired(G.tenants);
     }
     return G;
-  }, q = async (w) => {
-    const { email: M, phoneNumber: z, name: O, password: Q, lastName: X, tenantId: J } = w;
+  }, _ = async (w) => {
+    const { email: M, phoneNumber: z, name: O, password: J, lastName: X, tenantId: Q } = w;
     if (!M && !z)
       throw new Error("Either email or phoneNumber is required");
-    if (!O || !Q)
+    if (!O || !J)
       throw new Error("Name and password are required");
     return v.signup({
       email: M,
       phoneNumber: z,
       name: O,
-      password: Q,
-      tenantId: J ?? (l == null ? void 0 : l.id),
+      password: J,
+      tenantId: Q ?? (l == null ? void 0 : l.id),
       lastName: X,
       appId: a
     });
-  }, _ = async (w) => {
-    const { email: M, phoneNumber: z, name: O, password: Q, tenantName: X, lastName: J } = w;
+  }, W = async (w) => {
+    const { email: M, phoneNumber: z, name: O, password: J, tenantName: X, lastName: Q } = w;
     if (!M && !z)
       throw new Error("Either email or phoneNumber is required");
-    if (!O || !Q || !X)
+    if (!O || !J || !X)
       throw new Error("Name, password, and tenantName are required");
     return v.signupTenantAdmin({
       email: M,
       phoneNumber: z,
       name: O,
-      password: Q,
+      password: J,
       tenantName: X,
       appId: a,
-      lastName: J
+      lastName: Q
     });
-  }, W = async (w) => {
-    await v.changePassword(w);
   }, K = async (w) => {
+    await v.changePassword(w);
+  }, Y = async (w) => {
     const { email: M, tenantId: z } = w, O = z ?? (l == null ? void 0 : l.id);
     if (!O)
       throw new Error("tenantId is required for password reset");
     await v.requestPasswordReset({ email: M, tenantId: O });
-  }, Y = async (w) => {
-    await v.confirmPasswordReset(w);
   }, le = async (w) => {
-    const { email: M, frontendUrl: z, name: O, lastName: Q, tenantId: X } = w, J = X ?? (l == null ? void 0 : l.id);
-    if (!J)
+    await v.confirmPasswordReset(w);
+  }, Se = async (w) => {
+    const { email: M, frontendUrl: z, name: O, lastName: J, tenantId: X } = w, Q = X ?? (l == null ? void 0 : l.id);
+    if (!Q)
       throw new Error("tenantId is required for magic link authentication");
     return v.sendMagicLink({
       email: M,
-      tenantId: J,
+      tenantId: Q,
       frontendUrl: z,
       name: O,
-      lastName: Q,
+      lastName: J,
       appId: a
     });
-  }, Te = async (w) => {
+  }, We = async (w) => {
     const { token: M, email: z, tenantSlug: O } = w;
-    let Q = l == null ? void 0 : l.id, X = d;
-    O && (Q = (await new ye(u, a).getPublicTenantInfo(O)).id, X = O);
-    const J = await v.verifyMagicLink({
+    let J = l == null ? void 0 : l.id, X = d;
+    O && (J = (await new be(u, a).getPublicTenantInfo(O)).id, X = O);
+    const Q = await v.verifyMagicLink({
       token: M,
       email: z,
       appId: a,
-      tenantId: Q
-    }), G = O && O !== d;
+      tenantId: J
+    });
+    if (B.current.has(M))
+      return Q;
+    B.current.add(M);
+    const G = O && O !== d;
     if (o.setTokens({
-      accessToken: J.accessToken,
-      refreshToken: J.refreshToken,
-      expiresIn: J.expiresIn
-    }), J.user) {
-      o.setUser(J.user), P(J.user);
+      accessToken: Q.accessToken,
+      refreshToken: Q.refreshToken,
+      expiresIn: Q.expiresIn
+    }), Q.user) {
+      o.setUser(Q.user), P(Q.user);
       try {
-        await U();
-      } catch (Se) {
-        process.env.NODE_ENV === "development" && console.warn("[AuthProvider] Failed to load complete user data after magic link:", Se);
+        await L();
+      } catch (ke) {
+        process.env.NODE_ENV === "development" && console.warn("[AuthProvider] Failed to load complete user data after magic link:", ke);
       }
     }
-    return G && X && X !== d && T(X), J;
-  }, We = async () => {
+    return G && X && X !== d && T(X), Q;
+  }, Fe = async () => {
     const w = o.getTokens();
     if (!(w != null && w.refreshToken))
       throw new Error("No refresh token available");
@@ -1367,13 +1383,13 @@ function Rr({ config: r = {}, children: e }) {
       refreshToken: M.refreshToken || w.refreshToken,
       expiresIn: M.expiresIn
     });
-  }, Fe = () => {
+  }, Ne = () => {
     o.clearSession(), P(null), m(null), b([]), et();
-  }, Ne = (w) => {
+  }, ht = (w) => {
     o.setTokens(w);
-  }, ht = () => o.hasValidSession(), pt = () => {
+  }, pt = () => o.hasValidSession(), ft = () => {
     o.clearSession(), P(null), m(null);
-  }, ft = async () => {
+  }, mt = async () => {
     if (a)
       try {
         h(!0);
@@ -1384,46 +1400,46 @@ function Rr({ config: r = {}, children: e }) {
       } finally {
         h(!1);
       }
-  }, mt = async (w, M) => {
+  }, gt = async (w, M) => {
     const { redirectPath: z } = M || {}, O = o.getTokens();
     if (!(O != null && O.refreshToken))
       throw new Error("No refresh token available for tenant switch");
-    const Q = await v.switchTenant({
+    const J = await v.switchTenant({
       refreshToken: O.refreshToken,
       tenantId: w
     });
     o.setTokens({
-      accessToken: Q.accessToken,
+      accessToken: J.accessToken,
       refreshToken: O.refreshToken,
-      expiresIn: Q.expiresIn
-    }), P(Q.user), o.setUser(Q.user);
-    const X = g.find((J) => J.id === w);
+      expiresIn: J.expiresIn
+    }), P(J.user), o.setUser(J.user);
+    const X = g.find((Q) => Q.id === w);
     X && T(X.subdomain, { redirectPath: z });
-  }, gt = async () => {
+  }, yt = async () => {
     const w = await v.getUserTenants();
     return b(w), Xe(w), w;
   };
   $.current = {
-    login: L,
-    signup: q,
-    signupTenantAdmin: _,
-    sendMagicLink: le,
-    verifyMagicLink: Te,
-    changePassword: W,
-    requestPasswordReset: K,
-    confirmPasswordReset: Y,
-    refreshToken: We,
-    logout: Fe,
-    setTokens: Ne,
-    hasValidSession: ht,
-    clearSession: pt,
-    loadUserData: U,
-    refreshUser: () => U(),
-    refreshRoles: ft,
-    switchToTenant: mt,
-    refreshUserTenants: gt
+    login: q,
+    signup: _,
+    signupTenantAdmin: W,
+    sendMagicLink: Se,
+    verifyMagicLink: We,
+    changePassword: K,
+    requestPasswordReset: Y,
+    confirmPasswordReset: le,
+    refreshToken: Fe,
+    logout: Ne,
+    setTokens: ht,
+    hasValidSession: pt,
+    clearSession: ft,
+    loadUserData: L,
+    refreshUser: () => L(),
+    refreshRoles: mt,
+    switchToTenant: gt,
+    refreshUserTenants: yt
   };
-  const yt = V(
+  const bt = V(
     () => ({
       login: (w) => $.current.login(w),
       signup: (w) => $.current.signup(w),
@@ -1445,7 +1461,7 @@ function Rr({ config: r = {}, children: e }) {
       refreshUserTenants: () => $.current.refreshUserTenants()
     }),
     []
-  ), bt = V(() => {
+  ), wt = V(() => {
     const w = (M) => !H || H.length === 0 ? !1 : typeof M == "string" ? H.includes(M) : H.includes(`${M.resource}.${M.action}`);
     return {
       isAuthenticated: j,
@@ -1510,15 +1526,15 @@ function Rr({ config: r = {}, children: e }) {
     }).finally(() => {
       E(!1);
     }) : E(!1);
-  }, [x, I, k, o]), /* @__PURE__ */ s(Ie.Provider, { value: yt, children: /* @__PURE__ */ s(Pe.Provider, { value: bt, children: e }) });
+  }, [x, I, k, o]), /* @__PURE__ */ s(Ie.Provider, { value: bt, children: /* @__PURE__ */ s(Pe.Provider, { value: wt, children: e }) });
 }
-function Pr() {
+function Ir() {
   const r = ne(Pe);
   if (!r)
     throw new Error("useAuthState must be used within an AuthProvider");
   return r;
 }
-function Ir() {
+function Lr() {
   const r = ne(Ie);
   if (!r)
     throw new Error("useAuthActions must be used within an AuthProvider");
@@ -1534,7 +1550,7 @@ function Oe() {
   const r = ne(Pe), e = ne(Ie);
   return V(() => !r || !e ? null : { ...r, ...e }, [r, e]);
 }
-class Ot {
+class Vt {
   constructor(e) {
     this.httpService = e;
   }
@@ -1582,10 +1598,10 @@ class Ot {
   }
 }
 const Ve = fe(null);
-function Lr({ config: r = {}, children: e }) {
+function Fr({ config: r = {}, children: e }) {
   const t = Ue(), n = pe(), i = (t == null ? void 0 : t.baseUrl) ?? "", a = (t == null ? void 0 : t.appId) ?? "", l = (n == null ? void 0 : n.tenant) ?? null, [d, T] = N([]), [A, c] = N(!1), [S, h] = N(null), [x, P] = N(!1), I = V(() => {
     const m = new he(i);
-    return new Ot(m);
+    return new Vt(m);
   }, [i]), R = async () => {
     if (!(l != null && l.id)) {
       T([]);
@@ -1631,7 +1647,7 @@ function Lr({ config: r = {}, children: e }) {
   }, [d, A, S, i, a, l == null ? void 0 : l.id, x]);
   return /* @__PURE__ */ s(Ve.Provider, { value: k, children: e });
 }
-function Vt() {
+function qt() {
   const r = ne(Ve);
   if (!r)
     throw new Error("useFeatureFlags must be used within a FeatureFlagProvider");
@@ -1640,7 +1656,7 @@ function Vt() {
 function at() {
   return ne(Ve);
 }
-class qt {
+class zt {
   constructor(e) {
     this.httpService = e;
   }
@@ -1681,10 +1697,10 @@ class qt {
   }
 }
 const qe = fe(void 0);
-function Fr({ config: r = {}, children: e }) {
+function Nr({ config: r = {}, children: e }) {
   const t = Ue(), n = pe(), i = (t == null ? void 0 : t.baseUrl) ?? "", a = (n == null ? void 0 : n.tenant) ?? null, [l, d] = N(null), [T, A] = N(!1), [c, S] = N(null), [h, x] = N(!1), P = V(() => {
     const k = new he(i);
-    return new qt(k);
+    return new zt(k);
   }, [i]), I = async () => {
     if (!(a != null && a.id)) {
       d(null);
@@ -1731,7 +1747,7 @@ function Fr({ config: r = {}, children: e }) {
   }, [l, T, c, i, a == null ? void 0 : a.id, h]);
   return /* @__PURE__ */ s(qe.Provider, { value: R, children: e });
 }
-function zt() {
+function jt() {
   const r = ne(qe);
   if (r === void 0)
     throw new Error("useSubscription must be used within a SubscriptionProvider");
@@ -1766,7 +1782,7 @@ const ze = {
   admin: { tenant: "required", auth: "required", userType: ae.TENANT_ADMIN },
   // Fully open
   open: { tenant: "optional", auth: "optional" }
-}, je = fe(null), jt = {
+}, je = fe(null), Wt = {
   zoneRoots: ze,
   presets: ct,
   loadingFallback: null,
@@ -1775,7 +1791,7 @@ const ze = {
   returnToParam: "returnTo",
   returnToStorage: "url"
 };
-function Nr({ config: r = {}, children: e }) {
+function Cr({ config: r = {}, children: e }) {
   const t = V(() => {
     const n = {
       ...ze,
@@ -1796,14 +1812,14 @@ function Nr({ config: r = {}, children: e }) {
   }, [r]);
   return /* @__PURE__ */ s(je.Provider, { value: t, children: e });
 }
-function Cr() {
+function Dr() {
   const r = ne(je);
   if (!r)
     throw new Error("useRouting must be used within a RoutingProvider");
   return r;
 }
-function Wt() {
-  return ne(je) ?? jt;
+function Gt() {
+  return ne(je) ?? Wt;
 }
 const tt = () => /* @__PURE__ */ f(
   "div",
@@ -1864,7 +1880,7 @@ const tt = () => /* @__PURE__ */ f(
     children: [
       /* @__PURE__ */ s("div", { style: { fontSize: "2rem", marginBottom: "10px" }, children: "⚠️" }),
       /* @__PURE__ */ s("h3", { style: { color: "#856404", marginBottom: "10px" }, children: "Insufficient Permissions" }),
-      e && r ? /* @__PURE__ */ f(B, { children: [
+      e && r ? /* @__PURE__ */ f(U, { children: [
         /* @__PURE__ */ f("p", { style: { color: "#856404", fontSize: "14px", marginBottom: "10px" }, children: [
           "This content requires ",
           /* @__PURE__ */ s("strong", { children: e }),
@@ -1874,7 +1890,7 @@ const tt = () => /* @__PURE__ */ f(
           "Your current access level: ",
           /* @__PURE__ */ s("strong", { children: r })
         ] })
-      ] }) : /* @__PURE__ */ f(B, { children: [
+      ] }) : /* @__PURE__ */ f(U, { children: [
         /* @__PURE__ */ s("p", { style: { color: "#856404", fontSize: "14px", marginBottom: "10px" }, children: "You don't have the required permissions to view this content." }),
         t && t.length > 0 && /* @__PURE__ */ f("p", { style: { color: "#6c757d", fontSize: "12px" }, children: [
           "Required permissions: ",
@@ -1883,7 +1899,7 @@ const tt = () => /* @__PURE__ */ f(
       ] })
     ]
   }
-), Gt = (r, e) => {
+), Ht = (r, e) => {
   const t = {
     [ae.USER]: 1,
     [ae.TENANT_ADMIN]: 2,
@@ -1891,7 +1907,7 @@ const tt = () => /* @__PURE__ */ f(
   };
   return t[r] >= t[e];
 };
-function Dr({
+function Mr({
   children: r,
   fallback: e,
   minUserType: t,
@@ -1900,19 +1916,19 @@ function Dr({
 }) {
   const { hasValidSession: a, sessionManager: l, hasPermission: d, hasAnyPermission: T, hasAllPermissions: A } = de();
   if (!a())
-    return /* @__PURE__ */ s(B, { children: e || /* @__PURE__ */ s(tt, {}) });
+    return /* @__PURE__ */ s(U, { children: e || /* @__PURE__ */ s(tt, {}) });
   const c = l.getUser();
   if (!c)
-    return /* @__PURE__ */ s(B, { children: e || /* @__PURE__ */ s(tt, {}) });
-  if (t && !Gt(c.userType, t))
+    return /* @__PURE__ */ s(U, { children: e || /* @__PURE__ */ s(tt, {}) });
+  if (t && !Ht(c.userType, t))
     return /* @__PURE__ */ s(rt, { userType: c.userType, minUserType: t });
   if (n && n.length > 0 && !(i ? A(n) : T(n))) {
     const h = n.filter((x) => !d(x)).map((x) => typeof x == "string" ? x : x.name);
     return /* @__PURE__ */ s(rt, { missingPermissions: h });
   }
-  return /* @__PURE__ */ s(B, { children: r });
+  return /* @__PURE__ */ s(U, { children: r });
 }
-const Ht = ({ redirectPath: r }) => /* @__PURE__ */ s(
+const Qt = ({ redirectPath: r }) => /* @__PURE__ */ s(
   "div",
   {
     style: {
@@ -1978,7 +1994,7 @@ const Ht = ({ redirectPath: r }) => /* @__PURE__ */ s(
         children: [
           /* @__PURE__ */ s("div", { style: { fontSize: "3rem", marginBottom: "1rem" }, children: "⚠️" }),
           /* @__PURE__ */ s("h2", { style: { color: "#374151", marginBottom: "1rem" }, children: "Insufficient Permissions" }),
-          e && r ? /* @__PURE__ */ f(B, { children: [
+          e && r ? /* @__PURE__ */ f(U, { children: [
             /* @__PURE__ */ f("p", { style: { color: "#6b7280", marginBottom: "1rem" }, children: [
               "This page requires ",
               /* @__PURE__ */ s("strong", { children: e }),
@@ -1988,7 +2004,7 @@ const Ht = ({ redirectPath: r }) => /* @__PURE__ */ s(
               "Your current user type: ",
               /* @__PURE__ */ s("strong", { children: r })
             ] })
-          ] }) : /* @__PURE__ */ f(B, { children: [
+          ] }) : /* @__PURE__ */ f(U, { children: [
             /* @__PURE__ */ s("p", { style: { color: "#6b7280", marginBottom: "1rem" }, children: "You don't have the required permissions to access this page." }),
             t && t.length > 0 && /* @__PURE__ */ f("p", { style: { color: "#9ca3af", fontSize: "0.875rem" }, children: [
               "Required permissions: ",
@@ -1999,8 +2015,8 @@ const Ht = ({ redirectPath: r }) => /* @__PURE__ */ s(
       }
     )
   }
-), Qt = (r, e) => r === e;
-function Mr({
+), Jt = (r, e) => r === e;
+function $r({
   children: r,
   redirectTo: e = "/login",
   requiredUserType: t,
@@ -2014,14 +2030,14 @@ function Mr({
       "[react-identity-access] ProtectedRoute is deprecated. Use AuthenticatedZone or AdminZone from ZoneRoute instead."
     );
   }, []), !l())
-    return a ? /* @__PURE__ */ s(B, { children: a }) : /* @__PURE__ */ f(B, { children: [
-      /* @__PURE__ */ s(Ht, { redirectPath: e }),
-      /* @__PURE__ */ s(be, { to: e, state: { from: S.pathname }, replace: !0 })
+    return a ? /* @__PURE__ */ s(U, { children: a }) : /* @__PURE__ */ f(U, { children: [
+      /* @__PURE__ */ s(Qt, { redirectPath: e }),
+      /* @__PURE__ */ s(we, { to: e, state: { from: S.pathname }, replace: !0 })
     ] });
   const h = d.getUser();
   if (!h)
-    return /* @__PURE__ */ s(be, { to: e, state: { from: S.pathname }, replace: !0 });
-  if (t && !Qt(h.userType, t))
+    return /* @__PURE__ */ s(we, { to: e, state: { from: S.pathname }, replace: !0 });
+  if (t && !Jt(h.userType, t))
     return /* @__PURE__ */ s(
       nt,
       {
@@ -2033,9 +2049,9 @@ function Mr({
     const P = n.filter((I) => !T(I)).map((I) => typeof I == "string" ? I : I.name);
     return /* @__PURE__ */ s(nt, { missingPermissions: P });
   }
-  return /* @__PURE__ */ s(B, { children: r });
+  return /* @__PURE__ */ s(U, { children: r });
 }
-const Jt = ({ redirectPath: r }) => /* @__PURE__ */ s(
+const Zt = ({ redirectPath: r }) => /* @__PURE__ */ s(
   "div",
   {
     style: {
@@ -2072,18 +2088,18 @@ const Jt = ({ redirectPath: r }) => /* @__PURE__ */ s(
     )
   }
 );
-function $r({ children: r, redirectTo: e = "/", fallback: t }) {
+function Ur({ children: r, redirectTo: e = "/", fallback: t }) {
   const { tenant: n, isLoading: i, error: a } = ot(), l = xe();
   return re(() => {
     process.env.NODE_ENV === "development" && console.warn(
       "[react-identity-access] TenantRoute is deprecated. Use TenantZone from ZoneRoute instead."
     );
-  }, []), i || a ? null : n ? /* @__PURE__ */ s(B, { children: r }) : t ? /* @__PURE__ */ s(B, { children: t }) : /* @__PURE__ */ f(B, { children: [
-    /* @__PURE__ */ s(Jt, { redirectPath: e }),
-    /* @__PURE__ */ s(be, { to: e, state: { from: l.pathname }, replace: !0 })
+  }, []), i || a ? null : n ? /* @__PURE__ */ s(U, { children: r }) : t ? /* @__PURE__ */ s(U, { children: t }) : /* @__PURE__ */ f(U, { children: [
+    /* @__PURE__ */ s(Zt, { redirectPath: e }),
+    /* @__PURE__ */ s(we, { to: e, state: { from: l.pathname }, replace: !0 })
   ] });
 }
-const Zt = ({ redirectPath: r }) => /* @__PURE__ */ s(
+const Kt = ({ redirectPath: r }) => /* @__PURE__ */ s(
   "div",
   {
     style: {
@@ -2120,36 +2136,36 @@ const Zt = ({ redirectPath: r }) => /* @__PURE__ */ s(
     )
   }
 );
-function Ur({ children: r, redirectTo: e = "/dashboard", fallback: t }) {
+function Br({ children: r, redirectTo: e = "/dashboard", fallback: t }) {
   const { tenant: n, isLoading: i, error: a } = ot(), l = xe();
   return re(() => {
     process.env.NODE_ENV === "development" && console.warn(
       "[react-identity-access] LandingRoute is deprecated. Use PublicZone from ZoneRoute instead."
     );
-  }, []), i || a ? null : n ? t ? /* @__PURE__ */ s(B, { children: t }) : /* @__PURE__ */ f(B, { children: [
-    /* @__PURE__ */ s(Zt, { redirectPath: e }),
-    /* @__PURE__ */ s(be, { to: e, state: { from: l.pathname }, replace: !0 })
-  ] }) : /* @__PURE__ */ s(B, { children: r });
+  }, []), i || a ? null : n ? t ? /* @__PURE__ */ s(U, { children: t }) : /* @__PURE__ */ f(U, { children: [
+    /* @__PURE__ */ s(Kt, { redirectPath: e }),
+    /* @__PURE__ */ s(we, { to: e, state: { from: l.pathname }, replace: !0 })
+  ] }) : /* @__PURE__ */ s(U, { children: r });
 }
-function Kt(r, e) {
+function Yt(r, e) {
   return e ? r ? Array.isArray(e) ? e.includes(r) : r === e : !1 : !0;
 }
 function st(r, e) {
   return !r || r === "optional" ? "skip" : r === "required" ? e ? "pass" : "fail" : r === "forbidden" ? e ? "fail" : "pass" : "skip";
 }
-function Yt(r, e) {
-  return st(r.tenant, e.hasTenant) === "fail" ? e.hasTenant ? "has_tenant" : "no_tenant" : st(r.auth, e.isAuthenticated) === "fail" ? e.isAuthenticated ? "already_authenticated" : "not_authenticated" : r.userType && e.isAuthenticated && !Kt(e.userType, r.userType) ? "wrong_user_type" : r.permissions && r.permissions.length > 0 && !(r.requireAllPermissions !== !1 ? (a) => a.every((l) => e.permissions.includes(l)) : (a) => a.some((l) => e.permissions.includes(l)))(r.permissions) ? "missing_permissions" : null;
-}
 function Xt(r, e) {
+  return st(r.tenant, e.hasTenant) === "fail" ? e.hasTenant ? "has_tenant" : "no_tenant" : st(r.auth, e.isAuthenticated) === "fail" ? e.isAuthenticated ? "already_authenticated" : "not_authenticated" : r.userType && e.isAuthenticated && !Yt(e.userType, r.userType) ? "wrong_user_type" : r.permissions && r.permissions.length > 0 && !(r.requireAllPermissions !== !1 ? (a) => a.every((l) => e.permissions.includes(l)) : (a) => a.some((l) => e.permissions.includes(l)))(r.permissions) ? "missing_permissions" : null;
+}
+function er(r, e) {
   return r.hasTenant ? r.isAuthenticated ? r.userType === ae.TENANT_ADMIN ? e.tenantAdmin : e.tenantUser : e.tenantGuest : r.isAuthenticated ? r.userType === ae.TENANT_ADMIN ? e.publicAdmin : e.publicUser : e.publicGuest;
 }
-function er(r, e, t, n, i) {
+function tr(r, e, t, n, i) {
   if (!e || i !== "url")
     return r;
   const a = typeof e == "string" ? e : t, l = r.includes("?") ? "&" : "?";
   return `${r}${l}${n}=${encodeURIComponent(a)}`;
 }
-function tr(r, e, t) {
+function rr(r, e, t) {
   if (!r || t === "url") return;
   const n = typeof r == "string" ? r : e, i = "zone_return_to";
   t === "session" ? sessionStorage.setItem(i, n) : t === "local" && localStorage.setItem(i, n);
@@ -2168,7 +2184,7 @@ const ue = ({
   loadingFallback: c,
   accessDeniedFallback: S
 }) => {
-  const h = xe(), { isAuthenticated: x, isAuthInitializing: P, currentUser: I, userPermissions: R } = de(), { tenant: k, isTenantLoading: m } = ve(), g = Wt(), b = V(() => {
+  const h = xe(), { isAuthenticated: x, isAuthInitializing: P, currentUser: I, userPermissions: R } = de(), { tenant: k, isTenantLoading: m } = Te(), g = Gt(), b = V(() => {
     if (e)
       return g.presets[e];
   }, [e, g.presets]), C = V(
@@ -2196,7 +2212,7 @@ const ue = ({
       P,
       m
     ]
-  ), p = V(() => o.isLoading ? null : Yt(C, o), [C, o]), E = V(() => p ? A || Xt(o, g.zoneRoots) : null, [p, A, o, g.zoneRoots]), y = V(() => !p || !E ? null : {
+  ), p = V(() => o.isLoading ? null : Xt(C, o), [C, o]), E = V(() => p ? A || er(o, g.zoneRoots) : null, [p, A, o, g.zoneRoots]), y = V(() => !p || !E ? null : {
     type: p,
     required: {
       tenant: C.tenant,
@@ -2215,7 +2231,7 @@ const ue = ({
   if (re(() => {
     y && (T ? T(y) : g.onAccessDenied && g.onAccessDenied(y));
   }, [y, T, g]), re(() => {
-    y && d && tr(d, h.pathname + h.search, g.returnToStorage);
+    y && d && rr(d, h.pathname + h.search, g.returnToStorage);
   }, [
     y,
     d,
@@ -2223,22 +2239,22 @@ const ue = ({
     h.search,
     g.returnToStorage
   ]), o.isLoading)
-    return /* @__PURE__ */ s(B, { children: c ?? g.loadingFallback ?? null });
+    return /* @__PURE__ */ s(U, { children: c ?? g.loadingFallback ?? null });
   if (y && E) {
     const u = S ?? g.accessDeniedFallback;
     if (u)
-      return /* @__PURE__ */ s(B, { children: u });
-    const v = er(
+      return /* @__PURE__ */ s(U, { children: u });
+    const v = tr(
       E,
       d,
       h.pathname + h.search,
       g.returnToParam,
       g.returnToStorage
     );
-    return /* @__PURE__ */ s(be, { to: v, replace: !0 });
+    return /* @__PURE__ */ s(we, { to: v, replace: !0 });
   }
-  return /* @__PURE__ */ s(B, { children: r });
-}, Br = (r) => /* @__PURE__ */ s(ue, { tenant: "required", ...r }), _r = (r) => /* @__PURE__ */ s(ue, { tenant: "forbidden", ...r }), Or = (r) => /* @__PURE__ */ s(ue, { auth: "required", ...r }), Vr = (r) => /* @__PURE__ */ s(ue, { auth: "forbidden", ...r }), qr = (r) => /* @__PURE__ */ s(ue, { auth: "required", userType: ae.TENANT_ADMIN, ...r }), zr = (r) => /* @__PURE__ */ s(ue, { auth: "required", userType: ae.USER, ...r }), jr = (r) => /* @__PURE__ */ s(ue, { tenant: "optional", auth: "optional", ...r }), Wr = (r) => /* @__PURE__ */ s(ue, { tenant: "required", auth: "required", ...r }), Gr = (r) => /* @__PURE__ */ s(ue, { tenant: "required", auth: "optional", ...r }), Hr = (r) => /* @__PURE__ */ s(ue, { tenant: "required", auth: "forbidden", ...r }), rr = () => /* @__PURE__ */ f(
+  return /* @__PURE__ */ s(U, { children: r });
+}, _r = (r) => /* @__PURE__ */ s(ue, { tenant: "required", ...r }), Or = (r) => /* @__PURE__ */ s(ue, { tenant: "forbidden", ...r }), Vr = (r) => /* @__PURE__ */ s(ue, { auth: "required", ...r }), qr = (r) => /* @__PURE__ */ s(ue, { auth: "forbidden", ...r }), zr = (r) => /* @__PURE__ */ s(ue, { auth: "required", userType: ae.TENANT_ADMIN, ...r }), jr = (r) => /* @__PURE__ */ s(ue, { auth: "required", userType: ae.USER, ...r }), Wr = (r) => /* @__PURE__ */ s(ue, { tenant: "optional", auth: "optional", ...r }), Gr = (r) => /* @__PURE__ */ s(ue, { tenant: "required", auth: "required", ...r }), Hr = (r) => /* @__PURE__ */ s(ue, { tenant: "required", auth: "optional", ...r }), Qr = (r) => /* @__PURE__ */ s(ue, { tenant: "required", auth: "forbidden", ...r }), nr = () => /* @__PURE__ */ f(
   "div",
   {
     style: {
@@ -2255,13 +2271,13 @@ const ue = ({
     ]
   }
 );
-function Qr({
+function Jr({
   children: r,
-  fallback: e = /* @__PURE__ */ s(rr, {}),
+  fallback: e = /* @__PURE__ */ s(nr, {}),
   allowedPlans: t,
   requiredFeature: n
 }) {
-  const { subscription: i, hasAllowedPlan: a, isFeatureEnabled: l, loading: d } = zt();
+  const { subscription: i, hasAllowedPlan: a, isFeatureEnabled: l, loading: d } = jt();
   return d ? /* @__PURE__ */ s(
     "div",
     {
@@ -2272,9 +2288,9 @@ function Qr({
       },
       children: "Loading subscription..."
     }
-  ) : i ? i.isActive ? t && t.length > 0 && !a(t) ? /* @__PURE__ */ s(B, { children: e }) : n && !l(n) ? /* @__PURE__ */ s(B, { children: e }) : /* @__PURE__ */ s(B, { children: r }) : /* @__PURE__ */ s(B, { children: e }) : /* @__PURE__ */ s(B, { children: e });
+  ) : i ? i.isActive ? t && t.length > 0 && !a(t) ? /* @__PURE__ */ s(U, { children: e }) : n && !l(n) ? /* @__PURE__ */ s(U, { children: e }) : /* @__PURE__ */ s(U, { children: r }) : /* @__PURE__ */ s(U, { children: e }) : /* @__PURE__ */ s(U, { children: e });
 }
-const nr = ({ flagName: r }) => /* @__PURE__ */ f(
+const sr = ({ flagName: r }) => /* @__PURE__ */ f(
   "div",
   {
     style: {
@@ -2301,8 +2317,8 @@ const nr = ({ flagName: r }) => /* @__PURE__ */ f(
     ]
   }
 );
-function Jr({ name: r, children: e, fallback: t }) {
-  const { isEnabled: n, loading: i } = Vt();
+function Zr({ name: r, children: e, fallback: t }) {
+  const { isEnabled: n, loading: i } = qt();
   return i ? /* @__PURE__ */ s(
     "div",
     {
@@ -2316,9 +2332,9 @@ function Jr({ name: r, children: e, fallback: t }) {
       },
       children: "Loading feature flags..."
     }
-  ) : n(r) ? /* @__PURE__ */ s(B, { children: e }) : /* @__PURE__ */ s(B, { children: t || /* @__PURE__ */ s(nr, { flagName: r }) });
+  ) : n(r) ? /* @__PURE__ */ s(U, { children: e }) : /* @__PURE__ */ s(U, { children: t || /* @__PURE__ */ s(sr, { flagName: r }) });
 }
-function we(r) {
+function ve(r) {
   const { submit: e, defaultErrorMessage: t, validate: n, onSuccess: i, onError: a } = r, [l, d] = N(!1), [T, A] = N(""), [c, S] = N({}), h = te((R, k) => {
     S((m) => ({ ...m, [R]: k }));
   }, []), x = te((R) => {
@@ -2533,7 +2549,7 @@ function Le(r, e) {
     }
   };
 }
-const sr = () => me.createElement(
+const ir = () => me.createElement(
   "svg",
   {
     width: "16",
@@ -2548,7 +2564,7 @@ const sr = () => me.createElement(
   },
   me.createElement("path", { d: "M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z" }),
   me.createElement("circle", { cx: "12", cy: "12", r: "3" })
-), ir = () => me.createElement(
+), or = () => me.createElement(
   "svg",
   {
     width: "16",
@@ -2565,10 +2581,10 @@ const sr = () => me.createElement(
     d: "M17.94 17.94A10.07 10.07 0 0 1 12 20c-7 0-11-8-11-8a18.45 18.45 0 0 1 5.06-5.94M9.9 4.24A9.12 9.12 0 0 1 12 4c7 0 11 8 11 8a18.5 18.5 0 0 1-2.16 3.19m-6.72-1.07a3 3 0 1 1-4.24-4.24"
   }),
   me.createElement("line", { x1: "1", y1: "1", x2: "23", y2: "23" })
-), or = {
-  showPassword: /* @__PURE__ */ s(sr, {}),
-  hidePassword: /* @__PURE__ */ s(ir, {})
-}, ar = {
+), ar = {
+  showPassword: /* @__PURE__ */ s(ir, {}),
+  hidePassword: /* @__PURE__ */ s(or, {})
+}, lr = {
   title: "Sign In",
   usernameLabel: "Email or Phone",
   usernamePlaceholder: "Enter your email or phone number",
@@ -2587,7 +2603,7 @@ const sr = () => me.createElement(
   showPasswordAriaLabel: "Show password",
   hidePasswordAriaLabel: "Hide password"
 };
-function Zr({
+function Kr({
   copy: r = {},
   styles: e = {},
   icons: t = {},
@@ -2601,7 +2617,7 @@ function Zr({
   showMagicLinkOption: c = !0,
   className: S
 }) {
-  const [h, x] = N(""), [P, I] = N(""), [R, k] = N(!1), { login: m } = de(), g = { ...ar, ...r }, b = Le("#3b82f6", e), C = { ...or, ...t }, o = we({
+  const [h, x] = N(""), [P, I] = N(""), [R, k] = N(!1), { login: m } = de(), g = { ...lr, ...r }, b = Le("#3b82f6", e), C = { ...ar, ...t }, o = ve({
     defaultErrorMessage: g.errorMessage,
     validate: () => {
       const u = [];
@@ -2694,7 +2710,7 @@ function Zr({
     ] })
   ] });
 }
-const lr = {
+const cr = {
   title: "Create Account",
   nameLabel: "First Name",
   namePlaceholder: "Enter your first name",
@@ -2724,7 +2740,7 @@ const lr = {
   tenantNotFoundError: "Tenant not found",
   dividerBullet: "•"
 };
-function Kr({
+function Yr({
   copy: r = {},
   styles: e = {},
   signupType: t = "user",
@@ -2736,8 +2752,8 @@ function Kr({
   showMagicLinkOption: T = !0,
   className: A
 }) {
-  var U;
-  const [c, S] = N(""), [h, x] = N(""), [P, I] = N(""), [R, k] = N(""), [m, g] = N(""), [b, C] = N(""), [o, p] = N(""), { signup: E, signupTenantAdmin: y } = de(), u = ((U = pe()) == null ? void 0 : U.tenant) ?? null, v = { ...lr, ...r }, D = Le("#10b981", e), se = !!c && (!!P || !!R) && !!m && !!b && (t === "user" || !!o), F = we({
+  var B;
+  const [c, S] = N(""), [h, x] = N(""), [P, I] = N(""), [R, k] = N(""), [m, g] = N(""), [b, C] = N(""), [o, p] = N(""), { signup: E, signupTenantAdmin: y } = de(), u = ((B = pe()) == null ? void 0 : B.tenant) ?? null, v = { ...cr, ...r }, D = Le("#10b981", e), se = !!c && (!!P || !!R) && !!m && !!b && (t === "user" || !!o), F = ve({
     defaultErrorMessage: v.errorMessage,
     validate: () => {
       const L = [];
@@ -2920,7 +2936,7 @@ function Kr({
     ] })
   ] });
 }
-const cr = {
+const ur = {
   title: "Sign In with Magic Link",
   emailLabel: "Email",
   emailPlaceholder: "Enter your email",
@@ -2945,7 +2961,7 @@ const cr = {
   missingTenantOrEmailError: "Missing tenant or email",
   dividerBullet: "•"
 };
-function Yr({
+function Xr({
   copy: r = {},
   styles: e = {},
   onSuccess: t,
@@ -2958,7 +2974,7 @@ function Yr({
   frontendUrl: A
 }) {
   var H;
-  const [c, S] = N(""), [h, x] = N(""), [P, I] = N(""), [R, k] = N(!1), [m, g] = N(""), [b, C] = N(!1), { sendMagicLink: o, verifyMagicLink: p } = de(), E = ((H = pe()) == null ? void 0 : H.tenant) ?? null, y = { ...cr, ...r }, u = Le("#3b82f6", e), v = we({
+  const [c, S] = N(""), [h, x] = N(""), [P, I] = N(""), [R, k] = N(!1), [m, g] = N(""), [b, C] = N(!1), { sendMagicLink: o, verifyMagicLink: p } = de(), E = ((H = pe()) == null ? void 0 : H.tenant) ?? null, y = { ...ur, ...r }, u = Le("#3b82f6", e), v = ve({
     defaultErrorMessage: y.errorMessage,
     validate: () => {
       const j = [];
@@ -3039,7 +3055,7 @@ function Yr({
           children: y.showNameToggle
         }
       ) }),
-      b && /* @__PURE__ */ f(B, { children: [
+      b && /* @__PURE__ */ f(U, { children: [
         /* @__PURE__ */ f("div", { style: u.fieldGroup, children: [
           /* @__PURE__ */ s("label", { style: u.label, children: y.nameLabel }),
           /* @__PURE__ */ s(
@@ -3109,7 +3125,7 @@ function Yr({
     ] })
   ] });
 }
-const ur = {
+const dr = {
   title: "Verifying Magic Link",
   verifyingMessage: "Please wait while we verify your magic link...",
   successMessage: "Magic link verified successfully! You are now logged in.",
@@ -3211,7 +3227,7 @@ const ur = {
   backButtonHover: {
     backgroundColor: "#e5e7eb"
   }
-}, dr = () => /* @__PURE__ */ s("div", { style: ut.spinner }), hr = () => /* @__PURE__ */ f(
+}, hr = () => /* @__PURE__ */ s("div", { style: ut.spinner }), pr = () => /* @__PURE__ */ f(
   "svg",
   {
     width: "48",
@@ -3228,7 +3244,7 @@ const ur = {
       /* @__PURE__ */ s("polyline", { points: "22,4 12,14.01 9,11.01" })
     ]
   }
-), pr = () => /* @__PURE__ */ f(
+), fr = () => /* @__PURE__ */ f(
   "svg",
   {
     width: "48",
@@ -3246,12 +3262,12 @@ const ur = {
       /* @__PURE__ */ s("line", { x1: "9", y1: "9", x2: "15", y2: "15" })
     ]
   }
-), fr = {
-  loading: /* @__PURE__ */ s(dr, {}),
-  success: /* @__PURE__ */ s(hr, {}),
-  error: /* @__PURE__ */ s(pr, {})
+), mr = {
+  loading: /* @__PURE__ */ s(hr, {}),
+  success: /* @__PURE__ */ s(pr, {}),
+  error: /* @__PURE__ */ s(fr, {})
 };
-function Xr({
+function en({
   copy: r = {},
   styles: e = {},
   icons: t = {},
@@ -3266,7 +3282,7 @@ function Xr({
   tenantSlug: S,
   autoRedirectDelay: h = 3e3
 }) {
-  const [x, P] = N("verifying"), [I, R] = N(""), { verifyMagicLink: k } = de(), m = { ...ur, ...r }, g = { ...ut, ...e }, b = { ...fr, ...t }, C = () => {
+  const [x, P] = N("verifying"), [I, R] = N(""), { verifyMagicLink: k } = de(), m = { ...dr, ...r }, g = { ...ut, ...e }, b = { ...mr, ...t }, C = () => {
     if (typeof window > "u") return {};
     const u = new URLSearchParams(window.location.search);
     return {
@@ -3309,17 +3325,17 @@ function Xr({
           m.verifyingMessage
         ] });
       case "success":
-        return /* @__PURE__ */ f(B, { children: [
+        return /* @__PURE__ */ f(U, { children: [
           b.success,
           /* @__PURE__ */ s("div", { style: g.successMessage, children: m.successMessage })
         ] });
       case "redirecting":
-        return /* @__PURE__ */ f(B, { children: [
+        return /* @__PURE__ */ f(U, { children: [
           b.loading,
           /* @__PURE__ */ s("div", { style: g.message, children: m.redirectingMessage })
         ] });
       case "error":
-        return /* @__PURE__ */ f(B, { children: [
+        return /* @__PURE__ */ f(U, { children: [
           b.error,
           /* @__PURE__ */ s("div", { style: g.errorMessage, children: I || m.errorMessage }),
           /* @__PURE__ */ f("div", { style: g.buttonContainer, children: [
@@ -3374,7 +3390,7 @@ function Xr({
     y()
   ] });
 }
-const mr = {
+const gr = {
   title: "Reset Password",
   subtitle: "Enter your email address and we'll send you a link to reset your password.",
   emailLabel: "Email",
@@ -3401,7 +3417,7 @@ const mr = {
   tenantNotFoundError: "Tenant not found",
   dividerBullet: "•"
 };
-function en({
+function tn({
   copy: r = {},
   styles: e = {},
   mode: t = "request",
@@ -3413,7 +3429,7 @@ function en({
   className: T
 }) {
   var se;
-  const [A, c] = N(""), [S, h] = N(n), [x, P] = N(""), [I, R] = N(""), [k, m] = N(""), { requestPasswordReset: g, confirmPasswordReset: b } = de(), C = ((se = pe()) == null ? void 0 : se.tenant) ?? null, o = { ...mr, ...r }, p = Le("#f59e0b", e), E = we({
+  const [A, c] = N(""), [S, h] = N(n), [x, P] = N(""), [I, R] = N(""), [k, m] = N(""), { requestPasswordReset: g, confirmPasswordReset: b } = de(), C = ((se = pe()) == null ? void 0 : se.tenant) ?? null, o = { ...gr, ...r }, p = Le("#f59e0b", e), E = ve({
     defaultErrorMessage: o.errorMessage,
     validate: () => A.trim() ? C != null && C.id ? !0 : (E.setError(o.tenantNotFoundError), !1) : (E.setFieldError("email", !0), !1),
     submit: async () => {
@@ -3421,7 +3437,7 @@ function en({
     },
     onSuccess: () => i == null ? void 0 : i(),
     onError: a
-  }), y = we({
+  }), y = ve({
     defaultErrorMessage: o.errorMessage,
     validate: () => {
       const F = [];
@@ -3500,7 +3516,7 @@ function en({
       ] }),
       /* @__PURE__ */ f("div", { style: p.linkContainer, children: [
         /* @__PURE__ */ s("a", { onClick: l, style: p.link, children: o.backToLoginLink }),
-        d && /* @__PURE__ */ f(B, { children: [
+        d && /* @__PURE__ */ f(U, { children: [
           /* @__PURE__ */ s("span", { style: p.modeSwitchDivider, children: o.dividerBullet }),
           /* @__PURE__ */ s("a", { onClick: () => d("request"), style: p.link, children: o.requestNewLinkLink })
         ] })
@@ -3541,14 +3557,14 @@ function en({
     ] }),
     /* @__PURE__ */ f("div", { style: p.linkContainer, children: [
       /* @__PURE__ */ s("a", { onClick: l, style: p.link, children: o.backToLoginLink }),
-      d && /* @__PURE__ */ f(B, { children: [
+      d && /* @__PURE__ */ f(U, { children: [
         /* @__PURE__ */ s("span", { style: p.modeSwitchDivider, children: o.dividerBullet }),
         /* @__PURE__ */ s("a", { onClick: () => d("reset"), style: p.link, children: o.haveTokenLink })
       ] })
     ] })
   ] });
 }
-const gr = () => /* @__PURE__ */ s(
+const yr = () => /* @__PURE__ */ s(
   "div",
   {
     style: {
@@ -3560,7 +3576,7 @@ const gr = () => /* @__PURE__ */ s(
     },
     children: /* @__PURE__ */ s("div", { children: "Loading..." })
   }
-), yr = ({ error: r, retry: e }) => /* @__PURE__ */ f(
+), br = ({ error: r, retry: e }) => /* @__PURE__ */ f(
   "div",
   {
     style: {
@@ -3594,7 +3610,7 @@ const gr = () => /* @__PURE__ */ s(
     ]
   }
 );
-function tn({
+function rn({
   children: r,
   loadingFallback: e,
   errorFallback: t,
@@ -3605,14 +3621,14 @@ function tn({
     a && l(), h && d && P();
   };
   if (o)
-    return /* @__PURE__ */ s(B, { children: e || /* @__PURE__ */ s(gr, {}) });
+    return /* @__PURE__ */ s(U, { children: e || /* @__PURE__ */ s(yr, {}) });
   if (p) {
-    const y = typeof t == "function" ? t(p, E) : t || /* @__PURE__ */ s(yr, { error: p, retry: E });
-    return /* @__PURE__ */ s(B, { children: y });
+    const y = typeof t == "function" ? t(p, E) : t || /* @__PURE__ */ s(br, { error: p, retry: E });
+    return /* @__PURE__ */ s(U, { children: y });
   }
-  return /* @__PURE__ */ s(B, { children: r });
+  return /* @__PURE__ */ s(U, { children: r });
 }
-function rn(r = !0) {
+function nn(r = !0) {
   const { isAppLoading: e, appError: t, retryApp: n, appInfo: i } = Ae(), a = pe(), l = Oe(), d = at(), T = lt(), A = (a == null ? void 0 : a.isTenantLoading) ?? !1, c = (a == null ? void 0 : a.tenantError) ?? null, S = (a == null ? void 0 : a.tenant) ?? null, h = (a == null ? void 0 : a.tenantSlug) ?? null, x = (a == null ? void 0 : a.retryTenant) ?? (() => {
   }), P = (l == null ? void 0 : l.isAuthReady) ?? !0, I = (d == null ? void 0 : d.isReady) ?? !0, R = (T == null ? void 0 : T.isReady) ?? !0, k = r && a && h, C = e || k && A || l && !P || d && !I || T && !R, o = t || (k ? c : null);
   return {
@@ -3630,7 +3646,7 @@ function rn(r = !0) {
     subscription: T ? { isReady: R } : null
   };
 }
-const br = {
+const wr = {
   wrapper: {
     position: "relative"
   },
@@ -3674,7 +3690,7 @@ const br = {
     marginLeft: 8
   }
 };
-function nn({
+function sn({
   tenants: r,
   currentTenantId: e,
   onSelect: t,
@@ -3688,7 +3704,7 @@ function nn({
   showCurrentTenant: c = !0
 }) {
   var C;
-  const S = { ...br, ...n }, h = Oe(), [x, P] = N(!1), I = Ee(null), R = r ?? (h == null ? void 0 : h.userTenants) ?? [], k = e ?? ((C = h == null ? void 0 : h.currentUser) == null ? void 0 : C.tenantId) ?? null, m = async (o) => {
+  const S = { ...wr, ...n }, h = Oe(), [x, P] = N(!1), I = ye(null), R = r ?? (h == null ? void 0 : h.userTenants) ?? [], k = e ?? ((C = h == null ? void 0 : h.currentUser) == null ? void 0 : C.tenantId) ?? null, m = async (o) => {
     P(!1), t ? t(o) : h != null && h.switchToTenant && await h.switchToTenant(o);
   };
   re(() => {
@@ -3756,7 +3772,7 @@ function nn({
     }) })
   ] });
 }
-class sn {
+class on {
   constructor(e) {
     this.httpService = e;
   }
@@ -3789,7 +3805,7 @@ class sn {
     return { permissions: n.data, meta: n.meta };
   }
 }
-class on {
+class an {
   constructor(e) {
     this.httpService = e;
   }
@@ -3820,7 +3836,7 @@ class on {
     await this.httpService.delete(`/subscription-plans/${e}`);
   }
 }
-class an {
+class ln {
   constructor(e) {
     this.httpService = e;
   }
@@ -3830,12 +3846,12 @@ class an {
   }
 }
 const dt = "returnTo", Ce = "zone_return_to", De = "zone_return_to";
-function ln(r = {}) {
+function cn(r = {}) {
   const {
     zoneRoots: e = {},
     returnToParam: t = dt,
     returnToStorage: n = "url"
-  } = r, i = wt(), [a, l] = vt(), { isAuthenticated: d, currentUser: T } = de(), { tenant: A } = ve(), c = V(() => ({ ...ze, ...e }), [e]), S = !!A, h = T == null ? void 0 : T.userType, x = V(() => {
+  } = r, i = vt(), [a, l] = Tt(), { isAuthenticated: d, currentUser: T } = de(), { tenant: A } = Te(), c = V(() => ({ ...ze, ...e }), [e]), S = !!A, h = T == null ? void 0 : T.userType, x = V(() => {
     switch (n) {
       case "url":
         return a.get(t);
@@ -3892,79 +3908,79 @@ function ln(r = {}) {
     getSmartRedirect: k
   };
 }
-function cn(r, e, t = dt, n = "url") {
+function un(r, e, t = dt, n = "url") {
   if (!e || n !== "url")
     return r;
   const i = new URL(r, window.location.origin);
   return i.searchParams.set(t, e), i.pathname + i.search;
 }
 export {
-  qr as AdminZone,
+  zr as AdminZone,
   Je as AppApiService,
-  tn as AppLoader,
-  Sr as AppProvider,
-  Nt as AuthApiService,
-  Rr as AuthProvider,
-  Or as AuthenticatedZone,
+  rn as AppLoader,
+  kr as AppProvider,
+  Ct as AuthApiService,
+  Pr as AuthProvider,
+  Vr as AuthenticatedZone,
   oe as ConfigurationError,
   ct as DEFAULT_ZONE_PRESETS,
   ze as DEFAULT_ZONE_ROOTS,
-  Jr as FeatureFlag,
-  Ot as FeatureFlagApiService,
-  Lr as FeatureFlagProvider,
-  Vr as GuestZone,
-  an as HealthApiService,
+  Zr as FeatureFlag,
+  Vt as FeatureFlagApiService,
+  Fr as FeatureFlagProvider,
+  qr as GuestZone,
+  ln as HealthApiService,
   he as HttpService,
-  Ur as LandingRoute,
-  Zr as LoginForm,
-  Yr as MagicLinkForm,
-  Xr as MagicLinkVerify,
-  jr as OpenZone,
-  en as PasswordRecoveryForm,
-  sn as PermissionApiService,
-  Dr as Protected,
-  Mr as ProtectedRoute,
-  _r as PublicZone,
-  Ct as RoleApiService,
-  Nr as RoutingProvider,
+  Br as LandingRoute,
+  Kr as LoginForm,
+  Xr as MagicLinkForm,
+  en as MagicLinkVerify,
+  Wr as OpenZone,
+  tn as PasswordRecoveryForm,
+  on as PermissionApiService,
+  Mr as Protected,
+  $r as ProtectedRoute,
+  Or as PublicZone,
+  Dt as RoleApiService,
+  Cr as RoutingProvider,
   ee as SessionExpiredError,
   Me as SessionManager,
-  Kr as SignupForm,
-  qt as SubscriptionApiService,
-  Qr as SubscriptionGuard,
-  on as SubscriptionPlanApiService,
-  Fr as SubscriptionProvider,
-  ye as TenantApiService,
-  Wr as TenantAuthenticatedZone,
-  Hr as TenantGuestZone,
-  Gr as TenantOpenZone,
-  Er as TenantProvider,
-  $r as TenantRoute,
-  nn as TenantSelector,
-  Br as TenantZone,
-  kt as TokenRefreshError,
-  St as TokenRefreshTimeoutError,
-  Dt as UserApiService,
+  Yr as SignupForm,
+  zt as SubscriptionApiService,
+  Jr as SubscriptionGuard,
+  an as SubscriptionPlanApiService,
+  Nr as SubscriptionProvider,
+  be as TenantApiService,
+  Gr as TenantAuthenticatedZone,
+  Qr as TenantGuestZone,
+  Hr as TenantOpenZone,
+  xr as TenantProvider,
+  Ur as TenantRoute,
+  sn as TenantSelector,
+  _r as TenantZone,
+  Et as TokenRefreshError,
+  kt as TokenRefreshTimeoutError,
+  Mt as UserApiService,
   ae as UserType,
-  zr as UserZone,
+  jr as UserZone,
   ue as ZoneRoute,
-  cn as buildRedirectUrl,
-  kr as useApi,
+  un as buildRedirectUrl,
+  Er as useApi,
   Ae as useApp,
-  rn as useAppLoaderState,
+  nn as useAppLoaderState,
   de as useAuth,
-  Ir as useAuthActions,
+  Lr as useAuthActions,
   Oe as useAuthOptional,
-  Pr as useAuthState,
-  Vt as useFeatureFlags,
-  Cr as useRouting,
-  Wt as useRoutingOptional,
-  Ar as useSettings,
-  zt as useSubscription,
-  ve as useTenant,
+  Ir as useAuthState,
+  qt as useFeatureFlags,
+  Dr as useRouting,
+  Gt as useRoutingOptional,
+  Rr as useSettings,
+  jt as useSubscription,
+  Te as useTenant,
   ot as useTenantInfo,
   pe as useTenantOptional,
-  xr as useTenantSettings,
-  ln as useZoneNavigation
+  Ar as useTenantSettings,
+  cn as useZoneNavigation
 };
 //# sourceMappingURL=index.es.js.map