@strands.gg/accui 1.9.0 → 1.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/dist/accui.css +1 -5802
  2. package/dist/nuxt/module.cjs.js +1 -109
  3. package/dist/nuxt/module.cjs.js.map +1 -1
  4. package/dist/nuxt/module.es.js +0 -1
  5. package/dist/nuxt/runtime/composables/useStrandsAuth.cjs.js +1 -57
  6. package/dist/nuxt/runtime/composables/useStrandsAuth.cjs.js.map +1 -1
  7. package/dist/nuxt/runtime/composables/useStrandsAuth.es.js +1 -2
  8. package/dist/nuxt/runtime/middleware/auth.global.cjs.js +1 -42
  9. package/dist/nuxt/runtime/middleware/auth.global.cjs.js.map +1 -1
  10. package/dist/nuxt/runtime/middleware/auth.global.es.js +0 -1
  11. package/dist/nuxt/runtime/plugin.client.cjs.js +1 -26
  12. package/dist/nuxt/runtime/plugin.client.cjs.js.map +1 -1
  13. package/dist/nuxt/runtime/plugin.client.es.js +2 -1
  14. package/dist/nuxt/runtime/plugin.client.es.js.map +1 -1
  15. package/dist/nuxt/runtime/plugin.server.cjs.js +1 -17
  16. package/dist/nuxt/runtime/plugin.server.cjs.js.map +1 -1
  17. package/dist/nuxt/runtime/plugin.server.es.js +0 -1
  18. package/dist/nuxt-v4/module.cjs.js +1 -119
  19. package/dist/nuxt-v4/module.cjs.js.map +1 -1
  20. package/dist/nuxt-v4/module.es.js +0 -1
  21. package/dist/nuxt-v4/runtime/composables/useStrandsAuth.cjs.js +1 -70
  22. package/dist/nuxt-v4/runtime/composables/useStrandsAuth.cjs.js.map +1 -1
  23. package/dist/nuxt-v4/runtime/composables/useStrandsAuth.es.js +1 -2
  24. package/dist/nuxt-v4/runtime/middleware/auth.global.cjs.js +1 -42
  25. package/dist/nuxt-v4/runtime/middleware/auth.global.cjs.js.map +1 -1
  26. package/dist/nuxt-v4/runtime/middleware/auth.global.es.js +0 -1
  27. package/dist/nuxt-v4/runtime/plugin.client.cjs.js +1 -26
  28. package/dist/nuxt-v4/runtime/plugin.client.cjs.js.map +1 -1
  29. package/dist/nuxt-v4/runtime/plugin.client.es.js +2 -1
  30. package/dist/nuxt-v4/runtime/plugin.client.es.js.map +1 -1
  31. package/dist/nuxt-v4/runtime/plugin.server.cjs.js +1 -22
  32. package/dist/nuxt-v4/runtime/plugin.server.cjs.js.map +1 -1
  33. package/dist/nuxt-v4/runtime/plugin.server.es.js +0 -1
  34. package/dist/strands-auth-ui.cjs.js +1 -9840
  35. package/dist/strands-auth-ui.cjs.js.map +1 -1
  36. package/dist/strands-auth-ui.es.js +1398 -808
  37. package/dist/strands-auth-ui.es.js.map +1 -1
  38. package/dist/useStrandsAuth-Co9ekmXB.cjs +1 -0
  39. package/dist/useStrandsAuth-Co9ekmXB.cjs.map +1 -0
  40. package/dist/{useStrandsAuth-BA8qEUcp.js → useStrandsAuth-kWUOoMm-.js} +288 -127
  41. package/dist/useStrandsAuth-kWUOoMm-.js.map +1 -0
  42. package/dist/useStrandsConfig-Cxb360Os.js +0 -1
  43. package/dist/useStrandsConfig-Z9_36OcV.cjs +1 -0
  44. package/dist/{useStrandsConfig-Dms13Zd0.cjs.map → useStrandsConfig-Z9_36OcV.cjs.map} +1 -1
  45. package/package.json +1 -1
  46. package/dist/useStrandsAuth-BA8qEUcp.js.map +0 -1
  47. package/dist/useStrandsAuth-Co2lLH4X.cjs +0 -736
  48. package/dist/useStrandsAuth-Co2lLH4X.cjs.map +0 -1
  49. package/dist/useStrandsConfig-Dms13Zd0.cjs +0 -179
package/dist/useStrandsAuth-Co9ekmXB.cjs ADDED
@@ -0,0 +1 @@
1
+ "use strict";const e=require("vue"),a=require("./useStrandsConfig-Z9_36OcV.cjs");const t=new class{cache=new Map;DEFAULT_TTL=3e5;async fetch(e,a,t=this.DEFAULT_TTL){const n=Date.now(),i=this.cache.get(e);if(i&&n-i.timestamp<i.ttl)return i.promise;this.cleanExpired();const s=a().finally(()=>{setTimeout(()=>{this.cache.delete(e)},t)});return this.cache.set(e,{promise:s,timestamp:n,ttl:t}),s}clear(){this.cache.clear()}invalidate(e){this.cache.delete(e)}cleanExpired(){const e=Date.now();for(const[a,t]of this.cache.entries())e-t.timestamp>t.ttl&&this.cache.delete(a)}getStats(){return{size:this.cache.size,entries:Array.from(this.cache.keys())}}};const n=function(e,a){let t=null;return(...n)=>{t&&clearTimeout(t),t=setTimeout(()=>{e(...n)},a)}}((e,a)=>{"undefined"!=typeof window&&localStorage.setItem(e,a)},300),i=e=>({id:e.id,email:e.email,firstName:e.first_name||e.firstName||"",lastName:e.last_name||e.lastName||"",avatar:e.avatar_url||e.avatar,mfaEnabled:e.mfa_enabled??e.mfaEnabled??!1,emailVerified:e.email_verified??e.emailVerified??!1,passwordUpdatedAt:e.password_updated_at||e.passwordUpdatedAt,settings:e.settings||{},xp:e.xp||0,level:e.level||1,next_level_xp:e.next_level_xp||e.next_level_xp||4,username:e.username,usernameLastChangedAt:e.username_last_changed_at||e.usernameLastChangedAt,createdAt:e.created_at||e.createdAt,updatedAt:e.updated_at||e.updatedAt||(new Date).toISOString()}),s={currentUser:e.ref(null),currentSession:e.ref(null),loadingStates:e.ref({initializing:!0,signingIn:!1,signingUp:!1,signingOut:!1,refreshingToken:!1,sendingMfaEmail:!1,verifyingMfa:!1,loadingProfile:!1}),isInitialized:e.ref(!1),mfaRequired:e.ref(!1),mfaSessionId:e.ref(null),availableMfaMethods:e.ref([])};let r=null,o=null;exports.useStrandsAuth=function(){const{getUrl:l}=a.useStrandsConfig(),{fetch:u,clear:c,invalidate:d}={fetch:t.fetch.bind(t),clear:t.clear.bind(t),invalidate:t.invalidate.bind(t),getStats:t.getStats.bind(t)},{currentUser:f,currentSession:v,loadingStates:h,isInitialized:g,mfaRequired:m,mfaSessionId:w,availableMfaMethods:y}=s,p=e.computed(()=>h.value.initializing),S=e.computed(()=>h.value.signingIn),_=e.computed(()=>h.value.signingUp),T=e.computed(()=>h.value.signingOut),k=e.computed(()=>h.value.refreshingToken),E=e.computed(()=>h.value.sendingMfaEmail),A=e.computed(()=>h.value.verifyingMfa);e.computed(()=>h.value.loadingProfile);const O=e.computed(()=>h.value.signingIn||h.value.signingUp||h.value.signingOut||h.value.refreshingToken||h.value.sendingMfaEmail||h.value.verifyingMfa||h.value.loadingProfile),b=e.computed(()=>h.value.initializing||O.value),N=e.computed(()=>{const e=h.value;return e.initializing?"Checking authentication...":e.signingIn?"Signing you in...":e.signingUp?"Creating your account...":e.signingOut?"Signing you out...":e.refreshingToken?"Refreshing session...":e.sendingMfaEmail?"Sending verification code...":e.verifyingMfa?"Verifying code...":e.loadingProfile?"Loading profile...":"Loading..."}),I=()=>{if(!v.value?.accessToken)throw new Error("No access token available");v.value.expiresAt;const e={Authorization:`Bearer ${v.value.accessToken}`};return v.value?.refreshToken&&(e["x-refresh-token"]=v.value.refreshToken),e},x=e.computed(()=>null!==f.value),$=async()=>{h.value.signingOut=!0;try{C(),o=null,c(),f.value=null,v.value=null,m.value=!1,w.value=null,y.value=[],"undefined"!=typeof window&&(localStorage.removeItem("strands_auth_session"),localStorage.removeItem("strands_auth_user"))}finally{h.value.signingOut=!1}},P=async()=>{if(!v.value?.refreshToken)return!1;if(o)return await o;o=(async()=>{h.value.refreshingToken=!0;try{const e=await fetch(l("refresh"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({refresh_token:v.value.refreshToken})});if(!e.ok){if(401===e.status)return await $(),!1;throw new Error(`Token refresh failed: ${e.status} ${e.statusText}`)}const a=await e.json();a.user&&(f.value=i(a.user),f.value&&"undefined"!=typeof window&&localStorage.setItem("strands_auth_user",JSON.stringify(f.value)));const t={accessToken:a.access_token,refreshToken:a.refresh_token,expiresAt:new Date(Date.now()+3e5),userId:a.user?.id||f.value?.id};return v.value=t,"undefined"!=typeof window&&localStorage.setItem("strands_auth_session",JSON.stringify(t)),M(),d(`sessions:${v.value.accessToken.slice(0,20)}`),!0}catch(e){return await $(),!1}finally{h.value.refreshingToken=!1}})();const e=await o;return o=null,e},j=async e=>{try{e.user&&(f.value=i(e.user));const a={accessToken:e.access_token,refreshToken:e.refresh_token,expiresAt:new Date(Date.now()+3e5),userId:f.value?.id||e.user?.id};v.value=a,"undefined"!=typeof window&&(localStorage.setItem("strands_auth_session",JSON.stringify(a)),f.value&&localStorage.setItem("strands_auth_user",JSON.stringify(f.value))),M()}catch(a){}},M=()=>{if(r&&clearTimeout(r),!v.value)return;if("undefined"!=typeof document&&"hidden"===document.visibilityState)return;const e=new Date,a=v.value.expiresAt.getTime()-e.getTime()-6e4;a<=0?P():r=setTimeout(async()=>{if("undefined"==typeof document||"visible"===document.visibilityState){await P()&&M()}},a)},C=()=>{r&&(clearTimeout(r),r=null)},U=async()=>{if(!g.value){h.value.initializing=!0;try{if("undefined"!=typeof window){const a=localStorage.getItem("strands_auth_session"),t=localStorage.getItem("strands_auth_user");if(a&&t)try{const e=JSON.parse(a),n=JSON.parse(t);e.expiresAt=new Date(e.expiresAt),e.expiresAt>new Date?(v.value=e,f.value=n,M()):(localStorage.removeItem("strands_auth_session"),localStorage.removeItem("strands_auth_user"))}catch(e){localStorage.removeItem("strands_auth_session"),localStorage.removeItem("strands_auth_user")}}g.value=!0,await new Promise(e=>setTimeout(e,50))}catch(e){}finally{h.value.initializing=!1}}};"undefined"!=typeof document&&document.addEventListener("visibilitychange",()=>{"visible"===document.visibilityState&&v.value?M():"hidden"===document.visibilityState&&C()});const J=()=>{C(),c(),"undefined"!=typeof document&&document.removeEventListener("visibilitychange",()=>{})};try{e.onUnmounted(J)}catch(F){}return g.value||U(),{user:e.computed(()=>f.value),currentUser:e.computed(()=>f.value),currentSession:e.computed(()=>v.value),isAuthenticated:x,isLoading:e.computed(()=>b.value||!g.value),loading:e.computed(()=>O.value),loadingMessage:N,isInitializing:p,isSigningIn:S,isSigningUp:_,isSigningOut:T,isRefreshingToken:k,isSendingMfaEmail:E,isVerifyingMfa:A,mfaRequired:e.computed(()=>m.value),mfaSessionId:e.computed(()=>w.value),availableMfaMethods:e.computed(()=>y.value),signIn:async e=>{h.value.signingIn=!0;try{m.value=!1,w.value=null,y.value=[];const a={"Content-Type":"application/json"};"undefined"!=typeof window&&window.location&&(a.Origin=window.location.origin);const t=await fetch(l("signIn"),{method:"POST",headers:a,body:JSON.stringify(e)});if(!t.ok)throw 401===t.status?new Error("Invalid email or password"):403===t.status?new Error("Please verify your email address before signing in"):new Error(`Sign in failed: ${t.status} ${t.statusText}`);const n=await t.json();if(n.mfa_required){m.value=!0,w.value=n.mfa_session_id||null;const e=(n.available_mfa_methods||[]).map(e=>{let a=`${e.device_type.charAt(0).toUpperCase()+e.device_type.slice(1)} Authentication`;return"hardware"===e.device_type?a=e.device_name||"Security Key":"totp"===e.device_type?a=e.device_name||"Authenticator App":"email"===e.device_type&&(a=e.device_name||"Email Verification"),{id:e.device_id,device_type:e.device_type,device_name:e.device_name||a,is_active:!0,created_at:(new Date).toISOString(),last_used_at:e.last_used_at,credential_id:e.credential_id,device_info:e.device_info}});return y.value=e,h.value.signingIn=!1,n}return await j(n),n}catch(a){throw a}finally{h.value.signingIn=!1}},signUp:async e=>{h.value.signingUp=!0;try{throw new Error("Sign up not implemented - please integrate with auth SDK")}finally{h.value.signingUp=!1}},signOut:$,refreshToken:P,fetchProfile:async()=>{if(!v.value?.accessToken)throw new Error("No access token available");const e=`profile:${v.value.accessToken.slice(0,20)}`;h.value.loadingProfile=!0;try{return await u(e,async()=>{const e=await fetch(l("profile"),{method:"GET",headers:{"Content-Type":"application/json",Authorization:`Bearer ${v.value?.accessToken}`}});if(!e.ok)throw 401===e.status?new Error("Authentication expired. Please sign in again."):new Error(`Failed to fetch profile: ${e.status} ${e.statusText}`);const a=await e.json();return f.value=i(a),f.value&&"undefined"!=typeof window&&localStorage.setItem("strands_auth_user",JSON.stringify(f.value)),f.value})}finally{h.value.loadingProfile=!1}},updateProfile:async e=>{if(!v.value?.accessToken)throw new Error("No access token available");h.value.loadingProfile=!0;try{const a=await fetch(l("profile"),{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${v.value.accessToken}`},body:JSON.stringify({first_name:e.firstName,last_name:e.lastName})});if(!a.ok)throw 401===a.status?new Error("Authentication expired. Please sign in again."):new Error(`Profile update failed: ${a.status} ${a.statusText}`);const t=await a.json();return f.value=i(t),f.value&&n("strands_auth_user",JSON.stringify(f.value)),f.value}finally{h.value.loadingProfile=!1}},updateUserSettings:async e=>{if(!v.value?.accessToken)throw new Error("No access token available");h.value.loadingProfile=!0;try{const a=await fetch(l("settings"),{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${v.value.accessToken}`},body:JSON.stringify({settings:e})});if(!a.ok)throw 401===a.status?new Error("Authentication expired. Please sign in again."):new Error(`Settings update failed: ${a.status} ${a.statusText}`);const t=await a.json();return f.value=i(t),f.value&&n("strands_auth_user",JSON.stringify(f.value)),f.value}finally{h.value.loadingProfile=!1}},changeEmail:async(e,a)=>{if(!v.value?.accessToken)throw new Error("No access token available");h.value.loadingProfile=!0;try{const t=await fetch(l("changeEmail"),{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${v.value.accessToken}`},body:JSON.stringify({new_email:e,password:a})});if(!t.ok){if(401===t.status)throw new Error("Authentication expired. Please sign in again.");{const e=await t.json().catch(()=>({}));throw new Error(e.message||`Email change failed: ${t.status} ${t.statusText}`)}}const n=await t.json();return f.value&&(f.value={...f.value,email:e,emailVerified:!1,updatedAt:(new Date).toISOString()},"undefined"!=typeof window&&localStorage.setItem("strands_auth_user",JSON.stringify(f.value))),n}finally{h.value.loadingProfile=!1}},changeUsername:async e=>{if(!v.value?.accessToken)throw new Error("No access token available");h.value.loadingProfile=!0;try{const a=await fetch(l("changeUsername"),{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${v.value.accessToken}`},body:JSON.stringify({username:e})});if(!a.ok){const e=await a.json().catch(()=>({}));if(409===a.status)throw new Error("Username is already taken");if(e.cooldown_end)throw new Error(`You can only change your username once every 30 days. You can change it again on ${new Date(e.cooldown_end).toLocaleDateString()}`);throw new Error(e.message||`Username change failed: ${a.status} ${a.statusText}`)}const t=await a.json();return f.value&&(f.value={...f.value,username:e,usernameLastChangedAt:(new Date).toISOString(),updatedAt:(new Date).toISOString()},"undefined"!=typeof window&&localStorage.setItem("strands_auth_user",JSON.stringify(f.value))),t}finally{h.value.loadingProfile=!1}},getUsernameCooldown:async()=>{if(!v.value?.accessToken)throw new Error("No access token available");const e=await fetch(l("usernameCooldown"),{method:"GET",headers:{Authorization:`Bearer ${v.value.accessToken}`}});if(!e.ok)throw new Error(`Failed to get username cooldown: ${e.status} ${e.statusText}`);return e.json()},checkUsernameAvailability:async e=>{const a=l("checkUsernameAvailability").replace("{username}",encodeURIComponent(e)),t=await fetch(a,{method:"GET",headers:{"Content-Type":"application/json"}});if(!t.ok)throw new Error(`Failed to check username availability: ${t.status} ${t.statusText}`);return t.json()},getUserSessions:async()=>{if(!v.value?.accessToken)throw new Error("No access token available");const e=`sessions:${v.value.accessToken.slice(0,20)}`;try{return await u(e,async()=>{const e=I(),a=await fetch(l("sessions"),{method:"GET",headers:e});if(!a.ok){await a.text();throw new Error(`Failed to get user sessions: ${a.status} ${a.statusText}`)}return a.json()},12e4)}catch(a){throw a}},getSessionStats:async()=>{const e=await fetch(l("sessionsStats"),{method:"GET",headers:I()});if(!e.ok)throw new Error(`Failed to get session stats: ${e.status} ${e.statusText}`);return e.json()},revokeSession:async e=>{const a=l("sessionRevoke").replace("{session_id}",encodeURIComponent(e)),t=await fetch(a,{method:"POST",headers:I()});if(!t.ok)throw new Error(`Failed to revoke session: ${t.status} ${t.statusText}`);return 200===t.status},revokeAllOtherSessions:async()=>{const e=await fetch(l("sessionsRevokeAll"),{method:"POST",headers:I()});if(!e.ok)throw new Error(`Failed to revoke all other sessions: ${e.status} ${e.statusText}`);return 200===e.status},initialize:U,setAuthData:j,verifyMfa:async(e,a,t=!1)=>{if(!w.value)throw new Error("No MFA session available");h.value.verifyingMfa=!0;try{const n=l(t?"mfaBackupCodeVerify":"mfaSigninVerify"),i=t?{mfa_session_id:w.value,backup_code:a}:{mfa_session_id:w.value,device_id:e,code:a},s=await fetch(n,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(!s.ok){const e=await s.text();let a="MFA verification failed";try{const t=JSON.parse(e);a=t.message||t.error||e}catch{a=e||"MFA verification failed"}throw new Error(a)}const r=await s.json();return m.value=!1,w.value=null,y.value=[],await j(r),r}finally{h.value.verifyingMfa=!1}},sendMfaEmailCode:async e=>{if(!w.value)throw new Error("No MFA session available");h.value.sendingMfaEmail=!0;try{const a=await fetch(l("mfaSigninSendEmail"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({mfa_session_id:w.value,device_id:e})});if(!a.ok){const e=await a.text();let t="Failed to send MFA email code";try{const a=JSON.parse(e);t=a.message||a.error||e}catch{t=e||"Failed to send MFA email code"}throw new Error(t)}return await a.json()}finally{h.value.sendingMfaEmail=!1}},getMfaWebAuthnChallenge:async e=>{if(!w.value)throw new Error("No MFA session available");const a=await fetch(l("mfaWebAuthnChallenge"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({mfa_session_id:w.value,device_id:e})});if(!a.ok){const e=await a.text();let t="Failed to get WebAuthn challenge";try{const a=JSON.parse(e);t=a.message||a.error||e}catch{t=e||t}throw new Error(t)}return a.json()},registerHardwareKey:async(e,a,t="hardware")=>{if(!v.value?.accessToken)throw new Error("No access token available");const n=await fetch(l("mfaHardwareStartRegistration"),{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${v.value.accessToken}`},body:JSON.stringify({device_name:e,device_type:t})});if(!n.ok){const e=await n.text();let a="Failed to start hardware key registration";try{const t=JSON.parse(e);a=t.message||t.error||e}catch{a=e||"Failed to start hardware key registration"}throw new Error(a)}return n.json()},completeHardwareKeyRegistration:async(e,a,t)=>{if(!v.value?.accessToken)throw new Error("No access token available");const n=await fetch(l("mfaHardwareCompleteRegistration"),{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${v.value.accessToken}`},body:JSON.stringify({device_id:e,credential:a})});if(!n.ok){const e=await n.text();let a="Failed to complete hardware key registration";try{const t=JSON.parse(e);a=t.message||t.error||e}catch{a=e||"Failed to complete hardware key registration"}throw new Error(a)}return n.json()},startTokenRefreshTimer:M,stopTokenRefreshTimer:C,forceReInit:()=>{g.value=!1,h.value.initializing=!0,U()}}};
package/dist/useStrandsAuth-Co9ekmXB.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"useStrandsAuth-Co9ekmXB.cjs","sources":["../../../apps/accounts-ui/src/vue/utils/requestCache.ts","../../../apps/accounts-ui/src/vue/utils/debounce.ts","../../../apps/accounts-ui/src/vue/composables/useStrandsAuth.ts"],"sourcesContent":["/**\n * Request deduplication and caching utility\n * Prevents duplicate API calls and provides simple caching\n */\n\ninterface CacheEntry {\n promise: Promise<any>\n timestamp: number\n ttl: number\n}\n\nclass RequestCache {\n private cache = new Map<string, CacheEntry>()\n private readonly DEFAULT_TTL = 5 * 60 * 1000 // 5 minutes\n\n /**\n * Memoized fetch - prevents duplicate requests and caches results\n */\n async fetch<T>(key: string, fetcher: () => Promise<T>, ttl = this.DEFAULT_TTL): Promise<T> {\n const now = Date.now()\n const entry = this.cache.get(key)\n\n // Return existing promise if still valid\n if (entry && (now - entry.timestamp) < entry.ttl) {\n return entry.promise\n }\n\n // Clean expired entries periodically\n this.cleanExpired()\n\n // Create new request\n const promise = fetcher().finally(() => {\n // Remove from cache after resolution to allow fresh requests\n setTimeout(() => {\n this.cache.delete(key)\n }, ttl)\n })\n\n // Cache the promise\n this.cache.set(key, {\n promise,\n timestamp: now,\n ttl\n })\n\n return promise\n }\n\n /**\n * Clear all cached entries\n */\n clear(): void {\n this.cache.clear()\n }\n\n /**\n * Remove a specific cache entry\n */\n invalidate(key: string): void {\n this.cache.delete(key)\n }\n\n /**\n * Clean expired cache entries\n */\n private cleanExpired(): void {\n const now = Date.now()\n for (const [key, entry] of this.cache.entries()) {\n if ((now - entry.timestamp) > entry.ttl) {\n this.cache.delete(key)\n }\n }\n }\n\n /**\n * Get cache statistics (for debugging)\n */\n getStats(): { size: number; entries: string[] } {\n return {\n size: this.cache.size,\n entries: Array.from(this.cache.keys())\n }\n }\n}\n\n// Global cache instance\nexport const requestCache = new RequestCache()\n\n/**\n * Composable for request deduplication\n */\nexport function useRequestCache() {\n return {\n fetch: requestCache.fetch.bind(requestCache),\n clear: requestCache.clear.bind(requestCache),\n invalidate: requestCache.invalidate.bind(requestCache),\n getStats: requestCache.getStats.bind(requestCache)\n }\n}\n\n/**\n * Generate cache key from URL and options\n */\nexport function getCacheKey(url: string, options?: RequestInit): string {\n const method = options?.method || 'GET'\n const body = options?.body ? JSON.stringify(options.body) : ''\n const headers = options?.headers ? JSON.stringify(options.headers) : ''\n \n return `${method}:${url}:${body}:${headers}`\n}","/**\n * Debounce utility for optimizing frequent operations\n */\n\nexport function debounce<T extends (...args: any[]) => void>(\n func: T,\n wait: number\n): (...args: Parameters<T>) => void {\n let timeout: NodeJS.Timeout | null = null\n\n return (...args: Parameters<T>) => {\n if (timeout) {\n clearTimeout(timeout)\n }\n \n timeout = setTimeout(() => {\n func(...args)\n }, wait)\n }\n}\n\n/**\n * Debounced localStorage setter\n */\nexport const debouncedSetItem = debounce((key: string, value: string) => {\n if (typeof window !== 'undefined') {\n localStorage.setItem(key, value)\n }\n}, 300)\n\n/**\n * Throttle utility for limiting function execution frequency\n */\nexport function throttle<T extends (...args: any[]) => void>(\n func: T,\n limit: number\n): (...args: Parameters<T>) => void {\n let inThrottle: boolean\n \n return (...args: Parameters<T>) => {\n if (!inThrottle) {\n func(...args)\n inThrottle = true\n setTimeout(() => inThrottle = false, limit)\n }\n }\n}","import { ref, computed, onUnmounted } from 'vue'\nimport type { User, Session, SessionInfo, SessionStats, SignInCredentials, SignUpData, AuthResponse, MfaDevice, MfaErrorResponse } from '../../types'\nimport { useStrandsConfig } from './useStrandsConfig'\nimport { useRequestCache, getCacheKey } from '../utils/requestCache'\nimport { debouncedSetItem } from '../utils/debounce'\n\n// Utility function to map API user data to frontend format\nconst mapApiUserToFrontend = (apiUser: any): User => {\n return {\n id: apiUser.id,\n email: apiUser.email,\n firstName: apiUser.first_name || apiUser.firstName || '',\n lastName: apiUser.last_name || apiUser.lastName || '',\n avatar: apiUser.avatar_url || apiUser.avatar,\n mfaEnabled: apiUser.mfa_enabled ?? apiUser.mfaEnabled ?? false,\n emailVerified: apiUser.email_verified ?? apiUser.emailVerified ?? false,\n passwordUpdatedAt: apiUser.password_updated_at || apiUser.passwordUpdatedAt,\n settings: apiUser.settings || {},\n xp: apiUser.xp || 0,\n level: apiUser.level || 1,\n next_level_xp: apiUser.next_level_xp || apiUser.next_level_xp || 4,\n username: apiUser.username,\n usernameLastChangedAt: apiUser.username_last_changed_at || apiUser.usernameLastChangedAt,\n createdAt: apiUser.created_at || apiUser.createdAt,\n updatedAt: apiUser.updated_at || apiUser.updatedAt || new Date().toISOString(),\n }\n}\n\n// Global state (shared across all instances) - initialized outside to be truly global\nconst globalState = {\n currentUser: ref<User | null>(null),\n currentSession: ref<Session | null>(null),\n loadingStates: ref({\n initializing: true,\n signingIn: false,\n signingUp: false,\n signingOut: false,\n refreshingToken: false,\n sendingMfaEmail: false,\n verifyingMfa: false,\n loadingProfile: false\n }),\n isInitialized: ref(false),\n mfaRequired: ref(false),\n mfaSessionId: ref<string | null>(null),\n availableMfaMethods: ref<MfaDevice[]>([])\n}\n\n// Token refresh timer and lock mechanism\nlet refreshTimer: NodeJS.Timeout | null = null\nlet refreshPromise: Promise<boolean> | null = null\n\nexport function useStrandsAuth() {\n const { getUrl } = useStrandsConfig()\n const { fetch: cachedFetch, clear: clearCache, invalidate } = useRequestCache()\n \n // Use the global state directly\n const { currentUser, currentSession, loadingStates, isInitialized, mfaRequired, mfaSessionId, availableMfaMethods } = globalState\n \n // Computed properties (created fresh each time but referencing same state)\n const isInitializing = computed(() => loadingStates.value.initializing)\n const isSigningIn = computed(() => loadingStates.value.signingIn)\n const isSigningUp = computed(() => loadingStates.value.signingUp)\n const isSigningOut = computed(() => loadingStates.value.signingOut)\n const isRefreshingToken = computed(() => loadingStates.value.refreshingToken)\n const isSendingMfaEmail = computed(() => loadingStates.value.sendingMfaEmail)\n const isVerifyingMfa = computed(() => loadingStates.value.verifyingMfa)\n const isLoadingProfile = computed(() => loadingStates.value.loadingProfile)\n\n // Legacy loading states for backward compatibility\n const loading = computed(() => \n loadingStates.value.signingIn || \n loadingStates.value.signingUp || \n loadingStates.value.signingOut || \n loadingStates.value.refreshingToken || \n loadingStates.value.sendingMfaEmail || \n loadingStates.value.verifyingMfa || \n loadingStates.value.loadingProfile\n )\n const isLoading = computed(() => loadingStates.value.initializing || loading.value)\n\n // Loading messages for better UX\n const loadingMessage = computed(() => {\n const states = loadingStates.value\n if (states.initializing) return 'Checking authentication...'\n if (states.signingIn) return 'Signing you in...'\n if (states.signingUp) return 'Creating your account...'\n if (states.signingOut) return 'Signing you out...'\n if (states.refreshingToken) return 'Refreshing session...'\n if (states.sendingMfaEmail) return 'Sending verification code...'\n if (states.verifyingMfa) return 'Verifying code...'\n if (states.loadingProfile) return 'Loading profile...'\n return 'Loading...' // Fallback\n })\n \n // Helper function to get authenticated headers with refresh token\n const getAuthHeaders = () => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n // Check if token is expired\n const now = new Date()\n const expiresAt = currentSession.value.expiresAt\n const isExpired = expiresAt <= now\n \n if (isExpired) {\n // Token is expired, but we'll let the API handle the 401 response\n }\n \n const headers: Record<string, string> = {\n 'Authorization': `Bearer ${currentSession.value.accessToken}`,\n }\n \n // Include refresh token for session management\n if (currentSession.value?.refreshToken) {\n headers['x-refresh-token'] = currentSession.value.refreshToken\n }\n \n return headers\n }\n /**\n * Complete hardware key (WebAuthn) registration for MFA\n * Returns result with backup codes on success\n */\n const completeHardwareKeyRegistration = async (deviceId: string, credential: any, accessToken: string) => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n\n const response = await fetch(getUrl('mfaHardwareCompleteRegistration'), {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${currentSession.value.accessToken}`\n },\n body: JSON.stringify({\n device_id: deviceId,\n credential: credential\n })\n })\n if (!response.ok) {\n const errorText = await response.text()\n let errorMessage = 'Failed to complete hardware key registration'\n \n try {\n const errorData = JSON.parse(errorText)\n errorMessage = errorData.message || errorData.error || errorText\n } catch {\n errorMessage = errorText || 'Failed to complete hardware key registration'\n }\n \n throw new Error(errorMessage)\n }\n return response.json()\n }\n /**\n * Register a hardware key (WebAuthn) for MFA\n * Returns { device_id, challenge } on success\n */\n const registerHardwareKey = async (deviceName: string, accessToken: string, deviceType: 'hardware' | 'passkey' = 'hardware') => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n const response = await fetch(getUrl('mfaHardwareStartRegistration'), {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${currentSession.value.accessToken}`,\n },\n body: JSON.stringify({ \n device_name: deviceName,\n device_type: deviceType \n })\n })\n if (!response.ok) {\n const errorText = await response.text()\n let errorMessage = 'Failed to start hardware key registration'\n \n try {\n const errorData = JSON.parse(errorText)\n errorMessage = errorData.message || errorData.error || errorText\n } catch {\n errorMessage = errorText || 'Failed to start hardware key registration'\n }\n \n throw new Error(errorMessage)\n }\n return response.json()\n }\n\n const isAuthenticated = computed(() => currentUser.value !== null)\n\n const signIn = async (credentials: SignInCredentials) => {\n loadingStates.value.signingIn = true\n try {\n // Reset MFA state at start of new sign-in attempt\n mfaRequired.value = false\n mfaSessionId.value = null\n availableMfaMethods.value = []\n \n // Prepare headers with session context information\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n \n // Note: User-Agent is set automatically by the browser and cannot be overridden for security reasons\n // The browser will send the correct User-Agent header automatically\n \n // Add Origin header for session tracking\n if (typeof window !== 'undefined' && window.location) {\n headers['Origin'] = window.location.origin\n }\n \n // Make API call to sign-in endpoint\n const response = await fetch(getUrl('signIn'), {\n method: 'POST',\n headers,\n body: JSON.stringify(credentials),\n })\n\n if (!response.ok) {\n if (response.status === 401) {\n throw new Error('Invalid email or password')\n } else if (response.status === 403) {\n throw new Error('Please verify your email address before signing in')\n } else {\n throw new Error(`Sign in failed: ${response.status} ${response.statusText}`)\n }\n }\n\n const authData: AuthResponse = await response.json()\n \n // Check if MFA is required\n if (authData.mfa_required) {\n mfaRequired.value = true\n mfaSessionId.value = authData.mfa_session_id || null\n \n // Convert API MFA methods to the expected format\n const methods = (authData.available_mfa_methods || []).map((method: any) => {\n // Create better fallback names for different device types\n let fallbackName = `${method.device_type.charAt(0).toUpperCase() + method.device_type.slice(1)} Authentication`\n \n if (method.device_type === 'hardware') {\n // Better names for hardware keys\n fallbackName = method.device_name || 'Security Key' // Could be YubiKey, FIDO2 Key, etc.\n } else if (method.device_type === 'totp') {\n fallbackName = method.device_name || 'Authenticator App'\n } else if (method.device_type === 'email') {\n fallbackName = method.device_name || 'Email Verification'\n }\n \n return {\n id: method.device_id,\n device_type: method.device_type,\n device_name: method.device_name || fallbackName,\n is_active: true,\n created_at: new Date().toISOString(),\n last_used_at: method.last_used_at,\n // Pass through additional metadata if available\n credential_id: method.credential_id,\n device_info: method.device_info\n }\n })\n availableMfaMethods.value = methods\n \n // Set signIn loading to false immediately so MFA modal can show\n loadingStates.value.signingIn = false\n \n return authData // Return without storing full auth data\n }\n \n // Store the authentication data if MFA not required\n await setAuthData(authData)\n \n return authData\n } catch (error) {\n throw error\n } finally {\n loadingStates.value.signingIn = false\n }\n }\n\n const signUp = async (userData: SignUpData) => {\n loadingStates.value.signingUp = true\n try {\n // Integration point: Replace with actual auth SDK call\n // Example: const result = await authSDK.signUp(userData)\n \n throw new Error('Sign up not implemented - please integrate with auth SDK')\n } finally {\n loadingStates.value.signingUp = false\n }\n }\n\n const signOut = async () => {\n loadingStates.value.signingOut = true\n try {\n // Stop token refresh timer\n stopTokenRefreshTimer()\n \n // Clear any pending refresh promise\n refreshPromise = null\n \n // Clear request cache\n clearCache()\n \n // Clear user and session state\n currentUser.value = null\n currentSession.value = null\n \n // Clear MFA state\n mfaRequired.value = false\n mfaSessionId.value = null\n availableMfaMethods.value = []\n \n // Clear stored tokens\n if (typeof window !== 'undefined') {\n localStorage.removeItem('strands_auth_session')\n localStorage.removeItem('strands_auth_user')\n }\n } finally {\n loadingStates.value.signingOut = false\n }\n }\n\n const refreshToken = async () => {\n if (!currentSession.value?.refreshToken) {\n return false\n }\n \n // If a refresh is already in progress, wait for it to complete\n if (refreshPromise) {\n console.log('Token refresh already in progress, waiting for completion...')\n return await refreshPromise\n }\n \n // Create a new refresh promise and store it\n refreshPromise = (async () => {\n loadingStates.value.refreshingToken = true\n try {\n const response = await fetch(getUrl('refresh'), {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n refresh_token: currentSession.value!.refreshToken,\n }),\n })\n\n if (!response.ok) { \n if (response.status === 401) {\n // Refresh token is invalid/expired, sign out user\n await signOut()\n return false\n }\n throw new Error(`Token refresh failed: ${response.status} ${response.statusText}`)\n }\n\n const tokenData = await response.json()\n \n // Token refresh now returns full AuthResponse with user data\n if (tokenData.user) {\n // Update user data with fresh information from the server\n currentUser.value = mapApiUserToFrontend(tokenData.user)\n \n // Update localStorage with fresh user data (immediate)\n if (currentUser.value && typeof window !== 'undefined') {\n localStorage.setItem('strands_auth_user', JSON.stringify(currentUser.value))\n }\n }\n \n // Update session with fresh tokens\n const newSession: Session = {\n accessToken: tokenData.access_token,\n refreshToken: tokenData.refresh_token,\n expiresAt: new Date(Date.now() + 5 * 60 * 1000), // 5 minutes from now\n userId: tokenData.user?.id || currentUser.value?.id,\n }\n \n currentSession.value = newSession\n \n // Update localStorage with new session (immediate)\n if (typeof window !== 'undefined') {\n localStorage.setItem('strands_auth_session', JSON.stringify(newSession))\n }\n \n // Restart token refresh timer\n startTokenRefreshTimer()\n \n // Invalidate sessions cache to force refresh on next access\n invalidate(`sessions:${currentSession.value.accessToken.slice(0, 20)}`)\n \n return true\n } catch (error) {\n // On refresh failure, sign out the user\n await signOut()\n return false\n } finally {\n loadingStates.value.refreshingToken = false\n }\n })()\n \n // Wait for the refresh to complete and clear the promise\n const result = await refreshPromise\n refreshPromise = null\n return result\n }\n\n const fetchProfile = async (): Promise<User | null> => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n // Use request deduplication for profile fetching\n const cacheKey = `profile:${currentSession.value.accessToken.slice(0, 20)}`\n \n loadingStates.value.loadingProfile = true\n try {\n return await cachedFetch(cacheKey, async () => {\n const response = await fetch(getUrl('profile'), {\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${currentSession.value?.accessToken}`,\n },\n })\n\n if (!response.ok) {\n if (response.status === 401) {\n throw new Error('Authentication expired. Please sign in again.')\n } else {\n throw new Error(`Failed to fetch profile: ${response.status} ${response.statusText}`)\n }\n }\n\n const userData = await response.json()\n \n // Update the current user state using the mapping utility\n currentUser.value = mapApiUserToFrontend(userData)\n \n // Update localStorage (immediate)\n if (currentUser.value && typeof window !== 'undefined') {\n localStorage.setItem('strands_auth_user', JSON.stringify(currentUser.value))\n }\n \n return currentUser.value\n })\n } finally {\n loadingStates.value.loadingProfile = false\n }\n }\n\n const updateProfile = async (profileData: Partial<User>) => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n loadingStates.value.loadingProfile = true\n try {\n const response = await fetch(getUrl('profile'), {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${currentSession.value.accessToken}`,\n },\n body: JSON.stringify({\n first_name: profileData.firstName,\n last_name: profileData.lastName,\n }),\n })\n\n if (!response.ok) {\n if (response.status === 401) {\n throw new Error('Authentication expired. Please sign in again.')\n } else {\n throw new Error(`Profile update failed: ${response.status} ${response.statusText}`)\n }\n }\n\n const updatedUserData = await response.json()\n \n // Update the current user state using the mapping utility\n currentUser.value = mapApiUserToFrontend(updatedUserData)\n \n // Update localStorage (debounced)\n if (currentUser.value) {\n debouncedSetItem('strands_auth_user', JSON.stringify(currentUser.value))\n }\n \n return currentUser.value\n } finally {\n loadingStates.value.loadingProfile = false\n }\n }\n\n const updateUserSettings = async (settings: any) => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n loadingStates.value.loadingProfile = true\n try {\n const response = await fetch(getUrl('settings'), {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${currentSession.value.accessToken}`,\n },\n body: JSON.stringify({\n settings: settings,\n }),\n })\n\n if (!response.ok) {\n if (response.status === 401) {\n throw new Error('Authentication expired. Please sign in again.')\n } else {\n throw new Error(`Settings update failed: ${response.status} ${response.statusText}`)\n }\n }\n\n const updatedUserData = await response.json()\n \n // Update the current user state using the mapping utility\n currentUser.value = mapApiUserToFrontend(updatedUserData)\n \n // Update localStorage (debounced)\n if (currentUser.value) {\n debouncedSetItem('strands_auth_user', JSON.stringify(currentUser.value))\n }\n \n return currentUser.value\n } finally {\n loadingStates.value.loadingProfile = false\n }\n }\n\n const changeEmail = async (newEmail: string, password: string) => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n loadingStates.value.loadingProfile = true\n try {\n const response = await fetch(getUrl('changeEmail'), {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${currentSession.value.accessToken}`,\n },\n body: JSON.stringify({\n new_email: newEmail,\n password: password,\n }),\n })\n\n if (!response.ok) {\n if (response.status === 401) {\n throw new Error('Authentication expired. Please sign in again.')\n } else {\n const errorData = await response.json().catch(() => ({}))\n throw new Error(errorData.message || `Email change failed: ${response.status} ${response.statusText}`)\n }\n }\n\n const result = await response.json()\n \n // For email change, we need to manually update some fields since API might not return full user\n if (currentUser.value) {\n currentUser.value = {\n ...currentUser.value,\n email: newEmail,\n emailVerified: false, // Email needs to be verified again\n updatedAt: new Date().toISOString(),\n }\n \n // Update localStorage\n if (typeof window !== 'undefined') {\n localStorage.setItem('strands_auth_user', JSON.stringify(currentUser.value))\n }\n }\n \n return result\n } finally {\n loadingStates.value.loadingProfile = false\n }\n }\n\n const verifyMfa = async (deviceId: string, code: string, isBackupCode = false) => {\n if (!mfaSessionId.value) {\n throw new Error('No MFA session available')\n }\n\n loadingStates.value.verifyingMfa = true\n try {\n const endpoint = isBackupCode ? getUrl('mfaBackupCodeVerify') : getUrl('mfaSigninVerify')\n const body = isBackupCode \n ? { mfa_session_id: mfaSessionId.value, backup_code: code }\n : { mfa_session_id: mfaSessionId.value, device_id: deviceId, code }\n\n const response = await fetch(endpoint, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(body),\n })\n\n if (!response.ok) {\n const errorText = await response.text()\n let errorMessage = 'MFA verification failed'\n \n try {\n const errorData = JSON.parse(errorText)\n errorMessage = errorData.message || errorData.error || errorText\n } catch {\n // If parsing fails, use the raw text but clean it up\n errorMessage = errorText || 'MFA verification failed'\n }\n \n throw new Error(errorMessage)\n }\n\n const authData: AuthResponse = await response.json()\n \n // Clear MFA state\n mfaRequired.value = false\n mfaSessionId.value = null\n availableMfaMethods.value = []\n \n // Store the authentication data\n await setAuthData(authData)\n \n return authData\n } finally {\n loadingStates.value.verifyingMfa = false\n }\n }\n\n const sendMfaEmailCode = async (deviceId: string) => {\n if (!mfaSessionId.value) {\n throw new Error('No MFA session available')\n }\n\n loadingStates.value.sendingMfaEmail = true\n try {\n const response = await fetch(getUrl('mfaSigninSendEmail'), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n mfa_session_id: mfaSessionId.value,\n device_id: deviceId,\n }),\n })\n\n if (!response.ok) {\n const errorText = await response.text()\n let errorMessage = 'Failed to send MFA email code'\n \n try {\n const errorData = JSON.parse(errorText)\n errorMessage = errorData.message || errorData.error || errorText\n } catch {\n // If parsing fails, use the raw text but clean it up\n errorMessage = errorText || 'Failed to send MFA email code'\n }\n \n throw new Error(errorMessage)\n }\n\n const result = await response.json()\n return result\n } finally {\n loadingStates.value.sendingMfaEmail = false\n }\n }\n\n const getMfaWebAuthnChallenge = async (deviceId: string) => {\n if (!mfaSessionId.value) {\n throw new Error('No MFA session available')\n }\n \n const response = await fetch(getUrl('mfaWebAuthnChallenge'), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n mfa_session_id: mfaSessionId.value,\n device_id: deviceId\n }),\n })\n\n if (!response.ok) {\n const errorText = await response.text()\n let errorMessage = 'Failed to get WebAuthn challenge'\n \n try {\n const errorData = JSON.parse(errorText)\n errorMessage = errorData.message || errorData.error || errorText\n } catch {\n errorMessage = errorText || errorMessage\n }\n \n throw new Error(errorMessage)\n }\n\n return response.json()\n }\n\n const setAuthData = async (authResponse: AuthResponse) => {\n try {\n // Handle user data (only for sign-in/sign-up, not token refresh)\n if (authResponse.user) {\n currentUser.value = mapApiUserToFrontend(authResponse.user)\n }\n \n // Create session object\n const session: Session = {\n accessToken: authResponse.access_token,\n refreshToken: authResponse.refresh_token,\n expiresAt: new Date(Date.now() + 5 * 60 * 1000), // 5 minutes from now (matching API token expiry)\n userId: currentUser.value?.id || authResponse.user?.id,\n }\n \n currentSession.value = session\n \n // Store in localStorage for persistence (immediate for critical auth data)\n if (typeof window !== 'undefined') {\n localStorage.setItem('strands_auth_session', JSON.stringify(session))\n if (currentUser.value) {\n localStorage.setItem('strands_auth_user', JSON.stringify(currentUser.value))\n }\n }\n \n // Start automatic token refresh\n startTokenRefreshTimer()\n } catch (error) {\n // Silently handle auth data storage errors\n }\n }\n\n // Token refresh timer management with visibility optimization\n const startTokenRefreshTimer = () => {\n // Clear existing timer\n if (refreshTimer) {\n clearTimeout(refreshTimer)\n }\n \n if (!currentSession.value) return\n \n // Only start timer if page is visible (performance optimization)\n if (typeof document !== 'undefined' && document.visibilityState === 'hidden') {\n return\n }\n \n // Calculate time until token expires (refresh 1 minute before expiry)\n const now = new Date()\n const expiresAt = currentSession.value.expiresAt\n const timeUntilRefresh = expiresAt.getTime() - now.getTime() - (1 * 60 * 1000) // 1 minute before expiry\n \n // If token is already expired or expires very soon, refresh immediately\n if (timeUntilRefresh <= 0) {\n refreshToken()\n return\n }\n \n // Set timer to refresh token\n refreshTimer = setTimeout(async () => {\n // Double-check page is still visible before refreshing\n if (typeof document === 'undefined' || document.visibilityState === 'visible') {\n const success = await refreshToken()\n \n if (success) {\n // Schedule next refresh\n startTokenRefreshTimer()\n }\n }\n }, timeUntilRefresh)\n }\n\n const stopTokenRefreshTimer = () => {\n if (refreshTimer) {\n clearTimeout(refreshTimer)\n refreshTimer = null\n }\n }\n\n const initialize = async () => {\n if (isInitialized.value) return\n \n loadingStates.value.initializing = true\n try {\n // Check for existing session/token in localStorage\n if (typeof window !== 'undefined') {\n const storedSession = localStorage.getItem('strands_auth_session')\n const storedUser = localStorage.getItem('strands_auth_user')\n \n if (storedSession && storedUser) {\n try {\n const session = JSON.parse(storedSession) as Session\n const user = JSON.parse(storedUser) as User\n \n // Convert expiresAt back to Date object\n session.expiresAt = new Date(session.expiresAt)\n \n // Check if session is still valid\n if (session.expiresAt > new Date()) {\n currentSession.value = session\n currentUser.value = user\n \n // Start token refresh timer for restored session\n startTokenRefreshTimer()\n } else {\n // Session expired, clear storage\n localStorage.removeItem('strands_auth_session')\n localStorage.removeItem('strands_auth_user')\n }\n } catch (error) {\n // Clear corrupted data\n localStorage.removeItem('strands_auth_session')\n localStorage.removeItem('strands_auth_user')\n }\n }\n }\n \n isInitialized.value = true\n \n // Add a small delay to ensure state is fully settled before hiding loading\n await new Promise(resolve => setTimeout(resolve, 50))\n } catch (error) {\n // Silently handle initialization errors\n } finally {\n loadingStates.value.initializing = false\n }\n }\n\n const changeUsername = async (newUsername: string) => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n loadingStates.value.loadingProfile = true\n try {\n const response = await fetch(getUrl('changeUsername'), {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${currentSession.value.accessToken}`,\n },\n body: JSON.stringify({\n username: newUsername,\n }),\n })\n\n if (!response.ok) {\n const errorData = await response.json().catch(() => ({}))\n if (response.status === 409) {\n throw new Error('Username is already taken')\n } else if (errorData.cooldown_end) {\n throw new Error(`You can only change your username once every 30 days. You can change it again on ${new Date(errorData.cooldown_end).toLocaleDateString()}`)\n }\n throw new Error(errorData.message || `Username change failed: ${response.status} ${response.statusText}`)\n }\n\n const result = await response.json()\n \n // For username change, we need to manually update some fields since API might not return full user\n if (currentUser.value) {\n currentUser.value = {\n ...currentUser.value,\n username: newUsername,\n usernameLastChangedAt: new Date().toISOString(),\n updatedAt: new Date().toISOString(),\n }\n \n // Update localStorage\n if (typeof window !== 'undefined') {\n localStorage.setItem('strands_auth_user', JSON.stringify(currentUser.value))\n }\n }\n \n return result\n } finally {\n loadingStates.value.loadingProfile = false\n }\n }\n\n const getUsernameCooldown = async () => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n const response = await fetch(getUrl('usernameCooldown'), {\n method: 'GET',\n headers: {\n 'Authorization': `Bearer ${currentSession.value.accessToken}`,\n },\n })\n\n if (!response.ok) {\n throw new Error(`Failed to get username cooldown: ${response.status} ${response.statusText}`)\n }\n\n return response.json()\n }\n\n const checkUsernameAvailability = async (username: string) => {\n // Replace {username} in the URL\n const url = getUrl('checkUsernameAvailability').replace('{username}', encodeURIComponent(username))\n \n const response = await fetch(url, {\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json',\n },\n })\n\n if (!response.ok) {\n throw new Error(`Failed to check username availability: ${response.status} ${response.statusText}`)\n }\n\n return response.json()\n }\n\n // Session management functions\n const getUserSessions = async () => {\n if (!currentSession.value?.accessToken) {\n throw new Error('No access token available')\n }\n \n // Use request deduplication for sessions\n const cacheKey = `sessions:${currentSession.value.accessToken.slice(0, 20)}`\n \n try {\n return await cachedFetch(cacheKey, async () => {\n const headers = getAuthHeaders()\n \n const response = await fetch(getUrl('sessions'), {\n method: 'GET',\n headers,\n })\n \n if (!response.ok) {\n const errorText = await response.text()\n throw new Error(`Failed to get user sessions: ${response.status} ${response.statusText}`)\n }\n\n return response.json()\n }, 2 * 60 * 1000) // Cache for 2 minutes\n } catch (error) {\n throw error\n }\n }\n\n const getSessionStats = async () => {\n const response = await fetch(getUrl('sessionsStats'), {\n method: 'GET',\n headers: getAuthHeaders(),\n })\n\n if (!response.ok) {\n throw new Error(`Failed to get session stats: ${response.status} ${response.statusText}`)\n }\n\n return response.json()\n }\n\n const revokeSession = async (sessionId: string) => {\n const url = getUrl('sessionRevoke').replace('{session_id}', encodeURIComponent(sessionId))\n \n const response = await fetch(url, {\n method: 'POST',\n headers: getAuthHeaders(),\n })\n\n if (!response.ok) {\n throw new Error(`Failed to revoke session: ${response.status} ${response.statusText}`)\n }\n\n return response.status === 200\n }\n\n const revokeAllOtherSessions = async () => {\n const response = await fetch(getUrl('sessionsRevokeAll'), {\n method: 'POST',\n headers: getAuthHeaders(),\n })\n\n if (!response.ok) {\n throw new Error(`Failed to revoke all other sessions: ${response.status} ${response.statusText}`)\n }\n\n return response.status === 200\n }\n\n // Visibility change listener for performance optimization\n if (typeof document !== 'undefined') {\n document.addEventListener('visibilitychange', () => {\n if (document.visibilityState === 'visible' && currentSession.value) {\n // Resume token refresh when page becomes visible\n startTokenRefreshTimer()\n } else if (document.visibilityState === 'hidden') {\n // Stop timer when page is hidden to save resources\n stopTokenRefreshTimer()\n }\n })\n }\n\n // Cleanup function\n const cleanup = () => {\n stopTokenRefreshTimer()\n clearCache()\n if (typeof document !== 'undefined') {\n document.removeEventListener('visibilitychange', () => {})\n }\n }\n\n // Setup onUnmounted cleanup (only if in component context)\n try {\n onUnmounted(cleanup)\n } catch (e) {\n // If not in component context, onUnmounted will throw - that's okay\n // The cleanup will happen when the page unloads or the module is reloaded\n }\n\n // Auto-initialize on first use\n if (!isInitialized.value) {\n initialize()\n }\n\n return {\n // State\n user: computed(() => currentUser.value),\n currentUser: computed(() => currentUser.value),\n currentSession: computed(() => currentSession.value),\n isAuthenticated,\n isLoading: computed(() => isLoading.value || !isInitialized.value),\n loading: computed(() => loading.value),\n loadingMessage,\n \n // Specific loading states\n isInitializing,\n isSigningIn,\n isSigningUp,\n isSigningOut,\n isRefreshingToken,\n isSendingMfaEmail,\n isVerifyingMfa,\n \n // MFA State\n mfaRequired: computed(() => mfaRequired.value),\n mfaSessionId: computed(() => mfaSessionId.value),\n availableMfaMethods: computed(() => availableMfaMethods.value),\n\n // Methods\n signIn,\n signUp,\n signOut,\n refreshToken,\n fetchProfile,\n updateProfile,\n updateUserSettings,\n changeEmail,\n changeUsername,\n getUsernameCooldown,\n checkUsernameAvailability,\n // Session management\n getUserSessions,\n getSessionStats,\n revokeSession,\n revokeAllOtherSessions,\n initialize,\n setAuthData,\n verifyMfa,\n sendMfaEmailCode,\n getMfaWebAuthnChallenge,\n registerHardwareKey,\n completeHardwareKeyRegistration,\n \n // Token management\n startTokenRefreshTimer,\n stopTokenRefreshTimer,\n \n // Force re-initialization (useful for testing or navigation)\n forceReInit: () => {\n isInitialized.value = false\n loadingStates.value.initializing = true\n initialize()\n },\n }\n}"],"names":["requestCache","cache","Map","DEFAULT_TTL","fetch","key","fetcher","ttl","this","now","Date","entry","get","timestamp","promise","cleanExpired","finally","setTimeout","delete","set","clear","invalidate","entries","getStats","size","Array","from","keys","debouncedSetItem","func","wait","timeout","args","clearTimeout","debounce","value","window","localStorage","setItem","mapApiUserToFrontend","apiUser","id","email","firstName","first_name","lastName","last_name","avatar","avatar_url","mfaEnabled","mfa_enabled","emailVerified","email_verified","passwordUpdatedAt","password_updated_at","settings","xp","level","next_level_xp","username","usernameLastChangedAt","username_last_changed_at","createdAt","created_at","updatedAt","updated_at","toISOString","globalState","currentUser","ref","currentSession","loadingStates","initializing","signingIn","signingUp","signingOut","refreshingToken","sendingMfaEmail","verifyingMfa","loadingProfile","isInitialized","mfaRequired","mfaSessionId","availableMfaMethods","refreshTimer","refreshPromise","getUrl","useStrandsConfig","cachedFetch","clearCache","bind","isInitializing","computed","isSigningIn","isSigningUp","isSigningOut","isRefreshingToken","isSendingMfaEmail","isVerifyingMfa","loading","isLoading","loadingMessage","states","getAuthHeaders","accessToken","Error","expiresAt","headers","Authorization","refreshToken","isAuthenticated","signOut","async","stopTokenRefreshTimer","removeItem","response","method","body","JSON","stringify","refresh_token","ok","status","statusText","tokenData","json","user","newSession","access_token","userId","startTokenRefreshTimer","slice","error","result","setAuthData","authResponse","session","document","visibilityState","timeUntilRefresh","getTime","initialize","storedSession","getItem","storedUser","parse","Promise","resolve","addEventListener","cleanup","removeEventListener","onUnmounted","e","signIn","credentials","location","origin","authData","mfa_required","mfa_session_id","methods","available_mfa_methods","map","fallbackName","device_type","charAt","toUpperCase","device_name","device_id","is_active","last_used_at","credential_id","device_info","signUp","userData","fetchProfile","cacheKey","updateProfile","profileData","updatedUserData","updateUserSettings","changeEmail","newEmail","password","new_email","errorData","catch","message","changeUsername","newUsername","cooldown_end","toLocaleDateString","getUsernameCooldown","checkUsernameAvailability","url","replace","encodeURIComponent","getUserSessions","text","getSessionStats","revokeSession","sessionId","revokeAllOtherSessions","verifyMfa","deviceId","code","isBackupCode","endpoint","backup_code","errorText","errorMessage","sendMfaEmailCode","getMfaWebAuthnChallenge","registerHardwareKey","deviceName","deviceType","completeHardwareKeyRegistration","credential","forceReInit"],"mappings":"iFAsFO,MAAMA,EAAe,IA3E5B,MACUC,UAAYC,IACHC,YAAc,IAK/B,WAAMC,CAASC,EAAaC,EAA2BC,EAAMC,KAAKL,aAChE,MAAMM,EAAMC,KAAKD,MACXE,EAAQH,KAAKP,MAAMW,IAAIP,GAG7B,GAAIM,GAAUF,EAAME,EAAME,UAAaF,EAAMJ,IAC3C,OAAOI,EAAMG,QAIfN,KAAKO,eAGL,MAAMD,EAAUR,IAAUU,QAAQ,KAEhCC,WAAW,KACTT,KAAKP,MAAMiB,OAAOb,IACjBE,KAUL,OANAC,KAAKP,MAAMkB,IAAId,EAAK,CAClBS,UACAD,UAAWJ,EACXF,QAGKO,CACT,CAKA,KAAAM,GACEZ,KAAKP,MAAMmB,OACb,CAKA,UAAAC,CAAWhB,GACTG,KAAKP,MAAMiB,OAAOb,EACpB,CAKQ,YAAAU,GACN,MAAMN,EAAMC,KAAKD,MACjB,IAAA,MAAYJ,EAAKM,KAAUH,KAAKP,MAAMqB,UAC/Bb,EAAME,EAAME,UAAaF,EAAMJ,KAClCC,KAAKP,MAAMiB,OAAOb,EAGxB,CAKA,QAAAkB,GACE,MAAO,CACLC,KAAMhB,KAAKP,MAAMuB,KACjBF,QAASG,MAAMC,KAAKlB,KAAKP,MAAM0B,QAEnC,GC1DK,MAAMC,EApBN,SACLC,EACAC,GAEA,IAAIC,EAAiC,KAErC,MAAO,IAAIC,KACLD,GACFE,aAAaF,GAGfA,EAAUd,WAAW,KACnBY,KAAQG,IACPF,GAEP,CAKgCI,CAAS,CAAC7B,EAAa8B,KAC/B,oBAAXC,QACTC,aAAaC,QAAQjC,EAAK8B,IAE3B,KCrBGI,EAAwBC,IACrB,CACLC,GAAID,EAAQC,GACZC,MAAOF,EAAQE,MACfC,UAAWH,EAAQI,YAAcJ,EAAQG,WAAa,GACtDE,SAAUL,EAAQM,WAAaN,EAAQK,UAAY,GACnDE,OAAQP,EAAQQ,YAAcR,EAAQO,OACtCE,WAAYT,EAAQU,aAAeV,EAAQS,aAAc,EACzDE,cAAeX,EAAQY,gBAAkBZ,EAAQW,gBAAiB,EAClEE,kBAAmBb,EAAQc,qBAAuBd,EAAQa,kBAC1DE,SAAUf,EAAQe,UAAY,CAAA,EAC9BC,GAAIhB,EAAQgB,IAAM,EAClBC,MAAOjB,EAAQiB,OAAS,EACxBC,cAAelB,EAAQkB,eAAiBlB,EAAQkB,eAAiB,EACjEC,SAAUnB,EAAQmB,SAClBC,sBAAuBpB,EAAQqB,0BAA4BrB,EAAQoB,sBACnEE,UAAWtB,EAAQuB,YAAcvB,EAAQsB,UACzCE,UAAWxB,EAAQyB,YAAczB,EAAQwB,gBAAiBtD,MAAOwD,gBAK/DC,EAAc,CAClBC,YAAaC,EAAAA,IAAiB,MAC9BC,eAAgBD,EAAAA,IAAoB,MACpCE,cAAeF,EAAAA,IAAI,CACjBG,cAAc,EACdC,WAAW,EACXC,WAAW,EACXC,YAAY,EACZC,iBAAiB,EACjBC,iBAAiB,EACjBC,cAAc,EACdC,gBAAgB,IAElBC,cAAeX,EAAAA,KAAI,GACnBY,YAAaZ,EAAAA,KAAI,GACjBa,aAAcb,EAAAA,IAAmB,MACjCc,oBAAqBd,EAAAA,IAAiB,KAIxC,IAAIe,EAAsC,KACtCC,EAA0C,4BAEvC,WACL,MAAMC,OAAEA,GAAWC,sBACXnF,MAAOoF,EAAapE,MAAOqE,EAAApE,WAAYA,GFsCxC,CACLjB,MAAOJ,EAAaI,MAAMsF,KAAK1F,GAC/BoB,MAAOpB,EAAaoB,MAAMsE,KAAK1F,GAC/BqB,WAAYrB,EAAaqB,WAAWqE,KAAK1F,GACzCuB,SAAUvB,EAAauB,SAASmE,KAAK1F,KEvCjCoE,YAAEA,iBAAaE,EAAAC,cAAgBA,EAAAS,cAAeA,cAAeC,EAAAC,aAAaA,EAAAC,oBAAcA,GAAwBhB,EAGhHwB,EAAiBC,EAAAA,SAAS,IAAMrB,EAAcpC,MAAMqC,cACpDqB,EAAcD,EAAAA,SAAS,IAAMrB,EAAcpC,MAAMsC,WACjDqB,EAAcF,EAAAA,SAAS,IAAMrB,EAAcpC,MAAMuC,WACjDqB,EAAeH,EAAAA,SAAS,IAAMrB,EAAcpC,MAAMwC,YAClDqB,EAAoBJ,EAAAA,SAAS,IAAMrB,EAAcpC,MAAMyC,iBACvDqB,EAAoBL,EAAAA,SAAS,IAAMrB,EAAcpC,MAAM0C,iBACvDqB,EAAiBN,EAAAA,SAAS,IAAMrB,EAAcpC,MAAM2C,cACjCc,WAAS,IAAMrB,EAAcpC,MAAM4C,gBAG5D,MAAMoB,EAAUP,EAAAA,SAAS,IACvBrB,EAAcpC,MAAMsC,WACpBF,EAAcpC,MAAMuC,WACpBH,EAAcpC,MAAMwC,YACpBJ,EAAcpC,MAAMyC,iBACpBL,EAAcpC,MAAM0C,iBACpBN,EAAcpC,MAAM2C,cACpBP,EAAcpC,MAAM4C,gBAEhBqB,EAAYR,EAAAA,SAAS,IAAMrB,EAAcpC,MAAMqC,cAAgB2B,EAAQhE,OAGvEkE,EAAiBT,EAAAA,SAAS,KAC9B,MAAMU,EAAS/B,EAAcpC,MAC7B,OAAImE,EAAO9B,aAAqB,6BAC5B8B,EAAO7B,UAAkB,oBACzB6B,EAAO5B,UAAkB,2BACzB4B,EAAO3B,WAAmB,qBAC1B2B,EAAO1B,gBAAwB,wBAC/B0B,EAAOzB,gBAAwB,+BAC/ByB,EAAOxB,aAAqB,oBAC5BwB,EAAOvB,eAAuB,qBAC3B,eAIHwB,EAAiB,KACrB,IAAKjC,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAKAnC,EAAenC,MAAMuE,UAOvC,MAAMC,EAAkC,CACtCC,cAAiB,UAAUtC,EAAenC,MAAMqE,eAQlD,OAJIlC,EAAenC,OAAO0E,eACxBF,EAAQ,mBAAqBrC,EAAenC,MAAM0E,cAG7CF,GAyEHG,EAAkBlB,EAAAA,SAAS,IAA4B,OAAtBxB,EAAYjC,OAwG7C4E,EAAUC,UACdzC,EAAcpC,MAAMwC,YAAa,EACjC,IAEEsC,IAGA5B,EAAiB,KAGjBI,IAGArB,EAAYjC,MAAQ,KACpBmC,EAAenC,MAAQ,KAGvB8C,EAAY9C,OAAQ,EACpB+C,EAAa/C,MAAQ,KACrBgD,EAAoBhD,MAAQ,GAGN,oBAAXC,SACTC,aAAa6E,WAAW,wBACxB7E,aAAa6E,WAAW,qBAE5B,CAAA,QACE3C,EAAcpC,MAAMwC,YAAa,CACnC,GAGIkC,EAAeG,UACnB,IAAK1C,EAAenC,OAAO0E,aACzB,OAAO,EAIT,GAAIxB,EAEF,aAAaA,EAIfA,EAAA,WACEd,EAAcpC,MAAMyC,iBAAkB,EACtC,IACE,MAAMuC,QAAiB/G,MAAMkF,EAAO,WAAY,CAC9C8B,OAAQ,OACRT,QAAS,CACP,eAAgB,oBAElBU,KAAMC,KAAKC,UAAU,CACnBC,cAAelD,EAAenC,MAAO0E,iBAIzC,IAAKM,EAASM,GAAI,CAChB,GAAwB,MAApBN,EAASO,OAGX,aADMX,KACC,EAET,MAAM,IAAIN,MAAM,yBAAyBU,EAASO,UAAUP,EAASQ,aACvE,CAEA,MAAMC,QAAkBT,EAASU,OAG7BD,EAAUE,OAEZ1D,EAAYjC,MAAQI,EAAqBqF,EAAUE,MAG/C1D,EAAYjC,OAA2B,oBAAXC,QAC9BC,aAAaC,QAAQ,oBAAqBgF,KAAKC,UAAUnD,EAAYjC,SAKzE,MAAM4F,EAAsB,CAC1BvB,YAAaoB,EAAUI,aACvBnB,aAAce,EAAUJ,cACxBd,UAAW,IAAIhG,KAAKA,KAAKD,MAAQ,KACjCwH,OAAQL,EAAUE,MAAMrF,IAAM2B,EAAYjC,OAAOM,IAgBnD,OAbA6B,EAAenC,MAAQ4F,EAGD,oBAAX3F,QACTC,aAAaC,QAAQ,uBAAwBgF,KAAKC,UAAUQ,IAI9DG,IAGA7G,EAAW,YAAYiD,EAAenC,MAAMqE,YAAY2B,MAAM,EAAG,QAE1D,CACT,OAASC,GAGP,aADMrB,KACC,CACT,CAAA,QACExC,EAAcpC,MAAMyC,iBAAkB,CACxC,CACF,EAhEA,GAmEA,MAAMyD,QAAehD,EAErB,OADAA,EAAiB,KACVgD,GA6SHC,EAActB,MAAOuB,IACzB,IAEMA,EAAaT,OACf1D,EAAYjC,MAAQI,EAAqBgG,EAAaT,OAIxD,MAAMU,EAAmB,CACvBhC,YAAa+B,EAAaP,aAC1BnB,aAAc0B,EAAaf,cAC3Bd,UAAW,IAAIhG,KAAKA,KAAKD,MAAQ,KACjCwH,OAAQ7D,EAAYjC,OAAOM,IAAM8F,EAAaT,MAAMrF,IAGtD6B,EAAenC,MAAQqG,EAGD,oBAAXpG,SACTC,aAAaC,QAAQ,uBAAwBgF,KAAKC,UAAUiB,IACxDpE,EAAYjC,OACdE,aAAaC,QAAQ,oBAAqBgF,KAAKC,UAAUnD,EAAYjC,SAKzE+F,GACF,OAASE,GAET,GAIIF,EAAyB,KAM7B,GAJI9C,GACFnD,aAAamD,IAGVd,EAAenC,MAAO,OAG3B,GAAwB,oBAAbsG,UAAyD,WAA7BA,SAASC,gBAC9C,OAIF,MAAMjI,MAAUC,KAEViI,EADYrE,EAAenC,MAAMuE,UACJkC,UAAYnI,EAAImI,UAAa,IAG5DD,GAAoB,EACtB9B,IAKFzB,EAAenE,WAAW+F,UAExB,GAAwB,oBAAbyB,UAAyD,YAA7BA,SAASC,gBAA+B,OACvD7B,KAIpBqB,GAEJ,GACCS,IAGC1B,EAAwB,KACxB7B,IACFnD,aAAamD,GACbA,EAAe,OAIbyD,EAAa7B,UACjB,IAAIhC,EAAc7C,MAAlB,CAEAoC,EAAcpC,MAAMqC,cAAe,EACnC,IAEE,GAAsB,oBAAXpC,OAAwB,CACjC,MAAM0G,EAAgBzG,aAAa0G,QAAQ,wBACrCC,EAAa3G,aAAa0G,QAAQ,qBAExC,GAAID,GAAiBE,EACnB,IACE,MAAMR,EAAUlB,KAAK2B,MAAMH,GACrBhB,EAAOR,KAAK2B,MAAMD,GAGxBR,EAAQ9B,UAAY,IAAIhG,KAAK8H,EAAQ9B,WAGjC8B,EAAQ9B,UAAY,IAAIhG,MAC1B4D,EAAenC,MAAQqG,EACvBpE,EAAYjC,MAAQ2F,EAGpBI,MAGA7F,aAAa6E,WAAW,wBACxB7E,aAAa6E,WAAW,qBAE5B,OAASkB,GAEP/F,aAAa6E,WAAW,wBACxB7E,aAAa6E,WAAW,oBAC1B,CAEJ,CAEAlC,EAAc7C,OAAQ,QAGhB,IAAI+G,QAAQC,GAAWlI,WAAWkI,EAAS,IACnD,OAASf,GAET,CAAA,QACE7D,EAAcpC,MAAMqC,cAAe,CACrC,CA7CyB,GAgNH,oBAAbiE,UACTA,SAASW,iBAAiB,mBAAoB,KACX,YAA7BX,SAASC,iBAAiCpE,EAAenC,MAE3D+F,IACsC,WAA7BO,SAASC,iBAElBzB,MAMN,MAAMoC,EAAU,KACdpC,IACAxB,IACwB,oBAAbgD,UACTA,SAASa,oBAAoB,mBAAoB,SAKrD,IACEC,EAAAA,YAAYF,EACd,OAASG,GAGT,CAOA,OAJKxE,EAAc7C,OACjB0G,IAGK,CAELf,KAAMlC,EAAAA,SAAS,IAAMxB,EAAYjC,OACjCiC,YAAawB,EAAAA,SAAS,IAAMxB,EAAYjC,OACxCmC,eAAgBsB,EAAAA,SAAS,IAAMtB,EAAenC,OAC9C2E,kBACAV,UAAWR,EAAAA,SAAS,IAAMQ,EAAUjE,QAAU6C,EAAc7C,OAC5DgE,QAASP,EAAAA,SAAS,IAAMO,EAAQhE,OAChCkE,iBAGAV,iBACAE,cACAC,cACAC,eACAC,oBACAC,oBACAC,iBAGAjB,YAAaW,EAAAA,SAAS,IAAMX,EAAY9C,OACxC+C,aAAcU,EAAAA,SAAS,IAAMV,EAAa/C,OAC1CgD,oBAAqBS,EAAAA,SAAS,IAAMT,EAAoBhD,OAG1DsH,OA71BiBzC,MAAO0C,IACtBnF,EAAcpC,MAAMsC,WAAY,EAChC,IAEEQ,EAAY9C,OAAQ,EACpB+C,EAAa/C,MAAQ,KACrBgD,EAAoBhD,MAAQ,GAG5B,MAAMwE,EAAkC,CACtC,eAAgB,oBAOI,oBAAXvE,QAA0BA,OAAOuH,WAC1ChD,EAAgB,OAAIvE,OAAOuH,SAASC,QAItC,MAAMzC,QAAiB/G,MAAMkF,EAAO,UAAW,CAC7C8B,OAAQ,OACRT,UACAU,KAAMC,KAAKC,UAAUmC,KAGvB,IAAKvC,EAASM,GACZ,MAAwB,MAApBN,EAASO,OACL,IAAIjB,MAAM,6BACa,MAApBU,EAASO,OACZ,IAAIjB,MAAM,sDAEV,IAAIA,MAAM,mBAAmBU,EAASO,UAAUP,EAASQ,cAInE,MAAMkC,QAA+B1C,EAASU,OAG9C,GAAIgC,EAASC,aAAc,CACzB7E,EAAY9C,OAAQ,EACpB+C,EAAa/C,MAAQ0H,EAASE,gBAAkB,KAGhD,MAAMC,GAAWH,EAASI,uBAAyB,IAAIC,IAAK9C,IAE1D,IAAI+C,EAAe,GAAG/C,EAAOgD,YAAYC,OAAO,GAAGC,cAAgBlD,EAAOgD,YAAYjC,MAAM,oBAW5F,MAT2B,aAAvBf,EAAOgD,YAETD,EAAe/C,EAAOmD,aAAe,eACL,SAAvBnD,EAAOgD,YAChBD,EAAe/C,EAAOmD,aAAe,oBACL,UAAvBnD,EAAOgD,cAChBD,EAAe/C,EAAOmD,aAAe,sBAGhC,CACL9H,GAAI2E,EAAOoD,UACXJ,YAAahD,EAAOgD,YACpBG,YAAanD,EAAOmD,aAAeJ,EACnCM,WAAW,EACX1G,YAAA,IAAgBrD,MAAOwD,cACvBwG,aAActD,EAAOsD,aAErBC,cAAevD,EAAOuD,cACtBC,YAAaxD,EAAOwD,eAQxB,OALAzF,EAAoBhD,MAAQ6H,EAG5BzF,EAAcpC,MAAMsC,WAAY,EAEzBoF,CACT,CAKA,aAFMvB,EAAYuB,GAEXA,CACT,OAASzB,GACP,MAAMA,CACR,CAAA,QACE7D,EAAcpC,MAAMsC,WAAY,CAClC,GAuwBFoG,OApwBe7D,MAAO8D,IACpBvG,EAAcpC,MAAMuC,WAAY,EAChC,IAIE,MAAM,IAAI+B,MAAM,2DAClB,CAAA,QACElC,EAAcpC,MAAMuC,WAAY,CAClC,GA4vBFqC,UACAF,eACAkE,aAxoBqB/D,UACnB,IAAK1C,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAIlB,MAAMuE,EAAW,WAAW1G,EAAenC,MAAMqE,YAAY2B,MAAM,EAAG,MAEtE5D,EAAcpC,MAAM4C,gBAAiB,EACrC,IACE,aAAaS,EAAYwF,EAAUhE,UACjC,MAAMG,QAAiB/G,MAAMkF,EAAO,WAAY,CAC9C8B,OAAQ,MACRT,QAAS,CACP,eAAgB,mBAChBC,cAAiB,UAAUtC,EAAenC,OAAOqE,iBAIrD,IAAKW,EAASM,GACZ,MAAwB,MAApBN,EAASO,OACL,IAAIjB,MAAM,iDAEV,IAAIA,MAAM,4BAA4BU,EAASO,UAAUP,EAASQ,cAI5E,MAAMmD,QAAiB3D,EAASU,OAUhC,OAPAzD,EAAYjC,MAAQI,EAAqBuI,GAGrC1G,EAAYjC,OAA2B,oBAAXC,QAC9BC,aAAaC,QAAQ,oBAAqBgF,KAAKC,UAAUnD,EAAYjC,QAGhEiC,EAAYjC,OAEvB,CAAA,QACEoC,EAAcpC,MAAM4C,gBAAiB,CACvC,GAgmBFkG,cA7lBsBjE,MAAOkE,IAC3B,IAAK5G,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAGlBlC,EAAcpC,MAAM4C,gBAAiB,EACrC,IACE,MAAMoC,QAAiB/G,MAAMkF,EAAO,WAAY,CAC9C8B,OAAQ,OACRT,QAAS,CACP,eAAgB,mBAChBC,cAAiB,UAAUtC,EAAenC,MAAMqE,eAElDa,KAAMC,KAAKC,UAAU,CACnB3E,WAAYsI,EAAYvI,UACxBG,UAAWoI,EAAYrI,aAI3B,IAAKsE,EAASM,GACZ,MAAwB,MAApBN,EAASO,OACL,IAAIjB,MAAM,iDAEV,IAAIA,MAAM,0BAA0BU,EAASO,UAAUP,EAASQ,cAI1E,MAAMwD,QAAwBhE,EAASU,OAUvC,OAPAzD,EAAYjC,MAAQI,EAAqB4I,GAGrC/G,EAAYjC,OACdP,EAAiB,oBAAqB0F,KAAKC,UAAUnD,EAAYjC,QAG5DiC,EAAYjC,KACrB,CAAA,QACEoC,EAAcpC,MAAM4C,gBAAiB,CACvC,GAsjBFqG,mBAnjB2BpE,MAAOzD,IAChC,IAAKe,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAGlBlC,EAAcpC,MAAM4C,gBAAiB,EACrC,IACE,MAAMoC,QAAiB/G,MAAMkF,EAAO,YAAa,CAC/C8B,OAAQ,OACRT,QAAS,CACP,eAAgB,mBAChBC,cAAiB,UAAUtC,EAAenC,MAAMqE,eAElDa,KAAMC,KAAKC,UAAU,CACnBhE,eAIJ,IAAK4D,EAASM,GACZ,MAAwB,MAApBN,EAASO,OACL,IAAIjB,MAAM,iDAEV,IAAIA,MAAM,2BAA2BU,EAASO,UAAUP,EAASQ,cAI3E,MAAMwD,QAAwBhE,EAASU,OAUvC,OAPAzD,EAAYjC,MAAQI,EAAqB4I,GAGrC/G,EAAYjC,OACdP,EAAiB,oBAAqB0F,KAAKC,UAAUnD,EAAYjC,QAG5DiC,EAAYjC,KACrB,CAAA,QACEoC,EAAcpC,MAAM4C,gBAAiB,CACvC,GA6gBFsG,YA1gBoBrE,MAAOsE,EAAkBC,KAC3C,IAAKjH,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAGlBlC,EAAcpC,MAAM4C,gBAAiB,EACrC,IACE,MAAMoC,QAAiB/G,MAAMkF,EAAO,eAAgB,CAClD8B,OAAQ,OACRT,QAAS,CACP,eAAgB,mBAChBC,cAAiB,UAAUtC,EAAenC,MAAMqE,eAElDa,KAAMC,KAAKC,UAAU,CACnBiE,UAAWF,EACXC,eAIJ,IAAKpE,EAASM,GAAI,CAChB,GAAwB,MAApBN,EAASO,OACX,MAAM,IAAIjB,MAAM,iDACX,CACL,MAAMgF,QAAkBtE,EAASU,OAAO6D,MAAM,KAAA,CAAO,IACrD,MAAM,IAAIjF,MAAMgF,EAAUE,SAAW,wBAAwBxE,EAASO,UAAUP,EAASQ,aAC3F,CACF,CAEA,MAAMU,QAAelB,EAASU,OAiB9B,OAdIzD,EAAYjC,QACdiC,EAAYjC,MAAQ,IACfiC,EAAYjC,MACfO,MAAO4I,EACPnI,eAAe,EACfa,WAAA,IAAetD,MAAOwD,eAIF,oBAAX9B,QACTC,aAAaC,QAAQ,oBAAqBgF,KAAKC,UAAUnD,EAAYjC,SAIlEkG,CACT,CAAA,QACE9D,EAAcpC,MAAM4C,gBAAiB,CACvC,GA2dF6G,eAnOuB5E,MAAO6E,IAC5B,IAAKvH,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAGlBlC,EAAcpC,MAAM4C,gBAAiB,EACrC,IACE,MAAMoC,QAAiB/G,MAAMkF,EAAO,kBAAmB,CACrD8B,OAAQ,OACRT,QAAS,CACP,eAAgB,mBAChBC,cAAiB,UAAUtC,EAAenC,MAAMqE,eAElDa,KAAMC,KAAKC,UAAU,CACnB5D,SAAUkI,MAId,IAAK1E,EAASM,GAAI,CAChB,MAAMgE,QAAkBtE,EAASU,OAAO6D,MAAM,KAAA,CAAO,IACrD,GAAwB,MAApBvE,EAASO,OACX,MAAM,IAAIjB,MAAM,6BAClB,GAAWgF,EAAUK,aACnB,MAAM,IAAIrF,MAAM,oFAAoF,IAAI/F,KAAK+K,EAAUK,cAAcC,wBAEvI,MAAM,IAAItF,MAAMgF,EAAUE,SAAW,2BAA2BxE,EAASO,UAAUP,EAASQ,aAC9F,CAEA,MAAMU,QAAelB,EAASU,OAiB9B,OAdIzD,EAAYjC,QACdiC,EAAYjC,MAAQ,IACfiC,EAAYjC,MACfwB,SAAUkI,EACVjI,uBAAA,IAA2BlD,MAAOwD,cAClCF,WAAA,IAAetD,MAAOwD,eAIF,oBAAX9B,QACTC,aAAaC,QAAQ,oBAAqBgF,KAAKC,UAAUnD,EAAYjC,SAIlEkG,CACT,CAAA,QACE9D,EAAcpC,MAAM4C,gBAAiB,CACvC,GAoLFiH,oBAjL4BhF,UAC1B,IAAK1C,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAGlB,MAAMU,QAAiB/G,MAAMkF,EAAO,oBAAqB,CACvD8B,OAAQ,MACRT,QAAS,CACPC,cAAiB,UAAUtC,EAAenC,MAAMqE,iBAIpD,IAAKW,EAASM,GACZ,MAAM,IAAIhB,MAAM,oCAAoCU,EAASO,UAAUP,EAASQ,cAGlF,OAAOR,EAASU,QAkKlBoE,0BA/JkCjF,MAAOrD,IAEvC,MAAMuI,EAAM5G,EAAO,6BAA6B6G,QAAQ,aAAcC,mBAAmBzI,IAEnFwD,QAAiB/G,MAAM8L,EAAK,CAChC9E,OAAQ,MACRT,QAAS,CACP,eAAgB,sBAIpB,IAAKQ,EAASM,GACZ,MAAM,IAAIhB,MAAM,0CAA0CU,EAASO,UAAUP,EAASQ,cAGxF,OAAOR,EAASU,QAkJlBwE,gBA9IwBrF,UACtB,IAAK1C,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAIlB,MAAMuE,EAAW,YAAY1G,EAAenC,MAAMqE,YAAY2B,MAAM,EAAG,MAEvE,IACE,aAAa3C,EAAYwF,EAAUhE,UACjC,MAAML,EAAUJ,IAEVY,QAAiB/G,MAAMkF,EAAO,YAAa,CAC/C8B,OAAQ,MACRT,YAGF,IAAKQ,EAASM,GAAI,OACQN,EAASmF,OACjC,MAAM,IAAI7F,MAAM,gCAAgCU,EAASO,UAAUP,EAASQ,aAC9E,CAEA,OAAOR,EAASU,QACf,KACL,OAASO,GACP,MAAMA,CACR,GAqHFmE,gBAlHwBvF,UACtB,MAAMG,QAAiB/G,MAAMkF,EAAO,iBAAkB,CACpD8B,OAAQ,MACRT,QAASJ,MAGX,IAAKY,EAASM,GACZ,MAAM,IAAIhB,MAAM,gCAAgCU,EAASO,UAAUP,EAASQ,cAG9E,OAAOR,EAASU,QAyGlB2E,cAtGsBxF,MAAOyF,IAC3B,MAAMP,EAAM5G,EAAO,iBAAiB6G,QAAQ,eAAgBC,mBAAmBK,IAEzEtF,QAAiB/G,MAAM8L,EAAK,CAChC9E,OAAQ,OACRT,QAASJ,MAGX,IAAKY,EAASM,GACZ,MAAM,IAAIhB,MAAM,6BAA6BU,EAASO,UAAUP,EAASQ,cAG3E,OAA2B,MAApBR,EAASO,QA2FlBgF,uBAxF+B1F,UAC7B,MAAMG,QAAiB/G,MAAMkF,EAAO,qBAAsB,CACxD8B,OAAQ,OACRT,QAASJ,MAGX,IAAKY,EAASM,GACZ,MAAM,IAAIhB,MAAM,wCAAwCU,EAASO,UAAUP,EAASQ,cAGtF,OAA2B,MAApBR,EAASO,QA+ElBmB,aACAP,cACAqE,UAlekB3F,MAAO4F,EAAkBC,EAAcC,GAAe,KACtE,IAAK5H,EAAa/C,MAChB,MAAM,IAAIsE,MAAM,4BAGlBlC,EAAcpC,MAAM2C,cAAe,EACnC,IACE,MAAMiI,EAA0BzH,EAAfwH,EAAsB,sBAAgC,mBACjEzF,EAAOyF,EACT,CAAE/C,eAAgB7E,EAAa/C,MAAO6K,YAAaH,GACnD,CAAE9C,eAAgB7E,EAAa/C,MAAOqI,UAAWoC,EAAUC,QAEzD1F,QAAiB/G,MAAM2M,EAAU,CACrC3F,OAAQ,OACRT,QAAS,CAAE,eAAgB,oBAC3BU,KAAMC,KAAKC,UAAUF,KAGvB,IAAKF,EAASM,GAAI,CAChB,MAAMwF,QAAkB9F,EAASmF,OACjC,IAAIY,EAAe,0BAEnB,IACE,MAAMzB,EAAYnE,KAAK2B,MAAMgE,GAC7BC,EAAezB,EAAUE,SAAWF,EAAUrD,OAAS6E,CACzD,CAAA,MAEEC,EAAeD,GAAa,yBAC9B,CAEA,MAAM,IAAIxG,MAAMyG,EAClB,CAEA,MAAMrD,QAA+B1C,EAASU,OAU9C,OAPA5C,EAAY9C,OAAQ,EACpB+C,EAAa/C,MAAQ,KACrBgD,EAAoBhD,MAAQ,SAGtBmG,EAAYuB,GAEXA,CACT,CAAA,QACEtF,EAAcpC,MAAM2C,cAAe,CACrC,GAqbFqI,iBAlbyBnG,MAAO4F,IAC9B,IAAK1H,EAAa/C,MAChB,MAAM,IAAIsE,MAAM,4BAGlBlC,EAAcpC,MAAM0C,iBAAkB,EACtC,IACE,MAAMsC,QAAiB/G,MAAMkF,EAAO,sBAAuB,CACzD8B,OAAQ,OACRT,QAAS,CAAE,eAAgB,oBAC3BU,KAAMC,KAAKC,UAAU,CACnBwC,eAAgB7E,EAAa/C,MAC7BqI,UAAWoC,MAIf,IAAKzF,EAASM,GAAI,CAChB,MAAMwF,QAAkB9F,EAASmF,OACjC,IAAIY,EAAe,gCAEnB,IACE,MAAMzB,EAAYnE,KAAK2B,MAAMgE,GAC7BC,EAAezB,EAAUE,SAAWF,EAAUrD,OAAS6E,CACzD,CAAA,MAEEC,EAAeD,GAAa,+BAC9B,CAEA,MAAM,IAAIxG,MAAMyG,EAClB,CAGA,aADqB/F,EAASU,MAEhC,CAAA,QACEtD,EAAcpC,MAAM0C,iBAAkB,CACxC,GAgZFuI,wBA7YgCpG,MAAO4F,IACrC,IAAK1H,EAAa/C,MAChB,MAAM,IAAIsE,MAAM,4BAGlB,MAAMU,QAAiB/G,MAAMkF,EAAO,wBAAyB,CAC3D8B,OAAQ,OACRT,QAAS,CAAE,eAAgB,oBAC3BU,KAAMC,KAAKC,UAAU,CACnBwC,eAAgB7E,EAAa/C,MAC7BqI,UAAWoC,MAIf,IAAKzF,EAASM,GAAI,CAChB,MAAMwF,QAAkB9F,EAASmF,OACjC,IAAIY,EAAe,mCAEnB,IACE,MAAMzB,EAAYnE,KAAK2B,MAAMgE,GAC7BC,EAAezB,EAAUE,SAAWF,EAAUrD,OAAS6E,CACzD,CAAA,MACEC,EAAeD,GAAaC,CAC9B,CAEA,MAAM,IAAIzG,MAAMyG,EAClB,CAEA,OAAO/F,EAASU,QAkXlBwF,oBAp5B4BrG,MAAOsG,EAAoB9G,EAAqB+G,EAAqC,cAC/G,IAAKjJ,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAGlB,MAAMU,QAAiB/G,MAAMkF,EAAO,gCAAiC,CACnE8B,OAAQ,OACRT,QAAS,CACP,eAAgB,mBAChBC,cAAiB,UAAUtC,EAAenC,MAAMqE,eAElDa,KAAMC,KAAKC,UAAU,CACnBgD,YAAa+C,EACblD,YAAamD,MAGjB,IAAKpG,EAASM,GAAI,CAChB,MAAMwF,QAAkB9F,EAASmF,OACjC,IAAIY,EAAe,4CAEnB,IACE,MAAMzB,EAAYnE,KAAK2B,MAAMgE,GAC7BC,EAAezB,EAAUE,SAAWF,EAAUrD,OAAS6E,CACzD,CAAA,MACEC,EAAeD,GAAa,2CAC9B,CAEA,MAAM,IAAIxG,MAAMyG,EAClB,CACA,OAAO/F,EAASU,QAw3BlB2F,gCAx7BwCxG,MAAO4F,EAAkBa,EAAiBjH,KAChF,IAAKlC,EAAenC,OAAOqE,YACzB,MAAM,IAAIC,MAAM,6BAGlB,MAAMU,QAAiB/G,MAAMkF,EAAO,mCAAoC,CACtE8B,OAAQ,OACRT,QAAS,CACP,eAAgB,mBAChBC,cAAiB,UAAUtC,EAAenC,MAAMqE,eAElDa,KAAMC,KAAKC,UAAU,CACnBiD,UAAWoC,EACXa,iBAGJ,IAAKtG,EAASM,GAAI,CAChB,MAAMwF,QAAkB9F,EAASmF,OACjC,IAAIY,EAAe,+CAEnB,IACE,MAAMzB,EAAYnE,KAAK2B,MAAMgE,GAC7BC,EAAezB,EAAUE,SAAWF,EAAUrD,OAAS6E,CACzD,CAAA,MACEC,EAAeD,GAAa,8CAC9B,CAEA,MAAM,IAAIxG,MAAMyG,EAClB,CACA,OAAO/F,EAASU,QA85BhBK,yBACAjB,wBAGAyG,YAAa,KACX1I,EAAc7C,OAAQ,EACtBoC,EAAcpC,MAAMqC,cAAe,EACnCqE,KAGN"}