@symbo.ls/sdk 3.1.1 → 3.1.2

package/src/utils/TokenManager.js

@@ -0,0 +1,424 @@
+/**
+ * TokenManager - Handles access and refresh token management
+ * Provides persistence, automatic refresh, and token lifecycle management
+ */
+export class TokenManager {
+  constructor (options = {}) {
+    this.config = {
+      storagePrefix: 'symbols_',
+      storageType: 'localStorage', // 'localStorage' | 'sessionStorage' | 'memory'
+      refreshBuffer: 60 * 1000, // Refresh 1 minute before expiry
+      maxRetries: 3,
+      apiUrl: options.apiUrl || '/api',
+      onTokenRefresh: options.onTokenRefresh || null,
+      onTokenExpired: options.onTokenExpired || null,
+      onTokenError: options.onTokenError || null,
+      ...options
+    }
+
+    this.tokens = {
+      accessToken: null,
+      refreshToken: null,
+      expiresAt: null,
+      expiresIn: null
+    }
+
+    this.refreshPromise = null
+    this.refreshTimeout = null
+    this.retryCount = 0
+
+    // Load tokens from storage on initialization
+    this.loadTokens()
+  }
+
+  /**
+   * Storage keys
+   */
+  get storageKeys () {
+    return {
+      accessToken: `${this.config.storagePrefix}access_token`,
+      refreshToken: `${this.config.storagePrefix}refresh_token`,
+      expiresAt: `${this.config.storagePrefix}expires_at`,
+      expiresIn: `${this.config.storagePrefix}expires_in`
+    }
+  }
+
+  /**
+   * Get storage instance based on configuration
+   */
+  get storage () {
+    if (typeof window === 'undefined') {
+      // Node.js environment - use memory storage
+      return this._memoryStorage
+    }
+
+    switch (this.config.storageType) {
+      case 'sessionStorage':
+        return window.sessionStorage
+      case 'memory':
+        return this._memoryStorage
+      default:
+        return window.localStorage
+    }
+  }
+
+  /**
+   * Memory storage fallback for server-side rendering
+   */
+  _memoryStorage = {
+    _data: {},
+    getItem: (key) => this._memoryStorage._data[key] || null,
+    setItem: (key, value) => { this._memoryStorage._data[key] = value },
+    removeItem: (key) => { delete this._memoryStorage._data[key] },
+    clear: () => { this._memoryStorage._data = {} }
+  }
+
+  /**
+   * Set tokens and persist to storage
+   */
+  setTokens (tokenData) {
+    const {
+      access_token: accessToken,
+      refresh_token: refreshToken,
+      expires_in: expiresIn,
+      token_type: tokenType = 'Bearer'
+    } = tokenData
+
+    if (!accessToken) {
+      throw new Error('Access token is required')
+    }
+
+    // Calculate expiry time
+    const now = Date.now()
+    const expiresAt = expiresIn ? now + (expiresIn * 1000) : null
+
+    // Update internal state
+    this.tokens = {
+      accessToken,
+      refreshToken: refreshToken || this.tokens.refreshToken,
+      expiresAt,
+      expiresIn,
+      tokenType
+    }
+
+    // Persist to storage
+    this.saveTokens()
+
+    // Schedule automatic refresh
+    this.scheduleRefresh()
+
+    // Trigger callback
+    if (this.config.onTokenRefresh) {
+      this.config.onTokenRefresh(this.tokens)
+    }
+
+    return this.tokens
+  }
+
+  /**
+   * Get current access token
+   */
+  getAccessToken () {
+    return this.tokens.accessToken
+  }
+
+  /**
+   * Get current refresh token
+   */
+  getRefreshToken () {
+    return this.tokens.refreshToken
+  }
+
+  /**
+   * Get authorization header value
+   */
+  getAuthHeader () {
+    const token = this.getAccessToken()
+    if (!token) {return null}
+
+    return `${this.tokens.tokenType || 'Bearer'} ${token}`
+  }
+
+  /**
+   * Check if access token is valid and not expired
+   */
+  isAccessTokenValid () {
+    if (!this.tokens.accessToken) {return false}
+    if (!this.tokens.expiresAt) {return true} // No expiry info, assume valid
+
+    const now = Date.now()
+    return now < (this.tokens.expiresAt - this.config.refreshBuffer)
+  }
+
+  /**
+   * Check if tokens exist (regardless of expiry)
+   */
+  hasTokens () {
+    return Boolean(this.tokens.accessToken)
+  }
+
+  /**
+   * Check if refresh token exists
+   */
+  hasRefreshToken () {
+    return Boolean(this.tokens.refreshToken)
+  }
+
+  /**
+   * Automatically refresh tokens if needed
+   */
+  async ensureValidToken () {
+    // If no tokens, return null
+    if (!this.hasTokens()) {
+      return null
+    }
+
+    // If token is still valid, return it
+    if (this.isAccessTokenValid()) {
+      return this.getAccessToken()
+    }
+
+    // If no refresh token, clear tokens and return null
+    if (!this.hasRefreshToken()) {
+      this.clearTokens()
+      if (this.config.onTokenExpired) {
+        this.config.onTokenExpired()
+      }
+      return null
+    }
+
+    // Attempt to refresh token
+    try {
+      await this.refreshTokens()
+      return this.getAccessToken()
+    } catch (error) {
+      this.clearTokens()
+      if (this.config.onTokenError) {
+        this.config.onTokenError(error)
+      }
+      throw error
+    }
+  }
+
+  /**
+   * Refresh access token using refresh token
+   */
+  async refreshTokens () {
+    // Prevent multiple simultaneous refresh requests
+    if (this.refreshPromise) {
+      return this.refreshPromise
+    }
+
+    if (!this.hasRefreshToken()) {
+      throw new Error('No refresh token available')
+    }
+
+    if (this.retryCount >= this.config.maxRetries) {
+      throw new Error('Max refresh retries exceeded')
+    }
+
+    this.refreshPromise = this._performRefresh()
+
+    try {
+      const result = await this.refreshPromise
+      this.retryCount = 0 // Reset retry count on success
+      return result
+    } catch (error) {
+      this.retryCount++
+      throw error
+    } finally {
+      this.refreshPromise = null
+    }
+  }
+
+  /**
+   * Perform the actual token refresh request
+   */
+  async _performRefresh () {
+    const refreshToken = this.getRefreshToken()
+
+    const response = await fetch(`${this.config.apiUrl}/core/auth/refresh`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ refreshToken })
+    })
+
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}))
+      throw new Error(errorData.message || `Token refresh failed: ${response.status}`)
+    }
+
+    const responseData = await response.json()
+
+    // Handle new response format: responseData.data.tokens
+    if (responseData.success && responseData.data && responseData.data.tokens) {
+      const { tokens } = responseData.data
+      const tokenData = {
+        access_token: tokens.accessToken,
+        refresh_token: tokens.refreshToken,
+        expires_in: tokens.accessTokenExp?.expiresIn,
+        token_type: 'Bearer'
+      }
+      return this.setTokens(tokenData)
+    }
+      // Fallback to old format for backward compatibility
+      return this.setTokens(responseData)
+
+  }
+
+  /**
+   * Schedule automatic token refresh
+   */
+  scheduleRefresh () {
+    // Clear existing timeout
+    if (this.refreshTimeout) {
+      clearTimeout(this.refreshTimeout)
+      this.refreshTimeout = null
+    }
+
+    // Don't schedule if no expiry info or no refresh token
+    if (!this.tokens.expiresAt || !this.hasRefreshToken()) {
+      return
+    }
+
+    const now = Date.now()
+    const refreshTime = this.tokens.expiresAt - this.config.refreshBuffer
+    const delay = Math.max(0, refreshTime - now)
+
+    this.refreshTimeout = setTimeout(async () => {
+      try {
+        await this.refreshTokens()
+      } catch (error) {
+        console.error('Automatic token refresh failed:', error)
+        if (this.config.onTokenError) {
+          this.config.onTokenError(error)
+        }
+      }
+    }, delay)
+  }
+
+  /**
+   * Save tokens to storage
+   */
+  saveTokens () {
+    const {storage} = this
+    const keys = this.storageKeys
+
+    if (this.tokens.accessToken) {
+      storage.setItem(keys.accessToken, this.tokens.accessToken)
+    }
+
+    if (this.tokens.refreshToken) {
+      storage.setItem(keys.refreshToken, this.tokens.refreshToken)
+    }
+
+    if (this.tokens.expiresAt) {
+      storage.setItem(keys.expiresAt, this.tokens.expiresAt.toString())
+    }
+
+    if (this.tokens.expiresIn) {
+      storage.setItem(keys.expiresIn, this.tokens.expiresIn.toString())
+    }
+  }
+
+  /**
+   * Load tokens from storage
+   */
+  loadTokens () {
+    const {storage} = this
+    const keys = this.storageKeys
+
+    const accessToken = storage.getItem(keys.accessToken)
+    const refreshToken = storage.getItem(keys.refreshToken)
+    const expiresAt = storage.getItem(keys.expiresAt)
+    const expiresIn = storage.getItem(keys.expiresIn)
+
+    if (accessToken) {
+      this.tokens = {
+        accessToken,
+        refreshToken,
+        expiresAt: expiresAt ? parseInt(expiresAt, 10) : null,
+        expiresIn: expiresIn ? parseInt(expiresIn, 10) : null,
+        tokenType: 'Bearer'
+      }
+
+      // Schedule refresh for loaded tokens
+      this.scheduleRefresh()
+    }
+  }
+
+  /**
+   * Clear all tokens
+   */
+  clearTokens () {
+    // Clear memory
+    this.tokens = {
+      accessToken: null,
+      refreshToken: null,
+      expiresAt: null,
+      expiresIn: null
+    }
+
+    // Clear storage
+    const {storage} = this
+    const keys = this.storageKeys
+
+    Object.values(keys).forEach(key => {
+      storage.removeItem(key)
+    })
+
+    // Clear scheduled refresh
+    if (this.refreshTimeout) {
+      clearTimeout(this.refreshTimeout)
+      this.refreshTimeout = null
+    }
+
+    // Reset retry count
+    this.retryCount = 0
+  }
+
+  /**
+   * Get token status information
+   */
+  getTokenStatus () {
+    const hasTokens = this.hasTokens()
+    const isValid = this.isAccessTokenValid()
+    const {expiresAt} = this.tokens
+    const timeToExpiry = expiresAt ? expiresAt - Date.now() : null
+
+    return {
+      hasTokens,
+      isValid,
+      hasRefreshToken: this.hasRefreshToken(),
+      expiresAt,
+      timeToExpiry,
+      willExpireSoon: timeToExpiry ? timeToExpiry < this.config.refreshBuffer : false
+    }
+  }
+
+  /**
+   * Cleanup resources
+   */
+  destroy () {
+    if (this.refreshTimeout) {
+      clearTimeout(this.refreshTimeout)
+      this.refreshTimeout = null
+    }
+
+    this.refreshPromise = null
+  }
+}
+
+// Export singleton instance
+let defaultTokenManager = null
+
+export const getTokenManager = (options) => {
+  if (!defaultTokenManager) {
+    defaultTokenManager = new TokenManager(options)
+  }
+  return defaultTokenManager
+}
+
+export const createTokenManager = (options) => new TokenManager(options)

package/src/utils/basedQuerys.js

@@ -39,3 +39,126 @@ export const buildUserQuery = userId => ({
     $all: true
   }
 })
+
+export const buildGetUserDataQuery = userId => ({
+  $id: userId,
+  id: true,
+  name: true,
+  email: true,
+  username: true,
+  globalRole: true,
+  updatedAt: true,
+  createdAt: true,
+  memberProjects: {
+    $list: true,
+    id: true,
+    role: true,
+    createdAt: true,
+    updatedAt: true,
+    project: {
+      id: true,
+      key: true,
+      name: true,
+      thumbnail: true,
+      icon: true,
+      tier: true,
+      visibility: true,
+      access: true,
+      members: {
+        $list: true,
+        user: {
+          id: true,
+          name: true,
+          email: true,
+          globalRole: true
+        },
+        role: true,
+        updatedAt: true,
+        createdAt: true
+      }
+    }
+  }
+})
+
+export const buildGetProjectsByKeysQuery = keys => (
+  {
+    projects: {
+      id: true,
+      key: true,
+      name: true,
+      thumbnail: true,
+      icon: true,
+      tier: true,
+      visibility: true,
+      access: true,
+      members: {
+        $list: true,
+        user: {
+          id: true,
+          name: true,
+          email: true,
+          globalRole: true
+        },
+        role: true,
+        updatedAt: true,
+        createdAt: true
+      },
+      $list: {
+        $find: {
+          $traverse: "children",
+          $filter: [
+            { $field: "type", $operator: "=", $value: "project" },
+            { $field: "key", $operator: "=", $value: keys }
+          ]
+        }
+      }
+    }
+  }
+)
+
+const GetProjectFields = {
+  id: true,
+  name: true,
+  key: true,
+  tier: true,
+  projectType: true,
+  icon: true,
+  package: true,
+  seats: true,
+  projectPassword: true,
+  stripe: true,
+  payments:{
+    $list: true,
+    id: true,
+    name: true
+  },
+  access: true,
+  isSharedLibrary: true,
+  framework: true,
+  designTool: true,
+  language: true,
+  visibility: true,
+  domains: true,
+  subscription:{id: true},
+  members: {
+    $list: true,
+    user: {id: true, name: true, email: true},
+    role: true,
+  }
+}
+
+export const buildGetProjectDataQuery = projectId => ({
+  $id: projectId,
+  ...GetProjectFields
+})
+
+export const buildGetProjectByKeyDataQuery = key => ({
+  ...GetProjectFields,
+  $find: {
+    $traverse: 'children',
+    $filter: [
+      { $field: 'type', $operator: '=', $value: 'project' },
+      { $field: 'key', $operator: '=', $value: key }
+    ]
+  }
+})

package/src/utils/permission.js

@@ -84,12 +84,11 @@ export const PERMISSION_MAP = {
 
 export const ROLE_PERMISSIONS = {
   guest: ['viewPublicProjects'],
-  user: ['viewPublicProjects', 'createProject'],
-  admin: ['viewPublicProjects', 'createProject', 'manageUsers'],
+  user: ['viewPublicProjects'],
+  admin: ['viewPublicProjects', 'governance'],
   superAdmin: [
     'viewPublicProjects',
-    'createProject',
-    'manageUsers',
+    'governance',
     'managePlatform'
   ]
 }
@@ -187,6 +186,7 @@ export const TIER_FEATURES = {
 }
 
 export const PROJECT_ROLE_PERMISSIONS = {
+  unauthenticated: ['platformSettings', 'showContent'],
   guest: ['platformSettings', 'showContent'],
   editor: [
     'platformSettings',

package/src/utils/services.js

@@ -1,24 +1,24 @@
 export const SERVICE_METHODS = {
-  // Auth service methods
+  // Auth service methods (legacy - keeping for backward compatibility)
   auth: 'auth',
   login: 'auth',
   register: 'auth',
   googleAuth: 'auth',
+  googleAuthCallback: 'auth',
   githubAuth: 'auth',
   confirmRegistration: 'auth',
   logout: 'auth',
   updateUserRole: 'auth',
   hasPermission: 'auth',
+  hasGlobalPermission: 'auth',
   getProjectMembers: 'auth',
   inviteMember: 'auth',
   acceptInvite: 'auth',
   updateMemberRole: 'auth',
   removeMember: 'auth',
   updateProjectTier: 'auth',
-  requestPasswordReset: 'auth',
-  confirmPasswordReset: 'auth',
   subscribeToAuthChanges: 'auth',
-  getStoredAuthState: 'auth',
+  getStoredAuthState: 'core',
 
   // AI service methods
   prompt: 'ai',
@@ -27,6 +27,7 @@ export const SERVICE_METHODS = {
   query: 'based',
   setProject: 'based',
   setUser: 'based',
+  setUserForced: 'based',
   subscribe: 'based',
   call: 'based',
   getProject: 'based',
@@ -62,30 +63,52 @@ export const SERVICE_METHODS = {
   confirmPasswordChange: 'based',
   updateUserProfile: 'based',
   duplicateProject: 'based',
+  listPlans: 'based',
+  subscribeToPlan: 'based',
+  getSubscriptionDetails: 'based',
+  checkSubscriptionStatus: 'based',
+  upgradeSubscription: 'based',
+  downgradeSubscription: 'based',
+  cancelSubscription: 'based',
+  reactivateSubscription: 'based',
+  generateInvoice: 'based',
+  getUsageReport: 'based',
+  inviteAccountOwner: 'based',
+  acceptOwnerInvitation: 'based',
+  removeAccountOwner: 'based',
+  checkResourceLimit: 'based',
+  checkFeatureAccess: 'based',
+  getUserFeatures: 'based',
+  getAvailableFeatures: 'based',
+  listFeatureFlags: 'based',
+  updateFeatureFlag: 'based',
+  removeFeatureFlag: 'based',
+  batchUpdateFeatureFlags: 'based',
+  updatePlanDetails: 'based',
+  updatePlanStatus: 'based',
 
   // Symstory service methods
   set: 'symstory',
   getData: 'symstory',
   updateData: 'symstory',
   getBranches: 'symstory',
-  createBranch: 'symstory',
   editBranch: 'symstory',
-  deleteBranch: 'symstory',
-  mergeBranch: 'symstory',
   restoreVersion: 'symstory',
   getItem: 'symstory',
   addItem: 'symstory',
+  addMultipleItems: 'symstory',
   updateItem: 'symstory',
   deleteItem: 'symstory',
   switchVersion: 'symstory',
   switchBranch: 'symstory',
   undo: 'symstory',
   redo: 'symstory',
+  publish: 'symstory',
+  getChanges: 'symstory',
 
   // Socket service methods
   send: 'socket',
   subscribeChannel: 'socket',
   connect: 'socket',
-  reconnect: 'socket',
-  destroy: 'socket'
+  reconnect: 'socket'
 }

package/src/utils/symstoryClient.js

@@ -30,7 +30,7 @@ class SymstoryClient {
    * @returns {Promise<any>} - The response data.
    */
   async request (path = '', options = {}) {
-    const url = `${this.options.baseUrl}/${this.appKey}${path}`
+    const url = `${this.options.baseUrl}/symstory/${this.appKey}${path}`
     const response = await fetch(url, {
       ...options,
       headers: { ...this.headers, ...options.headers }
@@ -194,6 +194,40 @@ class SymstoryClient {
       body: JSON.stringify({ branch, version, type, message })
     })
   }
+
+  /**
+   * Publishes an existing version of the project.
+   * @param {string} version - The version ID/number to publish.
+   * @param {object} [options={}] - The publishing options.
+   * @param {string} [options.branch='main'] - The branch name. (Only if version number is provided)
+   * @returns {Promise<any>} - The response data.
+   */
+  publishVersion (version, { branch = 'main' } = {}) {
+    return this.request('/publish', {
+      method: 'POST',
+      body: JSON.stringify({ version })
+    })
+  }
+
+  /**
+   * Retrieves all changes after a specific version.
+   * @param {object} [options={}] - The changes options.
+   * @param {string} [options.versionId] - The version ID to publish.
+   * @param {string} [options.versionValue] - The version ID to publish. (alternative to versionId)
+   * @param {string} [options.branch] - The branch to publish (Only in combination to versionValue)
+   * @returns {Promise<any>} - The changes data.
+   */
+  getChanges ({ versionId, versionValue, branch } = {}) {
+    return this.request(
+      '/changes?' +
+        new URLSearchParams({
+          ...(versionId ? { versionId } : {}),
+          ...(versionValue ? { versionValue } : {}),
+          ...(branch ? { branch } : {})
+        }).toString(),
+      {}
+    )
+  }
 }
 
 export default {