@strapi/admin 5.33.2 → 5.33.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. package/dist/admin/admin/src/features/Auth.js +14 -0
  2. package/dist/admin/admin/src/features/Auth.js.map +1 -1
  3. package/dist/admin/admin/src/features/Auth.mjs +15 -1
  4. package/dist/admin/admin/src/features/Auth.mjs.map +1 -1
  5. package/dist/admin/admin/src/utils/baseQuery.js +7 -37
  6. package/dist/admin/admin/src/utils/baseQuery.js.map +1 -1
  7. package/dist/admin/admin/src/utils/baseQuery.mjs +8 -38
  8. package/dist/admin/admin/src/utils/baseQuery.mjs.map +1 -1
  9. package/dist/admin/admin/src/utils/getFetchClient.js +206 -67
  10. package/dist/admin/admin/src/utils/getFetchClient.js.map +1 -1
  11. package/dist/admin/admin/src/utils/getFetchClient.mjs +205 -69
  12. package/dist/admin/admin/src/utils/getFetchClient.mjs.map +1 -1
  13. package/dist/admin/index.js +3 -0
  14. package/dist/admin/index.js.map +1 -1
  15. package/dist/admin/index.mjs +1 -1
  16. package/dist/admin/src/services/contentApi.d.ts +1 -1
  17. package/dist/admin/src/utils/getFetchClient.d.ts +34 -1
  18. package/dist/ee/server/src/controllers/admin.d.ts +1 -1
  19. package/dist/ee/server/src/controllers/index.d.ts +1 -1
  20. package/dist/ee/server/src/index.d.ts +1 -1
  21. package/dist/server/server/src/controllers/authenticated-user.js +6 -0
  22. package/dist/server/server/src/controllers/authenticated-user.js.map +1 -1
  23. package/dist/server/server/src/controllers/authenticated-user.mjs +6 -0
  24. package/dist/server/server/src/controllers/authenticated-user.mjs.map +1 -1
  25. package/dist/server/src/controllers/authenticated-user.d.ts.map +1 -1
  26. package/package.json +10 -10
package/dist/admin/admin/src/utils/getFetchClient.js CHANGED
@@ -8,6 +8,106 @@ const STORAGE_KEYS = {
8
8
  TOKEN: 'jwtToken',
9
9
  USER: 'userInfo'
10
10
  };
11
+ /**
12
+ * Module-level promise to ensure only one token refresh happens at a time
13
+ */ let refreshPromise = null;
14
+ /**
15
+ * Callback to notify the app when the token is updated (e.g., to update Redux state)
16
+ */ let onTokenUpdate = null;
17
+ /**
18
+ * Set the callback that will be called when the token is refreshed.
19
+ * This allows the React layer to update Redux state when a token refresh occurs.
20
+ *
21
+ * @param callback - Function to call with the new token, or null to clear
22
+ * @example
23
+ * // In a React component
24
+ * useEffect(() => {
25
+ * setOnTokenUpdate((token) => dispatch(setToken(token)));
26
+ * return () => setOnTokenUpdate(null);
27
+ * }, [dispatch]);
28
+ */ const setOnTokenUpdate = (callback)=>{
29
+ onTokenUpdate = callback;
30
+ };
31
+ /**
32
+ * Check if the URL is an auth path that should not trigger token refresh.
33
+ * Note: No ^ anchor since the URL may include the baseURL prefix (e.g., "http://localhost:1337/admin/login").
34
+ * This differs from baseQuery.ts which uses ^/admin since it receives normalized paths.
35
+ */ const isAuthPath = (url)=>/\/admin\/(login|logout|access-token)\b/.test(url);
36
+ /**
37
+ * Store the new token in the appropriate storage (localStorage or cookie)
38
+ * and notify the app to update its state.
39
+ *
40
+ * Uses localStorage if the user selected "remember me" during login,
41
+ * otherwise uses cookies for session-based storage.
42
+ *
43
+ * @param token - The JWT token to store
44
+ * @internal Exported for testing purposes
45
+ */ const storeToken = (token)=>{
46
+ // Check if the original token was stored in localStorage (persist mode)
47
+ const wasPersistedToLocalStorage = Boolean(localStorage.getItem(STORAGE_KEYS.TOKEN));
48
+ if (wasPersistedToLocalStorage) {
49
+ localStorage.setItem(STORAGE_KEYS.TOKEN, JSON.stringify(token));
50
+ } else {
51
+ cookies.setCookie(STORAGE_KEYS.TOKEN, token);
52
+ }
53
+ // Notify the app to update its state (e.g., Redux)
54
+ if (onTokenUpdate) {
55
+ onTokenUpdate(token);
56
+ }
57
+ };
58
+ /**
59
+ * Refresh the access token by calling the /admin/access-token endpoint.
60
+ * This uses a low-level fetch to avoid recursion through the interceptor.
61
+ * Returns the new token on success, or null on failure.
62
+ */ const refreshAccessToken = async ()=>{
63
+ const backendURL = window.strapi.backendURL;
64
+ try {
65
+ const response = await fetch(`${backendURL}/admin/access-token`, {
66
+ method: 'POST',
67
+ credentials: 'include',
68
+ headers: {
69
+ Accept: 'application/json',
70
+ 'Content-Type': 'application/json'
71
+ }
72
+ });
73
+ if (!response.ok) {
74
+ console.warn('[Auth] Token refresh failed with status:', response.status);
75
+ return null;
76
+ }
77
+ const result = await response.json();
78
+ const token = result?.data?.token;
79
+ if (!token) {
80
+ console.warn('[Auth] Token refresh response missing token');
81
+ return null;
82
+ }
83
+ storeToken(token);
84
+ return token;
85
+ } catch (error) {
86
+ console.error('[Auth] Token refresh error:', error);
87
+ return null;
88
+ }
89
+ };
90
+ /**
91
+ * Attempt to refresh the token if not already refreshing.
92
+ * Uses a module-level promise to prevent concurrent refresh requests.
93
+ *
94
+ * @returns The new authentication token
95
+ * @throws {Error} If the token refresh fails (e.g., refresh token expired)
96
+ * @internal Exported for testing purposes
97
+ */ const attemptTokenRefresh = async ()=>{
98
+ if (!refreshPromise) {
99
+ refreshPromise = refreshAccessToken().finally(()=>{
100
+ refreshPromise = null;
101
+ });
102
+ }
103
+ const newToken = await refreshPromise;
104
+ if (!newToken) {
105
+ const error = new Error('Session expired. Please log in again.');
106
+ error.name = 'TokenRefreshError';
107
+ throw error;
108
+ }
109
+ return newToken;
110
+ };
11
111
  class FetchError extends Error {
12
112
  constructor(message, response){
13
113
  super(message);
@@ -54,11 +154,14 @@ const getToken = ()=>{
54
154
  * ```
55
155
  */ const getFetchClient = (defaultOptions = {})=>{
56
156
  const backendURL = window.strapi.backendURL;
57
- const defaultHeader = {
58
- Accept: 'application/json',
59
- 'Content-Type': 'application/json',
60
- Authorization: `Bearer ${getToken()}`
61
- };
157
+ /**
158
+ * Create default headers with the current token.
159
+ * This is a function so we can get a fresh token after refresh.
160
+ */ const getDefaultHeaders = ()=>({
161
+ Accept: 'application/json',
162
+ 'Content-Type': 'application/json',
163
+ Authorization: `Bearer ${getToken()}`
164
+ });
62
165
  const isFormDataRequest = (body)=>body instanceof FormData;
63
166
  const addPrependingSlash = (url)=>url.charAt(0) !== '/' ? `/${url}` : url;
64
167
  // This regular expression matches a string that starts with either "http://" or "https://" or any other protocol name in lower case letters, followed by "://" and ends with anything else
@@ -74,12 +177,16 @@ const getToken = ()=>{
74
177
  * In native Fetch API, a response is considered "not ok"
75
178
  * when the status code falls in the 200 to 299 (inclusive) range
76
179
  */ if (!response.ok && result.error && !validateStatus?.(response.status)) {
77
- throw new FetchError(result.error.message, {
180
+ const fetchError = new FetchError(result.error.message, {
78
181
  data: result
79
182
  });
183
+ fetchError.status = response.status;
184
+ throw fetchError;
80
185
  }
81
186
  if (!response.ok && !validateStatus?.(response.status)) {
82
- throw new FetchError('Unknown Server Error');
187
+ const fetchError = new FetchError('Unknown Server Error');
188
+ fetchError.status = response.status;
189
+ throw fetchError;
83
190
  }
84
191
  return {
85
192
  data: result
@@ -96,6 +203,28 @@ const getToken = ()=>{
96
203
  }
97
204
  }
98
205
  };
206
+ /**
207
+ * Execute a fetch request with automatic token refresh on 401 errors.
208
+ * @param url - The request URL (used to check if it's an auth path)
209
+ * @param executeRequest - Function that performs the fetch (called again on retry with fresh headers)
210
+ */ const withTokenRefresh = async (url, executeRequest)=>{
211
+ try {
212
+ return await executeRequest();
213
+ } catch (error) {
214
+ // Only attempt refresh for 401 errors on non-auth paths
215
+ if (isFetchError(error) && error.status === 401 && !isAuthPath(url)) {
216
+ try {
217
+ await attemptTokenRefresh();
218
+ // Retry - executeRequest will call getDefaultHeaders() again, picking up the new token
219
+ return await executeRequest();
220
+ } catch {
221
+ // If refresh fails, throw the original error
222
+ throw error;
223
+ }
224
+ }
225
+ throw error;
226
+ }
227
+ };
99
228
  const paramsSerializer = (params)=>(url)=>{
100
229
  if (params) {
101
230
  if (typeof params === 'string') {
@@ -121,81 +250,91 @@ const getToken = ()=>{
121
250
  */ const makeCreateRequestUrl = (options)=>pipe(normalizeUrl, addBaseUrl, paramsSerializer(options?.params));
122
251
  const fetchClient = {
123
252
  get: async (url, options)=>{
124
- const headers = new Headers({
125
- ...defaultHeader,
126
- ...options?.headers
127
- });
128
- /**
129
- * this applies all our transformations to the URL
130
- * - normalizing (making sure it has the correct slash)
131
- * - appending our BaseURL which comes from the window.strapi object
132
- * - serializing our params with QS
133
- */ const createRequestUrl = makeCreateRequestUrl(options);
134
- const response = await fetch(createRequestUrl(url), {
135
- signal: options?.signal ?? defaultOptions.signal,
136
- method: 'GET',
137
- headers
138
- });
139
- return responseInterceptor(response, options?.validateStatus);
253
+ const createRequestUrl = makeCreateRequestUrl(options);
254
+ const executeRequest = async ()=>{
255
+ const headers = new Headers({
256
+ ...getDefaultHeaders(),
257
+ ...options?.headers
258
+ });
259
+ const response = await fetch(createRequestUrl(url), {
260
+ signal: options?.signal ?? defaultOptions.signal,
261
+ method: 'GET',
262
+ headers
263
+ });
264
+ return responseInterceptor(response, options?.validateStatus);
265
+ };
266
+ return withTokenRefresh(url, executeRequest);
140
267
  },
141
268
  post: async (url, data, options)=>{
142
- const headers = new Headers({
143
- ...defaultHeader,
144
- ...options?.headers
145
- });
146
269
  const createRequestUrl = makeCreateRequestUrl(options);
147
- /**
148
- * we have to remove the Content-Type value if it was a formData request
149
- * the browser will automatically set the header value
150
- */ if (isFormDataRequest(data)) {
151
- headers.delete('Content-Type');
152
- }
153
- const response = await fetch(createRequestUrl(url), {
154
- signal: options?.signal ?? defaultOptions.signal,
155
- method: 'POST',
156
- headers,
157
- body: isFormDataRequest(data) ? data : JSON.stringify(data)
158
- });
159
- return responseInterceptor(response, options?.validateStatus);
270
+ const executeRequest = async ()=>{
271
+ const headers = new Headers({
272
+ ...getDefaultHeaders(),
273
+ ...options?.headers
274
+ });
275
+ /**
276
+ * we have to remove the Content-Type value if it was a formData request
277
+ * the browser will automatically set the header value
278
+ */ if (isFormDataRequest(data)) {
279
+ headers.delete('Content-Type');
280
+ }
281
+ const response = await fetch(createRequestUrl(url), {
282
+ signal: options?.signal ?? defaultOptions.signal,
283
+ method: 'POST',
284
+ headers,
285
+ body: isFormDataRequest(data) ? data : JSON.stringify(data)
286
+ });
287
+ return responseInterceptor(response, options?.validateStatus);
288
+ };
289
+ return withTokenRefresh(url, executeRequest);
160
290
  },
161
291
  put: async (url, data, options)=>{
162
- const headers = new Headers({
163
- ...defaultHeader,
164
- ...options?.headers
165
- });
166
292
  const createRequestUrl = makeCreateRequestUrl(options);
167
- /**
168
- * we have to remove the Content-Type value if it was a formData request
169
- * the browser will automatically set the header value
170
- */ if (isFormDataRequest(data)) {
171
- headers.delete('Content-Type');
172
- }
173
- const response = await fetch(createRequestUrl(url), {
174
- signal: options?.signal ?? defaultOptions.signal,
175
- method: 'PUT',
176
- headers,
177
- body: isFormDataRequest(data) ? data : JSON.stringify(data)
178
- });
179
- return responseInterceptor(response, options?.validateStatus);
293
+ const executeRequest = async ()=>{
294
+ const headers = new Headers({
295
+ ...getDefaultHeaders(),
296
+ ...options?.headers
297
+ });
298
+ /**
299
+ * we have to remove the Content-Type value if it was a formData request
300
+ * the browser will automatically set the header value
301
+ */ if (isFormDataRequest(data)) {
302
+ headers.delete('Content-Type');
303
+ }
304
+ const response = await fetch(createRequestUrl(url), {
305
+ signal: options?.signal ?? defaultOptions.signal,
306
+ method: 'PUT',
307
+ headers,
308
+ body: isFormDataRequest(data) ? data : JSON.stringify(data)
309
+ });
310
+ return responseInterceptor(response, options?.validateStatus);
311
+ };
312
+ return withTokenRefresh(url, executeRequest);
180
313
  },
181
314
  del: async (url, options)=>{
182
- const headers = new Headers({
183
- ...defaultHeader,
184
- ...options?.headers
185
- });
186
315
  const createRequestUrl = makeCreateRequestUrl(options);
187
- const response = await fetch(createRequestUrl(url), {
188
- signal: options?.signal ?? defaultOptions.signal,
189
- method: 'DELETE',
190
- headers
191
- });
192
- return responseInterceptor(response, options?.validateStatus);
316
+ const executeRequest = async ()=>{
317
+ const headers = new Headers({
318
+ ...getDefaultHeaders(),
319
+ ...options?.headers
320
+ });
321
+ const response = await fetch(createRequestUrl(url), {
322
+ signal: options?.signal ?? defaultOptions.signal,
323
+ method: 'DELETE',
324
+ headers
325
+ });
326
+ return responseInterceptor(response, options?.validateStatus);
327
+ };
328
+ return withTokenRefresh(url, executeRequest);
193
329
  }
194
330
  };
195
331
  return fetchClient;
196
332
  };
197
333
 
198
334
  exports.FetchError = FetchError;
335
+ exports.attemptTokenRefresh = attemptTokenRefresh;
199
336
  exports.getFetchClient = getFetchClient;
200
337
  exports.isFetchError = isFetchError;
338
+ exports.setOnTokenUpdate = setOnTokenUpdate;
339
+ exports.storeToken = storeToken;
201
340
  //# sourceMappingURL=getFetchClient.js.map
package/dist/admin/admin/src/utils/getFetchClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"getFetchClient.js","sources":["../../../../../admin/src/utils/getFetchClient.ts"],"sourcesContent":["import pipe from 'lodash/fp/pipe';\nimport qs from 'qs';\n\nimport { getCookieValue } from './cookies';\n\nimport type { errors } from '@strapi/utils';\n\nexport type ApiError =\n | errors.ApplicationError\n | errors.ForbiddenError\n | errors.NotFoundError\n | errors.NotImplementedError\n | errors.PaginationError\n | errors.PayloadTooLargeError\n | errors.PolicyError\n | errors.RateLimitError\n | errors.UnauthorizedError\n | errors.ValidationError\n | errors.YupValidationError;\n\nconst STORAGE_KEYS = {\n TOKEN: 'jwtToken',\n USER: 'userInfo',\n};\n\ntype FetchResponse<TData = any> = {\n data: TData;\n status?: number;\n};\n\ntype FetchOptions = {\n params?: any;\n signal?: AbortSignal;\n headers?: Record<string, string>;\n validateStatus?: ((status: number) => boolean) | null;\n};\n\ntype FetchConfig = {\n signal?: AbortSignal;\n};\n\ninterface ErrorResponse {\n data: {\n data?: any;\n error: ApiError & { status?: number };\n };\n}\n\nclass FetchError extends Error {\n public name: string;\n public message: string;\n public response?: ErrorResponse;\n public code?: number;\n public status?: number;\n\n constructor(message: string, response?: ErrorResponse) {\n super(message);\n this.name = 'FetchError';\n this.message = message;\n this.response = response;\n this.code = response?.data?.error?.status;\n this.status = response?.data?.error?.status;\n\n // Ensure correct stack trace in error object\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, FetchError);\n }\n }\n}\n\nconst isFetchError = (error: unknown): error is FetchError => {\n return error instanceof FetchError;\n};\n\nconst getToken = (): string | null => {\n const fromLocalStorage = localStorage.getItem(STORAGE_KEYS.TOKEN);\n if (fromLocalStorage) {\n return JSON.parse(fromLocalStorage);\n }\n\n const fromCookie = getCookieValue(STORAGE_KEYS.TOKEN);\n return fromCookie ?? null;\n};\n\ntype FetchClient = {\n get: <TData = any>(url: string, config?: FetchOptions) => Promise<FetchResponse<TData>>;\n put: <TData = any, TSend = any>(\n url: string,\n data?: TSend,\n config?: FetchOptions\n ) => Promise<FetchResponse<TData>>;\n post: <TData = any, TSend = any>(\n url: string,\n data?: TSend,\n config?: FetchOptions\n ) => Promise<FetchResponse<TData>>;\n del: <TData = any>(url: string, config?: FetchOptions) => Promise<FetchResponse<TData>>;\n};\n\n/**\n * @public\n * @param {FetchConfig} [defaultOptions={}] - Fetch Configs.\n * @returns {FetchClient} A fetch client object with methods for making HTTP requests.\n * @description This is an abstraction around the native fetch exposed by a function. It provides a simple interface to handle API calls\n * to the Strapi backend.\n * @example\n * ```tsx\n * import { getFetchClient } from '@strapi/admin/admin';\n *\n * const myFunct = () => {\n * const { get } = getFetchClient();\n * const requestURL = \"/some-endpoint\";\n *\n * const { data } = await get(requestURL);\n *\n * return data;\n * };\n * ```\n */\nconst getFetchClient = (defaultOptions: FetchConfig = {}): FetchClient => {\n const backendURL = window.strapi.backendURL;\n const defaultHeader = {\n Accept: 'application/json',\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${getToken()}`,\n };\n\n const isFormDataRequest = (body: unknown) => body instanceof FormData;\n const addPrependingSlash = (url: string) => (url.charAt(0) !== '/' ? `/${url}` : url);\n\n // This regular expression matches a string that starts with either \"http://\" or \"https://\" or any other protocol name in lower case letters, followed by \"://\" and ends with anything else\n const hasProtocol = (url: string) => new RegExp('^(?:[a-z+]+:)?//', 'i').test(url);\n\n // Check if the url has a prepending slash, if not add a slash\n const normalizeUrl = (url: string) => (hasProtocol(url) ? url : addPrependingSlash(url));\n\n // Add a response interceptor to return the response\n const responseInterceptor = async <TData = any>(\n response: Response,\n validateStatus?: FetchOptions['validateStatus']\n ): Promise<FetchResponse<TData>> => {\n try {\n const result = await response.json();\n\n /**\n * validateStatus allows us to customize when a response should throw an error\n * In native Fetch API, a response is considered \"not ok\"\n * when the status code falls in the 200 to 299 (inclusive) range\n */\n if (!response.ok && result.error && !validateStatus?.(response.status)) {\n throw new FetchError(result.error.message, { data: result });\n }\n\n if (!response.ok && !validateStatus?.(response.status)) {\n throw new FetchError('Unknown Server Error');\n }\n\n return { data: result };\n } catch (error) {\n if (error instanceof SyntaxError && response.ok) {\n // Making sure that a SyntaxError doesn't throw if it's successful\n return { data: [], status: response.status } as FetchResponse<any>;\n } else {\n throw error;\n }\n }\n };\n\n const paramsSerializer =\n <Param = unknown>(params?: Param) =>\n (url: string) => {\n if (params) {\n if (typeof params === 'string') {\n return `${url}?${params}`;\n }\n\n /**\n * TODO V6: Encoding should be enabled in this step\n * So the rest of the app doesn't have to worry about it,\n * It's considered a breaking change because it impacts any API request, including the user's custom code\n */\n const serializedParams = qs.stringify(params, { encode: false });\n return `${url}?${serializedParams}`;\n }\n return url;\n };\n\n const addBaseUrl = (url: Parameters<typeof fetch>[0]) => {\n return `${backendURL}${url}`;\n };\n\n /**\n * We use the factory method because the options\n * are unique to the individual request\n */\n const makeCreateRequestUrl = (options?: FetchOptions) =>\n pipe(normalizeUrl, addBaseUrl, paramsSerializer(options?.params));\n\n const fetchClient: FetchClient = {\n get: async <TData>(url: string, options?: FetchOptions): Promise<FetchResponse<TData>> => {\n const headers = new Headers({\n ...defaultHeader,\n ...options?.headers,\n });\n /**\n * this applies all our transformations to the URL\n * - normalizing (making sure it has the correct slash)\n * - appending our BaseURL which comes from the window.strapi object\n * - serializing our params with QS\n */\n const createRequestUrl = makeCreateRequestUrl(options);\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'GET',\n headers,\n });\n\n return responseInterceptor<TData>(response, options?.validateStatus);\n },\n post: async <TData, TSend = any>(\n url: string,\n data?: TSend,\n options?: FetchOptions\n ): Promise<FetchResponse<TData>> => {\n const headers = new Headers({\n ...defaultHeader,\n ...options?.headers,\n });\n\n const createRequestUrl = makeCreateRequestUrl(options);\n\n /**\n * we have to remove the Content-Type value if it was a formData request\n * the browser will automatically set the header value\n */\n if (isFormDataRequest(data)) {\n headers.delete('Content-Type');\n }\n\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'POST',\n headers,\n body: isFormDataRequest(data) ? (data as FormData) : JSON.stringify(data),\n });\n return responseInterceptor<TData>(response, options?.validateStatus);\n },\n put: async <TData, TSend = any>(\n url: string,\n data?: TSend,\n options?: FetchOptions\n ): Promise<FetchResponse<TData>> => {\n const headers = new Headers({\n ...defaultHeader,\n ...options?.headers,\n });\n\n const createRequestUrl = makeCreateRequestUrl(options);\n\n /**\n * we have to remove the Content-Type value if it was a formData request\n * the browser will automatically set the header value\n */\n if (isFormDataRequest(data)) {\n headers.delete('Content-Type');\n }\n\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'PUT',\n headers,\n body: isFormDataRequest(data) ? (data as FormData) : JSON.stringify(data),\n });\n\n return responseInterceptor<TData>(response, options?.validateStatus);\n },\n del: async <TData>(url: string, options?: FetchOptions): Promise<FetchResponse<TData>> => {\n const headers = new Headers({\n ...defaultHeader,\n ...options?.headers,\n });\n\n const createRequestUrl = makeCreateRequestUrl(options);\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'DELETE',\n headers,\n });\n return responseInterceptor<TData>(response, options?.validateStatus);\n },\n };\n\n return fetchClient;\n};\n\nexport { getFetchClient, isFetchError, FetchError };\nexport type { FetchOptions, FetchResponse, FetchConfig, FetchClient, ErrorResponse };\n"],"names":["STORAGE_KEYS","TOKEN","USER","FetchError","Error","message","response","name","code","data","error","status","captureStackTrace","isFetchError","getToken","fromLocalStorage","localStorage","getItem","JSON","parse","fromCookie","getCookieValue","getFetchClient","defaultOptions","backendURL","window","strapi","defaultHeader","Accept","Authorization","isFormDataRequest","body","FormData","addPrependingSlash","url","charAt","hasProtocol","RegExp","test","normalizeUrl","responseInterceptor","validateStatus","result","json","ok","SyntaxError","paramsSerializer","params","serializedParams","qs","stringify","encode","addBaseUrl","makeCreateRequestUrl","options","pipe","fetchClient","get","headers","Headers","createRequestUrl","fetch","signal","method","post","delete","put","del"],"mappings":";;;;;;AAoBA,MAAMA,YAAe,GAAA;IACnBC,KAAO,EAAA,UAAA;IACPC,IAAM,EAAA;AACR,CAAA;AAyBA,MAAMC,UAAmBC,SAAAA,KAAAA,CAAAA;IAOvB,WAAYC,CAAAA,OAAe,EAAEC,QAAwB,CAAE;AACrD,QAAA,KAAK,CAACD,OAAAA,CAAAA;QACN,IAAI,CAACE,IAAI,GAAG,YAAA;QACZ,IAAI,CAACF,OAAO,GAAGA,OAAAA;QACf,IAAI,CAACC,QAAQ,GAAGA,QAAAA;AAChB,QAAA,IAAI,CAACE,IAAI,GAAGF,QAAAA,EAAUG,MAAMC,KAAOC,EAAAA,MAAAA;AACnC,QAAA,IAAI,CAACA,MAAM,GAAGL,QAAAA,EAAUG,MAAMC,KAAOC,EAAAA,MAAAA;;QAGrC,IAAIP,KAAAA,CAAMQ,iBAAiB,EAAE;YAC3BR,KAAMQ,CAAAA,iBAAiB,CAAC,IAAI,EAAET,UAAAA,CAAAA;AAChC;AACF;AACF;AAEA,MAAMU,eAAe,CAACH,KAAAA,GAAAA;AACpB,IAAA,OAAOA,KAAiBP,YAAAA,UAAAA;AAC1B;AAEA,MAAMW,QAAW,GAAA,IAAA;AACf,IAAA,MAAMC,gBAAmBC,GAAAA,YAAAA,CAAaC,OAAO,CAACjB,aAAaC,KAAK,CAAA;AAChE,IAAA,IAAIc,gBAAkB,EAAA;QACpB,OAAOG,IAAAA,CAAKC,KAAK,CAACJ,gBAAAA,CAAAA;AACpB;IAEA,MAAMK,UAAAA,GAAaC,sBAAerB,CAAAA,YAAAA,CAAaC,KAAK,CAAA;AACpD,IAAA,OAAOmB,UAAc,IAAA,IAAA;AACvB,CAAA;AAiBA;;;;;;;;;;;;;;;;;;;AAmBC,IACKE,MAAAA,cAAAA,GAAiB,CAACC,cAAAA,GAA8B,EAAE,GAAA;AACtD,IAAA,MAAMC,UAAaC,GAAAA,MAAAA,CAAOC,MAAM,CAACF,UAAU;AAC3C,IAAA,MAAMG,aAAgB,GAAA;QACpBC,MAAQ,EAAA,kBAAA;QACR,cAAgB,EAAA,kBAAA;QAChBC,aAAe,EAAA,CAAC,OAAO,EAAEf,QAAY,EAAA,CAAA;AACvC,KAAA;IAEA,MAAMgB,iBAAAA,GAAoB,CAACC,IAAAA,GAAkBA,IAAgBC,YAAAA,QAAAA;AAC7D,IAAA,MAAMC,kBAAqB,GAAA,CAACC,GAAiBA,GAAAA,GAAAA,CAAIC,MAAM,CAAC,CAAO,CAAA,KAAA,GAAA,GAAM,CAAC,CAAC,EAAED,GAAAA,CAAAA,CAAK,GAAGA,GAAAA;;IAGjF,MAAME,WAAAA,GAAc,CAACF,GAAgB,GAAA,IAAIG,OAAO,kBAAoB,EAAA,GAAA,CAAA,CAAKC,IAAI,CAACJ,GAAAA,CAAAA;;AAG9E,IAAA,MAAMK,eAAe,CAACL,GAAAA,GAAiBE,WAAYF,CAAAA,GAAAA,CAAAA,GAAOA,MAAMD,kBAAmBC,CAAAA,GAAAA,CAAAA;;IAGnF,MAAMM,mBAAAA,GAAsB,OAC1BlC,QACAmC,EAAAA,cAAAA,GAAAA;QAEA,IAAI;YACF,MAAMC,MAAAA,GAAS,MAAMpC,QAAAA,CAASqC,IAAI,EAAA;AAElC;;;;AAIC,UACD,IAAI,CAACrC,QAASsC,CAAAA,EAAE,IAAIF,MAAAA,CAAOhC,KAAK,IAAI,CAAC+B,cAAAA,GAAiBnC,QAASK,CAAAA,MAAM,CAAG,EAAA;AACtE,gBAAA,MAAM,IAAIR,UAAWuC,CAAAA,MAAAA,CAAOhC,KAAK,CAACL,OAAO,EAAE;oBAAEI,IAAMiC,EAAAA;AAAO,iBAAA,CAAA;AAC5D;YAEA,IAAI,CAACpC,SAASsC,EAAE,IAAI,CAACH,cAAiBnC,GAAAA,QAAAA,CAASK,MAAM,CAAG,EAAA;AACtD,gBAAA,MAAM,IAAIR,UAAW,CAAA,sBAAA,CAAA;AACvB;YAEA,OAAO;gBAAEM,IAAMiC,EAAAA;AAAO,aAAA;AACxB,SAAA,CAAE,OAAOhC,KAAO,EAAA;AACd,YAAA,IAAIA,KAAiBmC,YAAAA,WAAAA,IAAevC,QAASsC,CAAAA,EAAE,EAAE;;gBAE/C,OAAO;AAAEnC,oBAAAA,IAAAA,EAAM,EAAE;AAAEE,oBAAAA,MAAAA,EAAQL,SAASK;AAAO,iBAAA;aACtC,MAAA;gBACL,MAAMD,KAAAA;AACR;AACF;AACF,KAAA;IAEA,MAAMoC,gBAAAA,GACJ,CAAkBC,MAAAA,GAClB,CAACb,GAAAA,GAAAA;AACC,YAAA,IAAIa,MAAQ,EAAA;gBACV,IAAI,OAAOA,WAAW,QAAU,EAAA;AAC9B,oBAAA,OAAO,CAAGb,EAAAA,GAAAA,CAAI,CAAC,EAAEa,MAAQ,CAAA,CAAA;AAC3B;AAEA;;;;AAIC,YACD,MAAMC,gBAAAA,GAAmBC,EAAGC,CAAAA,SAAS,CAACH,MAAQ,EAAA;oBAAEI,MAAQ,EAAA;AAAM,iBAAA,CAAA;AAC9D,gBAAA,OAAO,CAAGjB,EAAAA,GAAAA,CAAI,CAAC,EAAEc,gBAAkB,CAAA,CAAA;AACrC;YACA,OAAOd,GAAAA;AACT,SAAA;AAEF,IAAA,MAAMkB,aAAa,CAAClB,GAAAA,GAAAA;QAClB,OAAO,CAAA,EAAGV,aAAaU,GAAK,CAAA,CAAA;AAC9B,KAAA;AAEA;;;MAIA,MAAMmB,uBAAuB,CAACC,OAAAA,GAC5BC,KAAKhB,YAAca,EAAAA,UAAAA,EAAYN,iBAAiBQ,OAASP,EAAAA,MAAAA,CAAAA,CAAAA;AAE3D,IAAA,MAAMS,WAA2B,GAAA;AAC/BC,QAAAA,GAAAA,EAAK,OAAcvB,GAAaoB,EAAAA,OAAAA,GAAAA;YAC9B,MAAMI,OAAAA,GAAU,IAAIC,OAAQ,CAAA;AAC1B,gBAAA,GAAGhC,aAAa;AAChB,gBAAA,GAAG2B,SAASI;AACd,aAAA,CAAA;AACA;;;;;UAMA,MAAME,mBAAmBP,oBAAqBC,CAAAA,OAAAA,CAAAA;AAC9C,YAAA,MAAMhD,QAAW,GAAA,MAAMuD,KAAMD,CAAAA,gBAAAA,CAAiB1B,GAAM,CAAA,EAAA;gBAClD4B,MAAQR,EAAAA,OAAAA,EAASQ,MAAUvC,IAAAA,cAAAA,CAAeuC,MAAM;gBAChDC,MAAQ,EAAA,KAAA;AACRL,gBAAAA;AACF,aAAA,CAAA;YAEA,OAAOlB,mBAAAA,CAA2BlC,UAAUgD,OAASb,EAAAA,cAAAA,CAAAA;AACvD,SAAA;QACAuB,IAAM,EAAA,OACJ9B,KACAzB,IACA6C,EAAAA,OAAAA,GAAAA;YAEA,MAAMI,OAAAA,GAAU,IAAIC,OAAQ,CAAA;AAC1B,gBAAA,GAAGhC,aAAa;AAChB,gBAAA,GAAG2B,SAASI;AACd,aAAA,CAAA;AAEA,YAAA,MAAME,mBAAmBP,oBAAqBC,CAAAA,OAAAA,CAAAA;AAE9C;;;UAIA,IAAIxB,kBAAkBrB,IAAO,CAAA,EAAA;AAC3BiD,gBAAAA,OAAAA,CAAQO,MAAM,CAAC,cAAA,CAAA;AACjB;AAEA,YAAA,MAAM3D,QAAW,GAAA,MAAMuD,KAAMD,CAAAA,gBAAAA,CAAiB1B,GAAM,CAAA,EAAA;gBAClD4B,MAAQR,EAAAA,OAAAA,EAASQ,MAAUvC,IAAAA,cAAAA,CAAeuC,MAAM;gBAChDC,MAAQ,EAAA,MAAA;AACRL,gBAAAA,OAAAA;AACA3B,gBAAAA,IAAAA,EAAMD,iBAAkBrB,CAAAA,IAAAA,CAAAA,GAASA,IAAoBS,GAAAA,IAAAA,CAAKgC,SAAS,CAACzC,IAAAA;AACtE,aAAA,CAAA;YACA,OAAO+B,mBAAAA,CAA2BlC,UAAUgD,OAASb,EAAAA,cAAAA,CAAAA;AACvD,SAAA;QACAyB,GAAK,EAAA,OACHhC,KACAzB,IACA6C,EAAAA,OAAAA,GAAAA;YAEA,MAAMI,OAAAA,GAAU,IAAIC,OAAQ,CAAA;AAC1B,gBAAA,GAAGhC,aAAa;AAChB,gBAAA,GAAG2B,SAASI;AACd,aAAA,CAAA;AAEA,YAAA,MAAME,mBAAmBP,oBAAqBC,CAAAA,OAAAA,CAAAA;AAE9C;;;UAIA,IAAIxB,kBAAkBrB,IAAO,CAAA,EAAA;AAC3BiD,gBAAAA,OAAAA,CAAQO,MAAM,CAAC,cAAA,CAAA;AACjB;AAEA,YAAA,MAAM3D,QAAW,GAAA,MAAMuD,KAAMD,CAAAA,gBAAAA,CAAiB1B,GAAM,CAAA,EAAA;gBAClD4B,MAAQR,EAAAA,OAAAA,EAASQ,MAAUvC,IAAAA,cAAAA,CAAeuC,MAAM;gBAChDC,MAAQ,EAAA,KAAA;AACRL,gBAAAA,OAAAA;AACA3B,gBAAAA,IAAAA,EAAMD,iBAAkBrB,CAAAA,IAAAA,CAAAA,GAASA,IAAoBS,GAAAA,IAAAA,CAAKgC,SAAS,CAACzC,IAAAA;AACtE,aAAA,CAAA;YAEA,OAAO+B,mBAAAA,CAA2BlC,UAAUgD,OAASb,EAAAA,cAAAA,CAAAA;AACvD,SAAA;AACA0B,QAAAA,GAAAA,EAAK,OAAcjC,GAAaoB,EAAAA,OAAAA,GAAAA;YAC9B,MAAMI,OAAAA,GAAU,IAAIC,OAAQ,CAAA;AAC1B,gBAAA,GAAGhC,aAAa;AAChB,gBAAA,GAAG2B,SAASI;AACd,aAAA,CAAA;AAEA,YAAA,MAAME,mBAAmBP,oBAAqBC,CAAAA,OAAAA,CAAAA;AAC9C,YAAA,MAAMhD,QAAW,GAAA,MAAMuD,KAAMD,CAAAA,gBAAAA,CAAiB1B,GAAM,CAAA,EAAA;gBAClD4B,MAAQR,EAAAA,OAAAA,EAASQ,MAAUvC,IAAAA,cAAAA,CAAeuC,MAAM;gBAChDC,MAAQ,EAAA,QAAA;AACRL,gBAAAA;AACF,aAAA,CAAA;YACA,OAAOlB,mBAAAA,CAA2BlC,UAAUgD,OAASb,EAAAA,cAAAA,CAAAA;AACvD;AACF,KAAA;IAEA,OAAOe,WAAAA;AACT;;;;;;"}
1
+ {"version":3,"file":"getFetchClient.js","sources":["../../../../../admin/src/utils/getFetchClient.ts"],"sourcesContent":["import pipe from 'lodash/fp/pipe';\n// eslint-disable-next-line import/default\nimport qs from 'qs';\n\nimport { getCookieValue, setCookie } from './cookies';\n\nimport type { errors } from '@strapi/utils';\n\nexport type ApiError =\n | errors.ApplicationError\n | errors.ForbiddenError\n | errors.NotFoundError\n | errors.NotImplementedError\n | errors.PaginationError\n | errors.PayloadTooLargeError\n | errors.PolicyError\n | errors.RateLimitError\n | errors.UnauthorizedError\n | errors.ValidationError\n | errors.YupValidationError;\n\nconst STORAGE_KEYS = {\n TOKEN: 'jwtToken',\n USER: 'userInfo',\n};\n\n/**\n * Module-level promise to ensure only one token refresh happens at a time\n */\nlet refreshPromise: Promise<string | null> | null = null;\n\n/**\n * Callback to notify the app when the token is updated (e.g., to update Redux state)\n */\nlet onTokenUpdate: ((token: string) => void) | null = null;\n\n/**\n * Set the callback that will be called when the token is refreshed.\n * This allows the React layer to update Redux state when a token refresh occurs.\n *\n * @param callback - Function to call with the new token, or null to clear\n * @example\n * // In a React component\n * useEffect(() => {\n * setOnTokenUpdate((token) => dispatch(setToken(token)));\n * return () => setOnTokenUpdate(null);\n * }, [dispatch]);\n */\nconst setOnTokenUpdate = (callback: ((token: string) => void) | null): void => {\n onTokenUpdate = callback;\n};\n\n/**\n * Check if the URL is an auth path that should not trigger token refresh.\n * Note: No ^ anchor since the URL may include the baseURL prefix (e.g., \"http://localhost:1337/admin/login\").\n * This differs from baseQuery.ts which uses ^/admin since it receives normalized paths.\n */\nconst isAuthPath = (url: string) => /\\/admin\\/(login|logout|access-token)\\b/.test(url);\n\n/**\n * Store the new token in the appropriate storage (localStorage or cookie)\n * and notify the app to update its state.\n *\n * Uses localStorage if the user selected \"remember me\" during login,\n * otherwise uses cookies for session-based storage.\n *\n * @param token - The JWT token to store\n * @internal Exported for testing purposes\n */\nconst storeToken = (token: string): void => {\n // Check if the original token was stored in localStorage (persist mode)\n const wasPersistedToLocalStorage = Boolean(localStorage.getItem(STORAGE_KEYS.TOKEN));\n\n if (wasPersistedToLocalStorage) {\n localStorage.setItem(STORAGE_KEYS.TOKEN, JSON.stringify(token));\n } else {\n setCookie(STORAGE_KEYS.TOKEN, token);\n }\n\n // Notify the app to update its state (e.g., Redux)\n if (onTokenUpdate) {\n onTokenUpdate(token);\n }\n};\n\n/**\n * Refresh the access token by calling the /admin/access-token endpoint.\n * This uses a low-level fetch to avoid recursion through the interceptor.\n * Returns the new token on success, or null on failure.\n */\nconst refreshAccessToken = async (): Promise<string | null> => {\n const backendURL = window.strapi.backendURL;\n\n try {\n const response = await fetch(`${backendURL}/admin/access-token`, {\n method: 'POST',\n credentials: 'include', // Include cookies for the refresh token\n headers: {\n Accept: 'application/json',\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n console.warn('[Auth] Token refresh failed with status:', response.status);\n return null;\n }\n\n const result = await response.json();\n const token = result?.data?.token as string | undefined;\n\n if (!token) {\n console.warn('[Auth] Token refresh response missing token');\n return null;\n }\n\n storeToken(token);\n return token;\n } catch (error) {\n console.error('[Auth] Token refresh error:', error);\n return null;\n }\n};\n\n/**\n * Attempt to refresh the token if not already refreshing.\n * Uses a module-level promise to prevent concurrent refresh requests.\n *\n * @returns The new authentication token\n * @throws {Error} If the token refresh fails (e.g., refresh token expired)\n * @internal Exported for testing purposes\n */\nconst attemptTokenRefresh = async (): Promise<string> => {\n if (!refreshPromise) {\n refreshPromise = refreshAccessToken().finally(() => {\n refreshPromise = null;\n });\n }\n\n const newToken = await refreshPromise;\n if (!newToken) {\n const error = new Error('Session expired. Please log in again.');\n error.name = 'TokenRefreshError';\n throw error;\n }\n\n return newToken;\n};\n\ntype FetchResponse<TData = any> = {\n data: TData;\n status?: number;\n};\n\ntype FetchOptions = {\n params?: any;\n signal?: AbortSignal;\n headers?: Record<string, string>;\n validateStatus?: ((status: number) => boolean) | null;\n};\n\ntype FetchConfig = {\n signal?: AbortSignal;\n};\n\ninterface ErrorResponse {\n data: {\n data?: any;\n error: ApiError & { status?: number };\n };\n}\n\nclass FetchError extends Error {\n public name: string;\n public message: string;\n public response?: ErrorResponse;\n public code?: number;\n public status?: number;\n\n constructor(message: string, response?: ErrorResponse) {\n super(message);\n this.name = 'FetchError';\n this.message = message;\n this.response = response;\n this.code = response?.data?.error?.status;\n this.status = response?.data?.error?.status;\n\n // Ensure correct stack trace in error object\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, FetchError);\n }\n }\n}\n\nconst isFetchError = (error: unknown): error is FetchError => {\n return error instanceof FetchError;\n};\n\nconst getToken = (): string | null => {\n const fromLocalStorage = localStorage.getItem(STORAGE_KEYS.TOKEN);\n if (fromLocalStorage) {\n return JSON.parse(fromLocalStorage);\n }\n\n const fromCookie = getCookieValue(STORAGE_KEYS.TOKEN);\n return fromCookie ?? null;\n};\n\ntype FetchClient = {\n get: <TData = any>(url: string, config?: FetchOptions) => Promise<FetchResponse<TData>>;\n put: <TData = any, TSend = any>(\n url: string,\n data?: TSend,\n config?: FetchOptions\n ) => Promise<FetchResponse<TData>>;\n post: <TData = any, TSend = any>(\n url: string,\n data?: TSend,\n config?: FetchOptions\n ) => Promise<FetchResponse<TData>>;\n del: <TData = any>(url: string, config?: FetchOptions) => Promise<FetchResponse<TData>>;\n};\n\n/**\n * @public\n * @param {FetchConfig} [defaultOptions={}] - Fetch Configs.\n * @returns {FetchClient} A fetch client object with methods for making HTTP requests.\n * @description This is an abstraction around the native fetch exposed by a function. It provides a simple interface to handle API calls\n * to the Strapi backend.\n * @example\n * ```tsx\n * import { getFetchClient } from '@strapi/admin/admin';\n *\n * const myFunct = () => {\n * const { get } = getFetchClient();\n * const requestURL = \"/some-endpoint\";\n *\n * const { data } = await get(requestURL);\n *\n * return data;\n * };\n * ```\n */\nconst getFetchClient = (defaultOptions: FetchConfig = {}): FetchClient => {\n const backendURL = window.strapi.backendURL;\n\n /**\n * Create default headers with the current token.\n * This is a function so we can get a fresh token after refresh.\n */\n const getDefaultHeaders = () => ({\n Accept: 'application/json',\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${getToken()}`,\n });\n\n const isFormDataRequest = (body: unknown) => body instanceof FormData;\n const addPrependingSlash = (url: string) => (url.charAt(0) !== '/' ? `/${url}` : url);\n\n // This regular expression matches a string that starts with either \"http://\" or \"https://\" or any other protocol name in lower case letters, followed by \"://\" and ends with anything else\n const hasProtocol = (url: string) => new RegExp('^(?:[a-z+]+:)?//', 'i').test(url);\n\n // Check if the url has a prepending slash, if not add a slash\n const normalizeUrl = (url: string) => (hasProtocol(url) ? url : addPrependingSlash(url));\n\n // Add a response interceptor to return the response\n const responseInterceptor = async <TData = any>(\n response: Response,\n validateStatus?: FetchOptions['validateStatus']\n ): Promise<FetchResponse<TData>> => {\n try {\n const result = await response.json();\n\n /**\n * validateStatus allows us to customize when a response should throw an error\n * In native Fetch API, a response is considered \"not ok\"\n * when the status code falls in the 200 to 299 (inclusive) range\n */\n if (!response.ok && result.error && !validateStatus?.(response.status)) {\n const fetchError = new FetchError(result.error.message, { data: result });\n fetchError.status = response.status;\n throw fetchError;\n }\n\n if (!response.ok && !validateStatus?.(response.status)) {\n const fetchError = new FetchError('Unknown Server Error');\n fetchError.status = response.status;\n throw fetchError;\n }\n\n return { data: result };\n } catch (error) {\n if (error instanceof SyntaxError && response.ok) {\n // Making sure that a SyntaxError doesn't throw if it's successful\n return { data: [], status: response.status } as FetchResponse<any>;\n } else {\n throw error;\n }\n }\n };\n\n /**\n * Execute a fetch request with automatic token refresh on 401 errors.\n * @param url - The request URL (used to check if it's an auth path)\n * @param executeRequest - Function that performs the fetch (called again on retry with fresh headers)\n */\n const withTokenRefresh = async <TData>(\n url: string,\n executeRequest: () => Promise<FetchResponse<TData>>\n ): Promise<FetchResponse<TData>> => {\n try {\n return await executeRequest();\n } catch (error) {\n // Only attempt refresh for 401 errors on non-auth paths\n if (isFetchError(error) && error.status === 401 && !isAuthPath(url)) {\n try {\n await attemptTokenRefresh();\n // Retry - executeRequest will call getDefaultHeaders() again, picking up the new token\n return await executeRequest();\n } catch {\n // If refresh fails, throw the original error\n throw error;\n }\n }\n throw error;\n }\n };\n\n const paramsSerializer =\n <Param = unknown>(params?: Param) =>\n (url: string) => {\n if (params) {\n if (typeof params === 'string') {\n return `${url}?${params}`;\n }\n\n /**\n * TODO V6: Encoding should be enabled in this step\n * So the rest of the app doesn't have to worry about it,\n * It's considered a breaking change because it impacts any API request, including the user's custom code\n */\n const serializedParams = qs.stringify(params, { encode: false });\n return `${url}?${serializedParams}`;\n }\n return url;\n };\n\n const addBaseUrl = (url: Parameters<typeof fetch>[0]) => {\n return `${backendURL}${url}`;\n };\n\n /**\n * We use the factory method because the options\n * are unique to the individual request\n */\n const makeCreateRequestUrl = (options?: FetchOptions) =>\n pipe(normalizeUrl, addBaseUrl, paramsSerializer(options?.params));\n\n const fetchClient: FetchClient = {\n get: async <TData>(url: string, options?: FetchOptions): Promise<FetchResponse<TData>> => {\n const createRequestUrl = makeCreateRequestUrl(options);\n\n const executeRequest = async () => {\n const headers = new Headers({\n ...getDefaultHeaders(),\n ...options?.headers,\n });\n\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'GET',\n headers,\n });\n\n return responseInterceptor<TData>(response, options?.validateStatus);\n };\n\n return withTokenRefresh(url, executeRequest);\n },\n post: async <TData, TSend = any>(\n url: string,\n data?: TSend,\n options?: FetchOptions\n ): Promise<FetchResponse<TData>> => {\n const createRequestUrl = makeCreateRequestUrl(options);\n\n const executeRequest = async () => {\n const headers = new Headers({\n ...getDefaultHeaders(),\n ...options?.headers,\n });\n\n /**\n * we have to remove the Content-Type value if it was a formData request\n * the browser will automatically set the header value\n */\n if (isFormDataRequest(data)) {\n headers.delete('Content-Type');\n }\n\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'POST',\n headers,\n body: isFormDataRequest(data) ? (data as FormData) : JSON.stringify(data),\n });\n return responseInterceptor<TData>(response, options?.validateStatus);\n };\n\n return withTokenRefresh(url, executeRequest);\n },\n put: async <TData, TSend = any>(\n url: string,\n data?: TSend,\n options?: FetchOptions\n ): Promise<FetchResponse<TData>> => {\n const createRequestUrl = makeCreateRequestUrl(options);\n\n const executeRequest = async () => {\n const headers = new Headers({\n ...getDefaultHeaders(),\n ...options?.headers,\n });\n\n /**\n * we have to remove the Content-Type value if it was a formData request\n * the browser will automatically set the header value\n */\n if (isFormDataRequest(data)) {\n headers.delete('Content-Type');\n }\n\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'PUT',\n headers,\n body: isFormDataRequest(data) ? (data as FormData) : JSON.stringify(data),\n });\n\n return responseInterceptor<TData>(response, options?.validateStatus);\n };\n\n return withTokenRefresh(url, executeRequest);\n },\n del: async <TData>(url: string, options?: FetchOptions): Promise<FetchResponse<TData>> => {\n const createRequestUrl = makeCreateRequestUrl(options);\n\n const executeRequest = async () => {\n const headers = new Headers({\n ...getDefaultHeaders(),\n ...options?.headers,\n });\n\n const response = await fetch(createRequestUrl(url), {\n signal: options?.signal ?? defaultOptions.signal,\n method: 'DELETE',\n headers,\n });\n return responseInterceptor<TData>(response, options?.validateStatus);\n };\n\n return withTokenRefresh(url, executeRequest);\n },\n };\n\n return fetchClient;\n};\n\nexport {\n getFetchClient,\n isFetchError,\n FetchError,\n attemptTokenRefresh,\n storeToken,\n setOnTokenUpdate,\n};\nexport type { FetchOptions, FetchResponse, FetchConfig, FetchClient, ErrorResponse };\n"],"names":["STORAGE_KEYS","TOKEN","USER","refreshPromise","onTokenUpdate","setOnTokenUpdate","callback","isAuthPath","url","test","storeToken","token","wasPersistedToLocalStorage","Boolean","localStorage","getItem","setItem","JSON","stringify","setCookie","refreshAccessToken","backendURL","window","strapi","response","fetch","method","credentials","headers","Accept","ok","console","warn","status","result","json","data","error","attemptTokenRefresh","finally","newToken","Error","name","FetchError","message","code","captureStackTrace","isFetchError","getToken","fromLocalStorage","parse","fromCookie","getCookieValue","getFetchClient","defaultOptions","getDefaultHeaders","Authorization","isFormDataRequest","body","FormData","addPrependingSlash","charAt","hasProtocol","RegExp","normalizeUrl","responseInterceptor","validateStatus","fetchError","SyntaxError","withTokenRefresh","executeRequest","paramsSerializer","params","serializedParams","qs","encode","addBaseUrl","makeCreateRequestUrl","options","pipe","fetchClient","get","createRequestUrl","Headers","signal","post","delete","put","del"],"mappings":";;;;;;AAqBA,MAAMA,YAAe,GAAA;IACnBC,KAAO,EAAA,UAAA;IACPC,IAAM,EAAA;AACR,CAAA;AAEA;;AAEC,IACD,IAAIC,cAAgD,GAAA,IAAA;AAEpD;;AAEC,IACD,IAAIC,aAAkD,GAAA,IAAA;AAEtD;;;;;;;;;;;IAYA,MAAMC,mBAAmB,CAACC,QAAAA,GAAAA;IACxBF,aAAgBE,GAAAA,QAAAA;AAClB;AAEA;;;;AAIC,IACD,MAAMC,UAAa,GAAA,CAACC,GAAgB,GAAA,wCAAA,CAAyCC,IAAI,CAACD,GAAAA,CAAAA;AAElF;;;;;;;;;IAUA,MAAME,aAAa,CAACC,KAAAA,GAAAA;;AAElB,IAAA,MAAMC,6BAA6BC,OAAQC,CAAAA,YAAAA,CAAaC,OAAO,CAACf,aAAaC,KAAK,CAAA,CAAA;AAElF,IAAA,IAAIW,0BAA4B,EAAA;AAC9BE,QAAAA,YAAAA,CAAaE,OAAO,CAAChB,YAAAA,CAAaC,KAAK,EAAEgB,IAAAA,CAAKC,SAAS,CAACP,KAAAA,CAAAA,CAAAA;KACnD,MAAA;QACLQ,iBAAUnB,CAAAA,YAAAA,CAAaC,KAAK,EAAEU,KAAAA,CAAAA;AAChC;;AAGA,IAAA,IAAIP,aAAe,EAAA;QACjBA,aAAcO,CAAAA,KAAAA,CAAAA;AAChB;AACF;AAEA;;;;AAIC,IACD,MAAMS,kBAAqB,GAAA,UAAA;AACzB,IAAA,MAAMC,UAAaC,GAAAA,MAAAA,CAAOC,MAAM,CAACF,UAAU;IAE3C,IAAI;AACF,QAAA,MAAMG,WAAW,MAAMC,KAAAA,CAAM,GAAGJ,UAAW,CAAA,mBAAmB,CAAC,EAAE;YAC/DK,MAAQ,EAAA,MAAA;YACRC,WAAa,EAAA,SAAA;YACbC,OAAS,EAAA;gBACPC,MAAQ,EAAA,kBAAA;gBACR,cAAgB,EAAA;AAClB;AACF,SAAA,CAAA;QAEA,IAAI,CAACL,QAASM,CAAAA,EAAE,EAAE;AAChBC,YAAAA,OAAAA,CAAQC,IAAI,CAAC,0CAA4CR,EAAAA,QAAAA,CAASS,MAAM,CAAA;YACxE,OAAO,IAAA;AACT;QAEA,MAAMC,MAAAA,GAAS,MAAMV,QAAAA,CAASW,IAAI,EAAA;QAClC,MAAMxB,KAAAA,GAAQuB,QAAQE,IAAMzB,EAAAA,KAAAA;AAE5B,QAAA,IAAI,CAACA,KAAO,EAAA;AACVoB,YAAAA,OAAAA,CAAQC,IAAI,CAAC,6CAAA,CAAA;YACb,OAAO,IAAA;AACT;QAEAtB,UAAWC,CAAAA,KAAAA,CAAAA;QACX,OAAOA,KAAAA;AACT,KAAA,CAAE,OAAO0B,KAAO,EAAA;QACdN,OAAQM,CAAAA,KAAK,CAAC,6BAA+BA,EAAAA,KAAAA,CAAAA;QAC7C,OAAO,IAAA;AACT;AACF,CAAA;AAEA;;;;;;;AAOC,UACKC,mBAAsB,GAAA,UAAA;AAC1B,IAAA,IAAI,CAACnC,cAAgB,EAAA;QACnBA,cAAiBiB,GAAAA,kBAAAA,EAAAA,CAAqBmB,OAAO,CAAC,IAAA;YAC5CpC,cAAiB,GAAA,IAAA;AACnB,SAAA,CAAA;AACF;AAEA,IAAA,MAAMqC,WAAW,MAAMrC,cAAAA;AACvB,IAAA,IAAI,CAACqC,QAAU,EAAA;QACb,MAAMH,KAAAA,GAAQ,IAAII,KAAM,CAAA,uCAAA,CAAA;AACxBJ,QAAAA,KAAAA,CAAMK,IAAI,GAAG,mBAAA;QACb,MAAML,KAAAA;AACR;IAEA,OAAOG,QAAAA;AACT;AAyBA,MAAMG,UAAmBF,SAAAA,KAAAA,CAAAA;IAOvB,WAAYG,CAAAA,OAAe,EAAEpB,QAAwB,CAAE;AACrD,QAAA,KAAK,CAACoB,OAAAA,CAAAA;QACN,IAAI,CAACF,IAAI,GAAG,YAAA;QACZ,IAAI,CAACE,OAAO,GAAGA,OAAAA;QACf,IAAI,CAACpB,QAAQ,GAAGA,QAAAA;AAChB,QAAA,IAAI,CAACqB,IAAI,GAAGrB,QAAAA,EAAUY,MAAMC,KAAOJ,EAAAA,MAAAA;AACnC,QAAA,IAAI,CAACA,MAAM,GAAGT,QAAAA,EAAUY,MAAMC,KAAOJ,EAAAA,MAAAA;;QAGrC,IAAIQ,KAAAA,CAAMK,iBAAiB,EAAE;YAC3BL,KAAMK,CAAAA,iBAAiB,CAAC,IAAI,EAAEH,UAAAA,CAAAA;AAChC;AACF;AACF;AAEA,MAAMI,eAAe,CAACV,KAAAA,GAAAA;AACpB,IAAA,OAAOA,KAAiBM,YAAAA,UAAAA;AAC1B;AAEA,MAAMK,QAAW,GAAA,IAAA;AACf,IAAA,MAAMC,gBAAmBnC,GAAAA,YAAAA,CAAaC,OAAO,CAACf,aAAaC,KAAK,CAAA;AAChE,IAAA,IAAIgD,gBAAkB,EAAA;QACpB,OAAOhC,IAAAA,CAAKiC,KAAK,CAACD,gBAAAA,CAAAA;AACpB;IAEA,MAAME,UAAAA,GAAaC,sBAAepD,CAAAA,YAAAA,CAAaC,KAAK,CAAA;AACpD,IAAA,OAAOkD,UAAc,IAAA,IAAA;AACvB,CAAA;AAiBA;;;;;;;;;;;;;;;;;;;AAmBC,IACKE,MAAAA,cAAAA,GAAiB,CAACC,cAAAA,GAA8B,EAAE,GAAA;AACtD,IAAA,MAAMjC,UAAaC,GAAAA,MAAAA,CAAOC,MAAM,CAACF,UAAU;AAE3C;;;MAIA,MAAMkC,iBAAoB,GAAA,KAAO;YAC/B1B,MAAQ,EAAA,kBAAA;YACR,cAAgB,EAAA,kBAAA;YAChB2B,aAAe,EAAA,CAAC,OAAO,EAAER,QAAY,EAAA,CAAA;SACvC,CAAA;IAEA,MAAMS,iBAAAA,GAAoB,CAACC,IAAAA,GAAkBA,IAAgBC,YAAAA,QAAAA;AAC7D,IAAA,MAAMC,kBAAqB,GAAA,CAACpD,GAAiBA,GAAAA,GAAAA,CAAIqD,MAAM,CAAC,CAAO,CAAA,KAAA,GAAA,GAAM,CAAC,CAAC,EAAErD,GAAAA,CAAAA,CAAK,GAAGA,GAAAA;;IAGjF,MAAMsD,WAAAA,GAAc,CAACtD,GAAgB,GAAA,IAAIuD,OAAO,kBAAoB,EAAA,GAAA,CAAA,CAAKtD,IAAI,CAACD,GAAAA,CAAAA;;AAG9E,IAAA,MAAMwD,eAAe,CAACxD,GAAAA,GAAiBsD,WAAYtD,CAAAA,GAAAA,CAAAA,GAAOA,MAAMoD,kBAAmBpD,CAAAA,GAAAA,CAAAA;;IAGnF,MAAMyD,mBAAAA,GAAsB,OAC1BzC,QACA0C,EAAAA,cAAAA,GAAAA;QAEA,IAAI;YACF,MAAMhC,MAAAA,GAAS,MAAMV,QAAAA,CAASW,IAAI,EAAA;AAElC;;;;AAIC,UACD,IAAI,CAACX,QAASM,CAAAA,EAAE,IAAII,MAAAA,CAAOG,KAAK,IAAI,CAAC6B,cAAAA,GAAiB1C,QAASS,CAAAA,MAAM,CAAG,EAAA;AACtE,gBAAA,MAAMkC,aAAa,IAAIxB,UAAAA,CAAWT,OAAOG,KAAK,CAACO,OAAO,EAAE;oBAAER,IAAMF,EAAAA;AAAO,iBAAA,CAAA;gBACvEiC,UAAWlC,CAAAA,MAAM,GAAGT,QAAAA,CAASS,MAAM;gBACnC,MAAMkC,UAAAA;AACR;YAEA,IAAI,CAAC3C,SAASM,EAAE,IAAI,CAACoC,cAAiB1C,GAAAA,QAAAA,CAASS,MAAM,CAAG,EAAA;gBACtD,MAAMkC,UAAAA,GAAa,IAAIxB,UAAW,CAAA,sBAAA,CAAA;gBAClCwB,UAAWlC,CAAAA,MAAM,GAAGT,QAAAA,CAASS,MAAM;gBACnC,MAAMkC,UAAAA;AACR;YAEA,OAAO;gBAAE/B,IAAMF,EAAAA;AAAO,aAAA;AACxB,SAAA,CAAE,OAAOG,KAAO,EAAA;AACd,YAAA,IAAIA,KAAiB+B,YAAAA,WAAAA,IAAe5C,QAASM,CAAAA,EAAE,EAAE;;gBAE/C,OAAO;AAAEM,oBAAAA,IAAAA,EAAM,EAAE;AAAEH,oBAAAA,MAAAA,EAAQT,SAASS;AAAO,iBAAA;aACtC,MAAA;gBACL,MAAMI,KAAAA;AACR;AACF;AACF,KAAA;AAEA;;;;MAKA,MAAMgC,gBAAmB,GAAA,OACvB7D,GACA8D,EAAAA,cAAAA,GAAAA;QAEA,IAAI;AACF,YAAA,OAAO,MAAMA,cAAAA,EAAAA;AACf,SAAA,CAAE,OAAOjC,KAAO,EAAA;;YAEd,IAAIU,YAAAA,CAAaV,UAAUA,KAAMJ,CAAAA,MAAM,KAAK,GAAO,IAAA,CAAC1B,WAAWC,GAAM,CAAA,EAAA;gBACnE,IAAI;oBACF,MAAM8B,mBAAAA,EAAAA;;AAEN,oBAAA,OAAO,MAAMgC,cAAAA,EAAAA;AACf,iBAAA,CAAE,OAAM;;oBAEN,MAAMjC,KAAAA;AACR;AACF;YACA,MAAMA,KAAAA;AACR;AACF,KAAA;IAEA,MAAMkC,gBAAAA,GACJ,CAAkBC,MAAAA,GAClB,CAAChE,GAAAA,GAAAA;AACC,YAAA,IAAIgE,MAAQ,EAAA;gBACV,IAAI,OAAOA,WAAW,QAAU,EAAA;AAC9B,oBAAA,OAAO,CAAGhE,EAAAA,GAAAA,CAAI,CAAC,EAAEgE,MAAQ,CAAA,CAAA;AAC3B;AAEA;;;;AAIC,YACD,MAAMC,gBAAAA,GAAmBC,EAAGxD,CAAAA,SAAS,CAACsD,MAAQ,EAAA;oBAAEG,MAAQ,EAAA;AAAM,iBAAA,CAAA;AAC9D,gBAAA,OAAO,CAAGnE,EAAAA,GAAAA,CAAI,CAAC,EAAEiE,gBAAkB,CAAA,CAAA;AACrC;YACA,OAAOjE,GAAAA;AACT,SAAA;AAEF,IAAA,MAAMoE,aAAa,CAACpE,GAAAA,GAAAA;QAClB,OAAO,CAAA,EAAGa,aAAab,GAAK,CAAA,CAAA;AAC9B,KAAA;AAEA;;;MAIA,MAAMqE,uBAAuB,CAACC,OAAAA,GAC5BC,KAAKf,YAAcY,EAAAA,UAAAA,EAAYL,iBAAiBO,OAASN,EAAAA,MAAAA,CAAAA,CAAAA;AAE3D,IAAA,MAAMQ,WAA2B,GAAA;AAC/BC,QAAAA,GAAAA,EAAK,OAAczE,GAAasE,EAAAA,OAAAA,GAAAA;AAC9B,YAAA,MAAMI,mBAAmBL,oBAAqBC,CAAAA,OAAAA,CAAAA;AAE9C,YAAA,MAAMR,cAAiB,GAAA,UAAA;gBACrB,MAAM1C,OAAAA,GAAU,IAAIuD,OAAQ,CAAA;AAC1B,oBAAA,GAAG5B,iBAAmB,EAAA;AACtB,oBAAA,GAAGuB,SAASlD;AACd,iBAAA,CAAA;AAEA,gBAAA,MAAMJ,QAAW,GAAA,MAAMC,KAAMyD,CAAAA,gBAAAA,CAAiB1E,GAAM,CAAA,EAAA;oBAClD4E,MAAQN,EAAAA,OAAAA,EAASM,MAAU9B,IAAAA,cAAAA,CAAe8B,MAAM;oBAChD1D,MAAQ,EAAA,KAAA;AACRE,oBAAAA;AACF,iBAAA,CAAA;gBAEA,OAAOqC,mBAAAA,CAA2BzC,UAAUsD,OAASZ,EAAAA,cAAAA,CAAAA;AACvD,aAAA;AAEA,YAAA,OAAOG,iBAAiB7D,GAAK8D,EAAAA,cAAAA,CAAAA;AAC/B,SAAA;QACAe,IAAM,EAAA,OACJ7E,KACA4B,IACA0C,EAAAA,OAAAA,GAAAA;AAEA,YAAA,MAAMI,mBAAmBL,oBAAqBC,CAAAA,OAAAA,CAAAA;AAE9C,YAAA,MAAMR,cAAiB,GAAA,UAAA;gBACrB,MAAM1C,OAAAA,GAAU,IAAIuD,OAAQ,CAAA;AAC1B,oBAAA,GAAG5B,iBAAmB,EAAA;AACtB,oBAAA,GAAGuB,SAASlD;AACd,iBAAA,CAAA;AAEA;;;YAIA,IAAI6B,kBAAkBrB,IAAO,CAAA,EAAA;AAC3BR,oBAAAA,OAAAA,CAAQ0D,MAAM,CAAC,cAAA,CAAA;AACjB;AAEA,gBAAA,MAAM9D,QAAW,GAAA,MAAMC,KAAMyD,CAAAA,gBAAAA,CAAiB1E,GAAM,CAAA,EAAA;oBAClD4E,MAAQN,EAAAA,OAAAA,EAASM,MAAU9B,IAAAA,cAAAA,CAAe8B,MAAM;oBAChD1D,MAAQ,EAAA,MAAA;AACRE,oBAAAA,OAAAA;AACA8B,oBAAAA,IAAAA,EAAMD,iBAAkBrB,CAAAA,IAAAA,CAAAA,GAASA,IAAoBnB,GAAAA,IAAAA,CAAKC,SAAS,CAACkB,IAAAA;AACtE,iBAAA,CAAA;gBACA,OAAO6B,mBAAAA,CAA2BzC,UAAUsD,OAASZ,EAAAA,cAAAA,CAAAA;AACvD,aAAA;AAEA,YAAA,OAAOG,iBAAiB7D,GAAK8D,EAAAA,cAAAA,CAAAA;AAC/B,SAAA;QACAiB,GAAK,EAAA,OACH/E,KACA4B,IACA0C,EAAAA,OAAAA,GAAAA;AAEA,YAAA,MAAMI,mBAAmBL,oBAAqBC,CAAAA,OAAAA,CAAAA;AAE9C,YAAA,MAAMR,cAAiB,GAAA,UAAA;gBACrB,MAAM1C,OAAAA,GAAU,IAAIuD,OAAQ,CAAA;AAC1B,oBAAA,GAAG5B,iBAAmB,EAAA;AACtB,oBAAA,GAAGuB,SAASlD;AACd,iBAAA,CAAA;AAEA;;;YAIA,IAAI6B,kBAAkBrB,IAAO,CAAA,EAAA;AAC3BR,oBAAAA,OAAAA,CAAQ0D,MAAM,CAAC,cAAA,CAAA;AACjB;AAEA,gBAAA,MAAM9D,QAAW,GAAA,MAAMC,KAAMyD,CAAAA,gBAAAA,CAAiB1E,GAAM,CAAA,EAAA;oBAClD4E,MAAQN,EAAAA,OAAAA,EAASM,MAAU9B,IAAAA,cAAAA,CAAe8B,MAAM;oBAChD1D,MAAQ,EAAA,KAAA;AACRE,oBAAAA,OAAAA;AACA8B,oBAAAA,IAAAA,EAAMD,iBAAkBrB,CAAAA,IAAAA,CAAAA,GAASA,IAAoBnB,GAAAA,IAAAA,CAAKC,SAAS,CAACkB,IAAAA;AACtE,iBAAA,CAAA;gBAEA,OAAO6B,mBAAAA,CAA2BzC,UAAUsD,OAASZ,EAAAA,cAAAA,CAAAA;AACvD,aAAA;AAEA,YAAA,OAAOG,iBAAiB7D,GAAK8D,EAAAA,cAAAA,CAAAA;AAC/B,SAAA;AACAkB,QAAAA,GAAAA,EAAK,OAAchF,GAAasE,EAAAA,OAAAA,GAAAA;AAC9B,YAAA,MAAMI,mBAAmBL,oBAAqBC,CAAAA,OAAAA,CAAAA;AAE9C,YAAA,MAAMR,cAAiB,GAAA,UAAA;gBACrB,MAAM1C,OAAAA,GAAU,IAAIuD,OAAQ,CAAA;AAC1B,oBAAA,GAAG5B,iBAAmB,EAAA;AACtB,oBAAA,GAAGuB,SAASlD;AACd,iBAAA,CAAA;AAEA,gBAAA,MAAMJ,QAAW,GAAA,MAAMC,KAAMyD,CAAAA,gBAAAA,CAAiB1E,GAAM,CAAA,EAAA;oBAClD4E,MAAQN,EAAAA,OAAAA,EAASM,MAAU9B,IAAAA,cAAAA,CAAe8B,MAAM;oBAChD1D,MAAQ,EAAA,QAAA;AACRE,oBAAAA;AACF,iBAAA,CAAA;gBACA,OAAOqC,mBAAAA,CAA2BzC,UAAUsD,OAASZ,EAAAA,cAAAA,CAAAA;AACvD,aAAA;AAEA,YAAA,OAAOG,iBAAiB7D,GAAK8D,EAAAA,cAAAA,CAAAA;AAC/B;AACF,KAAA;IAEA,OAAOU,WAAAA;AACT;;;;;;;;;"}