npm - @snowcone-app/sdk - Versions diffs - 0.2.0 → 0.2.1 - Mend

@snowcone-app/sdk 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,17 @@
 # Changelog
+## 0.2.1
+### Patch Changes
+- [#233](https://github.com/snowcone-app/snowcone-monorepo/pull/233) [`8b08283`](https://github.com/snowcone-app/snowcone-monorepo/commit/8b0828340ea0d2852655bffe8436f0cb71bde3aa) Thanks [@kevinsproles](https://github.com/kevinsproles)! - fix(realtime): `mintRealtimeGrant` now honors the keyless publishable path
+  Omitting `apiKey` (or passing `undefined`/`null`/`''`) no longer sends a
+  broken `Authorization: Bearer undefined` header that 401s. The header is now
+  sent only when a key is actually provided, so `mintRealtimeGrant({ shop })`
+  uses the publishable shop-id path exactly as documented. `apiKey` is now typed
+  as optional.
 ## 0.2.0
 ### Minor Changes

package/dist/index.cjs CHANGED Viewed

@@ -5486,12 +5486,11 @@ ${versionToSend}
 var DEFAULT_GRANT_BASE = "https://api.snowcone.app";
 async function mintRealtimeGrant(opts) {
   const f = opts.fetch ?? globalThis.fetch;
+  const headers = { "Content-Type": "application/json" };
+  if (opts.apiKey) headers.Authorization = `Bearer ${opts.apiKey}`;
   const res = await f(`${opts.base ?? DEFAULT_GRANT_BASE}/realtime/grant`, {
     method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      Authorization: `Bearer ${opts.apiKey}`
-    },
+    headers,
     body: JSON.stringify({ shop: opts.shop })
   });
   if (!res.ok) {

package/dist/index.d.cts CHANGED Viewed

@@ -2518,14 +2518,26 @@ declare const DEFAULT_GRANT_BASE = "https://api.snowcone.app";
  * own the target `shop`. Returns a 60s grant your browser code opens the WS
  * with (hand it down via your own endpoint + {@link fetchRealtimeGrant}).
  *
+ * Omit `apiKey` (or pass `undefined`/`null`/`''`) to use the **keyless
+ * publishable path**: no `Authorization` header is sent and the grant is
+ * authorized by the publishable `shop` id alone. Passing a key uses the
+ * secret (sk_) path.
+ *
  * @example
  * // your backend route: POST /api/realtime/grant
  * const grant = await mintRealtimeGrant({ apiKey: process.env.SNOWCONE_API_KEY!, shop });
  * return Response.json(grant);
+ *
+ * @example
+ * // keyless publishable path — quick trials, no API key:
+ * const grant = await mintRealtimeGrant({ shop });
  */
 declare function mintRealtimeGrant(opts: {
-    /** Secret API key (sk_) with the `mockups:realtime` or `mockups` scope. */
-    apiKey: string;
+    /**
+     * Secret API key (sk_) with the `mockups:realtime` or `mockups` scope.
+     * Omit (or pass `undefined`/`null`/`''`) for the keyless publishable path.
+     */
+    apiKey?: string | null;
     /** Target shop id (= shop.id). Must belong to the key's organization. */
     shop: string;
     /** Backend base URL. Defaults to {@link DEFAULT_GRANT_BASE}. */

package/dist/index.d.ts CHANGED Viewed

@@ -2518,14 +2518,26 @@ declare const DEFAULT_GRANT_BASE = "https://api.snowcone.app";
  * own the target `shop`. Returns a 60s grant your browser code opens the WS
  * with (hand it down via your own endpoint + {@link fetchRealtimeGrant}).
  *
+ * Omit `apiKey` (or pass `undefined`/`null`/`''`) to use the **keyless
+ * publishable path**: no `Authorization` header is sent and the grant is
+ * authorized by the publishable `shop` id alone. Passing a key uses the
+ * secret (sk_) path.
+ *
  * @example
  * // your backend route: POST /api/realtime/grant
  * const grant = await mintRealtimeGrant({ apiKey: process.env.SNOWCONE_API_KEY!, shop });
  * return Response.json(grant);
+ *
+ * @example
+ * // keyless publishable path — quick trials, no API key:
+ * const grant = await mintRealtimeGrant({ shop });
  */
 declare function mintRealtimeGrant(opts: {
-    /** Secret API key (sk_) with the `mockups:realtime` or `mockups` scope. */
-    apiKey: string;
+    /**
+     * Secret API key (sk_) with the `mockups:realtime` or `mockups` scope.
+     * Omit (or pass `undefined`/`null`/`''`) for the keyless publishable path.
+     */
+    apiKey?: string | null;
     /** Target shop id (= shop.id). Must belong to the key's organization. */
     shop: string;
     /** Backend base URL. Defaults to {@link DEFAULT_GRANT_BASE}. */

package/dist/index.js CHANGED Viewed

@@ -4653,12 +4653,11 @@ function createSvelteComponent(descriptor, svelte) {
 var DEFAULT_GRANT_BASE = "https://api.snowcone.app";
 async function mintRealtimeGrant(opts) {
   const f = opts.fetch ?? globalThis.fetch;
+  const headers = { "Content-Type": "application/json" };
+  if (opts.apiKey) headers.Authorization = `Bearer ${opts.apiKey}`;
   const res = await f(`${opts.base ?? DEFAULT_GRANT_BASE}/realtime/grant`, {
     method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      Authorization: `Bearer ${opts.apiKey}`
-    },
+    headers,
     body: JSON.stringify({ shop: opts.shop })
   });
   if (!res.ok) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@snowcone-app/sdk",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Snowcone SDK for product mockups and print-on-demand",
   "keywords": [
     "merch",