@stackframe/stack 2.3.4 → 2.3.7

package/dist/lib/stack-app.js

@@ -1,902 +1,978 @@
-import React, { use, useCallback, useMemo } from "react";
-import { KnownError, StackAdminInterface, StackClientInterface, StackServerInterface } from "@stackframe/stack-shared";
-import { getCookie, setOrDeleteCookie } from "./cookie";
-import { StackAssertionError, throwErr } from "@stackframe/stack-shared/dist/utils/errors";
-import { generateUuid } from "@stackframe/stack-shared/dist/utils/uuids";
-import { AsyncResult, Result } from "@stackframe/stack-shared/dist/utils/results";
-import { suspendIfSsr } from "@stackframe/stack-shared/dist/utils/react";
-import { AsyncStore } from "@stackframe/stack-shared/dist/utils/stores";
-import { getProductionModeErrors } from "@stackframe/stack-shared/dist/interface/clientInterface";
-import { isClient } from "../utils/next";
-import { callOAuthCallback, signInWithOAuth } from "./auth";
-import { RedirectType, redirect, useRouter } from "next/navigation";
-import { constructRedirectUrl } from "../utils/url";
-import { filterUndefined, omit } from "@stackframe/stack-shared/dist/utils/objects";
-import { neverResolve, resolved, runAsynchronously } from "@stackframe/stack-shared/dist/utils/promises";
-import { AsyncCache } from "@stackframe/stack-shared/dist/utils/caches";
-import { suspend } from "@stackframe/stack-shared/dist/utils/react";
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/lib/stack-app.ts
+var stack_app_exports = {};
+__export(stack_app_exports, {
+  StackAdminApp: () => StackAdminApp,
+  StackClientApp: () => StackClientApp,
+  StackServerApp: () => StackServerApp,
+  stackAppInternalsSymbol: () => stackAppInternalsSymbol
+});
+module.exports = __toCommonJS(stack_app_exports);
+var import_react = __toESM(require("react"));
+var import_stack_shared = require("@stackframe/stack-shared");
+var import_cookie = require("./cookie");
+var import_errors = require("@stackframe/stack-shared/dist/utils/errors");
+var import_uuids = require("@stackframe/stack-shared/dist/utils/uuids");
+var import_results = require("@stackframe/stack-shared/dist/utils/results");
+var import_react2 = require("@stackframe/stack-shared/dist/utils/react");
+var import_stores = require("@stackframe/stack-shared/dist/utils/stores");
+var import_clientInterface = require("@stackframe/stack-shared/dist/interface/clientInterface");
+var import_next = require("../utils/next");
+var import_auth = require("./auth");
+var NextNavigation = __toESM(require("next/navigation"));
+var import_url = require("../utils/url");
+var import_objects = require("@stackframe/stack-shared/dist/utils/objects");
+var import_promises = require("@stackframe/stack-shared/dist/utils/promises");
+var import_caches = require("@stackframe/stack-shared/dist/utils/caches");
+var import_react3 = require("@stackframe/stack-shared/dist/utils/react");
 function getUrls(partial) {
-    const handler = partial.handler ?? "/handler";
-    return {
-        handler,
-        signIn: `${handler}/signin`,
-        afterSignIn: "/",
-        signUp: `${handler}/signup`,
-        afterSignUp: "/",
-        signOut: `${handler}/signout`,
-        afterSignOut: "/",
-        emailVerification: `${handler}/email-verification`,
-        passwordReset: `${handler}/password-reset`,
-        forgotPassword: `${handler}/forgot-password`,
-        oauthCallback: `${handler}/oauth-callback`,
-        magicLinkCallback: `${handler}/magic-link-callback`,
-        home: "/",
-        accountSettings: `${handler}/account-settings`,
-        ...filterUndefined(partial),
-    };
+  const handler = partial.handler ?? "/handler";
+  return {
+    handler,
+    signIn: `${handler}/signin`,
+    afterSignIn: "/",
+    signUp: `${handler}/signup`,
+    afterSignUp: "/",
+    signOut: `${handler}/signout`,
+    afterSignOut: "/",
+    emailVerification: `${handler}/email-verification`,
+    passwordReset: `${handler}/password-reset`,
+    forgotPassword: `${handler}/forgot-password`,
+    oauthCallback: `${handler}/oauth-callback`,
+    magicLinkCallback: `${handler}/magic-link-callback`,
+    home: "/",
+    accountSettings: `${handler}/account-settings`,
+    ...(0, import_objects.filterUndefined)(partial)
+  };
 }
 function getDefaultProjectId() {
-    return process.env.NEXT_PUBLIC_STACK_PROJECT_ID || throwErr("Welcome to Stack! It seems that you haven't provided a project ID. Please create a project on the Stack dashboard at https://app.stack-auth.com and put it in the NEXT_PUBLIC_STACK_PROJECT_ID environment variable.");
+  return process.env.NEXT_PUBLIC_STACK_PROJECT_ID || (0, import_errors.throwErr)("Welcome to Stack! It seems that you haven't provided a project ID. Please create a project on the Stack dashboard at https://app.stack-auth.com and put it in the NEXT_PUBLIC_STACK_PROJECT_ID environment variable.");
 }
 function getDefaultPublishableClientKey() {
-    return process.env.NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY || throwErr("Welcome to Stack! It seems that you haven't provided a publishable client key. Please create an API key for your project on the Stack dashboard at https://app.stack-auth.com and copy your publishable client key into the NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY environment variable.");
+  return process.env.NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY || (0, import_errors.throwErr)("Welcome to Stack! It seems that you haven't provided a publishable client key. Please create an API key for your project on the Stack dashboard at https://app.stack-auth.com and copy your publishable client key into the NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY environment variable.");
 }
 function getDefaultSecretServerKey() {
-    return process.env.STACK_SECRET_SERVER_KEY || throwErr("No secret server key provided. Please copy your publishable client key from the Stack dashboard and put your it in the STACK_SECRET_SERVER_KEY environment variable.");
+  return process.env.STACK_SECRET_SERVER_KEY || (0, import_errors.throwErr)("No secret server key provided. Please copy your publishable client key from the Stack dashboard and put your it in the STACK_SECRET_SERVER_KEY environment variable.");
 }
 function getDefaultSuperSecretAdminKey() {
-    return process.env.STACK_SUPER_SECRET_ADMIN_KEY || throwErr("No super secret admin key provided. Please copy your publishable client key from the Stack dashboard and put it in the STACK_SUPER_SECRET_ADMIN_KEY environment variable.");
+  return process.env.STACK_SUPER_SECRET_ADMIN_KEY || (0, import_errors.throwErr)("No super secret admin key provided. Please copy your publishable client key from the Stack dashboard and put it in the STACK_SUPER_SECRET_ADMIN_KEY environment variable.");
 }
 function getDefaultBaseUrl() {
-    return process.env.NEXT_PUBLIC_STACK_URL || defaultBaseUrl;
+  return process.env.NEXT_PUBLIC_STACK_URL || defaultBaseUrl;
 }
-const defaultBaseUrl = "https://app.stack-auth.com";
+var defaultBaseUrl = "https://app.stack-auth.com";
 function createEmptyTokenStore() {
-    const store = new AsyncStore();
-    store.set({
-        refreshToken: null,
-        accessToken: null,
-    });
-    return store;
+  const store = new import_stores.AsyncStore();
+  store.set({
+    refreshToken: null,
+    accessToken: null
+  });
+  return store;
 }
-const memoryTokenStore = createEmptyTokenStore();
-let cookieTokenStore = null;
-const cookieTokenStoreInitializer = () => {
-    if (!isClient()) {
-        throw new Error("Cannot use cookie token store on the server!");
-    }
-    if (cookieTokenStore === null) {
-        cookieTokenStore = new AsyncStore();
-        let hasSucceededInWriting = true;
-        setInterval(() => {
-            if (hasSucceededInWriting) {
-                const newValue = {
-                    refreshToken: getCookie('stack-refresh'),
-                    accessToken: getCookie('stack-access'),
-                };
-                const res = cookieTokenStore.get();
-                if (res.status !== "ok"
-                    || res.data.refreshToken !== newValue.refreshToken
-                    || res.data.accessToken !== newValue.accessToken) {
-                    cookieTokenStore.set(newValue);
-                }
-            }
-        }, 10);
-        cookieTokenStore.onChange((value) => {
-            try {
-                setOrDeleteCookie('stack-refresh', value.refreshToken);
-                setOrDeleteCookie('stack-access', value.accessToken);
-                hasSucceededInWriting = true;
-            }
-            catch (e) {
-                hasSucceededInWriting = false;
-            }
-        });
-    }
-    return cookieTokenStore;
+var memoryTokenStore = createEmptyTokenStore();
+var cookieTokenStore = null;
+var cookieTokenStoreInitializer = () => {
+  if (!(0, import_next.isClient)()) {
+    throw new Error("Cannot use cookie token store on the server!");
+  }
+  if (cookieTokenStore === null) {
+    cookieTokenStore = new import_stores.AsyncStore();
+    let hasSucceededInWriting = true;
+    setInterval(() => {
+      if (hasSucceededInWriting) {
+        const newValue = {
+          refreshToken: (0, import_cookie.getCookie)("stack-refresh"),
+          accessToken: (0, import_cookie.getCookie)("stack-access")
+        };
+        const res = cookieTokenStore.get();
+        if (res.status !== "ok" || res.data.refreshToken !== newValue.refreshToken || res.data.accessToken !== newValue.accessToken) {
+          cookieTokenStore.set(newValue);
+        }
+      }
+    }, 10);
+    cookieTokenStore.onChange((value) => {
+      try {
+        (0, import_cookie.setOrDeleteCookie)("stack-refresh", value.refreshToken);
+        (0, import_cookie.setOrDeleteCookie)("stack-access", value.accessToken);
+        hasSucceededInWriting = true;
+      } catch (e) {
+        hasSucceededInWriting = false;
+      }
+    });
+  }
+  return cookieTokenStore;
 };
-const tokenStoreInitializers = new Map([
-    ["cookie", cookieTokenStoreInitializer],
-    ["nextjs-cookie", () => {
-            if (isClient()) {
-                return cookieTokenStoreInitializer();
-            }
-            else {
-                const store = new AsyncStore();
-                store.set({
-                    refreshToken: getCookie('stack-refresh'),
-                    accessToken: getCookie('stack-access'),
-                });
-                store.onChange((value) => {
-                    try {
-                        setOrDeleteCookie('stack-refresh', value.refreshToken);
-                        setOrDeleteCookie('stack-access', value.accessToken);
-                    }
-                    catch (e) {
-                        // ignore
-                    }
-                });
-                return store;
-            }
-        }],
-    ["memory", () => memoryTokenStore],
-    [null, () => createEmptyTokenStore()],
+var tokenStoreInitializers = /* @__PURE__ */ new Map([
+  ["cookie", cookieTokenStoreInitializer],
+  ["nextjs-cookie", () => {
+    if ((0, import_next.isClient)()) {
+      return cookieTokenStoreInitializer();
+    } else {
+      const store = new import_stores.AsyncStore();
+      store.set({
+        refreshToken: (0, import_cookie.getCookie)("stack-refresh"),
+        accessToken: (0, import_cookie.getCookie)("stack-access")
+      });
+      store.onChange((value) => {
+        try {
+          (0, import_cookie.setOrDeleteCookie)("stack-refresh", value.refreshToken);
+          (0, import_cookie.setOrDeleteCookie)("stack-access", value.accessToken);
+        } catch (e) {
+        }
+      });
+      return store;
+    }
+  }],
+  ["memory", () => memoryTokenStore],
+  [null, () => createEmptyTokenStore()]
 ]);
 function getTokenStore(tokenStoreOptions) {
-    return (tokenStoreInitializers.get(tokenStoreOptions) ?? throwErr(`Invalid token store ${tokenStoreOptions}`))();
+  return (tokenStoreInitializers.get(tokenStoreOptions) ?? (0, import_errors.throwErr)(`Invalid token store ${tokenStoreOptions}`))();
 }
-const loadingSentinel = Symbol("stackAppCacheLoadingSentinel");
+var loadingSentinel = Symbol("stackAppCacheLoadingSentinel");
 function useCache(cache, dependencies, caller) {
-    // we explicitly don't want to run this hook in SSR
-    suspendIfSsr(caller);
-    const subscribe = useCallback((cb) => {
-        const { unsubscribe } = cache.onChange(dependencies, () => cb());
-        return unsubscribe;
-    }, [cache, ...dependencies]);
-    const getSnapshot = useCallback(() => {
-        return AsyncResult.or(cache.getIfCached(dependencies), loadingSentinel);
-    }, [cache, ...dependencies]);
-    // note: we must use React.useSyncExternalStore instead of importing the function directly, as it will otherwise
-    // throw an error ("can't import useSyncExternalStore from the server")
-    const value = React.useSyncExternalStore(subscribe, getSnapshot, getSnapshot);
-    if (value === loadingSentinel) {
-        return use(cache.getOrWait(dependencies, "read-write"));
-    }
-    else {
-        // still need to call `use` because React expects the control flow to not change across two re-renders with the same props/state and it detects that by hook invocations (including `use`)
-        return use(resolved(value));
-    }
+  (0, import_react2.suspendIfSsr)(caller);
+  const subscribe = (0, import_react.useCallback)((cb) => {
+    const { unsubscribe } = cache.onChange(dependencies, () => cb());
+    return unsubscribe;
+  }, [cache, ...dependencies]);
+  const getSnapshot = (0, import_react.useCallback)(() => {
+    return import_results.AsyncResult.or(cache.getIfCached(dependencies), loadingSentinel);
+  }, [cache, ...dependencies]);
+  const value = import_react.default.useSyncExternalStore(subscribe, getSnapshot, getSnapshot);
+  if (value === loadingSentinel) {
+    return (0, import_react.use)(cache.getOrWait(dependencies, "read-write"));
+  } else {
+    return (0, import_react.use)((0, import_promises.resolved)(value));
+  }
 }
-export const stackAppInternalsSymbol = Symbol.for("StackAppInternals");
-const allClientApps = new Map();
-const createCache = (fetcher) => {
-    return new AsyncCache(async (dependencies) => await fetcher(dependencies), {});
-};
-// note that we intentionally use TokenStore (a reference type) as a key instead of a stringified version of it, as different token stores with the same tokens should be treated differently
-// (if we wouldn't , we would cache users across requests, which may cause issues)
-const createCacheByTokenStore = (fetcher) => {
-    return new AsyncCache(async ([tokenStore, ...extraDependencies]) => await fetcher(tokenStore, extraDependencies), {
-        onSubscribe: ([tokenStore], refresh) => {
-            // TODO find a *clean* way to not refresh when the token change was made inside the fetcher (for example due to expired access token)
-            const handlerObj = tokenStore.onChange((newValue, oldValue) => {
-                if (JSON.stringify(newValue) === JSON.stringify(oldValue))
-                    return;
-                refresh();
-            });
-            return () => handlerObj.unsubscribe();
-        },
-    });
+var stackAppInternalsSymbol = Symbol.for("StackAppInternals");
+var allClientApps = /* @__PURE__ */ new Map();
+var createCache = (fetcher) => {
+  return new import_caches.AsyncCache(
+    async (dependencies) => await fetcher(dependencies),
+    {}
+  );
 };
-class _StackClientAppImpl {
-    _uniqueIdentifier;
-    _interface;
-    _tokenStoreOptions;
-    _urlOptions;
-    _currentUserCache = createCacheByTokenStore(async (tokenStore) => {
-        const user = await this._interface.getClientUserByToken(tokenStore);
-        return Result.or(user, null);
-    });
-    _currentProjectCache = createCache(async () => {
-        return Result.orThrow(await this._interface.getClientProject());
-    });
-    _ownedProjectsCache = createCacheByTokenStore(async (tokenStore) => {
-        return await this._interface.listProjects(tokenStore);
-    });
-    constructor(options) {
-        if ("interface" in options) {
-            this._interface = options.interface;
-        }
-        else {
-            this._interface = new StackClientInterface({
-                baseUrl: options.baseUrl ?? getDefaultBaseUrl(),
-                projectId: options.projectId ?? getDefaultProjectId(),
-                publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),
-            });
-        }
-        this._tokenStoreOptions = options.tokenStore;
-        this._urlOptions = options.urls ?? {};
-        this._uniqueIdentifier = options.uniqueIdentifier ?? generateUuid();
-        if (allClientApps.has(this._uniqueIdentifier)) {
-            throw new StackAssertionError("A Stack client app with the same unique identifier already exists");
-        }
-        allClientApps.set(this._uniqueIdentifier, [options.checkString ?? "default check string", this]);
-        // For some important calls, either use the provided cached values or start fetching them now
-        if (options.currentClientUserJson !== undefined) {
-            this._currentUserCache.forceSetCachedValue([getTokenStore(this._tokenStoreOptions)], options.currentClientUserJson);
-        }
-        else if (this.hasPersistentTokenStore()) {
-            runAsynchronously(this.getUser(), { ignoreErrors: true });
-        }
-        if (options.currentProjectJson !== undefined) {
-            this._currentProjectCache.forceSetCachedValue([], options.currentProjectJson);
-        }
-        else {
-            runAsynchronously(this.getProject(), { ignoreErrors: true });
-        }
-    }
-    hasPersistentTokenStore() {
-        return this._tokenStoreOptions !== null;
-    }
-    _ensurePersistentTokenStore() {
-        if (!this.hasPersistentTokenStore()) {
-            throw new Error("Cannot call this function on a Stack app without a persistent token store. Make sure the tokenStore option is set to a non-null value when initializing Stack.");
-        }
-    }
-    isInternalProject() {
-        return this.projectId === "internal";
-    }
-    _ensureInternalProject() {
-        if (!this.isInternalProject()) {
-            throw new Error("Cannot call this function on a Stack app with a project ID other than 'internal'.");
-        }
-    }
-    _userFromJson(json) {
-        return {
-            projectId: json.projectId,
-            id: json.id,
-            displayName: json.displayName,
-            primaryEmail: json.primaryEmail,
-            primaryEmailVerified: json.primaryEmailVerified,
-            profileImageUrl: json.profileImageUrl,
-            signedUpAt: new Date(json.signedUpAtMillis),
-            clientMetadata: json.clientMetadata,
-            authMethod: json.authMethod,
-            hasPassword: json.hasPassword,
-            authWithEmail: json.authWithEmail,
-            oauthProviders: json.oauthProviders,
-            toJson() {
-                return json;
-            }
-        };
-    }
-    _currentUserFromJson(json, tokenStore) {
-        if (json === null)
-            return null;
-        const app = this;
-        const currentUser = {
-            ...this._userFromJson(json),
-            tokenStore,
-            update(update) {
-                return app._updateUser(update, tokenStore);
-            },
-            signOut() {
-                return app._signOut(tokenStore);
-            },
-            sendVerificationEmail() {
-                return app._sendVerificationEmail(tokenStore);
-            },
-            updatePassword(options) {
-                return app._updatePassword(options, tokenStore);
-            },
-        };
-        if (this.isInternalProject()) {
-            const internalUser = {
-                ...currentUser,
-                createProject(newProject) {
-                    return app._createProject(newProject);
-                },
-                listOwnedProjects() {
-                    return app._listOwnedProjects();
-                },
-                useOwnedProjects() {
-                    return app._useOwnedProjects();
-                },
-                onOwnedProjectsChange(callback) {
-                    return app._onOwnedProjectsChange(callback);
-                }
-            };
-            Object.freeze(internalUser);
-            return internalUser;
-        }
-        else {
-            Object.freeze(currentUser);
-            return currentUser;
-        }
-    }
-    _userToJson(user) {
-        return {
-            projectId: user.projectId,
-            id: user.id,
-            displayName: user.displayName,
-            primaryEmail: user.primaryEmail,
-            primaryEmailVerified: user.primaryEmailVerified,
-            profileImageUrl: user.profileImageUrl,
-            signedUpAtMillis: user.signedUpAt.getTime(),
-            clientMetadata: user.clientMetadata,
-            authMethod: user.authMethod,
-            hasPassword: user.hasPassword,
-            authWithEmail: user.authWithEmail,
-            oauthProviders: user.oauthProviders,
-        };
-    }
-    _projectAdminFromJson(data, adminInterface, onRefresh) {
-        if (data.id !== adminInterface.projectId) {
-            throw new Error(`The project ID of the provided project JSON (${data.id}) does not match the project ID of the app (${adminInterface.projectId})! This is a Stack bug.`);
-        }
-        return {
-            id: data.id,
-            displayName: data.displayName,
-            description: data.description,
-            createdAt: new Date(data.createdAtMillis),
-            userCount: data.userCount,
-            isProductionMode: data.isProductionMode,
-            evaluatedConfig: {
-                id: data.evaluatedConfig.id,
-                credentialEnabled: data.evaluatedConfig.credentialEnabled,
-                magicLinkEnabled: data.evaluatedConfig.magicLinkEnabled,
-                allowLocalhost: data.evaluatedConfig.allowLocalhost,
-                oauthProviders: data.evaluatedConfig.oauthProviders,
-                emailConfig: data.evaluatedConfig.emailConfig,
-                domains: data.evaluatedConfig.domains,
-            },
-            async update(update) {
-                await adminInterface.updateProject(update);
-                await onRefresh();
-            },
-            toJson() {
-                return data;
-            },
-            getProductionModeErrors() {
-                return getProductionModeErrors(this.toJson());
-            },
-        };
-    }
-    _createAdminInterface(forProjectId, tokenStore) {
-        return new StackAdminInterface({
-            baseUrl: this._interface.options.baseUrl,
-            projectId: forProjectId,
-            projectOwnerTokens: tokenStore,
-        });
-    }
-    get projectId() {
-        return this._interface.projectId;
-    }
-    get urls() {
-        return getUrls(this._urlOptions);
-    }
-    _redirectTo(handlerName) {
-        if (!this.urls[handlerName]) {
-            throw new Error(`No URL for handler name ${handlerName}`);
-        }
-        window.location.href = this.urls[handlerName];
-        return neverResolve();
-    }
-    async redirectToSignIn() { return await this._redirectTo("signIn"); }
-    async redirectToSignUp() { return await this._redirectTo("signUp"); }
-    async redirectToSignOut() { return await this._redirectTo("signOut"); }
-    async redirectToEmailVerification() { return await this._redirectTo("emailVerification"); }
-    async redirectToPasswordReset() { return await this._redirectTo("passwordReset"); }
-    async redirectToForgotPassword() { return await this._redirectTo("forgotPassword"); }
-    async redirectToHome() { return await this._redirectTo("home"); }
-    async redirectToOAuthCallback() { return await this._redirectTo("oauthCallback"); }
-    async redirectToMagicLinkCallback() { return await this._redirectTo("magicLinkCallback"); }
-    async redirectToAfterSignIn() { return await this._redirectTo("afterSignIn"); }
-    async redirectToAfterSignUp() { return await this._redirectTo("afterSignUp"); }
-    async redirectToAfterSignOut() { return await this._redirectTo("afterSignOut"); }
-    async redirectToAccountSettings() { return await this._redirectTo("accountSettings"); }
-    async sendForgotPasswordEmail(email) {
-        const redirectUrl = constructRedirectUrl(this.urls.passwordReset);
-        const error = await this._interface.sendForgotPasswordEmail(email, redirectUrl);
-        return error;
-    }
-    async sendMagicLinkEmail(email) {
-        const magicLinkRedirectUrl = constructRedirectUrl(this.urls.magicLinkCallback);
-        const error = await this._interface.sendMagicLinkEmail(email, magicLinkRedirectUrl);
-        return error;
-    }
-    async resetPassword(options) {
-        const error = await this._interface.resetPassword(options);
-        return error;
-    }
-    async verifyPasswordResetCode(code) {
-        return await this._interface.verifyPasswordResetCode(code);
-    }
-    async verifyEmail(code) {
-        return await this._interface.verifyEmail(code);
-    }
-    async getUser(options) {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const userJson = await this._currentUserCache.getOrWait([tokenStore], "write-only");
-        if (userJson === null) {
-            switch (options?.or) {
-                case 'redirect': {
-                    redirect(this.urls.signIn, RedirectType.replace);
-                    throw new Error("redirect should never return!");
-                }
-                case 'throw': {
-                    throw new Error("User is not signed in but getUser was called with { or: 'throw' }");
-                }
-                default: {
-                    return null;
-                }
-            }
-        }
-        return this._currentUserFromJson(userJson, tokenStore);
-    }
-    useUser(options) {
-        this._ensurePersistentTokenStore();
-        const router = useRouter();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const userJson = useCache(this._currentUserCache, [tokenStore], "useUser()");
-        if (userJson === null) {
-            switch (options?.or) {
-                case 'redirect': {
-                    router.replace(this.urls.signIn);
-                    suspend();
-                    throw new Error("suspend should never return! This is a bug in Stack.");
-                }
-                case 'throw': {
-                    throw new Error("User is not signed in but useUser was called with { or: 'throw' }");
-                }
-                case undefined:
-                case "return-null": {
-                    // do nothing
-                }
-            }
-        }
-        return useMemo(() => {
-            return this._currentUserFromJson(userJson, tokenStore);
-        }, [userJson, tokenStore, options?.or]);
-    }
-    onUserChange(callback) {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        return this._currentUserCache.onChange([tokenStore], (userJson) => {
-            callback(this._currentUserFromJson(userJson, tokenStore));
+var createCacheByTokenStore = (fetcher) => {
+  return new import_caches.AsyncCache(
+    async ([tokenStore, ...extraDependencies]) => await fetcher(tokenStore, extraDependencies),
+    {
+      onSubscribe: ([tokenStore], refresh) => {
+        const handlerObj = tokenStore.onChange((newValue, oldValue) => {
+          if (JSON.stringify(newValue) === JSON.stringify(oldValue))
+            return;
+          refresh();
         });
+        return () => handlerObj.unsubscribe();
+      }
     }
-    async _updateUser(update, tokenStore) {
-        const res = await this._interface.setClientUserCustomizableData(update, tokenStore);
-        await this._refreshUser(tokenStore);
-        return res;
-    }
-    async signInWithOAuth(provider) {
-        this._ensurePersistentTokenStore();
-        await signInWithOAuth(this._interface, { provider, redirectUrl: this.urls.oauthCallback });
-    }
-    async signInWithCredential(options) {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const errorCode = await this._interface.signInWithCredential(options.email, options.password, tokenStore);
-        if (!errorCode) {
-            window.location.assign(this.urls.afterSignIn);
-        }
-        return errorCode;
-    }
-    async signUpWithCredential(options) {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const emailVerificationRedirectUrl = constructRedirectUrl(this.urls.emailVerification);
-        const errorCode = await this._interface.signUpWithCredential(options.email, options.password, emailVerificationRedirectUrl, tokenStore);
-        if (!errorCode) {
-            window.location.assign(this.urls.afterSignUp);
+  );
+};
+var _StackClientAppImpl = class __StackClientAppImpl {
+  _uniqueIdentifier;
+  _interface;
+  _tokenStoreOptions;
+  _urlOptions;
+  __DEMO_ENABLE_SLIGHT_FETCH_DELAY = false;
+  _currentUserCache = createCacheByTokenStore(async (tokenStore) => {
+    if (this.__DEMO_ENABLE_SLIGHT_FETCH_DELAY) {
+      await (0, import_promises.wait)(2e3);
+    }
+    const user = await this._interface.getClientUserByToken(tokenStore);
+    return import_results.Result.or(user, null);
+  });
+  _currentProjectCache = createCache(async () => {
+    return import_results.Result.orThrow(await this._interface.getClientProject());
+  });
+  _ownedProjectsCache = createCacheByTokenStore(async (tokenStore) => {
+    return await this._interface.listProjects(tokenStore);
+  });
+  constructor(options) {
+    if ("interface" in options) {
+      this._interface = options.interface;
+    } else {
+      this._interface = new import_stack_shared.StackClientInterface({
+        baseUrl: options.baseUrl ?? getDefaultBaseUrl(),
+        projectId: options.projectId ?? getDefaultProjectId(),
+        publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey()
+      });
+    }
+    this._tokenStoreOptions = options.tokenStore;
+    this._urlOptions = options.urls ?? {};
+    this._uniqueIdentifier = options.uniqueIdentifier ?? (0, import_uuids.generateUuid)();
+    if (allClientApps.has(this._uniqueIdentifier)) {
+      throw new import_errors.StackAssertionError("A Stack client app with the same unique identifier already exists");
+    }
+    allClientApps.set(this._uniqueIdentifier, [options.checkString ?? "default check string", this]);
+  }
+  hasPersistentTokenStore() {
+    return this._tokenStoreOptions !== null;
+  }
+  _ensurePersistentTokenStore() {
+    if (!this.hasPersistentTokenStore()) {
+      throw new Error("Cannot call this function on a Stack app without a persistent token store. Make sure the tokenStore option is set to a non-null value when initializing Stack.");
+    }
+  }
+  isInternalProject() {
+    return this.projectId === "internal";
+  }
+  _ensureInternalProject() {
+    if (!this.isInternalProject()) {
+      throw new Error("Cannot call this function on a Stack app with a project ID other than 'internal'.");
+    }
+  }
+  _userFromJson(json) {
+    return {
+      projectId: json.projectId,
+      id: json.id,
+      displayName: json.displayName,
+      primaryEmail: json.primaryEmail,
+      primaryEmailVerified: json.primaryEmailVerified,
+      profileImageUrl: json.profileImageUrl,
+      signedUpAt: new Date(json.signedUpAtMillis),
+      clientMetadata: json.clientMetadata,
+      authMethod: json.authMethod,
+      hasPassword: json.hasPassword,
+      authWithEmail: json.authWithEmail,
+      oauthProviders: json.oauthProviders,
+      toJson() {
+        return json;
+      }
+    };
+  }
+  _currentUserFromJson(json, tokenStore) {
+    if (json === null)
+      return null;
+    const app = this;
+    const currentUser = {
+      ...this._userFromJson(json),
+      tokenStore,
+      update(update) {
+        return app._updateUser(update, tokenStore);
+      },
+      signOut() {
+        return app._signOut(tokenStore);
+      },
+      sendVerificationEmail() {
+        return app._sendVerificationEmail(tokenStore);
+      },
+      updatePassword(options) {
+        return app._updatePassword(options, tokenStore);
+      }
+    };
+    if (this.isInternalProject()) {
+      const internalUser = {
+        ...currentUser,
+        createProject(newProject) {
+          return app._createProject(newProject);
+        },
+        listOwnedProjects() {
+          return app._listOwnedProjects();
+        },
+        useOwnedProjects() {
+          return app._useOwnedProjects();
+        },
+        onOwnedProjectsChange(callback) {
+          return app._onOwnedProjectsChange(callback);
         }
-        return errorCode;
+      };
+      Object.freeze(internalUser);
+      return internalUser;
+    } else {
+      Object.freeze(currentUser);
+      return currentUser;
+    }
+  }
+  _userToJson(user) {
+    return {
+      projectId: user.projectId,
+      id: user.id,
+      displayName: user.displayName,
+      primaryEmail: user.primaryEmail,
+      primaryEmailVerified: user.primaryEmailVerified,
+      profileImageUrl: user.profileImageUrl,
+      signedUpAtMillis: user.signedUpAt.getTime(),
+      clientMetadata: user.clientMetadata,
+      authMethod: user.authMethod,
+      hasPassword: user.hasPassword,
+      authWithEmail: user.authWithEmail,
+      oauthProviders: user.oauthProviders
+    };
+  }
+  _projectAdminFromJson(data, adminInterface, onRefresh) {
+    if (data.id !== adminInterface.projectId) {
+      throw new Error(`The project ID of the provided project JSON (${data.id}) does not match the project ID of the app (${adminInterface.projectId})! This is a Stack bug.`);
     }
-    async signInWithMagicLink(code) {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const result = await this._interface.signInWithMagicLink(code, tokenStore);
-        if (result instanceof KnownError) {
-            return result;
+    return {
+      id: data.id,
+      displayName: data.displayName,
+      description: data.description,
+      createdAt: new Date(data.createdAtMillis),
+      userCount: data.userCount,
+      isProductionMode: data.isProductionMode,
+      evaluatedConfig: {
+        id: data.evaluatedConfig.id,
+        credentialEnabled: data.evaluatedConfig.credentialEnabled,
+        magicLinkEnabled: data.evaluatedConfig.magicLinkEnabled,
+        allowLocalhost: data.evaluatedConfig.allowLocalhost,
+        oauthProviders: data.evaluatedConfig.oauthProviders,
+        emailConfig: data.evaluatedConfig.emailConfig,
+        domains: data.evaluatedConfig.domains
+      },
+      async update(update) {
+        await adminInterface.updateProject(update);
+        await onRefresh();
+      },
+      toJson() {
+        return data;
+      },
+      getProductionModeErrors() {
+        return (0, import_clientInterface.getProductionModeErrors)(this.toJson());
+      }
+    };
+  }
+  _createAdminInterface(forProjectId, tokenStore) {
+    return new import_stack_shared.StackAdminInterface({
+      baseUrl: this._interface.options.baseUrl,
+      projectId: forProjectId,
+      projectOwnerTokens: tokenStore
+    });
+  }
+  get projectId() {
+    return this._interface.projectId;
+  }
+  get urls() {
+    return getUrls(this._urlOptions);
+  }
+  _redirectTo(handlerName) {
+    if (!this.urls[handlerName]) {
+      throw new Error(`No URL for handler name ${handlerName}`);
+    }
+    window.location.href = this.urls[handlerName];
+    return (0, import_promises.neverResolve)();
+  }
+  async redirectToSignIn() {
+    return await this._redirectTo("signIn");
+  }
+  async redirectToSignUp() {
+    return await this._redirectTo("signUp");
+  }
+  async redirectToSignOut() {
+    return await this._redirectTo("signOut");
+  }
+  async redirectToEmailVerification() {
+    return await this._redirectTo("emailVerification");
+  }
+  async redirectToPasswordReset() {
+    return await this._redirectTo("passwordReset");
+  }
+  async redirectToForgotPassword() {
+    return await this._redirectTo("forgotPassword");
+  }
+  async redirectToHome() {
+    return await this._redirectTo("home");
+  }
+  async redirectToOAuthCallback() {
+    return await this._redirectTo("oauthCallback");
+  }
+  async redirectToMagicLinkCallback() {
+    return await this._redirectTo("magicLinkCallback");
+  }
+  async redirectToAfterSignIn() {
+    return await this._redirectTo("afterSignIn");
+  }
+  async redirectToAfterSignUp() {
+    return await this._redirectTo("afterSignUp");
+  }
+  async redirectToAfterSignOut() {
+    return await this._redirectTo("afterSignOut");
+  }
+  async redirectToAccountSettings() {
+    return await this._redirectTo("accountSettings");
+  }
+  async sendForgotPasswordEmail(email) {
+    const redirectUrl = (0, import_url.constructRedirectUrl)(this.urls.passwordReset);
+    const error = await this._interface.sendForgotPasswordEmail(email, redirectUrl);
+    return error;
+  }
+  async sendMagicLinkEmail(email) {
+    const magicLinkRedirectUrl = (0, import_url.constructRedirectUrl)(this.urls.magicLinkCallback);
+    const error = await this._interface.sendMagicLinkEmail(email, magicLinkRedirectUrl);
+    return error;
+  }
+  async resetPassword(options) {
+    const error = await this._interface.resetPassword(options);
+    return error;
+  }
+  async verifyPasswordResetCode(code) {
+    return await this._interface.verifyPasswordResetCode(code);
+  }
+  async verifyEmail(code) {
+    return await this._interface.verifyEmail(code);
+  }
+  async getUser(options) {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const userJson = await this._currentUserCache.getOrWait([tokenStore], "write-only");
+    if (userJson === null) {
+      switch (options?.or) {
+        case "redirect": {
+          NextNavigation.redirect(this.urls.signIn, NextNavigation.RedirectType.replace);
+          throw new Error("redirect should never return!");
         }
-        if (result.newUser) {
-            window.location.replace(this.urls.afterSignUp);
+        case "throw": {
+          throw new Error("User is not signed in but getUser was called with { or: 'throw' }");
         }
-        else {
-            window.location.replace(this.urls.afterSignIn);
+        default: {
+          return null;
         }
-        await neverResolve();
-    }
-    async callOAuthCallback() {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const result = await callOAuthCallback(this._interface, tokenStore, this.urls.oauthCallback);
-        if (result?.newUser) {
-            window.location.replace(this.urls.afterSignUp);
+      }
+    }
+    return this._currentUserFromJson(userJson, tokenStore);
+  }
+  useUser(options) {
+    this._ensurePersistentTokenStore();
+    const router = NextNavigation.useRouter();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const userJson = useCache(this._currentUserCache, [tokenStore], "useUser()");
+    if (userJson === null) {
+      switch (options?.or) {
+        case "redirect": {
+          router.replace(this.urls.signIn);
+          (0, import_react3.suspend)();
+          throw new Error("suspend should never return! This is a bug in Stack.");
         }
-        else {
-            window.location.replace(this.urls.afterSignIn);
+        case "throw": {
+          throw new Error("User is not signed in but useUser was called with { or: 'throw' }");
         }
-        await neverResolve();
-    }
-    async _signOut(tokenStore) {
-        await this._interface.signOut(tokenStore);
-        window.location.assign(this.urls.afterSignOut);
-    }
-    async _sendVerificationEmail(tokenStore) {
-        const emailVerificationRedirectUrl = constructRedirectUrl(this.urls.emailVerification);
-        return await this._interface.sendVerificationEmail(emailVerificationRedirectUrl, tokenStore);
-    }
-    async _updatePassword(options, tokenStore) {
-        return await this._interface.updatePassword(options, tokenStore);
-    }
-    async signOut() {
-        const user = await this.getUser();
-        if (user) {
-            await user.signOut();
+        case void 0:
+        case "return-null": {
         }
-    }
-    async getProject() {
-        return await this._currentProjectCache.getOrWait([], "write-only");
-    }
-    useProject() {
-        return useCache(this._currentProjectCache, [], "useProject()");
-    }
-    onProjectChange(callback) {
-        return this._currentProjectCache.onChange([], callback);
-    }
-    async _listOwnedProjects() {
-        this._ensureInternalProject();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const json = await this._ownedProjectsCache.getOrWait([tokenStore], "write-only");
-        return json.map((j) => this._projectAdminFromJson(j, this._createAdminInterface(j.id, tokenStore), () => this._refreshOwnedProjects(tokenStore)));
-    }
-    _useOwnedProjects() {
-        this._ensureInternalProject();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const json = useCache(this._ownedProjectsCache, [tokenStore], "useOwnedProjects()");
-        return useMemo(() => json.map((j) => this._projectAdminFromJson(j, this._createAdminInterface(j.id, tokenStore), () => this._refreshOwnedProjects(tokenStore))), [json]);
-    }
-    _onOwnedProjectsChange(callback) {
-        this._ensureInternalProject();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        return this._ownedProjectsCache.onChange([tokenStore], (projects) => {
-            callback(projects.map((j) => this._projectAdminFromJson(j, this._createAdminInterface(j.id, tokenStore), () => this._refreshOwnedProjects(tokenStore))));
-        });
-    }
-    async _createProject(newProject) {
-        this._ensureInternalProject();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const json = await this._interface.createProject(newProject, tokenStore);
-        const res = this._projectAdminFromJson(json, this._createAdminInterface(json.id, tokenStore), () => this._refreshOwnedProjects(tokenStore));
-        await this._refreshOwnedProjects(tokenStore);
-        return res;
-    }
-    async _refreshUser(tokenStore) {
-        await this._currentUserCache.refresh([tokenStore]);
-    }
-    async _refreshUsers() {
-        // nothing yet
-    }
-    async _refreshProject() {
-        await this._currentProjectCache.refresh([]);
-    }
-    async _refreshOwnedProjects(tokenStore) {
-        await this._ownedProjectsCache.refresh([tokenStore]);
-    }
-    static get [stackAppInternalsSymbol]() {
-        return {
-            fromClientJson: (json) => {
-                const providedCheckString = JSON.stringify(omit(json, ["currentClientUserJson", "currentProjectJson"]));
-                const existing = allClientApps.get(json.uniqueIdentifier);
-                if (existing) {
-                    const [existingCheckString, clientApp] = existing;
-                    if (existingCheckString !== providedCheckString) {
-                        throw new StackAssertionError("The provided app JSON does not match the configuration of the existing client app with the same unique identifier", { providedObj: json, existingString: existingCheckString });
-                    }
-                    return clientApp;
-                }
-                return new _StackClientAppImpl({
-                    ...json,
-                    checkString: providedCheckString,
-                });
-            }
-        };
-    }
-    get [stackAppInternalsSymbol]() {
-        return {
-            toClientJson: async () => {
-                if (!("publishableClientKey" in this._interface.options)) {
-                    // TODO find a way to do this
-                    throw Error("Cannot serialize to JSON from an application without a publishable client key");
-                }
-                const [user, project] = await Promise.all([
-                    this.getUser(),
-                    this.getProject(),
-                ]);
-                return {
-                    baseUrl: this._interface.options.baseUrl,
-                    projectId: this.projectId,
-                    publishableClientKey: this._interface.options.publishableClientKey,
-                    tokenStore: this._tokenStoreOptions,
-                    urls: this._urlOptions,
-                    uniqueIdentifier: this._uniqueIdentifier,
-                    currentClientUserJson: user?.toJson() ?? null,
-                    currentProjectJson: project,
-                };
-            }
-        };
-    }
-    ;
-}
-class _StackServerAppImpl extends _StackClientAppImpl {
-    // TODO override the client user cache to use the server user cache, so we save some requests
-    _currentServerUserCache = createCacheByTokenStore(async (tokenStore) => {
-        const user = await this._interface.getServerUserByToken(tokenStore);
-        return Result.or(user, null);
+      }
+    }
+    return (0, import_react.useMemo)(() => {
+      return this._currentUserFromJson(userJson, tokenStore);
+    }, [userJson, tokenStore, options?.or]);
+  }
+  onUserChange(callback) {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    return this._currentUserCache.onChange([tokenStore], (userJson) => {
+      callback(this._currentUserFromJson(userJson, tokenStore));
     });
-    _serverUsersCache = createCache(async () => {
-        return await this._interface.listUsers();
+  }
+  async _updateUser(update, tokenStore) {
+    const res = await this._interface.setClientUserCustomizableData(update, tokenStore);
+    await this._refreshUser(tokenStore);
+    return res;
+  }
+  async signInWithOAuth(provider) {
+    this._ensurePersistentTokenStore();
+    await (0, import_auth.signInWithOAuth)(this._interface, { provider, redirectUrl: this.urls.oauthCallback });
+  }
+  async signInWithCredential(options) {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const errorCode = await this._interface.signInWithCredential(options.email, options.password, tokenStore);
+    if (!errorCode) {
+      window.location.assign(this.urls.afterSignIn);
+    }
+    return errorCode;
+  }
+  async signUpWithCredential(options) {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const emailVerificationRedirectUrl = (0, import_url.constructRedirectUrl)(this.urls.emailVerification);
+    const errorCode = await this._interface.signUpWithCredential(
+      options.email,
+      options.password,
+      emailVerificationRedirectUrl,
+      tokenStore
+    );
+    if (!errorCode) {
+      window.location.assign(this.urls.afterSignUp);
+    }
+    return errorCode;
+  }
+  async signInWithMagicLink(code) {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const result = await this._interface.signInWithMagicLink(code, tokenStore);
+    if (result instanceof import_stack_shared.KnownError) {
+      return result;
+    }
+    if (result.newUser) {
+      window.location.replace(this.urls.afterSignUp);
+    } else {
+      window.location.replace(this.urls.afterSignIn);
+    }
+    await (0, import_promises.neverResolve)();
+  }
+  async callOAuthCallback() {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const result = await (0, import_auth.callOAuthCallback)(this._interface, tokenStore, this.urls.oauthCallback);
+    if (result?.newUser) {
+      window.location.replace(this.urls.afterSignUp);
+    } else {
+      window.location.replace(this.urls.afterSignIn);
+    }
+    await (0, import_promises.neverResolve)();
+  }
+  async _signOut(tokenStore) {
+    await this._interface.signOut(tokenStore);
+    window.location.assign(this.urls.afterSignOut);
+  }
+  async _sendVerificationEmail(tokenStore) {
+    const emailVerificationRedirectUrl = (0, import_url.constructRedirectUrl)(this.urls.emailVerification);
+    return await this._interface.sendVerificationEmail(emailVerificationRedirectUrl, tokenStore);
+  }
+  async _updatePassword(options, tokenStore) {
+    return await this._interface.updatePassword(options, tokenStore);
+  }
+  async signOut() {
+    const user = await this.getUser();
+    if (user) {
+      await user.signOut();
+    }
+  }
+  async getProject() {
+    return await this._currentProjectCache.getOrWait([], "write-only");
+  }
+  useProject() {
+    return useCache(this._currentProjectCache, [], "useProject()");
+  }
+  onProjectChange(callback) {
+    return this._currentProjectCache.onChange([], callback);
+  }
+  async _listOwnedProjects() {
+    this._ensureInternalProject();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const json = await this._ownedProjectsCache.getOrWait([tokenStore], "write-only");
+    return json.map((j) => this._projectAdminFromJson(
+      j,
+      this._createAdminInterface(j.id, tokenStore),
+      () => this._refreshOwnedProjects(tokenStore)
+    ));
+  }
+  _useOwnedProjects() {
+    this._ensureInternalProject();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const json = useCache(this._ownedProjectsCache, [tokenStore], "useOwnedProjects()");
+    return (0, import_react.useMemo)(() => json.map((j) => this._projectAdminFromJson(
+      j,
+      this._createAdminInterface(j.id, tokenStore),
+      () => this._refreshOwnedProjects(tokenStore)
+    )), [json]);
+  }
+  _onOwnedProjectsChange(callback) {
+    this._ensureInternalProject();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    return this._ownedProjectsCache.onChange([tokenStore], (projects) => {
+      callback(projects.map((j) => this._projectAdminFromJson(
+        j,
+        this._createAdminInterface(j.id, tokenStore),
+        () => this._refreshOwnedProjects(tokenStore)
+      )));
     });
-    constructor(options) {
-        if ("interface" in options) {
-            super({
-                interface: options.interface,
-                tokenStore: options.tokenStore,
-                urls: options.urls,
-            });
+  }
+  async _createProject(newProject) {
+    this._ensureInternalProject();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const json = await this._interface.createProject(newProject, tokenStore);
+    const res = this._projectAdminFromJson(
+      json,
+      this._createAdminInterface(json.id, tokenStore),
+      () => this._refreshOwnedProjects(tokenStore)
+    );
+    await this._refreshOwnedProjects(tokenStore);
+    return res;
+  }
+  async _refreshUser(tokenStore) {
+    await this._currentUserCache.refresh([tokenStore]);
+  }
+  async _refreshUsers() {
+  }
+  async _refreshProject() {
+    await this._currentProjectCache.refresh([]);
+  }
+  async _refreshOwnedProjects(tokenStore) {
+    await this._ownedProjectsCache.refresh([tokenStore]);
+  }
+  static get [stackAppInternalsSymbol]() {
+    return {
+      fromClientJson: (json) => {
+        const providedCheckString = JSON.stringify((0, import_objects.omit)(json, [
+          /* none currently */
+        ]));
+        const existing = allClientApps.get(json.uniqueIdentifier);
+        if (existing) {
+          const [existingCheckString, clientApp] = existing;
+          if (existingCheckString !== providedCheckString) {
+            throw new import_errors.StackAssertionError("The provided app JSON does not match the configuration of the existing client app with the same unique identifier", { providedObj: json, existingString: existingCheckString });
+          }
+          return clientApp;
         }
-        else {
-            super({
-                interface: new StackServerInterface({
-                    baseUrl: options.baseUrl ?? getDefaultBaseUrl(),
-                    projectId: options.projectId ?? getDefaultProjectId(),
-                    publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),
-                    secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey(),
-                }),
-                tokenStore: options.tokenStore,
-                urls: options.urls ?? {},
-            });
+        return new __StackClientAppImpl({
+          ...json,
+          checkString: providedCheckString
+        });
+      }
+    };
+  }
+  get [stackAppInternalsSymbol]() {
+    return {
+      toClientJson: () => {
+        if (!("publishableClientKey" in this._interface.options)) {
+          throw Error("Cannot serialize to JSON from an application without a publishable client key");
         }
-    }
-    _serverUserFromJson(json) {
-        if (json === null)
-            return null;
-        const app = this;
         return {
-            ...this._userFromJson(json),
-            serverMetadata: json.serverMetadata,
-            async delete() {
-                const res = await app._interface.deleteServerUser(this.id);
-                await app._refreshUsers();
-                return res;
-            },
-            async update(update) {
-                const res = await app._interface.setServerUserCustomizableData(this.id, update);
-                await app._refreshUsers();
-                return res;
-            },
-            getClientUser() {
-                return app._userFromJson(json);
-            },
-            toJson() {
-                return app._serverUserToJson(this);
-            },
+          baseUrl: this._interface.options.baseUrl,
+          projectId: this.projectId,
+          publishableClientKey: this._interface.options.publishableClientKey,
+          tokenStore: this._tokenStoreOptions,
+          urls: this._urlOptions,
+          uniqueIdentifier: this._uniqueIdentifier
         };
-    }
-    _currentServerUserFromJson(json, tokenStore) {
-        if (json === null)
-            return null;
-        const app = this;
-        const nonCurrentServerUser = this._serverUserFromJson(json);
-        const currentUser = {
-            ...nonCurrentServerUser,
-            tokenStore,
-            async delete() {
-                const res = await nonCurrentServerUser.delete();
-                await app._refreshUser(tokenStore);
-                return res;
-            },
-            async update(update) {
-                const res = await nonCurrentServerUser.update(update);
-                await app._refreshUser(tokenStore);
-                return res;
-            },
-            signOut() {
-                return app._signOut(tokenStore);
-            },
-            getClientUser() {
-                return app._currentUserFromJson(json, tokenStore);
-            },
-            sendVerificationEmail() {
-                return app._sendVerificationEmail(tokenStore);
-            },
-            updatePassword(options) {
-                return app._updatePassword(options, tokenStore);
-            },
-        };
-        if (this.isInternalProject()) {
-            const internalUser = {
-                ...currentUser,
-                createProject(newProject) {
-                    return app._createProject(newProject);
-                },
-                listOwnedProjects() {
-                    return app._listOwnedProjects();
-                },
-                useOwnedProjects() {
-                    return app._useOwnedProjects();
-                },
-                onOwnedProjectsChange(callback) {
-                    return app._onOwnedProjectsChange(callback);
-                }
-            };
-            Object.freeze(internalUser);
-            return internalUser;
+      },
+      setCurrentUser: (userJsonPromise) => {
+        (0, import_promises.runAsynchronously)(this._currentUserCache.forceSetCachedValueAsync([getTokenStore(this._tokenStoreOptions)], userJsonPromise));
+      }
+    };
+  }
+};
+var _StackServerAppImpl = class extends _StackClientAppImpl {
+  // TODO override the client user cache to use the server user cache, so we save some requests
+  _currentServerUserCache = createCacheByTokenStore(async (tokenStore) => {
+    const user = await this._interface.getServerUserByToken(tokenStore);
+    return import_results.Result.or(user, null);
+  });
+  _serverUsersCache = createCache(async () => {
+    return await this._interface.listUsers();
+  });
+  constructor(options) {
+    if ("interface" in options) {
+      super({
+        interface: options.interface,
+        tokenStore: options.tokenStore,
+        urls: options.urls
+      });
+    } else {
+      super({
+        interface: new import_stack_shared.StackServerInterface({
+          baseUrl: options.baseUrl ?? getDefaultBaseUrl(),
+          projectId: options.projectId ?? getDefaultProjectId(),
+          publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),
+          secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey()
+        }),
+        tokenStore: options.tokenStore,
+        urls: options.urls ?? {}
+      });
+    }
+  }
+  _serverUserFromJson(json) {
+    if (json === null)
+      return null;
+    const app = this;
+    return {
+      ...this._userFromJson(json),
+      serverMetadata: json.serverMetadata,
+      async delete() {
+        const res = await app._interface.deleteServerUser(this.id);
+        await app._refreshUsers();
+        return res;
+      },
+      async update(update) {
+        const res = await app._interface.setServerUserCustomizableData(this.id, update);
+        await app._refreshUsers();
+        return res;
+      },
+      getClientUser() {
+        return app._userFromJson(json);
+      },
+      toJson() {
+        return app._serverUserToJson(this);
+      }
+    };
+  }
+  _currentServerUserFromJson(json, tokenStore) {
+    if (json === null)
+      return null;
+    const app = this;
+    const nonCurrentServerUser = this._serverUserFromJson(json);
+    const currentUser = {
+      ...nonCurrentServerUser,
+      tokenStore,
+      async delete() {
+        const res = await nonCurrentServerUser.delete();
+        await app._refreshUser(tokenStore);
+        return res;
+      },
+      async update(update) {
+        const res = await nonCurrentServerUser.update(update);
+        await app._refreshUser(tokenStore);
+        return res;
+      },
+      signOut() {
+        return app._signOut(tokenStore);
+      },
+      getClientUser() {
+        return app._currentUserFromJson(json, tokenStore);
+      },
+      sendVerificationEmail() {
+        return app._sendVerificationEmail(tokenStore);
+      },
+      updatePassword(options) {
+        return app._updatePassword(options, tokenStore);
+      }
+    };
+    if (this.isInternalProject()) {
+      const internalUser = {
+        ...currentUser,
+        createProject(newProject) {
+          return app._createProject(newProject);
+        },
+        listOwnedProjects() {
+          return app._listOwnedProjects();
+        },
+        useOwnedProjects() {
+          return app._useOwnedProjects();
+        },
+        onOwnedProjectsChange(callback) {
+          return app._onOwnedProjectsChange(callback);
         }
-        else {
-            Object.freeze(currentUser);
-            return currentUser;
+      };
+      Object.freeze(internalUser);
+      return internalUser;
+    } else {
+      Object.freeze(currentUser);
+      return currentUser;
+    }
+  }
+  _serverUserToJson(user) {
+    return {
+      projectId: user.projectId,
+      id: user.id,
+      displayName: user.displayName,
+      primaryEmail: user.primaryEmail,
+      primaryEmailVerified: user.primaryEmailVerified,
+      profileImageUrl: user.profileImageUrl,
+      signedUpAtMillis: user.signedUpAt.getTime(),
+      clientMetadata: user.clientMetadata,
+      serverMetadata: user.serverMetadata,
+      authMethod: user.authMethod,
+      hasPassword: user.hasPassword,
+      authWithEmail: user.authWithEmail,
+      oauthProviders: user.oauthProviders
+    };
+  }
+  async getServerUser() {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const userJson = await this._currentServerUserCache.getOrWait([tokenStore], "write-only");
+    return this._currentServerUserFromJson(userJson, tokenStore);
+  }
+  useServerUser(options) {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    const userJson = useCache(this._currentServerUserCache, [tokenStore], "useServerUser()");
+    return (0, import_react.useMemo)(() => {
+      if (options?.required && userJson === null) {
+        (0, import_react.use)(this.redirectToSignIn());
+      }
+      return this._currentServerUserFromJson(userJson, tokenStore);
+    }, [userJson, tokenStore, options?.required]);
+  }
+  onServerUserChange(callback) {
+    this._ensurePersistentTokenStore();
+    const tokenStore = getTokenStore(this._tokenStoreOptions);
+    return this._currentServerUserCache.onChange([tokenStore], (userJson) => {
+      callback(this._currentServerUserFromJson(userJson, tokenStore));
+    });
+  }
+  async listServerUsers() {
+    const json = await this._serverUsersCache.getOrWait([], "write-only");
+    return json.map((j) => this._serverUserFromJson(j));
+  }
+  useServerUsers() {
+    const json = useCache(this._serverUsersCache, [], "useServerUsers()");
+    return (0, import_react.useMemo)(() => {
+      return json.map((j) => this._serverUserFromJson(j));
+    }, [json]);
+  }
+  onServerUsersChange(callback) {
+    return this._serverUsersCache.onChange([], (users) => {
+      callback(users.map((j) => this._serverUserFromJson(j)));
+    });
+  }
+  async _refreshUser(tokenStore) {
+    await Promise.all([
+      super._refreshUser(tokenStore),
+      this._currentServerUserCache.refresh([tokenStore])
+    ]);
+  }
+  async _refreshUsers() {
+    await Promise.all([
+      super._refreshUsers(),
+      this._serverUsersCache.refresh([])
+    ]);
+  }
+};
+var _StackAdminAppImpl = class extends _StackServerAppImpl {
+  _adminProjectCache = createCache(async () => {
+    return await this._interface.getProject();
+  });
+  _apiKeySetsCache = createCache(async () => {
+    return await this._interface.listApiKeySets();
+  });
+  constructor(options) {
+    super({
+      interface: new import_stack_shared.StackAdminInterface({
+        baseUrl: options.baseUrl ?? getDefaultBaseUrl(),
+        projectId: options.projectId ?? getDefaultProjectId(),
+        ..."projectOwnerTokens" in options ? {
+          projectOwnerTokens: options.projectOwnerTokens
+        } : {
+          publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),
+          secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey(),
+          superSecretAdminKey: options.superSecretAdminKey ?? getDefaultSuperSecretAdminKey()
         }
-    }
-    _serverUserToJson(user) {
-        return {
-            projectId: user.projectId,
-            id: user.id,
-            displayName: user.displayName,
-            primaryEmail: user.primaryEmail,
-            primaryEmailVerified: user.primaryEmailVerified,
-            profileImageUrl: user.profileImageUrl,
-            signedUpAtMillis: user.signedUpAt.getTime(),
-            clientMetadata: user.clientMetadata,
-            serverMetadata: user.serverMetadata,
-            authMethod: user.authMethod,
-            hasPassword: user.hasPassword,
-            authWithEmail: user.authWithEmail,
-            oauthProviders: user.oauthProviders,
-        };
-    }
-    async getServerUser() {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const userJson = await this._currentServerUserCache.getOrWait([tokenStore], "write-only");
-        return this._currentServerUserFromJson(userJson, tokenStore);
-    }
-    useServerUser(options) {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        const userJson = useCache(this._currentServerUserCache, [tokenStore], "useServerUser()");
-        return useMemo(() => {
-            if (options?.required && userJson === null) {
-                use(this.redirectToSignIn());
-            }
-            return this._currentServerUserFromJson(userJson, tokenStore);
-        }, [userJson, tokenStore, options?.required]);
-    }
-    onServerUserChange(callback) {
-        this._ensurePersistentTokenStore();
-        const tokenStore = getTokenStore(this._tokenStoreOptions);
-        return this._currentServerUserCache.onChange([tokenStore], (userJson) => {
-            callback(this._currentServerUserFromJson(userJson, tokenStore));
-        });
-    }
-    async listServerUsers() {
-        const json = await this._serverUsersCache.getOrWait([], "write-only");
-        return json.map((j) => this._serverUserFromJson(j));
-    }
-    useServerUsers() {
-        const json = useCache(this._serverUsersCache, [], "useServerUsers()");
-        return useMemo(() => {
-            return json.map((j) => this._serverUserFromJson(j));
-        }, [json]);
-    }
-    onServerUsersChange(callback) {
-        return this._serverUsersCache.onChange([], (users) => {
-            callback(users.map((j) => this._serverUserFromJson(j)));
-        });
-    }
-    async _refreshUser(tokenStore) {
-        await Promise.all([
-            super._refreshUser(tokenStore),
-            this._currentServerUserCache.refresh([tokenStore]),
-        ]);
-    }
-    async _refreshUsers() {
-        await Promise.all([
-            super._refreshUsers(),
-            this._serverUsersCache.refresh([]),
-        ]);
-    }
-}
-class _StackAdminAppImpl extends _StackServerAppImpl {
-    _adminProjectCache = createCache(async () => {
-        return await this._interface.getProject();
+      }),
+      tokenStore: options.tokenStore,
+      urls: options.urls
     });
-    _apiKeySetsCache = createCache(async () => {
-        return await this._interface.listApiKeySets();
+  }
+  _createApiKeySetBaseFromJson(data) {
+    const app = this;
+    return {
+      id: data.id,
+      description: data.description,
+      expiresAt: new Date(data.expiresAtMillis),
+      manuallyRevokedAt: data.manuallyRevokedAtMillis ? new Date(data.manuallyRevokedAtMillis) : null,
+      createdAt: new Date(data.createdAtMillis),
+      isValid() {
+        return this.whyInvalid() === null;
+      },
+      whyInvalid() {
+        if (this.expiresAt.getTime() < Date.now())
+          return "expired";
+        if (this.manuallyRevokedAt)
+          return "manually-revoked";
+        return null;
+      },
+      async revoke() {
+        const res = await app._interface.revokeApiKeySetById(data.id);
+        await app._refreshApiKeySets();
+        return res;
+      }
+    };
+  }
+  _createApiKeySetFromJson(data) {
+    return {
+      ...this._createApiKeySetBaseFromJson(data),
+      publishableClientKey: data.publishableClientKey ? { lastFour: data.publishableClientKey.lastFour } : null,
+      secretServerKey: data.secretServerKey ? { lastFour: data.secretServerKey.lastFour } : null,
+      superSecretAdminKey: data.superSecretAdminKey ? { lastFour: data.superSecretAdminKey.lastFour } : null
+    };
+  }
+  _createApiKeySetFirstViewFromJson(data) {
+    return {
+      ...this._createApiKeySetBaseFromJson(data),
+      publishableClientKey: data.publishableClientKey,
+      secretServerKey: data.secretServerKey,
+      superSecretAdminKey: data.superSecretAdminKey
+    };
+  }
+  async getProjectAdmin() {
+    return this._projectAdminFromJson(
+      await this._adminProjectCache.getOrWait([], "write-only"),
+      this._interface,
+      () => this._refreshProject()
+    );
+  }
+  useProjectAdmin() {
+    const json = useCache(this._adminProjectCache, [], "useProjectAdmin()");
+    return (0, import_react.useMemo)(() => this._projectAdminFromJson(
+      json,
+      this._interface,
+      () => this._refreshProject()
+    ), [json]);
+  }
+  onProjectAdminChange(callback) {
+    return this._adminProjectCache.onChange([], (project) => {
+      callback(this._projectAdminFromJson(
+        project,
+        this._interface,
+        () => this._refreshProject()
+      ));
     });
-    constructor(options) {
-        super({
-            interface: new StackAdminInterface({
-                baseUrl: options.baseUrl ?? getDefaultBaseUrl(),
-                projectId: options.projectId ?? getDefaultProjectId(),
-                ..."projectOwnerTokens" in options ? {
-                    projectOwnerTokens: options.projectOwnerTokens,
-                } : {
-                    publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),
-                    secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey(),
-                    superSecretAdminKey: options.superSecretAdminKey ?? getDefaultSuperSecretAdminKey(),
-                },
-            }),
-            tokenStore: options.tokenStore,
-            urls: options.urls,
-        });
-    }
-    _createApiKeySetBaseFromJson(data) {
-        const app = this;
-        return {
-            id: data.id,
-            description: data.description,
-            expiresAt: new Date(data.expiresAtMillis),
-            manuallyRevokedAt: data.manuallyRevokedAtMillis ? new Date(data.manuallyRevokedAtMillis) : null,
-            createdAt: new Date(data.createdAtMillis),
-            isValid() {
-                return this.whyInvalid() === null;
-            },
-            whyInvalid() {
-                if (this.expiresAt.getTime() < Date.now())
-                    return "expired";
-                if (this.manuallyRevokedAt)
-                    return "manually-revoked";
-                return null;
-            },
-            async revoke() {
-                const res = await app._interface.revokeApiKeySetById(data.id);
-                await app._refreshApiKeySets();
-                return res;
-            }
-        };
-    }
-    _createApiKeySetFromJson(data) {
-        return {
-            ...this._createApiKeySetBaseFromJson(data),
-            publishableClientKey: data.publishableClientKey ? { lastFour: data.publishableClientKey.lastFour } : null,
-            secretServerKey: data.secretServerKey ? { lastFour: data.secretServerKey.lastFour } : null,
-            superSecretAdminKey: data.superSecretAdminKey ? { lastFour: data.superSecretAdminKey.lastFour } : null,
-        };
-    }
-    _createApiKeySetFirstViewFromJson(data) {
-        return {
-            ...this._createApiKeySetBaseFromJson(data),
-            publishableClientKey: data.publishableClientKey,
-            secretServerKey: data.secretServerKey,
-            superSecretAdminKey: data.superSecretAdminKey,
-        };
-    }
-    async getProjectAdmin() {
-        return this._projectAdminFromJson(await this._adminProjectCache.getOrWait([], "write-only"), this._interface, () => this._refreshProject());
-    }
-    useProjectAdmin() {
-        const json = useCache(this._adminProjectCache, [], "useProjectAdmin()");
-        return useMemo(() => this._projectAdminFromJson(json, this._interface, () => this._refreshProject()), [json]);
-    }
-    onProjectAdminChange(callback) {
-        return this._adminProjectCache.onChange([], (project) => {
-            callback(this._projectAdminFromJson(project, this._interface, () => this._refreshProject()));
-        });
-    }
-    async listApiKeySets() {
-        const json = await this._apiKeySetsCache.getOrWait([], "write-only");
-        return json.map((j) => this._createApiKeySetFromJson(j));
-    }
-    useApiKeySets() {
-        const json = useCache(this._apiKeySetsCache, [], "useApiKeySets()");
-        return useMemo(() => {
-            return json.map((j) => this._createApiKeySetFromJson(j));
-        }, [json]);
-    }
-    onApiKeySetsChange(callback) {
-        return this._apiKeySetsCache.onChange([], (apiKeySets) => {
-            callback(apiKeySets.map((j) => this._createApiKeySetFromJson(j)));
-        });
-    }
-    async createApiKeySet(options) {
-        const json = await this._interface.createApiKeySet(options);
-        await this._refreshApiKeySets();
-        return this._createApiKeySetFirstViewFromJson(json);
-    }
-    async _refreshProject() {
-        await Promise.all([
-            super._refreshProject(),
-            this._adminProjectCache.refresh([]),
-        ]);
-    }
-    async _refreshApiKeySets() {
-        await this._apiKeySetsCache.refresh([]);
-    }
-}
-export const StackClientApp = _StackClientAppImpl;
-export const StackServerApp = _StackServerAppImpl;
-export const StackAdminApp = _StackAdminAppImpl;
+  }
+  async listApiKeySets() {
+    const json = await this._apiKeySetsCache.getOrWait([], "write-only");
+    return json.map((j) => this._createApiKeySetFromJson(j));
+  }
+  useApiKeySets() {
+    const json = useCache(this._apiKeySetsCache, [], "useApiKeySets()");
+    return (0, import_react.useMemo)(() => {
+      return json.map((j) => this._createApiKeySetFromJson(j));
+    }, [json]);
+  }
+  onApiKeySetsChange(callback) {
+    return this._apiKeySetsCache.onChange([], (apiKeySets) => {
+      callback(apiKeySets.map((j) => this._createApiKeySetFromJson(j)));
+    });
+  }
+  async createApiKeySet(options) {
+    const json = await this._interface.createApiKeySet(options);
+    await this._refreshApiKeySets();
+    return this._createApiKeySetFirstViewFromJson(json);
+  }
+  async _refreshProject() {
+    await Promise.all([
+      super._refreshProject(),
+      this._adminProjectCache.refresh([])
+    ]);
+  }
+  async _refreshApiKeySets() {
+    await this._apiKeySetsCache.refresh([]);
+  }
+};
+var StackClientApp = _StackClientAppImpl;
+var StackServerApp = _StackServerAppImpl;
+var StackAdminApp = _StackAdminAppImpl;
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  StackAdminApp,
+  StackClientApp,
+  StackServerApp,
+  stackAppInternalsSymbol
+});