@strands.gg/accui 1.6.3 → 1.6.5

package/dist/useStrandsAuth-CO9JEdxM.js

@@ -0,0 +1,693 @@
+import { ref, computed } from "vue";
+import { u as useStrandsConfig } from "./useStrandsConfig-Bdk-g0jS.js";
+const { getUrl } = useStrandsConfig();
+const currentUser = ref(null);
+const currentSession = ref(null);
+const isInitializing = ref(true);
+const isSigningIn = ref(false);
+const isSigningUp = ref(false);
+const isSigningOut = ref(false);
+const isRefreshingToken = ref(false);
+const isSendingMfaEmail = ref(false);
+const isVerifyingMfa = ref(false);
+const isLoadingProfile = ref(false);
+const loading = computed(() => isSigningIn.value || isSigningUp.value || isSigningOut.value || isRefreshingToken.value || isSendingMfaEmail.value || isVerifyingMfa.value || isLoadingProfile.value);
+const isLoading = computed(() => isInitializing.value || loading.value);
+const loadingMessage = computed(() => {
+  if (isInitializing.value) return "Checking authentication...";
+  if (isSigningIn.value) return "Signing you in...";
+  if (isSigningUp.value) return "Creating your account...";
+  if (isSigningOut.value) return "Signing you out...";
+  if (isRefreshingToken.value) return "Refreshing session...";
+  if (isSendingMfaEmail.value) return "Sending verification code...";
+  if (isVerifyingMfa.value) return "Verifying code...";
+  return "Loading...";
+});
+const isInitialized = ref(false);
+const mfaRequired = ref(false);
+const mfaSessionId = ref(null);
+const availableMfaMethods = ref([]);
+let refreshTimer = null;
+function useStrandsAuth() {
+  const completeHardwareKeyRegistration = async (deviceId, credential, accessToken) => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    const response = await fetch(getUrl("mfaHardwareCompleteRegistration"), {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Authorization": `Bearer ${currentSession.value.accessToken}`
+      },
+      body: JSON.stringify({
+        device_id: deviceId,
+        credential
+      })
+    });
+    if (!response.ok) {
+      const errorText = await response.text();
+      let errorMessage = "Failed to complete hardware key registration";
+      try {
+        const errorData = JSON.parse(errorText);
+        errorMessage = errorData.message || errorData.error || errorText;
+      } catch {
+        errorMessage = errorText || "Failed to complete hardware key registration";
+      }
+      throw new Error(errorMessage);
+    }
+    return response.json();
+  };
+  const registerHardwareKey = async (deviceName, accessToken, deviceType = "hardware") => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    const response = await fetch(getUrl("mfaHardwareStartRegistration"), {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Authorization": `Bearer ${currentSession.value.accessToken}`
+      },
+      body: JSON.stringify({
+        device_name: deviceName,
+        device_type: deviceType
+      })
+    });
+    if (!response.ok) {
+      const errorText = await response.text();
+      let errorMessage = "Failed to start hardware key registration";
+      try {
+        const errorData = JSON.parse(errorText);
+        errorMessage = errorData.message || errorData.error || errorText;
+      } catch {
+        errorMessage = errorText || "Failed to start hardware key registration";
+      }
+      throw new Error(errorMessage);
+    }
+    return response.json();
+  };
+  const isAuthenticated = computed(() => currentUser.value !== null);
+  const signIn = async (credentials) => {
+    isSigningIn.value = true;
+    try {
+      mfaRequired.value = false;
+      mfaSessionId.value = null;
+      availableMfaMethods.value = [];
+      const response = await fetch(getUrl("signIn"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify(credentials)
+      });
+      if (!response.ok) {
+        if (response.status === 401) {
+          throw new Error("Invalid email or password");
+        } else if (response.status === 403) {
+          throw new Error("Please verify your email address before signing in");
+        } else {
+          throw new Error(`Sign in failed: ${response.status} ${response.statusText}`);
+        }
+      }
+      const authData = await response.json();
+      if (authData.mfa_required) {
+        mfaRequired.value = true;
+        mfaSessionId.value = authData.mfa_session_id || null;
+        const methods = (authData.available_mfa_methods || []).map((method) => {
+          let fallbackName = `${method.device_type.charAt(0).toUpperCase() + method.device_type.slice(1)} Authentication`;
+          if (method.device_type === "hardware") {
+            fallbackName = method.device_name || "Security Key";
+          } else if (method.device_type === "totp") {
+            fallbackName = method.device_name || "Authenticator App";
+          } else if (method.device_type === "email") {
+            fallbackName = method.device_name || "Email Verification";
+          }
+          return {
+            id: method.device_id,
+            device_type: method.device_type,
+            device_name: method.device_name || fallbackName,
+            is_active: true,
+            created_at: (/* @__PURE__ */ new Date()).toISOString(),
+            last_used_at: method.last_used_at,
+            // Pass through additional metadata if available
+            credential_id: method.credential_id,
+            device_info: method.device_info
+          };
+        });
+        availableMfaMethods.value = methods;
+        isSigningIn.value = false;
+        return authData;
+      }
+      setAuthData(authData);
+      return authData;
+    } catch (error) {
+      throw error;
+    } finally {
+      isSigningIn.value = false;
+    }
+  };
+  const signUp = async (userData) => {
+    isSigningUp.value = true;
+    try {
+      throw new Error("Sign up not implemented - please integrate with auth SDK");
+    } finally {
+      isSigningUp.value = false;
+    }
+  };
+  const signOut = async () => {
+    isSigningOut.value = true;
+    try {
+      stopTokenRefreshTimer();
+      currentUser.value = null;
+      currentSession.value = null;
+      mfaRequired.value = false;
+      mfaSessionId.value = null;
+      availableMfaMethods.value = [];
+      if (typeof window !== "undefined") {
+        localStorage.removeItem("strands_auth_session");
+        localStorage.removeItem("strands_auth_user");
+      }
+    } finally {
+      isSigningOut.value = false;
+    }
+  };
+  const refreshToken = async () => {
+    if (!currentSession.value?.refreshToken) {
+      return false;
+    }
+    isRefreshingToken.value = true;
+    try {
+      const response = await fetch(getUrl("refresh"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify({
+          refresh_token: currentSession.value.refreshToken
+        })
+      });
+      if (!response.ok) {
+        if (response.status === 401) {
+          await signOut();
+          return false;
+        }
+        throw new Error(`Token refresh failed: ${response.status} ${response.statusText}`);
+      }
+      const authData = await response.json();
+      setAuthData(authData, true);
+      return true;
+    } catch (error) {
+      await signOut();
+      return false;
+    }
+  };
+  const fetchProfile = async () => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    isLoadingProfile.value = true;
+    try {
+      const response = await fetch(getUrl("profile"), {
+        method: "GET",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${currentSession.value.accessToken}`
+        }
+      });
+      if (!response.ok) {
+        if (response.status === 401) {
+          throw new Error("Authentication expired. Please sign in again.");
+        } else {
+          throw new Error(`Failed to fetch profile: ${response.status} ${response.statusText}`);
+        }
+      }
+      const userData = await response.json();
+      currentUser.value = {
+        id: userData.id,
+        email: userData.email,
+        firstName: userData.first_name,
+        lastName: userData.last_name,
+        avatar: userData.avatar_url,
+        mfaEnabled: userData.mfaEnabled || false,
+        emailVerified: userData.email_verified,
+        passwordUpdatedAt: userData.password_updated_at,
+        settings: userData.settings || {},
+        xp: userData.xp || 0,
+        level: userData.level || 1,
+        next_level_xp: userData.next_level_xp || 4,
+        username: userData.username,
+        usernameLastChangedAt: userData.username_last_changed_at,
+        createdAt: userData.created_at,
+        updatedAt: userData.updated_at || (/* @__PURE__ */ new Date()).toISOString()
+      };
+      if (typeof window !== "undefined") {
+        localStorage.setItem("strands_auth_user", JSON.stringify(currentUser.value));
+      }
+      return currentUser.value;
+    } finally {
+      isLoadingProfile.value = false;
+    }
+  };
+  const updateProfile = async (profileData) => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    isLoadingProfile.value = true;
+    try {
+      const response = await fetch(getUrl("profile"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${currentSession.value.accessToken}`
+        },
+        body: JSON.stringify({
+          first_name: profileData.firstName,
+          last_name: profileData.lastName
+        })
+      });
+      if (!response.ok) {
+        if (response.status === 401) {
+          throw new Error("Authentication expired. Please sign in again.");
+        } else {
+          throw new Error(`Profile update failed: ${response.status} ${response.statusText}`);
+        }
+      }
+      const updatedUserData = await response.json();
+      if (currentUser.value) {
+        currentUser.value = {
+          ...currentUser.value,
+          id: updatedUserData.id,
+          firstName: updatedUserData.first_name,
+          lastName: updatedUserData.last_name,
+          // Keep existing properties not returned by API
+          avatar: updatedUserData.avatar_url || currentUser.value.avatar,
+          mfaEnabled: currentUser.value.mfaEnabled,
+          email: currentUser.value.email,
+          // Keep existing email since we don't update it here
+          emailVerified: currentUser.value.emailVerified,
+          createdAt: updatedUserData.created_at || currentUser.value.createdAt,
+          updatedAt: updatedUserData.updated_at || (/* @__PURE__ */ new Date()).toISOString()
+        };
+        if (typeof window !== "undefined") {
+          localStorage.setItem("strands_auth_user", JSON.stringify(currentUser.value));
+        }
+      }
+      return currentUser.value;
+    } finally {
+      isLoadingProfile.value = false;
+    }
+  };
+  const updateUserSettings = async (settings) => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    isLoadingProfile.value = true;
+    try {
+      const response = await fetch(getUrl("settings"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${currentSession.value.accessToken}`
+        },
+        body: JSON.stringify({
+          settings
+        })
+      });
+      if (!response.ok) {
+        if (response.status === 401) {
+          throw new Error("Authentication expired. Please sign in again.");
+        } else {
+          throw new Error(`Settings update failed: ${response.status} ${response.statusText}`);
+        }
+      }
+      const updatedUserData = await response.json();
+      if (currentUser.value) {
+        currentUser.value = {
+          ...currentUser.value,
+          settings: updatedUserData.settings,
+          updatedAt: updatedUserData.updated_at || (/* @__PURE__ */ new Date()).toISOString()
+        };
+        if (typeof window !== "undefined") {
+          localStorage.setItem("strands_auth_user", JSON.stringify(currentUser.value));
+        }
+      }
+      return currentUser.value;
+    } finally {
+      isLoadingProfile.value = false;
+    }
+  };
+  const changeEmail = async (newEmail, password) => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    isLoadingProfile.value = true;
+    try {
+      const response = await fetch(getUrl("changeEmail"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${currentSession.value.accessToken}`
+        },
+        body: JSON.stringify({
+          new_email: newEmail,
+          password
+        })
+      });
+      if (!response.ok) {
+        if (response.status === 401) {
+          throw new Error("Authentication expired. Please sign in again.");
+        } else {
+          const errorData = await response.json().catch(() => ({}));
+          throw new Error(errorData.message || `Email change failed: ${response.status} ${response.statusText}`);
+        }
+      }
+      const result = await response.json();
+      if (currentUser.value) {
+        currentUser.value = {
+          ...currentUser.value,
+          email: newEmail,
+          emailVerified: false,
+          // Email needs to be verified again
+          updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+        };
+        if (typeof window !== "undefined") {
+          localStorage.setItem("strands_auth_user", JSON.stringify(currentUser.value));
+        }
+      }
+      return result;
+    } finally {
+      isLoadingProfile.value = false;
+    }
+  };
+  const verifyMfa = async (deviceId, code, isBackupCode = false) => {
+    if (!mfaSessionId.value) {
+      throw new Error("No MFA session available");
+    }
+    isVerifyingMfa.value = true;
+    try {
+      const endpoint = isBackupCode ? getUrl("mfaBackupCodeVerify") : getUrl("mfaSigninVerify");
+      const body = isBackupCode ? { mfa_session_id: mfaSessionId.value, backup_code: code } : { mfa_session_id: mfaSessionId.value, device_id: deviceId, code };
+      const response = await fetch(endpoint, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(body)
+      });
+      if (!response.ok) {
+        const errorText = await response.text();
+        let errorMessage = "MFA verification failed";
+        try {
+          const errorData = JSON.parse(errorText);
+          errorMessage = errorData.message || errorData.error || errorText;
+        } catch {
+          errorMessage = errorText || "MFA verification failed";
+        }
+        throw new Error(errorMessage);
+      }
+      const authData = await response.json();
+      mfaRequired.value = false;
+      mfaSessionId.value = null;
+      availableMfaMethods.value = [];
+      setAuthData(authData);
+      return authData;
+    } finally {
+      isVerifyingMfa.value = false;
+    }
+  };
+  const sendMfaEmailCode = async (deviceId) => {
+    if (!mfaSessionId.value) {
+      throw new Error("No MFA session available");
+    }
+    isSendingMfaEmail.value = true;
+    try {
+      const response = await fetch(getUrl("mfaSigninSendEmail"), {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          mfa_session_id: mfaSessionId.value,
+          device_id: deviceId
+        })
+      });
+      if (!response.ok) {
+        const errorText = await response.text();
+        let errorMessage = "Failed to send MFA email code";
+        try {
+          const errorData = JSON.parse(errorText);
+          errorMessage = errorData.message || errorData.error || errorText;
+        } catch {
+          errorMessage = errorText || "Failed to send MFA email code";
+        }
+        throw new Error(errorMessage);
+      }
+      const result = await response.json();
+      return result;
+    } finally {
+      isSendingMfaEmail.value = false;
+    }
+  };
+  const getMfaWebAuthnChallenge = async (deviceId) => {
+    if (!mfaSessionId.value) {
+      throw new Error("No MFA session available");
+    }
+    const response = await fetch(getUrl("mfaWebAuthnChallenge"), {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        mfa_session_id: mfaSessionId.value,
+        device_id: deviceId
+      })
+    });
+    if (!response.ok) {
+      const errorText = await response.text();
+      let errorMessage = "Failed to get WebAuthn challenge";
+      try {
+        const errorData = JSON.parse(errorText);
+        errorMessage = errorData.message || errorData.error || errorText;
+      } catch {
+        errorMessage = errorText || errorMessage;
+      }
+      throw new Error(errorMessage);
+    }
+    return response.json();
+  };
+  const setAuthData = (authResponse, isTokenRefresh = false) => {
+    try {
+      if (authResponse.user) {
+        if (isTokenRefresh && currentUser.value) {
+          currentUser.value = {
+            ...currentUser.value,
+            ...authResponse.user,
+            // Preserve certain fields that might be missing in refresh response
+            avatar: authResponse.user.avatar || currentUser.value.avatar,
+            firstName: authResponse.user.firstName || currentUser.value.firstName,
+            lastName: authResponse.user.lastName || currentUser.value.lastName
+          };
+        } else {
+          currentUser.value = authResponse.user;
+        }
+      } else if (!isTokenRefresh) {
+        currentUser.value = null;
+      }
+      const session = {
+        accessToken: authResponse.access_token,
+        refreshToken: authResponse.refresh_token,
+        expiresAt: new Date(Date.now() + 5 * 60 * 1e3),
+        // 5 minutes from now (matching API token expiry)
+        userId: currentUser.value?.id || authResponse.user?.id
+      };
+      currentSession.value = session;
+      if (typeof window !== "undefined") {
+        localStorage.setItem("strands_auth_session", JSON.stringify(session));
+        if (currentUser.value) {
+          localStorage.setItem("strands_auth_user", JSON.stringify(currentUser.value));
+        }
+      }
+      startTokenRefreshTimer();
+    } catch (error) {
+      console.error("Error setting auth data:", error);
+    }
+  };
+  const startTokenRefreshTimer = () => {
+    if (refreshTimer) {
+      clearTimeout(refreshTimer);
+    }
+    if (!currentSession.value) return;
+    const now = /* @__PURE__ */ new Date();
+    const expiresAt = currentSession.value.expiresAt;
+    const timeUntilRefresh = expiresAt.getTime() - now.getTime() - 1 * 60 * 1e3;
+    if (timeUntilRefresh <= 0) {
+      refreshToken();
+      return;
+    }
+    refreshTimer = setTimeout(async () => {
+      const success = await refreshToken();
+      if (success) {
+        startTokenRefreshTimer();
+      }
+    }, timeUntilRefresh);
+  };
+  const stopTokenRefreshTimer = () => {
+    if (refreshTimer) {
+      clearTimeout(refreshTimer);
+      refreshTimer = null;
+    }
+  };
+  const initialize = async () => {
+    if (isInitialized.value) return;
+    isInitializing.value = true;
+    try {
+      if (typeof window !== "undefined") {
+        const storedSession = localStorage.getItem("strands_auth_session");
+        const storedUser = localStorage.getItem("strands_auth_user");
+        if (storedSession && storedUser) {
+          try {
+            const session = JSON.parse(storedSession);
+            const user = JSON.parse(storedUser);
+            session.expiresAt = new Date(session.expiresAt);
+            if (session.expiresAt > /* @__PURE__ */ new Date()) {
+              currentSession.value = session;
+              currentUser.value = user;
+              startTokenRefreshTimer();
+            } else {
+              localStorage.removeItem("strands_auth_session");
+              localStorage.removeItem("strands_auth_user");
+            }
+          } catch (error) {
+            localStorage.removeItem("strands_auth_session");
+            localStorage.removeItem("strands_auth_user");
+          }
+        }
+      }
+      isInitialized.value = true;
+      await new Promise((resolve) => setTimeout(resolve, 50));
+    } catch (error) {
+    } finally {
+      isInitializing.value = false;
+    }
+  };
+  const changeUsername = async (newUsername) => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    isLoadingProfile.value = true;
+    try {
+      const response = await fetch(getUrl("changeUsername"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${currentSession.value.accessToken}`
+        },
+        body: JSON.stringify({
+          username: newUsername
+        })
+      });
+      if (!response.ok) {
+        const errorData = await response.json().catch(() => ({}));
+        if (response.status === 409) {
+          throw new Error("Username is already taken");
+        } else if (errorData.cooldown_end) {
+          throw new Error(`You can only change your username once every 30 days. You can change it again on ${new Date(errorData.cooldown_end).toLocaleDateString()}`);
+        }
+        throw new Error(errorData.message || `Username change failed: ${response.status} ${response.statusText}`);
+      }
+      const result = await response.json();
+      if (currentUser.value) {
+        currentUser.value = {
+          ...currentUser.value,
+          username: newUsername,
+          usernameLastChangedAt: (/* @__PURE__ */ new Date()).toISOString(),
+          updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+        };
+        if (typeof window !== "undefined") {
+          localStorage.setItem("strands_auth_user", JSON.stringify(currentUser.value));
+        }
+      }
+      return result;
+    } finally {
+      isLoadingProfile.value = false;
+    }
+  };
+  const getUsernameCooldown = async () => {
+    if (!currentSession.value?.accessToken) {
+      throw new Error("No access token available");
+    }
+    const response = await fetch(getUrl("usernameCooldown"), {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${currentSession.value.accessToken}`
+      }
+    });
+    if (!response.ok) {
+      throw new Error(`Failed to get username cooldown: ${response.status} ${response.statusText}`);
+    }
+    return response.json();
+  };
+  const checkUsernameAvailability = async (username) => {
+    const url = getUrl("checkUsernameAvailability").replace("{username}", encodeURIComponent(username));
+    const response = await fetch(url, {
+      method: "GET",
+      headers: {
+        "Content-Type": "application/json"
+      }
+    });
+    if (!response.ok) {
+      throw new Error(`Failed to check username availability: ${response.status} ${response.statusText}`);
+    }
+    return response.json();
+  };
+  if (!isInitialized.value) {
+    initialize();
+  }
+  return {
+    // State
+    user: computed(() => currentUser.value),
+    currentUser: computed(() => currentUser.value),
+    currentSession: computed(() => currentSession.value),
+    isAuthenticated,
+    isLoading: computed(() => isLoading.value || !isInitialized.value),
+    loading: computed(() => loading.value),
+    loadingMessage,
+    // Specific loading states
+    isInitializing,
+    isSigningIn,
+    isSigningUp,
+    isSigningOut,
+    isRefreshingToken,
+    isSendingMfaEmail,
+    isVerifyingMfa,
+    // MFA State
+    mfaRequired: computed(() => mfaRequired.value),
+    mfaSessionId: computed(() => mfaSessionId.value),
+    availableMfaMethods: computed(() => availableMfaMethods.value),
+    // Methods
+    signIn,
+    signUp,
+    signOut,
+    refreshToken,
+    fetchProfile,
+    updateProfile,
+    updateUserSettings,
+    changeEmail,
+    changeUsername,
+    getUsernameCooldown,
+    checkUsernameAvailability,
+    initialize,
+    setAuthData,
+    verifyMfa,
+    sendMfaEmailCode,
+    getMfaWebAuthnChallenge,
+    registerHardwareKey,
+    completeHardwareKeyRegistration,
+    // Token management
+    startTokenRefreshTimer,
+    stopTokenRefreshTimer,
+    // Force re-initialization (useful for testing or navigation)
+    forceReInit: () => {
+      isInitialized.value = false;
+      isInitializing.value = true;
+      initialize();
+    }
+  };
+}
+export {
+  useStrandsAuth as u
+};
+//# sourceMappingURL=useStrandsAuth-CO9JEdxM.js.map