@stackbe/sdk 0.2.0 → 0.3.0

package/dist/index.js

@@ -39,9 +39,62 @@ var StackBEError = class extends Error {
     this.statusCode = statusCode;
     this.code = code;
   }
+  /** Check if this is a specific error type */
+  is(code) {
+    return this.code === code;
+  }
+  /** Check if this is an auth-related error */
+  isAuthError() {
+    return [
+      "TOKEN_EXPIRED",
+      "TOKEN_ALREADY_USED",
+      "TOKEN_INVALID",
+      "SESSION_EXPIRED",
+      "SESSION_INVALID",
+      "UNAUTHORIZED"
+    ].includes(this.code);
+  }
+  /** Check if this is a "not found" error */
+  isNotFoundError() {
+    return [
+      "NOT_FOUND",
+      "CUSTOMER_NOT_FOUND",
+      "SUBSCRIPTION_NOT_FOUND",
+      "PLAN_NOT_FOUND",
+      "APP_NOT_FOUND"
+    ].includes(this.code);
+  }
 };
 
 // src/http.ts
+function mapErrorCode(status, message, errorType) {
+  if (errorType && errorType !== "Error") {
+    const codeFromError = errorType.toUpperCase().replace(/\s+/g, "_");
+    if (codeFromError.includes("NOT_FOUND")) return "NOT_FOUND";
+    if (codeFromError.includes("UNAUTHORIZED")) return "UNAUTHORIZED";
+  }
+  const lowerMessage = message.toLowerCase();
+  if (lowerMessage.includes("token") && lowerMessage.includes("expired")) return "TOKEN_EXPIRED";
+  if (lowerMessage.includes("already been used")) return "TOKEN_ALREADY_USED";
+  if (lowerMessage.includes("invalid") && lowerMessage.includes("token")) return "TOKEN_INVALID";
+  if (lowerMessage.includes("session") && lowerMessage.includes("expired")) return "SESSION_EXPIRED";
+  if (lowerMessage.includes("session") && lowerMessage.includes("invalid")) return "SESSION_INVALID";
+  if (lowerMessage.includes("customer") && lowerMessage.includes("not found")) return "CUSTOMER_NOT_FOUND";
+  if (lowerMessage.includes("subscription") && lowerMessage.includes("not found")) return "SUBSCRIPTION_NOT_FOUND";
+  if (lowerMessage.includes("plan") && lowerMessage.includes("not found")) return "PLAN_NOT_FOUND";
+  if (lowerMessage.includes("app") && lowerMessage.includes("not found")) return "APP_NOT_FOUND";
+  if (lowerMessage.includes("not found")) return "NOT_FOUND";
+  if (lowerMessage.includes("limit") && lowerMessage.includes("exceeded")) return "USAGE_LIMIT_EXCEEDED";
+  if (lowerMessage.includes("metric") && lowerMessage.includes("not found")) return "METRIC_NOT_FOUND";
+  if (lowerMessage.includes("feature") && lowerMessage.includes("not available")) return "FEATURE_NOT_AVAILABLE";
+  if (lowerMessage.includes("no active subscription")) return "NO_ACTIVE_SUBSCRIPTION";
+  if (lowerMessage.includes("required")) return "MISSING_REQUIRED_FIELD";
+  if (lowerMessage.includes("invalid") && lowerMessage.includes("email")) return "INVALID_EMAIL";
+  if (status === 400) return "VALIDATION_ERROR";
+  if (status === 401) return "UNAUTHORIZED";
+  if (status === 404) return "NOT_FOUND";
+  return "UNKNOWN_ERROR";
+}
 var HttpClient = class {
   constructor(config) {
     this.config = config;
@@ -79,11 +132,9 @@ var HttpClient = class {
       const data = await response.json();
       if (!response.ok) {
         const errorData = data;
-        throw new StackBEError(
-          errorData.message || "Unknown error",
-          errorData.statusCode || response.status,
-          errorData.error || "UNKNOWN_ERROR"
-        );
+        const message = errorData.message || "Unknown error";
+        const code = errorData.code || mapErrorCode(response.status, message, errorData.error || "");
+        throw new StackBEError(message, errorData.statusCode || response.status, code);
       }
       return data;
     } catch (error) {
@@ -635,6 +686,16 @@ var SubscriptionsClient = class {
 };
 
 // src/auth.ts
+function decodeJwt(token) {
+  try {
+    const parts = token.split(".");
+    if (parts.length !== 3) return null;
+    const payload = Buffer.from(parts[1], "base64").toString("utf-8");
+    return JSON.parse(payload);
+  } catch {
+    return null;
+  }
+}
 var AuthClient = class {
   constructor(http, appId) {
     this.http = http;
@@ -673,32 +734,80 @@ var AuthClient = class {
    * Verify a magic link token and get a session token.
    * Call this when the user clicks the magic link.
    *
+   * Returns the session token along with tenant and organization context.
+   *
    * @example
    * ```typescript
    * // In your /verify route handler
    * const { token } = req.query;
    *
-   * const result = await stackbe.auth.verifyToken(token);
+   * try {
+   *   const result = await stackbe.auth.verifyToken(token);
    *
-   * if (result.valid) {
-   *   // Set session cookie
-   *   res.cookie('session', result.token, { httpOnly: true });
+   *   // result includes: customerId, email, sessionToken, tenantId, organizationId
+   *   res.cookie('session', result.sessionToken, { httpOnly: true });
    *   res.redirect('/dashboard');
-   * } else {
-   *   res.redirect('/login?error=invalid_token');
+   * } catch (error) {
+   *   if (error instanceof StackBEError) {
+   *     if (error.code === 'TOKEN_EXPIRED') {
+   *       res.redirect('/login?error=expired');
+   *     } else if (error.code === 'TOKEN_ALREADY_USED') {
+   *       res.redirect('/login?error=used');
+   *     }
+   *   }
    * }
    * ```
    */
   async verifyToken(token) {
-    return this.http.post(
-      `/v1/apps/${this.appId}/auth/verify`,
-      { token }
+    const response = await fetch(
+      `${this.http.baseUrl}/v1/apps/${this.appId}/auth/verify?token=${encodeURIComponent(token)}`,
+      {
+        headers: {
+          "Content-Type": "application/json"
+        }
+      }
     );
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      const message = errorData.message || "Token verification failed";
+      let code = "TOKEN_INVALID";
+      if (message.includes("expired")) {
+        code = "TOKEN_EXPIRED";
+      } else if (message.includes("already been used")) {
+        code = "TOKEN_ALREADY_USED";
+      }
+      throw new StackBEError(message, response.status, code);
+    }
+    const data = await response.json();
+    let tenantId;
+    let organizationId;
+    let orgRole;
+    if (data.sessionToken) {
+      const payload = decodeJwt(data.sessionToken);
+      if (payload) {
+        tenantId = payload.tenantId;
+        organizationId = payload.organizationId;
+        orgRole = payload.orgRole;
+      }
+    }
+    return {
+      success: data.success ?? true,
+      valid: true,
+      customerId: data.customerId,
+      email: data.email,
+      sessionToken: data.sessionToken,
+      tenantId,
+      organizationId,
+      orgRole,
+      redirectUrl: data.redirectUrl
+    };
   }
   /**
    * Get the current session for an authenticated customer.
    * Use this to validate session tokens and get customer data.
    *
+   * Returns session info including tenant and organization context extracted from the JWT.
+   *
    * @example
    * ```typescript
    * // Validate session on each request
@@ -707,16 +816,18 @@ var AuthClient = class {
    * const session = await stackbe.auth.getSession(sessionToken);
    *
    * if (session) {
-   *   req.customer = session.customer;
-   *   req.subscription = session.subscription;
-   *   req.entitlements = session.entitlements;
+   *   console.log(session.customerId);
+   *   console.log(session.tenantId);       // Tenant context
+   *   console.log(session.organizationId); // Org context (if applicable)
+   *   console.log(session.subscription);
+   *   console.log(session.entitlements);
    * }
    * ```
    */
   async getSession(sessionToken) {
     try {
       const response = await fetch(
-        `${this.http.baseUrl}/v1/apps/${this.appId}/auth/session?appId=${this.appId}`,
+        `${this.http.baseUrl}/v1/apps/${this.appId}/auth/session`,
         {
           headers: {
             "Authorization": `Bearer ${sessionToken}`,
@@ -728,10 +839,34 @@ var AuthClient = class {
         if (response.status === 401) {
           return null;
         }
-        throw new Error("Failed to get session");
+        throw new StackBEError("Failed to get session", response.status, "SESSION_INVALID");
+      }
+      const data = await response.json();
+      let tenantId;
+      let organizationId;
+      let orgRole;
+      const payload = decodeJwt(sessionToken);
+      if (payload) {
+        tenantId = payload.tenantId;
+        organizationId = payload.organizationId;
+        orgRole = payload.orgRole;
+      }
+      return {
+        valid: data.valid ?? true,
+        customerId: data.customerId,
+        email: data.email,
+        expiresAt: data.expiresAt,
+        tenantId: tenantId ?? data.tenantId,
+        organizationId: data.organizationId ?? organizationId,
+        orgRole: data.orgRole ?? orgRole,
+        customer: data.customer,
+        subscription: data.subscription,
+        entitlements: data.entitlements
+      };
+    } catch (error) {
+      if (error instanceof StackBEError) {
+        throw error;
       }
-      return await response.json();
-    } catch {
       return null;
     }
   }

package/dist/index.mjs

@@ -6,9 +6,62 @@ var StackBEError = class extends Error {
     this.statusCode = statusCode;
     this.code = code;
   }
+  /** Check if this is a specific error type */
+  is(code) {
+    return this.code === code;
+  }
+  /** Check if this is an auth-related error */
+  isAuthError() {
+    return [
+      "TOKEN_EXPIRED",
+      "TOKEN_ALREADY_USED",
+      "TOKEN_INVALID",
+      "SESSION_EXPIRED",
+      "SESSION_INVALID",
+      "UNAUTHORIZED"
+    ].includes(this.code);
+  }
+  /** Check if this is a "not found" error */
+  isNotFoundError() {
+    return [
+      "NOT_FOUND",
+      "CUSTOMER_NOT_FOUND",
+      "SUBSCRIPTION_NOT_FOUND",
+      "PLAN_NOT_FOUND",
+      "APP_NOT_FOUND"
+    ].includes(this.code);
+  }
 };
 
 // src/http.ts
+function mapErrorCode(status, message, errorType) {
+  if (errorType && errorType !== "Error") {
+    const codeFromError = errorType.toUpperCase().replace(/\s+/g, "_");
+    if (codeFromError.includes("NOT_FOUND")) return "NOT_FOUND";
+    if (codeFromError.includes("UNAUTHORIZED")) return "UNAUTHORIZED";
+  }
+  const lowerMessage = message.toLowerCase();
+  if (lowerMessage.includes("token") && lowerMessage.includes("expired")) return "TOKEN_EXPIRED";
+  if (lowerMessage.includes("already been used")) return "TOKEN_ALREADY_USED";
+  if (lowerMessage.includes("invalid") && lowerMessage.includes("token")) return "TOKEN_INVALID";
+  if (lowerMessage.includes("session") && lowerMessage.includes("expired")) return "SESSION_EXPIRED";
+  if (lowerMessage.includes("session") && lowerMessage.includes("invalid")) return "SESSION_INVALID";
+  if (lowerMessage.includes("customer") && lowerMessage.includes("not found")) return "CUSTOMER_NOT_FOUND";
+  if (lowerMessage.includes("subscription") && lowerMessage.includes("not found")) return "SUBSCRIPTION_NOT_FOUND";
+  if (lowerMessage.includes("plan") && lowerMessage.includes("not found")) return "PLAN_NOT_FOUND";
+  if (lowerMessage.includes("app") && lowerMessage.includes("not found")) return "APP_NOT_FOUND";
+  if (lowerMessage.includes("not found")) return "NOT_FOUND";
+  if (lowerMessage.includes("limit") && lowerMessage.includes("exceeded")) return "USAGE_LIMIT_EXCEEDED";
+  if (lowerMessage.includes("metric") && lowerMessage.includes("not found")) return "METRIC_NOT_FOUND";
+  if (lowerMessage.includes("feature") && lowerMessage.includes("not available")) return "FEATURE_NOT_AVAILABLE";
+  if (lowerMessage.includes("no active subscription")) return "NO_ACTIVE_SUBSCRIPTION";
+  if (lowerMessage.includes("required")) return "MISSING_REQUIRED_FIELD";
+  if (lowerMessage.includes("invalid") && lowerMessage.includes("email")) return "INVALID_EMAIL";
+  if (status === 400) return "VALIDATION_ERROR";
+  if (status === 401) return "UNAUTHORIZED";
+  if (status === 404) return "NOT_FOUND";
+  return "UNKNOWN_ERROR";
+}
 var HttpClient = class {
   constructor(config) {
     this.config = config;
@@ -46,11 +99,9 @@ var HttpClient = class {
       const data = await response.json();
       if (!response.ok) {
         const errorData = data;
-        throw new StackBEError(
-          errorData.message || "Unknown error",
-          errorData.statusCode || response.status,
-          errorData.error || "UNKNOWN_ERROR"
-        );
+        const message = errorData.message || "Unknown error";
+        const code = errorData.code || mapErrorCode(response.status, message, errorData.error || "");
+        throw new StackBEError(message, errorData.statusCode || response.status, code);
       }
       return data;
     } catch (error) {
@@ -602,6 +653,16 @@ var SubscriptionsClient = class {
 };
 
 // src/auth.ts
+function decodeJwt(token) {
+  try {
+    const parts = token.split(".");
+    if (parts.length !== 3) return null;
+    const payload = Buffer.from(parts[1], "base64").toString("utf-8");
+    return JSON.parse(payload);
+  } catch {
+    return null;
+  }
+}
 var AuthClient = class {
   constructor(http, appId) {
     this.http = http;
@@ -640,32 +701,80 @@ var AuthClient = class {
    * Verify a magic link token and get a session token.
    * Call this when the user clicks the magic link.
    *
+   * Returns the session token along with tenant and organization context.
+   *
    * @example
    * ```typescript
    * // In your /verify route handler
    * const { token } = req.query;
    *
-   * const result = await stackbe.auth.verifyToken(token);
+   * try {
+   *   const result = await stackbe.auth.verifyToken(token);
    *
-   * if (result.valid) {
-   *   // Set session cookie
-   *   res.cookie('session', result.token, { httpOnly: true });
+   *   // result includes: customerId, email, sessionToken, tenantId, organizationId
+   *   res.cookie('session', result.sessionToken, { httpOnly: true });
    *   res.redirect('/dashboard');
-   * } else {
-   *   res.redirect('/login?error=invalid_token');
+   * } catch (error) {
+   *   if (error instanceof StackBEError) {
+   *     if (error.code === 'TOKEN_EXPIRED') {
+   *       res.redirect('/login?error=expired');
+   *     } else if (error.code === 'TOKEN_ALREADY_USED') {
+   *       res.redirect('/login?error=used');
+   *     }
+   *   }
    * }
    * ```
    */
   async verifyToken(token) {
-    return this.http.post(
-      `/v1/apps/${this.appId}/auth/verify`,
-      { token }
+    const response = await fetch(
+      `${this.http.baseUrl}/v1/apps/${this.appId}/auth/verify?token=${encodeURIComponent(token)}`,
+      {
+        headers: {
+          "Content-Type": "application/json"
+        }
+      }
     );
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      const message = errorData.message || "Token verification failed";
+      let code = "TOKEN_INVALID";
+      if (message.includes("expired")) {
+        code = "TOKEN_EXPIRED";
+      } else if (message.includes("already been used")) {
+        code = "TOKEN_ALREADY_USED";
+      }
+      throw new StackBEError(message, response.status, code);
+    }
+    const data = await response.json();
+    let tenantId;
+    let organizationId;
+    let orgRole;
+    if (data.sessionToken) {
+      const payload = decodeJwt(data.sessionToken);
+      if (payload) {
+        tenantId = payload.tenantId;
+        organizationId = payload.organizationId;
+        orgRole = payload.orgRole;
+      }
+    }
+    return {
+      success: data.success ?? true,
+      valid: true,
+      customerId: data.customerId,
+      email: data.email,
+      sessionToken: data.sessionToken,
+      tenantId,
+      organizationId,
+      orgRole,
+      redirectUrl: data.redirectUrl
+    };
   }
   /**
    * Get the current session for an authenticated customer.
    * Use this to validate session tokens and get customer data.
    *
+   * Returns session info including tenant and organization context extracted from the JWT.
+   *
    * @example
    * ```typescript
    * // Validate session on each request
@@ -674,16 +783,18 @@ var AuthClient = class {
    * const session = await stackbe.auth.getSession(sessionToken);
    *
    * if (session) {
-   *   req.customer = session.customer;
-   *   req.subscription = session.subscription;
-   *   req.entitlements = session.entitlements;
+   *   console.log(session.customerId);
+   *   console.log(session.tenantId);       // Tenant context
+   *   console.log(session.organizationId); // Org context (if applicable)
+   *   console.log(session.subscription);
+   *   console.log(session.entitlements);
    * }
    * ```
    */
   async getSession(sessionToken) {
     try {
       const response = await fetch(
-        `${this.http.baseUrl}/v1/apps/${this.appId}/auth/session?appId=${this.appId}`,
+        `${this.http.baseUrl}/v1/apps/${this.appId}/auth/session`,
         {
           headers: {
             "Authorization": `Bearer ${sessionToken}`,
@@ -695,10 +806,34 @@ var AuthClient = class {
         if (response.status === 401) {
           return null;
         }
-        throw new Error("Failed to get session");
+        throw new StackBEError("Failed to get session", response.status, "SESSION_INVALID");
+      }
+      const data = await response.json();
+      let tenantId;
+      let organizationId;
+      let orgRole;
+      const payload = decodeJwt(sessionToken);
+      if (payload) {
+        tenantId = payload.tenantId;
+        organizationId = payload.organizationId;
+        orgRole = payload.orgRole;
+      }
+      return {
+        valid: data.valid ?? true,
+        customerId: data.customerId,
+        email: data.email,
+        expiresAt: data.expiresAt,
+        tenantId: tenantId ?? data.tenantId,
+        organizationId: data.organizationId ?? organizationId,
+        orgRole: data.orgRole ?? orgRole,
+        customer: data.customer,
+        subscription: data.subscription,
+        entitlements: data.entitlements
+      };
+    } catch (error) {
+      if (error instanceof StackBEError) {
+        throw error;
       }
-      return await response.json();
-    } catch {
       return null;
     }
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackbe/sdk",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "Official JavaScript/TypeScript SDK for StackBE - the billing backend for your side project",
   "main": "dist/index.js",
   "module": "dist/index.mjs",