@synchive/synchive-js 0.1.9 → 0.1.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -4
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -83,13 +83,9 @@ Advanced
|
|
|
83
83
|
## Notes
|
|
84
84
|
|
|
85
85
|
- Tokens are stored in `localStorage` using `oidc-client-ts`. Be aware any XSS in your app can expose these tokens.
|
|
86
|
-
<<<<<<< HEAD
|
|
87
86
|
- `init()` is callback initialization only and throws if sign-in callback handling fails. Wrap it in `try/catch` to show a user-friendly message.
|
|
88
87
|
- `onAuthStateChange()` calls your listener immediately with current state, then again whenever auth state changes.
|
|
89
88
|
- Auth lifecycle event names are exported as SDK types via `AuthStateChangeTrigger`: `"authenticated"` and `"unauthenticated"`.
|
|
90
89
|
- On initial mount, the first emitted event can be either `"authenticated"` or `"unauthenticated"` depending on whether a valid session already exists.
|
|
91
|
-
=======
|
|
92
|
-
- `init()` runs on sign-in and sign-out callbacks and throws if callback handling fails. Wrap it in `try/catch` to show a user-friendly message.
|
|
93
|
-
>>>>>>> a0710f2829211fd688da3a2eda4ceb58da445b8f
|
|
94
90
|
- If this SDK is run within an iframe, authentication uses a popup because many identity providers block login pages inside frames (`X-Frame-Options` / `frame-ancestors`). If popups are blocked, the SDK attempts to continue by redirecting the top-level page; if that is also blocked by the host iframe/browser policy, authentication fails with an explicit error.
|
|
95
91
|
- Third-party notices are listed in `THIRD_PARTY_NOTICES.md`.
|