@strands.gg/accui 2.17.55 → 2.17.56

package/dist/useStrandsAuth-Z7P9ujqQ.es.js

@@ -0,0 +1,666 @@
+import { computed as u, ref as y, getCurrentInstance as ve, onUnmounted as we } from "vue";
+import { u as ye } from "./useStrandsConfig-BGJg1LlC.es.js";
+class me {
+  cache = /* @__PURE__ */ new Map();
+  DEFAULT_TTL = 300 * 1e3;
+  // 5 minutes
+  /**
+   * Memoized fetch - prevents duplicate requests and caches results
+   */
+  async fetch(d, v, h = this.DEFAULT_TTL) {
+    const x = Date.now(), s = this.cache.get(d);
+    if (s && x - s.timestamp < s.ttl)
+      return s.promise;
+    this.cleanExpired();
+    const c = v().finally(() => {
+      setTimeout(() => {
+        this.cache.delete(d);
+      }, h);
+    });
+    return this.cache.set(d, {
+      promise: c,
+      timestamp: x,
+      ttl: h
+    }), c;
+  }
+  /**
+   * Clear all cached entries
+   */
+  clear() {
+    this.cache.clear();
+  }
+  /**
+   * Remove a specific cache entry
+   */
+  invalidate(d) {
+    this.cache.delete(d);
+  }
+  /**
+   * Clean expired cache entries
+   */
+  cleanExpired() {
+    const d = Date.now();
+    for (const [v, h] of this.cache.entries())
+      d - h.timestamp > h.ttl && this.cache.delete(v);
+  }
+  /**
+   * Get cache statistics (for debugging)
+   */
+  getStats() {
+    return {
+      size: this.cache.size,
+      entries: Array.from(this.cache.keys())
+    };
+  }
+}
+const w = new me();
+function pe() {
+  return {
+    fetch: w.fetch.bind(w),
+    clear: w.clear.bind(w),
+    invalidate: w.invalidate.bind(w),
+    getStats: w.getStats.bind(w)
+  };
+}
+function Te(a, d) {
+  let v = null;
+  return (...h) => {
+    v && clearTimeout(v), v = setTimeout(() => {
+      a(...h);
+    }, d);
+  };
+}
+const N = Te((a, d) => {
+  typeof window < "u" && localStorage.setItem(a, d);
+}, 300), k = (a) => ({
+  id: a.id,
+  email: a.email,
+  firstName: a.first_name || a.firstName || "",
+  lastName: a.last_name || a.lastName || "",
+  avatar: a.avatar_url || a.avatar,
+  mfaEnabled: a.mfa_enabled ?? a.mfaEnabled ?? !1,
+  emailVerified: a.email_verified ?? a.emailVerified ?? !1,
+  passwordUpdatedAt: a.password_updated_at || a.passwordUpdatedAt,
+  settings: a.settings || {},
+  xp: a.xp || 0,
+  level: a.level || 1,
+  next_level_xp: a.next_level_xp || a.next_level_xp || 4,
+  username: a.username,
+  usernameLastChangedAt: a.username_last_changed_at || a.usernameLastChangedAt,
+  createdAt: a.created_at || a.createdAt,
+  updatedAt: a.updated_at || a.updatedAt || (/* @__PURE__ */ new Date()).toISOString()
+}), Se = {
+  currentUser: y(null),
+  currentSession: y(null),
+  loadingStates: y({
+    initializing: !0,
+    signingIn: !1,
+    signingUp: !1,
+    signingOut: !1,
+    refreshingToken: !1,
+    sendingMfaEmail: !1,
+    verifyingMfa: !1,
+    loadingProfile: !1
+  }),
+  isInitialized: y(!1),
+  mfaRequired: y(!1),
+  mfaSessionId: y(null),
+  availableMfaMethods: y([])
+};
+let A = null, m = null, O = null;
+function Ae() {
+  const { getUrl: a, config: d } = ye(), { fetch: v, clear: h, invalidate: x } = pe(), { currentUser: s, currentSession: c, loadingStates: i, isInitialized: p, mfaRequired: T, mfaSessionId: f, availableMfaMethods: S } = Se, C = () => {
+    if (s.value = null, c.value = null, T.value = !1, f.value = null, S.value = [], E(), m = null, h(), typeof window < "u" && d.value?.onSignOutUrl) {
+      const t = window.location.pathname + window.location.search, e = d.value.onSignOutUrl;
+      t !== e && (window.location.href = e);
+    }
+  }, F = u(() => i.value.initializing), z = u(() => i.value.signingIn), J = u(() => i.value.signingUp), R = u(() => i.value.signingOut), L = u(() => i.value.refreshingToken), U = u(() => i.value.sendingMfaEmail), V = u(() => i.value.verifyingMfa);
+  u(() => i.value.loadingProfile);
+  const j = u(
+    () => i.value.signingIn || i.value.signingUp || i.value.signingOut || i.value.refreshingToken || i.value.sendingMfaEmail || i.value.verifyingMfa || i.value.loadingProfile
+  ), q = u(() => i.value.initializing || j.value), G = u(() => {
+    const t = i.value;
+    return t.initializing ? "Checking authentication..." : t.signingIn ? "Signing you in..." : t.signingUp ? "Creating your account..." : t.signingOut ? "Signing you out..." : t.refreshingToken ? "Refreshing session..." : t.sendingMfaEmail ? "Sending verification code..." : t.verifyingMfa ? "Verifying code..." : t.loadingProfile ? "Loading profile..." : "Loading...";
+  }), K = () => ({
+    "Content-Type": "application/json"
+  }), H = async () => {
+    try {
+      const t = await fetch(a("authStatus"), {
+        method: "GET",
+        credentials: "include"
+      });
+      if (!t.ok)
+        return !1;
+      const e = await t.json();
+      return e.authenticated && e.user ? (s.value = k(e.user), c.value = {
+        accessToken: "",
+        // Token is in HttpOnly cookie
+        refreshToken: "",
+        // Token is in HttpOnly cookie
+        expiresAt: new Date(Date.now() + 300 * 1e3),
+        // Assume 5 min expiry
+        userId: e.user.id
+      }, !0) : !1;
+    } catch {
+      return !1;
+    }
+  }, W = async (t, e, n) => {
+    const r = await fetch(a("mfaHardwareCompleteRegistration"), {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      credentials: "include",
+      body: JSON.stringify({
+        device_id: t,
+        credential: e
+      })
+    });
+    if (!r.ok) {
+      const l = await r.text();
+      let o = "Failed to complete hardware key registration";
+      try {
+        const g = JSON.parse(l);
+        o = g.message || g.error || l;
+      } catch {
+        o = l || "Failed to complete hardware key registration";
+      }
+      throw new Error(o);
+    }
+    return r.json();
+  }, B = async (t, e, n = "hardware") => {
+    const r = await fetch(a("mfaHardwareStartRegistration"), {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      credentials: "include",
+      body: JSON.stringify({
+        device_name: t,
+        device_type: n
+      })
+    });
+    if (!r.ok) {
+      const l = await r.text();
+      let o = "Failed to start hardware key registration";
+      try {
+        const g = JSON.parse(l);
+        o = g.message || g.error || l;
+      } catch {
+        o = l || "Failed to start hardware key registration";
+      }
+      throw new Error(o);
+    }
+    return r.json();
+  }, Y = u(() => s.value !== null), Q = async (t) => {
+    i.value.signingIn = !0;
+    try {
+      T.value = !1, f.value = null, S.value = [];
+      const e = {
+        "Content-Type": "application/json"
+      };
+      typeof window < "u" && window.location && (e.Origin = window.location.origin);
+      const n = await fetch(a("signIn"), {
+        method: "POST",
+        headers: e,
+        credentials: "include",
+        // Include cookies for auth
+        body: JSON.stringify(t)
+      });
+      if (!n.ok)
+        throw n.status === 401 ? new Error("Invalid email or password") : n.status === 403 ? new Error("Please verify your email address before signing in") : new Error(`Sign in failed: ${n.status} ${n.statusText}`);
+      const r = await n.json();
+      if (r.mfa_required) {
+        T.value = !0, f.value = r.mfa_session_id || null;
+        const l = (r.available_mfa_methods || []).map((o) => {
+          let g = `${o.device_type.charAt(0).toUpperCase() + o.device_type.slice(1)} Authentication`;
+          return o.device_type === "hardware" ? g = o.device_name || "Security Key" : o.device_type === "totp" ? g = o.device_name || "Authenticator App" : o.device_type === "email" && (g = o.device_name || "Email Verification"), {
+            id: o.device_id,
+            device_type: o.device_type,
+            device_name: o.device_name || g,
+            is_active: !0,
+            created_at: (/* @__PURE__ */ new Date()).toISOString(),
+            last_used_at: o.last_used_at,
+            // Pass through additional metadata if available
+            credential_id: o.credential_id,
+            device_info: o.device_info
+          };
+        });
+        return S.value = l, i.value.signingIn = !1, r;
+      }
+      return await P(r), r;
+    } catch (e) {
+      throw e;
+    } finally {
+      i.value.signingIn = !1;
+    }
+  }, X = async (t) => {
+    i.value.signingUp = !0;
+    try {
+      throw new Error("Sign up not implemented - please integrate with auth SDK");
+    } finally {
+      i.value.signingUp = !1;
+    }
+  }, Z = async () => {
+    i.value.signingOut = !0;
+    try {
+      await fetch(a("signOut"), {
+        method: "POST",
+        credentials: "include"
+        // Cookies will be cleared by server response
+      }), E(), m = null, h(), s.value = null, c.value = null, T.value = !1, f.value = null, S.value = [], typeof window < "u" && d.value?.onSignOutUrl && (window.location.href = d.value.onSignOutUrl);
+    } finally {
+      i.value.signingOut = !1;
+    }
+  }, b = async () => {
+    if (m)
+      return await m;
+    m = (async () => {
+      i.value.refreshingToken = !0;
+      try {
+        const e = await fetch(a("refresh"), {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json"
+          },
+          credentials: "include"
+          // Refresh token sent via cookie
+        });
+        if (!e.ok) {
+          if (e.status === 401)
+            return C(), !1;
+          throw new Error(`Token refresh failed: ${e.status} ${e.statusText}`);
+        }
+        const n = await e.json();
+        n.user && (s.value = k(n.user));
+        const r = {
+          accessToken: "",
+          // Token is in HttpOnly cookie
+          refreshToken: "",
+          // Token is in HttpOnly cookie
+          expiresAt: new Date(Date.now() + 300 * 1e3),
+          // 5 minutes from now
+          userId: n.user?.id || s.value?.id
+        };
+        return c.value = r, _(), x(`sessions:${s.value?.id || "unknown"}`), !0;
+      } catch {
+        return C(), !1;
+      } finally {
+        i.value.refreshingToken = !1;
+      }
+    })();
+    const t = await m;
+    return m = null, t;
+  }, ee = async () => {
+    const t = `profile:${c.value.accessToken.slice(0, 20)}`;
+    i.value.loadingProfile = !0;
+    try {
+      return await v(t, async () => {
+        const e = await fetch(a("profile"), {
+          method: "GET",
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${c.value?.accessToken}`
+          }
+        });
+        if (!e.ok)
+          throw e.status === 401 ? new Error("Authentication expired. Please sign in again.") : new Error(`Failed to fetch profile: ${e.status} ${e.statusText}`);
+        const n = await e.json();
+        return s.value = k(n), s.value && typeof window < "u" && localStorage.setItem("strands_auth_user", JSON.stringify(s.value)), s.value;
+      });
+    } finally {
+      i.value.loadingProfile = !1;
+    }
+  }, te = async (t) => {
+    i.value.loadingProfile = !0;
+    try {
+      const e = await fetch(a("profile"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${c.value.accessToken}`
+        },
+        body: JSON.stringify({
+          first_name: t.firstName,
+          last_name: t.lastName
+        })
+      });
+      if (!e.ok)
+        throw e.status === 401 ? new Error("Authentication expired. Please sign in again.") : new Error(`Profile update failed: ${e.status} ${e.statusText}`);
+      const n = await e.json();
+      return s.value = k(n), s.value && N("strands_auth_user", JSON.stringify(s.value)), s.value;
+    } finally {
+      i.value.loadingProfile = !1;
+    }
+  }, ae = async (t) => {
+    i.value.loadingProfile = !0;
+    try {
+      const e = await fetch(a("settings"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${c.value.accessToken}`
+        },
+        body: JSON.stringify({
+          settings: t
+        })
+      });
+      if (!e.ok)
+        throw e.status === 401 ? new Error("Authentication expired. Please sign in again.") : new Error(`Settings update failed: ${e.status} ${e.statusText}`);
+      const n = await e.json();
+      return s.value = k(n), s.value && N("strands_auth_user", JSON.stringify(s.value)), s.value;
+    } finally {
+      i.value.loadingProfile = !1;
+    }
+  }, ne = async (t, e) => {
+    i.value.loadingProfile = !0;
+    try {
+      const n = await fetch(a("changeEmail"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${c.value.accessToken}`
+        },
+        body: JSON.stringify({
+          new_email: t,
+          password: e
+        })
+      });
+      if (!n.ok) {
+        if (n.status === 401)
+          throw new Error("Authentication expired. Please sign in again.");
+        {
+          const l = await n.json().catch(() => ({}));
+          throw new Error(l.message || `Email change failed: ${n.status} ${n.statusText}`);
+        }
+      }
+      const r = await n.json();
+      return s.value && (s.value = {
+        ...s.value,
+        email: t,
+        emailVerified: !1,
+        // Email needs to be verified again
+        updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+      }, typeof window < "u" && localStorage.setItem("strands_auth_user", JSON.stringify(s.value))), r;
+    } finally {
+      i.value.loadingProfile = !1;
+    }
+  }, ie = async (t, e, n = !1) => {
+    if (!f.value)
+      throw new Error("No MFA session available");
+    i.value.verifyingMfa = !0;
+    try {
+      const r = a(n ? "mfaBackupCodeVerify" : "mfaSigninVerify"), l = n ? { mfa_session_id: f.value, backup_code: e } : { mfa_session_id: f.value, device_id: t, code: e }, o = await fetch(r, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        credentials: "include",
+        body: JSON.stringify(l)
+      });
+      if (!o.ok) {
+        const I = await o.text();
+        let $ = "MFA verification failed";
+        try {
+          const D = JSON.parse(I);
+          $ = D.message || D.error || I;
+        } catch {
+          $ = I || "MFA verification failed";
+        }
+        throw new Error($);
+      }
+      const g = await o.json();
+      return T.value = !1, f.value = null, S.value = [], await P(g), g;
+    } finally {
+      i.value.verifyingMfa = !1;
+    }
+  }, se = async (t) => {
+    if (!f.value)
+      throw new Error("No MFA session available");
+    i.value.sendingMfaEmail = !0;
+    try {
+      const e = await fetch(a("mfaSigninSendEmail"), {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        credentials: "include",
+        body: JSON.stringify({
+          mfa_session_id: f.value,
+          device_id: t
+        })
+      });
+      if (!e.ok) {
+        const r = await e.text();
+        let l = "Failed to send MFA email code";
+        try {
+          const o = JSON.parse(r);
+          l = o.message || o.error || r;
+        } catch {
+          l = r || "Failed to send MFA email code";
+        }
+        throw new Error(l);
+      }
+      return await e.json();
+    } finally {
+      i.value.sendingMfaEmail = !1;
+    }
+  }, re = async (t) => {
+    if (!f.value)
+      throw new Error("No MFA session available");
+    const e = await fetch(a("mfaWebAuthnChallenge"), {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      credentials: "include",
+      body: JSON.stringify({
+        mfa_session_id: f.value,
+        device_id: t
+      })
+    });
+    if (!e.ok) {
+      const n = await e.text();
+      let r = "Failed to get WebAuthn challenge";
+      try {
+        const l = JSON.parse(n);
+        r = l.message || l.error || n;
+      } catch {
+        r = n || r;
+      }
+      throw new Error(r);
+    }
+    return e.json();
+  }, P = async (t) => {
+    try {
+      t.user && (s.value = k(t.user));
+      const e = {
+        accessToken: "",
+        // Token is in HttpOnly cookie
+        refreshToken: "",
+        // Token is in HttpOnly cookie
+        expiresAt: new Date(Date.now() + 300 * 1e3),
+        // 5 minutes from now (matching API token expiry)
+        userId: s.value?.id || t.user?.id
+      };
+      c.value = e, _();
+    } catch {
+    }
+  }, _ = () => {
+    if (A && clearTimeout(A), !c.value || typeof document < "u" && document.visibilityState === "hidden")
+      return;
+    const t = /* @__PURE__ */ new Date(), n = c.value.expiresAt.getTime() - t.getTime() - 60 * 1e3;
+    if (n <= 0) {
+      b();
+      return;
+    }
+    A = setTimeout(async () => {
+      (typeof document > "u" || document.visibilityState === "visible") && await b() && _();
+    }, n);
+  }, E = () => {
+    A && (clearTimeout(A), A = null);
+  }, M = async () => {
+    if (p.value) {
+      i.value.initializing = !1;
+      return;
+    }
+    return O || (O = (async () => {
+      i.value.initializing = !0;
+      try {
+        typeof window < "u" && (await Promise.race([
+          H(),
+          new Promise((n) => setTimeout(() => n(!1), 5e3))
+        ]) ? _() : (s.value = null, c.value = null)), p.value = !0, await new Promise((t) => setTimeout(t, 50));
+      } catch {
+      } finally {
+        i.value.initializing = !1, O = null;
+      }
+    })(), O);
+  }, oe = async (t) => {
+    i.value.loadingProfile = !0;
+    try {
+      const e = await fetch(a("changeUsername"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        credentials: "include",
+        body: JSON.stringify({
+          username: t
+        })
+      });
+      if (!e.ok) {
+        const r = await e.json().catch(() => ({}));
+        throw e.status === 409 ? new Error("Username is already taken") : r.cooldown_end ? new Error(`You can only change your username once every 30 days. You can change it again on ${new Date(r.cooldown_end).toLocaleDateString()}`) : new Error(r.message || `Username change failed: ${e.status} ${e.statusText}`);
+      }
+      const n = await e.json();
+      return s.value && (s.value = {
+        ...s.value,
+        username: t,
+        usernameLastChangedAt: (/* @__PURE__ */ new Date()).toISOString(),
+        updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+      }), n;
+    } finally {
+      i.value.loadingProfile = !1;
+    }
+  }, le = async () => {
+    const t = await fetch(a("usernameCooldown"), {
+      method: "GET",
+      credentials: "include"
+    });
+    if (!t.ok)
+      throw new Error(`Failed to get username cooldown: ${t.status} ${t.statusText}`);
+    return t.json();
+  }, ue = async (t) => {
+    const e = a("checkUsernameAvailability").replace("{username}", encodeURIComponent(t)), n = await fetch(e, {
+      method: "GET",
+      headers: {
+        "Content-Type": "application/json"
+      }
+    });
+    if (!n.ok)
+      throw new Error(`Failed to check username availability: ${n.status} ${n.statusText}`);
+    return n.json();
+  }, ce = async () => {
+    const t = `sessions:${s.value?.id || "no-user"}`;
+    try {
+      return await v(t, async () => {
+        const e = await fetch(a("sessions"), {
+          method: "GET",
+          credentials: "include"
+        });
+        if (!e.ok)
+          throw await e.text(), new Error(`Failed to get user sessions: ${e.status} ${e.statusText}`);
+        return e.json();
+      }, 120 * 1e3);
+    } catch (e) {
+      throw e;
+    }
+  }, de = async () => {
+    const t = await fetch(a("sessionsStats"), {
+      method: "GET",
+      credentials: "include"
+    });
+    if (!t.ok)
+      throw new Error(`Failed to get session stats: ${t.status} ${t.statusText}`);
+    return t.json();
+  }, fe = async (t) => {
+    const e = a("sessionRevoke").replace("{session_id}", encodeURIComponent(t)), n = await fetch(e, {
+      method: "POST",
+      credentials: "include"
+    });
+    if (!n.ok)
+      throw new Error(`Failed to revoke session: ${n.status} ${n.statusText}`);
+    return n.status === 200;
+  }, ge = async () => {
+    const t = await fetch(a("sessionsRevokeAll"), {
+      method: "POST",
+      credentials: "include"
+    });
+    if (!t.ok)
+      throw new Error(`Failed to revoke all other sessions: ${t.status} ${t.statusText}`);
+    return t.status === 200;
+  };
+  typeof document < "u" && document.addEventListener("visibilitychange", () => {
+    document.visibilityState === "visible" && c.value ? _() : document.visibilityState === "hidden" && E();
+  });
+  const he = () => {
+    E(), h();
+  };
+  try {
+    ve() && we(he);
+  } catch {
+  }
+  return p.value || M(), {
+    // State
+    user: u(() => s.value),
+    currentUser: u(() => s.value),
+    currentSession: u(() => c.value),
+    isAuthenticated: Y,
+    isLoading: u(() => q.value || !p.value),
+    loading: j,
+    loadingMessage: G,
+    // Specific loading states
+    isInitializing: F,
+    isInitialized: u(() => p.value),
+    isSigningIn: z,
+    isSigningUp: J,
+    isSigningOut: R,
+    isRefreshingToken: L,
+    isSendingMfaEmail: U,
+    isVerifyingMfa: V,
+    // MFA State
+    mfaRequired: u(() => T.value),
+    mfaSessionId: u(() => f.value),
+    availableMfaMethods: u(() => S.value),
+    // Methods
+    signIn: Q,
+    signUp: X,
+    signOut: Z,
+    refreshToken: b,
+    fetchProfile: ee,
+    updateProfile: te,
+    updateUserSettings: ae,
+    changeEmail: ne,
+    changeUsername: oe,
+    getUsernameCooldown: le,
+    checkUsernameAvailability: ue,
+    // Session management
+    getUserSessions: ce,
+    getSessionStats: de,
+    revokeSession: fe,
+    revokeAllOtherSessions: ge,
+    initialize: M,
+    setAuthData: P,
+    verifyMfa: ie,
+    sendMfaEmailCode: se,
+    getMfaWebAuthnChallenge: re,
+    registerHardwareKey: B,
+    completeHardwareKeyRegistration: W,
+    // Token management
+    startTokenRefreshTimer: _,
+    stopTokenRefreshTimer: E,
+    getAuthHeaders: K,
+    // Force re-initialization (useful for testing or navigation)
+    forceReInit: () => {
+      p.value = !1, i.value.initializing = !0, M();
+    }
+  };
+}
+export {
+  Ae as u
+};