npm - @stackframe/stack - Versions diffs - 2.4.23 → 2.4.25 - Mend

@stackframe/stack 2.4.23 → 2.4.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/CHANGELOG.md +18 -0
package/dist/components/magic-link-sign-in.js +1 -1
package/dist/components/magic-link-sign-in.js.map +1 -1
package/dist/components/selected-team-switcher.d.mts +8 -0
package/dist/components/selected-team-switcher.d.ts +8 -0
package/dist/components/selected-team-switcher.js +75 -0
package/dist/components/selected-team-switcher.js.map +1 -0
package/dist/components-page/stack-handler.js +1 -1
package/dist/components-page/stack-handler.js.map +1 -1
package/dist/esm/components/magic-link-sign-in.js +1 -1
package/dist/esm/components/magic-link-sign-in.js.map +1 -1
package/dist/esm/components/selected-team-switcher.js +63 -0
package/dist/esm/components/selected-team-switcher.js.map +1 -0
package/dist/esm/components-page/stack-handler.js +1 -1
package/dist/esm/components-page/stack-handler.js.map +1 -1
package/dist/esm/index.js +22 -16
package/dist/esm/index.js.map +1 -1
package/dist/esm/lib/hooks.js.map +1 -1
package/dist/esm/lib/stack-app.js +285 -282
package/dist/esm/lib/stack-app.js.map +1 -1
package/dist/esm/providers/stack-provider.js +1 -1
package/dist/esm/providers/stack-provider.js.map +1 -1
package/dist/index.d.mts +1 -0
package/dist/index.d.ts +1 -0
package/dist/index.js +5 -0
package/dist/index.js.map +1 -1
package/dist/lib/hooks.d.mts +3 -3
package/dist/lib/hooks.d.ts +3 -3
package/dist/lib/hooks.js.map +1 -1
package/dist/lib/stack-app.d.mts +100 -81
package/dist/lib/stack-app.d.ts +100 -81
package/dist/lib/stack-app.js +283 -280
package/dist/lib/stack-app.js.map +1 -1
package/dist/providers/stack-provider.js +1 -1
package/dist/providers/stack-provider.js.map +1 -1
package/package.json +3 -3

package/dist/lib/stack-app.js CHANGED Viewed

@@ -60,7 +60,7 @@ var import_sessions = require("@stackframe/stack-shared/dist/sessions");
 var import_use_trigger = require("@stackframe/stack-shared/dist/hooks/use-trigger");
 var import_strings = require("@stackframe/stack-shared/dist/utils/strings");
 var NextNavigation = (0, import_compile_time.scrambleDuringCompileTime)(NextNavigationUnscrambled);
-var clientVersion = "js @stackframe/stack@2.4.23";
+var clientVersion = "js @stackframe/stack@2.4.25";
 function permissionDefinitionScopeToType(scope) {
   return { "any-team": "team", "specific-team": "team", "global": "global" }[scope.type];
 }
@@ -238,7 +238,7 @@ var _StackClientAppImpl = class __StackClientAppImpl {
             errorRedirectUrl: this.urls.error,
             providerScope: (0, import_strings.mergeScopeStrings)(scope || "", (this._oauthScopesOnSignIn[connectionId] ?? []).join(" "))
           },
-          this._getSession()
+          session
         );
         return await (0, import_promises.neverResolve)();
       } else if (!hasConnection) {
@@ -284,12 +284,28 @@ var _StackClientAppImpl = class __StackClientAppImpl {
     }
     return this._uniqueIdentifier;
   }
+  async _checkFeatureSupport(featureName, options) {
+    return await this._interface.checkFeatureSupport({ ...options, featureName });
+  }
+  _useCheckFeatureSupport(featureName, options) {
+    (0, import_promises.runAsynchronously)(this._checkFeatureSupport(featureName, options));
+    throw new import_errors.StackAssertionError(`${featureName} is not currently supported. Please reach out to Stack support for more information.`);
+  }
   _memoryTokenStore = createEmptyTokenStore();
   _requestTokenStores = /* @__PURE__ */ new WeakMap();
   _storedCookieTokenStore = null;
   get _refreshTokenCookieName() {
     return `stack-refresh-${this.projectId}`;
   }
+  _getTokensFromCookies(cookies) {
+    const refreshToken = cookies.refreshTokenCookie;
+    const accessTokenObject = cookies.accessTokenCookie?.startsWith('["') ? JSON.parse(cookies.accessTokenCookie) : null;
+    const accessToken = accessTokenObject && refreshToken === accessTokenObject[0] ? accessTokenObject[1] : null;
+    return {
+      refreshToken,
+      accessToken
+    };
+  }
   get _accessTokenCookieName() {
     return `stack-access`;
   }
@@ -298,14 +314,17 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       throw new Error("Cannot use cookie token store on the server!");
     }
     if (this._storedCookieTokenStore === null) {
-      const getCurrentValue = (old) => ({
-        refreshToken: (0, import_cookie.getCookie)(this._refreshTokenCookieName) ?? (0, import_cookie.getCookie)("stack-refresh"),
-        // keep old cookie name for backwards-compatibility
-        // if there is an access token in memory already, don't update the access token based on cookies (access token
-        // cookies may be set by another project on the same domain)
-        // see the comment in _accessTokenCookieName for more information
-        accessToken: old === null ? (0, import_cookie.getCookie)(this._accessTokenCookieName) : old.accessToken
-      });
+      const getCurrentValue = (old) => {
+        const tokens = this._getTokensFromCookies({
+          refreshTokenCookie: (0, import_cookie.getCookie)(this._refreshTokenCookieName) ?? (0, import_cookie.getCookie)("stack-refresh"),
+          // keep old cookie name for backwards-compatibility
+          accessTokenCookie: (0, import_cookie.getCookie)(this._accessTokenCookieName)
+        });
+        return {
+          refreshToken: tokens.refreshToken,
+          accessToken: tokens.accessToken ?? (old?.refreshToken === tokens.refreshToken ? old.accessToken : null)
+        };
+      };
       this._storedCookieTokenStore = new import_stores.Store(getCurrentValue(null));
       let hasSucceededInWriting = true;
       setInterval(() => {
@@ -320,7 +339,8 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       this._storedCookieTokenStore.onChange((value) => {
         try {
           (0, import_cookie.setOrDeleteCookie)(this._refreshTokenCookieName, value.refreshToken, { maxAge: 60 * 60 * 24 * 365 });
-          (0, import_cookie.setOrDeleteCookie)(this._accessTokenCookieName, value.accessToken, { maxAge: 60 * 60 * 24 });
+          (0, import_cookie.setOrDeleteCookie)(this._accessTokenCookieName, value.accessToken ? JSON.stringify([value.refreshToken, value.accessToken]) : null, { maxAge: 60 * 60 * 24 });
+          (0, import_cookie.deleteCookie)("stack-refresh");
           hasSucceededInWriting = true;
         } catch (e) {
           if (!(0, import_env.isBrowserLike)()) {
@@ -343,15 +363,16 @@ var _StackClientAppImpl = class __StackClientAppImpl {
         if ((0, import_env.isBrowserLike)()) {
           return this._getCookieTokenStore();
         } else {
-          const store = new import_stores.Store({
-            refreshToken: (0, import_cookie.getCookie)(this._refreshTokenCookieName) ?? (0, import_cookie.getCookie)("stack-refresh"),
+          const tokens = this._getTokensFromCookies({
+            refreshTokenCookie: (0, import_cookie.getCookie)(this._refreshTokenCookieName) ?? (0, import_cookie.getCookie)("stack-refresh"),
             // keep old cookie name for backwards-compatibility
-            accessToken: (0, import_cookie.getCookie)(this._accessTokenCookieName)
+            accessTokenCookie: (0, import_cookie.getCookie)(this._accessTokenCookieName)
           });
+          const store = new import_stores.Store(tokens);
           store.onChange((value) => {
             try {
               (0, import_cookie.setOrDeleteCookie)(this._refreshTokenCookieName, value.refreshToken, { maxAge: 60 * 60 * 24 * 365 });
-              (0, import_cookie.setOrDeleteCookie)(this._accessTokenCookieName, value.accessToken, { maxAge: 60 * 60 * 24 });
+              (0, import_cookie.setOrDeleteCookie)(this._accessTokenCookieName, value.accessToken ? JSON.stringify([value.refreshToken, value.accessToken]) : null, { maxAge: 60 * 60 * 24 });
             } catch (e) {
             }
           });
@@ -447,7 +468,9 @@ var _StackClientAppImpl = class __StackClientAppImpl {
   _useSession(overrideTokenStoreInit) {
     const tokenStore = this._getOrCreateTokenStore(overrideTokenStoreInit);
     const subscribe = (0, import_react.useCallback)((cb) => {
-      const { unsubscribe } = tokenStore.onChange(() => cb());
+      const { unsubscribe } = tokenStore.onChange(() => {
+        cb();
+      });
       return unsubscribe;
     }, [tokenStore]);
     const getSnapshot = (0, import_react.useCallback)(() => this._getSessionFromTokenStore(tokenStore), [tokenStore]);
@@ -498,16 +521,43 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       }
     };
   }
-  _userFromJson(json) {
+  _teamMemberFromJson(json) {
+    if (json === null)
+      return null;
+    return {
+      teamId: json.teamId,
+      userId: json.userId,
+      displayName: json.displayName
+    };
+  }
+  _createAuth(session) {
     const app = this;
-    async function getConnection(id, options) {
-      const scopeString = options?.scopes?.join(" ");
-      return await app._currentUserOAuthConnectionCache.getOrWait([app._getSession(), id, scopeString || "", options?.or === "redirect"], "write-only");
-    }
-    function useConnection(id, options) {
-      const scopeString = options?.scopes?.join(" ");
-      return useAsyncCache(app._currentUserOAuthConnectionCache, [app._useSession(), id, scopeString || "", options?.or === "redirect"], "user.useConnection()");
-    }
+    return {
+      _internalSession: session,
+      currentSession: {
+        async getTokens() {
+          const tokens = await session.getPotentiallyExpiredTokens();
+          return {
+            accessToken: tokens?.accessToken.token ?? null,
+            refreshToken: tokens?.refreshToken?.token ?? null
+          };
+        }
+      },
+      async getAuthHeaders() {
+        return {
+          "x-stack-auth": JSON.stringify(await this.getAuthJson())
+        };
+      },
+      async getAuthJson() {
+        const tokens = await this.currentSession.getTokens();
+        return tokens;
+      },
+      signOut() {
+        return app._signOut(session);
+      }
+    };
+  }
+  _createBaseUser(json) {
     return {
       projectId: json.projectId,
       id: json.id,
@@ -517,18 +567,52 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       profileImageUrl: json.profileImageUrl,
       signedUpAt: new Date(json.signedUpAtMillis),
       clientMetadata: json.clientMetadata,
-      authMethod: json.authMethod,
       hasPassword: json.hasPassword,
       authWithEmail: json.authWithEmail,
       oauthProviders: json.oauthProviders,
-      getConnection,
-      useConnection,
-      async getSelectedTeam() {
-        return await this.getTeam(json.selectedTeamId || "");
+      selectedTeam: json.selectedTeam && this._teamFromJson(json.selectedTeam),
+      toClientJson() {
+        return (0, import_objects.pick)(json, [
+          "projectId",
+          "id",
+          "displayName",
+          "primaryEmail",
+          "primaryEmailVerified",
+          "profileImageUrl",
+          "signedUpAtMillis",
+          "clientMetadata",
+          "hasPassword",
+          "authMethod",
+          "authWithEmail",
+          "selectedTeamId",
+          "selectedTeam",
+          "oauthProviders"
+        ]);
+      }
+    };
+  }
+  _createUserExtra(json, session) {
+    const app = this;
+    async function getConnectedAccount(id, options) {
+      const scopeString = options?.scopes?.join(" ");
+      return await app._currentUserOAuthConnectionCache.getOrWait([session, id, scopeString || "", options?.or === "redirect"], "write-only");
+    }
+    function useConnectedAccount(id, options) {
+      const scopeString = options?.scopes?.join(" ");
+      return useAsyncCache(app._currentUserOAuthConnectionCache, [session, id, scopeString || "", options?.or === "redirect"], "user.useConnectedAccount()");
+    }
+    return {
+      setDisplayName(displayName) {
+        return this.update({ displayName });
+      },
+      setClientMetadata(metadata) {
+        return this.update({ clientMetadata: metadata });
       },
-      useSelectedTeam() {
-        return this.useTeam(json.selectedTeamId || "");
+      async setSelectedTeam(team) {
+        await this.update({ selectedTeamId: team?.id ?? null });
       },
+      getConnectedAccount,
+      useConnectedAccount,
       async getTeam(teamId) {
         const teams = await this.listTeams();
         return teams.find((t) => t.id === teamId) ?? null;
@@ -539,32 +623,20 @@ var _StackClientAppImpl = class __StackClientAppImpl {
           return teams.find((t) => t.id === teamId) ?? null;
         }, [teams, teamId]);
       },
-      onTeamChange(teamId, callback) {
-        return this.onTeamsChange((teams) => {
-          const team = teams.find((t) => t.id === teamId) ?? null;
-          callback(team);
-        });
-      },
       async listTeams() {
-        const teams = await app._currentUserTeamsCache.getOrWait([app._getSession()], "write-only");
+        const teams = await app._currentUserTeamsCache.getOrWait([session], "write-only");
         return teams.map((json2) => app._teamFromJson(json2));
       },
       useTeams() {
-        const session = app._useSession();
         const teams = useAsyncCache(app._currentUserTeamsCache, [session], "user.useTeams()");
         return (0, import_react.useMemo)(() => teams.map((json2) => app._teamFromJson(json2)), [teams]);
       },
-      onTeamsChange(callback) {
-        return app._currentUserTeamsCache.onChange([app._getSession()], (value, oldValue) => {
-          callback(value.map((json2) => app._teamFromJson(json2)), oldValue?.map((json2) => app._teamFromJson(json2)));
-        });
-      },
       async listPermissions(scope, options) {
-        const permissions = await app._currentUserPermissionsCache.getOrWait([app._getSession(), scope.id, "team", !!options?.direct], "write-only");
+        const permissions = await app._currentUserPermissionsCache.getOrWait([session, scope.id, "team", !!options?.direct], "write-only");
         return permissions.map((json2) => app._permissionFromJson(json2));
       },
       usePermissions(scope, options) {
-        const permissions = useAsyncCache(app._currentUserPermissionsCache, [app._getSession(), scope.id, "team", !!options?.direct], "user.usePermissions()");
+        const permissions = useAsyncCache(app._currentUserPermissionsCache, [session, scope.id, "team", !!options?.direct], "user.usePermissions()");
         return (0, import_react.useMemo)(() => permissions.map((json2) => app._permissionFromJson(json2)), [permissions]);
       },
       usePermission(scope, permissionId) {
@@ -578,49 +650,6 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       async hasPermission(scope, permissionId) {
         return await this.getPermission(scope, permissionId) !== null;
       },
-      toJson() {
-        return json;
-      }
-    };
-  }
-  _teamMemberFromJson(json) {
-    if (json === null)
-      return null;
-    return {
-      teamId: json.teamId,
-      userId: json.userId,
-      displayName: json.displayName
-    };
-  }
-  _authFromJson(session) {
-    const app = this;
-    return {
-      _internalSession: session,
-      currentSession: {
-        async getTokens() {
-          const tokens = await session.getPotentiallyExpiredTokens();
-          return {
-            accessToken: tokens?.accessToken.token ?? null,
-            refreshToken: tokens?.refreshToken?.token ?? null
-          };
-        }
-      },
-      async getAuthHeaders() {
-        return {
-          "x-stack-auth": JSON.stringify(await this.getAuthJson())
-        };
-      },
-      async getAuthJson() {
-        const tokens = await this.currentSession.getTokens();
-        return tokens;
-      },
-      signOut() {
-        return app._signOut(session);
-      },
-      // TODO these should not actually be on Auth, instead on User
-      async updateSelectedTeam(team) {
-        await app._updateUser({ selectedTeamId: team?.id ?? null }, session);
-      },
       update(update) {
         return app._updateUser(update, session);
       },
@@ -632,36 +661,30 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       }
     };
   }
-  _currentUserFromJson(json, session) {
-    if (json === null)
-      return null;
+  _createInternalUserExtra(session) {
     const app = this;
+    this._ensureInternalProject();
+    return {
+      createProject(newProject) {
+        return app._createProject(session, newProject);
+      },
+      listOwnedProjects() {
+        return app._listOwnedProjects(session);
+      },
+      useOwnedProjects() {
+        return app._useOwnedProjects(session);
+      }
+    };
+  }
+  _createCurrentUser(json, session) {
     const currentUser = {
-      ...this._userFromJson(json),
-      ...this._authFromJson(session)
+      ...this._createBaseUser(json),
+      ...this._createAuth(session),
+      ...this._createUserExtra(json, session),
+      ...this._isInternalProject() ? this._createInternalUserExtra(session) : {}
     };
-    if (this._isInternalProject()) {
-      const internalUser = {
-        ...currentUser,
-        createProject(newProject) {
-          return app._createProject(newProject);
-        },
-        listOwnedProjects() {
-          return app._listOwnedProjects();
-        },
-        useOwnedProjects() {
-          return app._useOwnedProjects();
-        },
-        onOwnedProjectsChange(callback) {
-          return app._onOwnedProjectsChange(callback);
-        }
-      };
-      Object.freeze(internalUser);
-      return internalUser;
-    } else {
-      Object.freeze(currentUser);
-      return currentUser;
-    }
+    Object.freeze(currentUser);
+    return currentUser;
   }
   _projectAdminFromJson(data, adminInterface, onRefresh) {
     if (data.id !== adminInterface.projectId) {
@@ -797,12 +820,12 @@ var _StackClientAppImpl = class __StackClientAppImpl {
         }
       }
     }
-    return this._currentUserFromJson(userJson, session);
+    return userJson && this._createCurrentUser(userJson, session);
   }
   useUser(options) {
     this._ensurePersistentTokenStore(options?.tokenStore);
     const router = NextNavigation.useRouter();
-    const session = this._getSession(options?.tokenStore);
+    const session = this._useSession(options?.tokenStore);
     const userJson = useAsyncCache(this._currentUserCache, [session], "useUser()");
     const triggerRedirectToSignIn = (0, import_use_trigger.useTrigger)(() => router.replace(this.urls.signIn));
     if (userJson === null) {
@@ -821,16 +844,9 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       }
     }
     return (0, import_react.useMemo)(() => {
-      return this._currentUserFromJson(userJson, session);
+      return userJson && this._createCurrentUser(userJson, session);
     }, [userJson, session, options?.or]);
   }
-  onUserChange(callback) {
-    this._ensurePersistentTokenStore();
-    const session = this._getSession();
-    return this._currentUserCache.onChange([session], (userJson) => {
-      callback(this._currentUserFromJson(userJson, session));
-    });
-  }
   async _updateUser(update, session) {
     const res = await this._interface.setClientUserCustomizableData(update, session);
     await this._refreshUser(session);
@@ -929,12 +945,8 @@ var _StackClientAppImpl = class __StackClientAppImpl {
   useProject() {
     return useAsyncCache(this._currentProjectCache, [], "useProject()");
   }
-  onProjectChange(callback) {
-    return this._currentProjectCache.onChange([], callback);
-  }
-  async _listOwnedProjects() {
+  async _listOwnedProjects(session) {
     this._ensureInternalProject();
-    const session = this._getSession();
     const json = await this._ownedProjectsCache.getOrWait([session], "write-only");
     return json.map((j) => this._projectAdminFromJson(
       j,
@@ -942,9 +954,8 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       () => this._refreshOwnedProjects(session)
     ));
   }
-  _useOwnedProjects() {
+  _useOwnedProjects(session) {
     this._ensureInternalProject();
-    const session = this._getSession();
     const json = useAsyncCache(this._ownedProjectsCache, [session], "useOwnedProjects()");
     return (0, import_react.useMemo)(() => json.map((j) => this._projectAdminFromJson(
       j,
@@ -952,20 +963,8 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       () => this._refreshOwnedProjects(session)
     )), [json]);
   }
-  _onOwnedProjectsChange(callback) {
+  async _createProject(session, newProject) {
     this._ensureInternalProject();
-    const session = this._getSession();
-    return this._ownedProjectsCache.onChange([session], (projects) => {
-      callback(projects.map((j) => this._projectAdminFromJson(
-        j,
-        this._createAdminInterface(j.id, session),
-        () => this._refreshOwnedProjects(session)
-      )));
-    });
-  }
-  async _createProject(newProject) {
-    this._ensureInternalProject();
-    const session = this._getSession();
     const json = await this._interface.createProject(newProject, session);
     const res = this._projectAdminFromJson(
       json,
@@ -1079,37 +1078,45 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
       oauthScopesOnSignIn: options.oauthScopesOnSignIn ?? {}
     });
   }
-  _serverUserFromJson(json) {
-    if (json === null)
-      return null;
+  _createBaseUser(json) {
+    return {
+      ...super._createBaseUser(json),
+      ..."serverMetadata" in json ? {
+        serverMetadata: json.serverMetadata,
+        toServerJson() {
+          return {
+            ...this.toClientJson(),
+            ...(0, import_objects.pick)(json, [
+              "serverMetadata"
+            ])
+          };
+        }
+      } : {}
+    };
+  }
+  _createUserExtra(json) {
     const app = this;
     return {
-      ...this._userFromJson(json),
-      serverMetadata: json.serverMetadata,
-      async delete() {
-        const res = await app._interface.deleteServerUser(this.id);
-        await app._refreshUsers();
-        return res;
+      async setDisplayName(displayName) {
+        return await this.update({ displayName });
       },
-      async update(update) {
-        const res = await app._interface.setServerUserCustomizableData(this.id, update);
-        await app._refreshUsers();
-        return res;
+      async setClientMetadata(metadata) {
+        return await this.update({ clientMetadata: metadata });
       },
-      getClientUser() {
-        return app._userFromJson(json);
+      async setServerMetadata(metadata) {
+        return await this.update({ serverMetadata: metadata });
       },
-      async grantPermission(scope, permissionId) {
-        await app._interface.grantTeamUserPermission(scope.id, json.id, permissionId, "team");
-        for (const direct of [true, false]) {
-          await app._serverTeamUserPermissionsCache.refresh([scope.id, json.id, "team", direct]);
-        }
+      async setSelectedTeam(team) {
+        return await this.update({ selectedTeamId: team?.id ?? null });
       },
-      async revokePermission(scope, permissionId) {
-        await app._interface.revokeTeamUserPermission(scope.id, json.id, permissionId, "team");
-        for (const direct of [true, false]) {
-          await app._serverTeamUserPermissionsCache.refresh([scope.id, json.id, "team", direct]);
-        }
+      async setPrimaryEmail(email, options) {
+        return await this.update({ primaryEmail: email });
+      },
+      getConnectedAccount: async () => {
+        return await app._checkFeatureSupport("getConnectedAccount() on ServerUser", {});
+      },
+      useConnectedAccount: () => {
+        return app._useCheckFeatureSupport("useConnectedAccount() on ServerUser", {});
       },
       async getTeam(teamId) {
         const teams = await this.listTeams();
@@ -1121,24 +1128,13 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
           return teams.find((t) => t.id === teamId) ?? null;
         }, [teams, teamId]);
       },
-      onTeamChange(teamId, callback) {
-        return this.onTeamsChange((teams) => {
-          const team = teams.find((t) => t.id === teamId) ?? null;
-          callback(team);
-        });
-      },
       async listTeams() {
-        const teams = await app._serverTeamsCache.getOrWait([app._getSession()], "write-only");
-        return teams.map((json2) => app._serverTeamFromJson(json2));
+        const teams = await app.listTeams();
+        const withMembers = await Promise.all(teams.map(async (t) => [t, await t.listMembers()]));
+        return withMembers.filter(([_, members]) => members.find((m) => m.userId === json.id)).map(([t]) => t);
       },
       useTeams() {
-        const teams = useAsyncCache(app._serverTeamsCache, [app._getSession()], "user.useTeams()");
-        return (0, import_react.useMemo)(() => teams.map((json2) => app._serverTeamFromJson(json2)), [teams]);
-      },
-      onTeamsChange(callback) {
-        return app._serverTeamsCache.onChange([app._getSession()], (value, oldValue) => {
-          callback(value.map((json2) => app._serverTeamFromJson(json2)), oldValue?.map((json2) => app._serverTeamFromJson(json2)));
-        });
+        return app._useCheckFeatureSupport("useTeams() on ServerUser", {});
       },
       async listPermissions(scope, options) {
         const permissions = await app._serverTeamUserPermissionsCache.getOrWait([scope.id, json.id, "team", !!options?.direct], "write-only");
@@ -1148,62 +1144,62 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
         const permissions = useAsyncCache(app._serverTeamUserPermissionsCache, [scope.id, json.id, "team", !!options?.direct], "user.usePermissions()");
         return (0, import_react.useMemo)(() => permissions.map((json2) => app._serverPermissionFromJson(json2)), [permissions]);
       },
-      usePermission(scope, permissionId) {
-        const permissions = this.usePermissions(scope);
-        return (0, import_react.useMemo)(() => permissions.find((p) => p.id === permissionId) ?? null, [permissions, permissionId]);
-      },
       async getPermission(scope, permissionId) {
         const permissions = await this.listPermissions(scope);
         return permissions.find((p) => p.id === permissionId) ?? null;
       },
+      usePermission(scope, permissionId) {
+        const permissions = this.usePermissions(scope);
+        return (0, import_react.useMemo)(() => permissions.find((p) => p.id === permissionId) ?? null, [permissions, permissionId]);
+      },
       async hasPermission(scope, permissionId) {
-        const permissions = await this.listPermissions(scope);
-        return permissions.some((p) => p.id === permissionId);
+        return await this.getPermission(scope, permissionId) !== null;
       },
-      toJson() {
-        return json;
+      async grantPermission(scope, permissionId) {
+        await app._interface.grantTeamUserPermission(scope.id, json.id, permissionId, "team");
+        for (const direct of [true, false]) {
+          await app._serverTeamUserPermissionsCache.refresh([scope.id, json.id, "team", direct]);
+        }
+      },
+      async revokePermission(scope, permissionId) {
+        await app._interface.revokeTeamUserPermission(scope.id, json.id, permissionId, "team");
+        for (const direct of [true, false]) {
+          await app._serverTeamUserPermissionsCache.refresh([scope.id, json.id, "team", direct]);
+        }
+      },
+      async delete() {
+        const res = await app._interface.deleteServerUser(json.id);
+        await app._refreshUsers();
+        return res;
+      },
+      async update(update) {
+        const res = await app._interface.setServerUserCustomizableData(json.id, update);
+        await app._refreshUsers();
+        return res;
+      },
+      async sendVerificationEmail() {
+        return await app._checkFeatureSupport("sendVerificationEmail() on ServerUser", {});
+      },
+      async updatePassword(options) {
+        return await app._checkFeatureSupport("updatePassword() on ServerUser", {});
       }
     };
   }
-  _currentServerUserFromJson(json, session) {
-    if (json === null)
-      return null;
+  _createUser(json) {
+    return {
+      ...this._createBaseUser(json),
+      ...this._createUserExtra(json)
+    };
+  }
+  _createCurrentUser(json, session) {
     const app = this;
-    const nonCurrentServerUser = this._serverUserFromJson(json);
     const currentUser = {
-      ...nonCurrentServerUser,
-      ...this._authFromJson(session),
-      async delete() {
-        const res = await nonCurrentServerUser.delete();
-        await app._refreshUser(session);
-        return res;
-      },
-      getClientUser() {
-        return app._currentUserFromJson(json, session);
-      }
+      ...this._createUser(json),
+      ...this._createAuth(session),
+      ...this._isInternalProject() ? this._createInternalUserExtra(session) : {}
     };
-    if (this._isInternalProject()) {
-      const internalUser = {
-        ...currentUser,
-        createProject(newProject) {
-          return app._createProject(newProject);
-        },
-        listOwnedProjects() {
-          return app._listOwnedProjects();
-        },
-        useOwnedProjects() {
-          return app._useOwnedProjects();
-        },
-        onOwnedProjectsChange(callback) {
-          return app._onOwnedProjectsChange(callback);
-        }
-      };
-      Object.freeze(internalUser);
-      return internalUser;
-    } else {
-      Object.freeze(currentUser);
-      return currentUser;
-    }
+    Object.freeze(currentUser);
+    return currentUser;
   }
   _serverTeamMemberFromJson(json) {
     if (json === null)
@@ -1211,12 +1207,7 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
     const app = this;
     return {
       ...app._teamMemberFromJson(json),
-      async getUser() {
-        const user = app._serverUserFromJson(await app._serverUserCache.getOrWait([json.userId], "write-only"));
-        if (!user)
-          throw new Error(`User ${json.userId} not found`);
-        return user;
-      }
+      user: app._createUser(json.user)
     };
   }
   _serverTeamFromJson(json) {
@@ -1259,49 +1250,75 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
       }
     };
   }
-  async getServerUser() {
-    this._ensurePersistentTokenStore();
-    const session = this._getSession();
+  async getUser(options) {
+    this._ensurePersistentTokenStore(options?.tokenStore);
+    const session = this._getSession(options?.tokenStore);
     const userJson = await this._currentServerUserCache.getOrWait([session], "write-only");
-    return this._currentServerUserFromJson(userJson, session);
+    if (userJson === null) {
+      switch (options?.or) {
+        case "redirect": {
+          await this.redirectToSignIn();
+          break;
+        }
+        case "throw": {
+          throw new Error("User is not signed in but getUser was called with { or: 'throw' }");
+        }
+        default: {
+          return null;
+        }
+      }
+    }
+    return userJson && this._createCurrentUser(userJson, session);
+  }
+  async getServerUser() {
+    console.warn("stackServerApp.getServerUser is deprecated; use stackServerApp.getUser instead");
+    return await this.getUser();
   }
   async getServerUserById(userId) {
     const json = await this._serverUserCache.getOrWait([userId], "write-only");
-    return this._serverUserFromJson(json);
+    return json && this._createUser(json);
   }
-  useServerUser(options) {
-    this._ensurePersistentTokenStore();
-    const session = this._getSession();
-    const userJson = useAsyncCache(this._currentServerUserCache, [session], "useServerUser()");
-    return (0, import_react.useMemo)(() => {
-      if (options?.required && userJson === null) {
-        (0, import_react.use)(this.redirectToSignIn());
+  useUser(options) {
+    this._ensurePersistentTokenStore(options?.tokenStore);
+    const router = NextNavigation.useRouter();
+    const session = this._getSession(options?.tokenStore);
+    const userJson = useAsyncCache(this._currentServerUserCache, [session], "useUser()");
+    const triggerRedirectToSignIn = (0, import_use_trigger.useTrigger)(() => router.replace(this.urls.signIn));
+    if (userJson === null) {
+      switch (options?.or) {
+        case "redirect": {
+          triggerRedirectToSignIn();
+          (0, import_react3.suspend)();
+          throw new import_errors.StackAssertionError("suspend should never return");
+        }
+        case "throw": {
+          throw new Error("User is not signed in but useUser was called with { or: 'throw' }");
+        }
+        case void 0:
+        case "return-null": {
+        }
       }
-      return this._currentServerUserFromJson(userJson, session);
-    }, [userJson, session, options?.required]);
+    }
+    return (0, import_react.useMemo)(() => {
+      return userJson && this._createCurrentUser(userJson, session);
+    }, [userJson, session, options?.or]);
   }
-  onServerUserChange(callback) {
-    this._ensurePersistentTokenStore();
-    const session = this._getSession();
-    return this._currentServerUserCache.onChange([session], (userJson) => {
-      callback(this._currentServerUserFromJson(userJson, session));
-    });
+  useUserById(userId) {
+    const json = useAsyncCache(this._serverUserCache, [userId], "useUserById()");
+    return (0, import_react.useMemo)(() => {
+      return json && this._createUser(json);
+    }, [json]);
   }
-  async listServerUsers() {
+  async listUsers() {
     const json = await this._serverUsersCache.getOrWait([], "write-only");
-    return json.map((j) => this._serverUserFromJson(j));
+    return json.map((j) => this._createUser(j));
   }
-  useServerUsers() {
+  useUsers() {
     const json = useAsyncCache(this._serverUsersCache, [], "useServerUsers()");
     return (0, import_react.useMemo)(() => {
-      return json.map((j) => this._serverUserFromJson(j));
+      return json.map((j) => this._createUser(j));
     }, [json]);
   }
-  onServerUsersChange(callback) {
-    return this._serverUsersCache.onChange([], (users) => {
-      callback(users.map((j) => this._serverUserFromJson(j)));
-    });
-  }
   async listPermissionDefinitions() {
     return await this._serverTeamPermissionDefinitionsCache.getOrWait([], "write-only");
   }
@@ -1463,15 +1480,6 @@ var _StackAdminAppImpl = class extends _StackServerAppImpl {
       () => this._refreshProject()
     ), [json]);
   }
-  onProjectAdminChange(callback) {
-    return this._adminProjectCache.onChange([], (project) => {
-      callback(this._projectAdminFromJson(
-        project,
-        this._interface,
-        () => this._refreshProject()
-      ));
-    });
-  }
   async listApiKeySets() {
     const json = await this._apiKeySetsCache.getOrWait([], "write-only");
     return json.map((j) => this._createApiKeySetFromJson(j));
@@ -1482,11 +1490,6 @@ var _StackAdminAppImpl = class extends _StackServerAppImpl {
       return json.map((j) => this._createApiKeySetFromJson(j));
     }, [json]);
   }
-  onApiKeySetsChange(callback) {
-    return this._apiKeySetsCache.onChange([], (apiKeySets) => {
-      callback(apiKeySets.map((j) => this._createApiKeySetFromJson(j)));
-    });
-  }
   async createApiKeySet(options) {
     const json = await this._interface.createApiKeySet(options);
     await this._refreshApiKeySets();