@spidy092/auth-client 2.1.8 → 3.0.1

package/dist/react/AuthProvider.cjs

@@ -0,0 +1,700 @@
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// react/AuthProvider.jsx
+var AuthProvider_exports = {};
+__export(AuthProvider_exports, {
+  AuthContext: () => AuthContext,
+  AuthProvider: () => AuthProvider
+});
+module.exports = __toCommonJS(AuthProvider_exports);
+var import_react = __toESM(require("react"), 1);
+
+// token.js
+var import_jwt_decode = require("jwt-decode");
+var accessToken = null;
+var listeners = /* @__PURE__ */ new Set();
+var REFRESH_COOKIE = "account_refresh_token";
+var COOKIE_MAX_AGE = 7 * 24 * 60 * 60;
+function secureAttribute() {
+  var _a;
+  try {
+    return typeof window !== "undefined" && ((_a = window.location) == null ? void 0 : _a.protocol) === "https:" ? "; Secure" : "";
+  } catch (err) {
+    return "";
+  }
+}
+function writeAccessToken(token) {
+  if (!token) {
+    try {
+      localStorage.removeItem("authToken");
+    } catch (err) {
+      console.warn("Could not clear token from localStorage:", err);
+    }
+    return;
+  }
+  try {
+    localStorage.setItem("authToken", token);
+  } catch (err) {
+    console.warn("Could not persist token to localStorage:", err);
+  }
+}
+function readAccessToken() {
+  try {
+    return localStorage.getItem("authToken");
+  } catch (err) {
+    console.warn("Could not read token from localStorage:", err);
+    return null;
+  }
+}
+function decode(token) {
+  try {
+    return (0, import_jwt_decode.jwtDecode)(token);
+  } catch (err) {
+    return null;
+  }
+}
+function getTimeUntilExpiry(token) {
+  if (!token) return -1;
+  const decoded = decode(token);
+  if (!(decoded == null ? void 0 : decoded.exp)) return -1;
+  const now = Date.now() / 1e3;
+  return Math.floor(decoded.exp - now);
+}
+function setToken(token) {
+  const previousToken = accessToken;
+  accessToken = token || null;
+  writeAccessToken(accessToken);
+  if (previousToken !== accessToken) {
+    listeners.forEach((listener) => {
+      try {
+        listener(accessToken, previousToken);
+      } catch (err) {
+        console.warn("Token listener error:", err);
+      }
+    });
+  }
+}
+function getToken() {
+  if (accessToken) return accessToken;
+  accessToken = readAccessToken();
+  return accessToken;
+}
+function clearToken() {
+  if (!accessToken) {
+    writeAccessToken(null);
+    clearRefreshToken();
+    return;
+  }
+  const previousToken = accessToken;
+  accessToken = null;
+  writeAccessToken(null);
+  clearRefreshToken();
+  listeners.forEach((listener) => {
+    try {
+      listener(null, previousToken);
+    } catch (err) {
+      console.warn("Token listener error:", err);
+    }
+  });
+}
+var REFRESH_TOKEN_KEY = "auth_refresh_token";
+var _persistRefreshToken = false;
+function shouldUseLocalStorage() {
+  var _a;
+  if (_persistRefreshToken) return true;
+  try {
+    return typeof window !== "undefined" && ((_a = window.location) == null ? void 0 : _a.protocol) === "http:";
+  } catch (err) {
+    return false;
+  }
+}
+function setRefreshToken(token) {
+  if (!token) {
+    clearRefreshToken();
+    return;
+  }
+  if (shouldUseLocalStorage()) {
+    try {
+      localStorage.setItem(REFRESH_TOKEN_KEY, token);
+      console.log(`\u{1F4E6} Refresh token stored in localStorage (${_persistRefreshToken ? "persistence enabled" : "HTTP dev mode"})`);
+    } catch (err) {
+      console.warn("Could not store refresh token:", err);
+    }
+  } else {
+    console.log("\u{1F512} Refresh token managed by server httpOnly cookie (production mode)");
+  }
+}
+function getRefreshToken() {
+  if (shouldUseLocalStorage()) {
+    try {
+      const token = localStorage.getItem(REFRESH_TOKEN_KEY);
+      return token;
+    } catch (err) {
+      console.warn("Could not read refresh token:", err);
+      return null;
+    }
+  }
+  return null;
+}
+function clearRefreshToken() {
+  try {
+    localStorage.removeItem(REFRESH_TOKEN_KEY);
+  } catch (err) {
+  }
+  try {
+    document.cookie = `${REFRESH_COOKIE}=; Path=/; SameSite=Strict${secureAttribute()}; Expires=Thu, 01 Jan 1970 00:00:00 GMT`;
+  } catch (err) {
+    console.warn("Could not clear refresh token cookie:", err);
+  }
+  try {
+    sessionStorage.removeItem(REFRESH_COOKIE);
+  } catch (err) {
+  }
+}
+
+// config.js
+var config = {
+  clientKey: null,
+  authBaseUrl: null,
+  redirectUri: null,
+  accountUiUrl: null,
+  isRouter: false,
+  // ✅ Add router flag
+  // ========== SESSION SECURITY SETTINGS ==========
+  // Buffer time (in seconds) before token expiry to trigger proactive refresh
+  // With 5-minute access tokens, refreshing 60s before expiry ensures seamless UX
+  tokenRefreshBuffer: 60,
+  // Interval (in milliseconds) for periodic session validation
+  // Validates that the session still exists in Keycloak (not deleted by admin)
+  // Default: 15 minutes (900000ms) - Increased from 2m to avoid frequent checks
+  sessionValidationInterval: 15 * 60 * 1e3,
+  // Enable/disable periodic session validation
+  // When enabled, the client will ping the server to verify session is still active
+  enableSessionValidation: true,
+  // Enable/disable proactive token refresh
+  // When enabled, tokens are refreshed before they expire (using tokenRefreshBuffer)
+  enableProactiveRefresh: true,
+  // Validate session when browser tab becomes visible again
+  // Catches session deletions that happened while the tab was inactive
+  validateOnVisibility: true,
+  // ========== REFRESH TOKEN PERSISTENCE ==========
+  // When true, stores refresh token in localStorage even on HTTPS
+  // Required for local dev with mkcert/self-signed certs where httpOnly cookies
+  // may not work reliably across origins
+  // ⚠️ In true production, set to false and rely on httpOnly cookies
+  persistRefreshToken: false
+};
+function getConfig() {
+  return { ...config };
+}
+function isRouterMode() {
+  return config.isRouter;
+}
+
+// core.js
+var callbackProcessed = false;
+function login(clientKeyArg, redirectUriArg) {
+  resetCallbackState();
+  const {
+    clientKey: defaultClientKey,
+    authBaseUrl,
+    redirectUri: defaultRedirectUri,
+    accountUiUrl
+  } = getConfig();
+  const clientKey = clientKeyArg || defaultClientKey;
+  const redirectUri = redirectUriArg || defaultRedirectUri;
+  console.log("\u{1F504} Smart Login initiated:", {
+    mode: isRouterMode() ? "ROUTER" : "CLIENT",
+    clientKey,
+    redirectUri
+  });
+  if (!clientKey || !redirectUri) {
+    throw new Error("Missing clientKey or redirectUri");
+  }
+  sessionStorage.setItem("originalApp", clientKey);
+  sessionStorage.setItem("returnUrl", redirectUri);
+  if (isRouterMode()) {
+    return routerLogin(clientKey, redirectUri);
+  } else {
+    return clientLogin(clientKey, redirectUri);
+  }
+}
+function routerLogin(clientKey, redirectUri) {
+  const { authBaseUrl } = getConfig();
+  const params = new URLSearchParams();
+  if (redirectUri) {
+    params.append("redirect_uri", redirectUri);
+  }
+  const query = params.toString();
+  const backendLoginUrl = `${authBaseUrl}/login/${clientKey}${query ? `?${query}` : ""}`;
+  console.log("\u{1F3ED} Router Login: Direct backend authentication", {
+    clientKey,
+    redirectUri,
+    backendUrl: backendLoginUrl
+  });
+  window.location.href = backendLoginUrl;
+}
+function clientLogin(clientKey, redirectUri) {
+  const { accountUiUrl } = getConfig();
+  const params = new URLSearchParams({
+    client: clientKey
+  });
+  if (redirectUri) {
+    params.append("redirect_uri", redirectUri);
+  }
+  const centralizedLoginUrl = `${accountUiUrl}/login?${params.toString()}`;
+  console.log("\u{1F504} Client Login: Redirecting to centralized login", {
+    clientKey,
+    redirectUri,
+    centralizedUrl: centralizedLoginUrl
+  });
+  window.location.href = centralizedLoginUrl;
+}
+function logout() {
+  resetCallbackState();
+  const { clientKey, authBaseUrl, accountUiUrl } = getConfig();
+  const token = getToken();
+  console.log("\u{1F6AA} Smart Logout initiated");
+  clearToken();
+  clearRefreshToken();
+  sessionStorage.removeItem("originalApp");
+  sessionStorage.removeItem("returnUrl");
+  if (isRouterMode()) {
+    return routerLogout(clientKey, authBaseUrl, accountUiUrl, token);
+  } else {
+    return clientLogout(clientKey, accountUiUrl);
+  }
+}
+async function routerLogout(clientKey, authBaseUrl, accountUiUrl, token) {
+  console.log("\u{1F3ED} Router Logout");
+  const refreshToken2 = getRefreshToken();
+  try {
+    const response = await fetch(`${authBaseUrl}/logout/${clientKey}`, {
+      method: "POST",
+      credentials: "include",
+      headers: {
+        "Authorization": token ? `Bearer ${token}` : "",
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        refreshToken: refreshToken2
+      })
+    });
+    const data = await response.json();
+    console.log("\u2705 Logout response:", data);
+    clearRefreshToken();
+    clearToken();
+    console.log("\u{1F504} Redirecting to login (skipping Keycloak confirmation)");
+    window.location.href = "/login";
+  } catch (error) {
+    console.warn("\u26A0\uFE0F Logout failed:", error);
+    clearRefreshToken();
+    clearToken();
+    window.location.href = "/login";
+  }
+}
+function clientLogout(clientKey, accountUiUrl) {
+  console.log("\u{1F504} Client Logout");
+  const logoutUrl = `${accountUiUrl}/login?client=${clientKey}&logout=true`;
+  window.location.href = logoutUrl;
+}
+function resetCallbackState() {
+  callbackProcessed = false;
+}
+var refreshInProgress = false;
+var refreshPromise = null;
+async function refreshToken() {
+  const { clientKey, authBaseUrl } = getConfig();
+  if (refreshInProgress && refreshPromise) {
+    console.log("\u{1F504} Token refresh already in progress, waiting...");
+    return refreshPromise;
+  }
+  refreshInProgress = true;
+  refreshPromise = (async () => {
+    try {
+      const storedRefreshToken = getRefreshToken();
+      console.log("\u{1F504} Refreshing token:", {
+        clientKey,
+        mode: isRouterMode() ? "ROUTER" : "CLIENT",
+        hasStoredRefreshToken: !!storedRefreshToken
+      });
+      const requestOptions = {
+        method: "POST",
+        credentials: "include",
+        // ✅ Include httpOnly cookies (for HTTPS)
+        headers: {
+          "Content-Type": "application/json"
+        }
+      };
+      if (storedRefreshToken) {
+        requestOptions.headers["X-Refresh-Token"] = storedRefreshToken;
+        requestOptions.body = JSON.stringify({ refreshToken: storedRefreshToken });
+      }
+      const response = await fetch(`${authBaseUrl}/refresh/${clientKey}`, requestOptions);
+      if (!response.ok) {
+        const errorText = await response.text();
+        console.error("\u274C Token refresh failed:", response.status, errorText);
+        throw new Error(`Refresh failed: ${response.status}`);
+      }
+      const data = await response.json();
+      const { access_token, refresh_token: new_refresh_token } = data;
+      if (!access_token) {
+        throw new Error("No access token in refresh response");
+      }
+      setToken(access_token);
+      if (new_refresh_token) {
+        setRefreshToken(new_refresh_token);
+        console.log("\u{1F504} New refresh token stored from rotation");
+      }
+      console.log("\u2705 Token refresh successful, listeners notified");
+      return access_token;
+    } catch (err) {
+      console.error("\u274C Token refresh error:", err);
+      clearToken();
+      clearRefreshToken();
+      throw err;
+    } finally {
+      refreshInProgress = false;
+      refreshPromise = null;
+    }
+  })();
+  return refreshPromise;
+}
+async function validateCurrentSession() {
+  try {
+    const { authBaseUrl } = getConfig();
+    const token = getToken();
+    if (!token || !authBaseUrl) {
+      return false;
+    }
+    const response = await fetch(`${authBaseUrl}/account/validate-session`, {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${token}`,
+        "Content-Type": "application/json"
+      },
+      credentials: "include"
+    });
+    if (!response.ok) {
+      if (response.status === 401) {
+        return false;
+      }
+      throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+    }
+    const data = await response.json();
+    return data.valid === true;
+  } catch (error) {
+    console.warn("Session validation failed:", error.message);
+    if (error.message.includes("401")) {
+      return false;
+    }
+    throw error;
+  }
+}
+var proactiveRefreshTimer = null;
+var sessionValidationTimer = null;
+var visibilityHandler = null;
+var sessionInvalidCallbacks = /* @__PURE__ */ new Set();
+function onSessionInvalid(callback) {
+  if (typeof callback === "function") {
+    sessionInvalidCallbacks.add(callback);
+  }
+  return () => sessionInvalidCallbacks.delete(callback);
+}
+function notifySessionInvalid(reason = "session_deleted") {
+  console.log("\u{1F6A8} Session invalidated:", reason);
+  sessionInvalidCallbacks.forEach((callback) => {
+    try {
+      callback(reason);
+    } catch (err) {
+      console.error("Session invalid callback error:", err);
+    }
+  });
+}
+function startProactiveRefresh() {
+  const { enableProactiveRefresh, tokenRefreshBuffer } = getConfig();
+  if (!enableProactiveRefresh) {
+    console.log("\u23F8\uFE0F Proactive refresh disabled by config");
+    return null;
+  }
+  stopProactiveRefresh();
+  const token = getToken();
+  if (!token) {
+    console.log("\u23F8\uFE0F No token, skipping proactive refresh setup");
+    return null;
+  }
+  const timeUntilExpiry = getTimeUntilExpiry(token);
+  if (timeUntilExpiry <= 0) {
+    console.log("\u26A0\uFE0F Token already expired, attempting immediate refresh");
+    refreshToken().catch((err) => {
+      console.error("\u274C Immediate refresh failed:", err);
+      notifySessionInvalid("token_expired");
+    });
+    return null;
+  }
+  const refreshIn = Math.max(0, timeUntilExpiry - tokenRefreshBuffer) * 1e3;
+  console.log(`\u{1F504} Scheduling proactive refresh in ${Math.round(refreshIn / 1e3)}s (token expires in ${timeUntilExpiry}s)`);
+  proactiveRefreshTimer = setTimeout(async () => {
+    var _a;
+    try {
+      console.log("\u{1F504} Proactive token refresh triggered");
+      await refreshToken();
+      console.log("\u2705 Proactive refresh successful, scheduling next refresh");
+      startProactiveRefresh();
+    } catch (err) {
+      console.error("\u274C Proactive refresh failed:", err);
+      const errorMessage = ((_a = err.message) == null ? void 0 : _a.toLowerCase()) || "";
+      const isPermanentFailure = errorMessage.includes("401") || errorMessage.includes("revoked") || errorMessage.includes("invalid") || errorMessage.includes("expired") || errorMessage.includes("unauthorized");
+      if (isPermanentFailure) {
+        console.log("\u{1F6A8} Token permanently invalid, triggering session expiry");
+        notifySessionInvalid("refresh_token_revoked");
+      } else {
+        proactiveRefreshTimer = setTimeout(() => startProactiveRefresh(), 3e4);
+      }
+    }
+  }, refreshIn);
+  return proactiveRefreshTimer;
+}
+function stopProactiveRefresh() {
+  if (proactiveRefreshTimer) {
+    clearTimeout(proactiveRefreshTimer);
+    proactiveRefreshTimer = null;
+    console.log("\u23F9\uFE0F Proactive refresh stopped");
+  }
+}
+function startSessionMonitor(onInvalid) {
+  const { enableSessionValidation, sessionValidationInterval, validateOnVisibility } = getConfig();
+  if (!enableSessionValidation) {
+    console.log("\u23F8\uFE0F Session validation disabled by config");
+    return null;
+  }
+  if (onInvalid && typeof onInvalid === "function") {
+    sessionInvalidCallbacks.add(onInvalid);
+  }
+  stopSessionMonitor();
+  const token = getToken();
+  if (!token) {
+    console.log("\u23F8\uFE0F No token, skipping session monitor setup");
+    return null;
+  }
+  console.log(`\u{1F441}\uFE0F Starting session monitor (interval: ${sessionValidationInterval / 1e3}s)`);
+  sessionValidationTimer = setInterval(async () => {
+    try {
+      const currentToken = getToken();
+      if (!currentToken) {
+        console.log("\u23F8\uFE0F No token, stopping session validation");
+        stopSessionMonitor();
+        return;
+      }
+      console.log("\u{1F50D} Validating session...");
+      const isValid = await validateCurrentSession();
+      if (!isValid) {
+        console.log("\u274C Session no longer valid on server");
+        stopSessionMonitor();
+        stopProactiveRefresh();
+        clearToken();
+        clearRefreshToken();
+        notifySessionInvalid("session_deleted");
+      } else {
+        console.log("\u2705 Session still valid");
+      }
+    } catch (error) {
+      console.warn("\u26A0\uFE0F Session validation check failed:", error.message);
+    }
+  }, sessionValidationInterval);
+  if (validateOnVisibility && typeof document !== "undefined") {
+    visibilityHandler = async () => {
+      if (document.visibilityState === "visible") {
+        const currentToken = getToken();
+        if (!currentToken) return;
+        console.log("\u{1F441}\uFE0F Tab visible - validating session");
+        try {
+          const isValid = await validateCurrentSession();
+          if (!isValid) {
+            console.log("\u274C Session expired while tab was hidden");
+            stopSessionMonitor();
+            stopProactiveRefresh();
+            clearToken();
+            clearRefreshToken();
+            notifySessionInvalid("session_deleted_while_hidden");
+          }
+        } catch (error) {
+          console.warn("\u26A0\uFE0F Visibility check failed:", error.message);
+        }
+      }
+    };
+    document.addEventListener("visibilitychange", visibilityHandler);
+  }
+  return sessionValidationTimer;
+}
+function stopSessionMonitor() {
+  if (sessionValidationTimer) {
+    clearInterval(sessionValidationTimer);
+    sessionValidationTimer = null;
+    console.log("\u23F9\uFE0F Session monitor stopped");
+  }
+  if (visibilityHandler && typeof document !== "undefined") {
+    document.removeEventListener("visibilitychange", visibilityHandler);
+    visibilityHandler = null;
+  }
+}
+function startSessionSecurity(onSessionInvalidCallback) {
+  console.log("\u{1F510} Starting session security (proactive refresh + session monitoring)");
+  startProactiveRefresh();
+  startSessionMonitor(onSessionInvalidCallback);
+  return {
+    stopAll: () => {
+      stopProactiveRefresh();
+      stopSessionMonitor();
+    }
+  };
+}
+function stopSessionSecurity() {
+  stopProactiveRefresh();
+  stopSessionMonitor();
+  sessionInvalidCallbacks.clear();
+  console.log("\u{1F510} Session security stopped");
+}
+
+// react/AuthProvider.jsx
+var AuthContext = (0, import_react.createContext)();
+function AuthProvider({ children, onSessionExpired }) {
+  const [token, setTokenState] = (0, import_react.useState)(getToken());
+  const [user, setUser] = (0, import_react.useState)(null);
+  const [loading, setLoading] = (0, import_react.useState)(!!token);
+  const [sessionValid, setSessionValid] = (0, import_react.useState)(true);
+  const sessionSecurityRef = (0, import_react.useRef)(null);
+  const handleSessionInvalid = (reason) => {
+    console.log("\u{1F6A8} AuthProvider: Session invalidated -", reason);
+    setSessionValid(false);
+    setUser(null);
+    setTokenState(null);
+    if (onSessionExpired && typeof onSessionExpired === "function") {
+      onSessionExpired(reason);
+    }
+  };
+  (0, import_react.useEffect)(() => {
+    if (token && !sessionSecurityRef.current) {
+      console.log("\u{1F510} AuthProvider: Starting session security");
+      const unsubscribe = onSessionInvalid(handleSessionInvalid);
+      sessionSecurityRef.current = startSessionSecurity(handleSessionInvalid);
+      return () => {
+        unsubscribe();
+        if (sessionSecurityRef.current) {
+          sessionSecurityRef.current.stopAll();
+          sessionSecurityRef.current = null;
+        }
+      };
+    }
+    if (!token && sessionSecurityRef.current) {
+      sessionSecurityRef.current.stopAll();
+      sessionSecurityRef.current = null;
+    }
+  }, [token]);
+  (0, import_react.useEffect)(() => {
+    console.log("\u{1F50D} AuthProvider useEffect triggered:", {
+      hasToken: !!token,
+      tokenLength: token == null ? void 0 : token.length
+    });
+    if (!token) {
+      console.log("\u26A0\uFE0F AuthProvider: No token, setting loading=false");
+      setLoading(false);
+      return;
+    }
+    const { authBaseUrl } = getConfig();
+    if (!authBaseUrl) {
+      console.warn("AuthProvider: No authBaseUrl configured");
+      setLoading(false);
+      return;
+    }
+    console.log("\u{1F310} AuthProvider: Fetching profile with token...", {
+      authBaseUrl,
+      tokenPreview: token.slice(0, 50) + "..."
+    });
+    fetch(`${authBaseUrl}/account/profile`, {
+      headers: { Authorization: `Bearer ${token}` },
+      credentials: "include"
+    }).then((res) => {
+      console.log("\u{1F4E5} Profile response status:", res.status);
+      if (!res.ok) throw new Error("Failed to fetch user");
+      return res.json();
+    }).then((userData) => {
+      console.log("\u2705 Profile fetched successfully:", userData.email);
+      setUser(userData);
+      setSessionValid(true);
+      setLoading(false);
+    }).catch((err) => {
+      console.error("\u274C Fetch user error:", err);
+      clearToken();
+      setTokenState(null);
+      setUser(null);
+      setLoading(false);
+    });
+  }, [token]);
+  const login2 = (clientKey, redirectUri, state) => {
+    login(clientKey, redirectUri, state);
+  };
+  const logout2 = () => {
+    stopSessionSecurity();
+    sessionSecurityRef.current = null;
+    logout();
+    setUser(null);
+    setTokenState(null);
+    setSessionValid(true);
+  };
+  const value = {
+    token,
+    user,
+    loading,
+    login: login2,
+    logout: logout2,
+    isAuthenticated: !!token && !!user && sessionValid,
+    sessionValid,
+    setUser,
+    setToken: (newToken) => {
+      setToken(newToken);
+      setTokenState(newToken);
+      setSessionValid(true);
+    },
+    clearToken: () => {
+      stopSessionSecurity();
+      sessionSecurityRef.current = null;
+      clearToken();
+      setTokenState(null);
+      setUser(null);
+    }
+  };
+  return /* @__PURE__ */ import_react.default.createElement(AuthContext.Provider, { value }, children);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AuthContext,
+  AuthProvider
+});
+//# sourceMappingURL=AuthProvider.cjs.map