@techstuff-dev/foundation-api-utils 2.4.1 → 2.7.1

package/dist/cjs/chunks/{shared-DVGP3iZ0.js → shared-CNZnVs2B.js}

@@ -1,7 +1,7 @@
 'use strict';
 
 var toolkit = require('@reduxjs/toolkit');
-var slice = require('./slice-C4MKCa5N.js');
+var slice = require('./slice-2_5ax6TZ.js');
 var slice$1 = require('./slice-CkWobkWw.js');
 
 // This file exists just so TypeScript has a module at ./store for IDEs/build.
@@ -11,4 +11,4 @@ var slice$1 = require('./slice-CkWobkWw.js');
 const rootReducer = toolkit.combineSlices(slice.cartSlice, slice$1.authSlice, slice.authApi, slice.contentApi, slice.paymentApi, slice.productsApi, slice.ordersApi);
 
 exports.rootReducer = rootReducer;
-//# sourceMappingURL=shared-DVGP3iZ0.js.map
+//# sourceMappingURL=shared-CNZnVs2B.js.map

package/dist/cjs/chunks/{shared-DVGP3iZ0.js.map → shared-CNZnVs2B.js.map}

@@ -1 +1 @@
-{"version":3,"file":"shared-DVGP3iZ0.js","sources":["../../../lib/store/shared.ts"],"sourcesContent":[null],"names":["combineSlices","cartSlice","authSlice","authApi","contentApi","paymentApi","productsApi","ordersApi"],"mappings":";;;;;;AAAA;AACA;AAUA;AAEA;MACa,WAAW,GAAGA,qBAAa,CACtCC,eAAS,EACTC,iBAAS,EACTC,aAAO,EACPC,gBAAU,EACVC,gBAAU,EACVC,iBAAW,EACXC,eAAS;;;;"}
+{"version":3,"file":"shared-CNZnVs2B.js","sources":["../../../lib/store/shared.ts"],"sourcesContent":[null],"names":["combineSlices","cartSlice","authSlice","authApi","contentApi","paymentApi","productsApi","ordersApi"],"mappings":";;;;;;AAAA;AACA;AAUA;AAEA;MACa,WAAW,GAAGA,qBAAa,CACtCC,eAAS,EACTC,iBAAS,EACTC,aAAO,EACPC,gBAAU,EACVC,gBAAU,EACVC,iBAAW,EACXC,eAAS;;;;"}

package/dist/cjs/chunks/{slice-C4MKCa5N.js → slice-2_5ax6TZ.js}

@@ -5095,18 +5095,6 @@ function createUnwrappingBaseQuery(baseQueryOptions) {
     };
 }
 
-/**
- * Shared helper to extract auth tokens from the Redux store.
- * Used by all RTK Query services to attach tokens to request headers
- * without depending on aws-amplify's Auth.currentSession().
- */
-function getAuthHeaders(getState) {
-    const state = getState();
-    const accessToken = state?.auth?.user?.accessToken;
-    const idToken = state?.auth?.user?.idToken;
-    return { accessToken, idToken };
-}
-
 /**
  * Platform detection utilities for cross-platform React/React Native applications
  */
@@ -5208,7 +5196,7 @@ const APP_ES_SCHEDULE_INDEX$1 = getEnvVar$1('NEXT_PUBLIC_APP_ES_SCHEDULE_INDEX')
 const APP_ES_CHALLENGES_INDEX$1 = getEnvVar$1('NEXT_PUBLIC_APP_ES_CHALLENGES_INDEX');
 const APP_ES_CHALLENGE_DAYS_INDEX$1 = getEnvVar$1('NEXT_PUBLIC_APP_ES_CHALLENGE_DAYS_INDEX');
 // Platform identifier
-const PLATFORM$1 = 'web';
+const PLATFORM$2 = 'web';
 
 var webConfig = /*#__PURE__*/Object.freeze({
   __proto__: null,
@@ -5231,7 +5219,7 @@ var webConfig = /*#__PURE__*/Object.freeze({
   APP_ES_SETTINGS_INDEX: APP_ES_SETTINGS_INDEX$1,
   APP_ES_VIDEOS_INDEX: APP_ES_VIDEOS_INDEX$1,
   APP_ES_WORKOUTS_INDEX: APP_ES_WORKOUTS_INDEX$1,
-  PLATFORM: PLATFORM$1
+  PLATFORM: PLATFORM$2
 });
 
 /**
@@ -5275,7 +5263,7 @@ const APP_ES_SCHEDULE_INDEX = getEnvVar('APP_ES_SCHEDULE_INDEX');
 const APP_ES_CHALLENGES_INDEX = getEnvVar('APP_ES_CHALLENGES_INDEX');
 const APP_ES_CHALLENGE_DAYS_INDEX = getEnvVar('APP_ES_CHALLENGE_DAYS_INDEX');
 // Platform identifier
-const PLATFORM = 'native';
+const PLATFORM$1 = 'native';
 
 var nativeConfig = /*#__PURE__*/Object.freeze({
   __proto__: null,
@@ -5298,7 +5286,7 @@ var nativeConfig = /*#__PURE__*/Object.freeze({
   APP_ES_SETTINGS_INDEX: APP_ES_SETTINGS_INDEX,
   APP_ES_VIDEOS_INDEX: APP_ES_VIDEOS_INDEX,
   APP_ES_WORKOUTS_INDEX: APP_ES_WORKOUTS_INDEX,
-  PLATFORM: PLATFORM
+  PLATFORM: PLATFORM$1
 });
 
 /**
@@ -5340,46 +5328,54 @@ apiConfig.APP_ES_WORKOUTS_INDEX;
 apiConfig.APP_ES_SCHEDULE_INDEX;
 apiConfig.APP_ES_CHALLENGES_INDEX;
 apiConfig.APP_ES_CHALLENGE_DAYS_INDEX;
-apiConfig.PLATFORM;
+const PLATFORM = apiConfig.PLATFORM;
 
-// Create a dynamic baseQuery that resolves URL at request time and unwraps standard responses
-const createAuthBaseQuery = () => {
-    const baseUrl = typeof process !== 'undefined' && process.env?.NEXT_PUBLIC_API_AUTH_PREFIX
-        ? process.env.NEXT_PUBLIC_API_AUTH_PREFIX
-        : (API_AUTH_PREFIX || '');
-    return createUnwrappingBaseQuery({
-        baseUrl,
-        prepareHeaders: (headers, { getState }) => {
-            headers.set('Content-Type', 'application/json');
-            const { accessToken, idToken } = getAuthHeaders(getState);
-            if (accessToken && idToken) {
-                headers.set('accesstoken', accessToken);
-                headers.set('idtoken', idToken);
-            }
-            return headers;
-        },
-        credentials: 'include',
-    });
-};
-const authDataBaseQuery = createAuthBaseQuery();
 /**
- * Mutex to prevent multiple concurrent refresh attempts
+ * Mutex to prevent multiple concurrent refresh attempts.
+ * Shared across all APIs so only one refresh happens at a time.
  */
 let isRefreshing = false;
 let refreshPromise = null;
 /**
- * Attempt to refresh the auth token using the refresh token from Redux state.
+ * Read the refresh token from localStorage (redux-persist) as a fallback
+ * when the Redux store is empty (e.g. during rehydration race).
+ */
+function getRefreshTokenFromPersist() {
+    if (typeof localStorage === 'undefined')
+        return undefined;
+    try {
+        const raw = localStorage.getItem('persist:root');
+        if (!raw)
+            return undefined;
+        const parsed = JSON.parse(raw);
+        const auth = typeof parsed.auth === 'string' ? JSON.parse(parsed.auth) : parsed.auth;
+        return auth?.user?.refreshToken || undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * Attempt to refresh the auth token using the refresh token from Redux state,
+ * falling back to localStorage if Redux is empty (rehydration race).
  * Returns true if refresh succeeded and tokens were updated.
  */
 async function attemptTokenRefresh(api) {
     const state = api.getState();
-    const refreshToken = state?.auth?.user?.refreshToken;
+    let refreshToken = state?.auth?.user?.refreshToken;
+    // Fallback: if Redux store is empty (rehydration hasn't completed), read from localStorage
+    if (!refreshToken) {
+        refreshToken = getRefreshTokenFromPersist();
+        if (refreshToken) {
+            console.debug('[TokenRefresh] Redux empty, recovered refresh token from localStorage');
+        }
+    }
     console.debug('[TokenRefresh] Attempting refresh', {
         hasRefreshToken: !!refreshToken,
-        refreshTokenPreview: refreshToken ? `${refreshToken.substring(0, 20)}...` : 'none',
+        source: state?.auth?.user?.refreshToken ? 'redux' : (refreshToken ? 'localStorage' : 'none'),
     });
     if (!refreshToken) {
-        console.warn('[TokenRefresh] No refresh token in Redux store — cannot refresh');
+        console.warn('[TokenRefresh] No refresh token in Redux or localStorage — cannot refresh');
         return false;
     }
     // Use the Next.js API route for refresh (proxies to auth microservice)
@@ -5451,46 +5447,104 @@ async function attemptTokenRefresh(api) {
     }
 }
 /**
- * This function retries the request after refreshing the token on 401.
- * If the refresh fails, it dispatches logout.
+ * Wraps any base query with 401 reauth logic.
+ * On 401, attempts to refresh the token and retry the original request.
+ * If refresh fails, dispatches logout.
+ *
+ * Uses a shared mutex so concurrent 401s across different APIs
+ * only trigger one refresh.
  */
-const authDataBaseQueryWithReauth = async (args, api, extraOptions) => {
-    let result = await authDataBaseQuery(args, api, extraOptions);
-    if (result?.error) {
-        const requestUrl = typeof args === 'string' ? args : args?.url;
-        console.debug('[AuthQuery] Request error', {
-            url: requestUrl,
-            status: result.error.status,
-            data: result.error?.data,
-        });
-    }
-    if (result?.error?.status === 401) {
-        const requestUrl = typeof args === 'string' ? args : args?.url;
-        console.warn('[TokenRefresh] 401 received, attempting token refresh', {
-            url: requestUrl,
-            errorStatus: result.error.status,
-            isAlreadyRefreshing: isRefreshing,
-        });
-        // Use mutex to prevent concurrent refreshes
-        if (!isRefreshing) {
-            isRefreshing = true;
-            refreshPromise = attemptTokenRefresh(api).finally(() => {
-                isRefreshing = false;
-                refreshPromise = null;
+function withReauth(baseQuery) {
+    return async (args, api, extraOptions) => {
+        let result = await baseQuery(args, api, extraOptions);
+        if (result?.error) {
+            const requestUrl = typeof args === 'string' ? args : args?.url;
+            console.debug('[AuthQuery] Request error', {
+                url: requestUrl,
+                status: result.error.status,
+                data: result.error?.data,
             });
         }
-        const refreshed = await (refreshPromise || attemptTokenRefresh(api));
-        if (refreshed) {
-            console.debug('[TokenRefresh] Refresh succeeded — retrying original request');
-            result = await authDataBaseQuery(args, api, extraOptions);
-        }
-        else {
-            console.error('[TokenRefresh] Refresh FAILED — dispatching logout');
-            api.dispatch(slice.logout());
+        if (result?.error?.status === 401) {
+            const requestUrl = typeof args === 'string' ? args : args?.url;
+            console.warn('[TokenRefresh] 401 received, attempting token refresh', {
+                url: requestUrl,
+                errorStatus: result.error.status,
+                isAlreadyRefreshing: isRefreshing,
+            });
+            // Use mutex to prevent concurrent refreshes across all APIs
+            if (!isRefreshing) {
+                isRefreshing = true;
+                refreshPromise = attemptTokenRefresh(api).finally(() => {
+                    isRefreshing = false;
+                });
+            }
+            const refreshed = await refreshPromise;
+            // Safe to clear after all concurrent waiters have resolved
+            refreshPromise = null;
+            if (refreshed) {
+                console.debug('[TokenRefresh] Refresh succeeded — retrying original request');
+                result = await baseQuery(args, api, extraOptions);
+            }
+            else {
+                console.error('[TokenRefresh] Refresh FAILED — dispatching logout');
+                api.dispatch(slice.logout());
+            }
         }
+        return result;
+    };
+}
+
+/**
+ * Shared helper to extract auth tokens from the Redux store.
+ * Used by all RTK Query services to attach tokens to request headers
+ * without depending on aws-amplify's Auth.currentSession().
+ */
+function getAuthHeaders(getState) {
+    const state = getState();
+    const accessToken = state?.auth?.user?.accessToken;
+    const idToken = state?.auth?.user?.idToken;
+    return { accessToken, idToken };
+}
+
+/**
+ * Build a per-platform URL for user-scoped data endpoints.
+ *
+ * Native apps call the backend API Gateway directly and must use the canonical
+ * path shape: `/data/user/{sub}/{endpoint}`.
+ *
+ * Web apps route library requests through their own Next.js `/api/user/*`
+ * proxy layer, which then forwards to the same canonical backend path. That
+ * proxy expects the legacy `/user/{endpoint}?sub=X` shape.
+ */
+const userDataPath = (sub, endpoint, query) => {
+    if (PLATFORM === 'native') {
+        const suffix = query ? `?${query}` : '';
+        return `/data/user/${sub}/${endpoint}${suffix}`;
     }
-    return result;
+    const suffix = query ? `&${query}` : '';
+    return `/user/${endpoint}?sub=${sub}${suffix}`;
+};
+// Create a dynamic baseQuery that resolves URL at request time and unwraps standard responses
+const createAuthBaseQuery = () => {
+    const baseUrl = typeof process !== 'undefined' && process.env?.NEXT_PUBLIC_API_AUTH_PREFIX
+        ? process.env.NEXT_PUBLIC_API_AUTH_PREFIX
+        : (API_AUTH_PREFIX || '');
+    return createUnwrappingBaseQuery({
+        baseUrl,
+        prepareHeaders: (headers, { getState }) => {
+            headers.set('Content-Type', 'application/json');
+            const { accessToken, idToken } = getAuthHeaders(getState);
+            if (accessToken && idToken) {
+                headers.set('accesstoken', accessToken);
+                headers.set('idtoken', idToken);
+            }
+            return headers;
+        },
+        credentials: 'include',
+    });
 };
+const authDataBaseQueryWithReauth = withReauth(createAuthBaseQuery());
 const authApi = createApi({
     reducerPath: 'authApi',
     baseQuery: authDataBaseQueryWithReauth,
@@ -5636,49 +5690,57 @@ const authApi = createApi({
         // Dashboard data endpoints
         getStreak: builder.query({
             query: (sub) => ({
-                url: `/user/streak?sub=${sub}`,
+                url: userDataPath(sub, 'streak'),
                 method: 'GET',
             }),
             providesTags: ['Streak'],
         }),
         getWeeklyProgress: builder.query({
             query: (sub) => ({
-                url: `/user/weekly-progress?sub=${sub}`,
+                url: userDataPath(sub, 'weekly-progress'),
                 method: 'GET',
             }),
             providesTags: ['WeeklyProgress'],
         }),
+        setWeeklyGoal: builder.mutation({
+            query: ({ sub, goal }) => ({
+                url: '/user/weekly-goal',
+                method: 'PUT',
+                body: { sub, goal },
+            }),
+            invalidatesTags: ['WeeklyProgress', 'UserData'],
+        }),
         getWatchProgress: builder.query({
             query: ({ sub, limit = 1 }) => ({
-                url: `/user/watch-progress?sub=${sub}&limit=${limit}`,
+                url: userDataPath(sub, 'watch-progress', `limit=${limit}`),
                 method: 'GET',
             }),
             providesTags: ['WatchProgress'],
         }),
         getRecommendations: builder.query({
             query: ({ sub, limit = 8 }) => ({
-                url: `/user/recommendations?sub=${sub}&limit=${limit}`,
+                url: userDataPath(sub, 'recommendations', `limit=${limit}`),
                 method: 'GET',
             }),
             providesTags: ['Recommendations'],
         }),
         getActivityStats: builder.query({
             query: ({ sub, period = 'this-month' }) => ({
-                url: `/user/activity-stats?sub=${sub}&period=${period}`,
+                url: userDataPath(sub, 'activity-stats', `period=${period}`),
                 method: 'GET',
             }),
             providesTags: ['ActivityStats'],
         }),
         getActiveChallenges: builder.query({
             query: (sub) => ({
-                url: `/user/active-challenges?sub=${sub}`,
+                url: userDataPath(sub, 'active-challenges'),
                 method: 'GET',
             }),
             providesTags: ['UserData'],
         }),
         getChallengeProgress: builder.query({
             query: ({ sub, challengeId }) => ({
-                url: `/user/challenge-progress/${challengeId}?sub=${sub}`,
+                url: userDataPath(sub, `challenge-progress/${challengeId}`),
                 method: 'GET',
             }),
             providesTags: ['UserData'],
@@ -5686,7 +5748,8 @@ const authApi = createApi({
         // Activity logging — invalidates dashboard caches
         logActivity: builder.mutation({
             query: (data) => ({
-                url: '/activity',
+                // Native hits the backend directly at /data/activity; web proxies via /activity → /data/activity
+                url: PLATFORM === 'native' ? '/data/activity' : '/activity',
                 method: 'POST',
                 body: data,
             }),
@@ -5718,7 +5781,7 @@ const {
 // useLogoutQuery,
 // useLazyLogoutQuery,
 useResetPasswordMutation, // Use this for mobile app.
-useResetPasswordAuthMutation, useRegisterMutation, useVerifyUserQuery, useLazyVerifyUserQuery, useGetUserInfoQuery, useLazyGetUserInfoQuery, useUpdateUserInfoMutation, useForgottenPasswordMutation, useVerifyUserAttributesQuery, useLazyVerifyUserAttributesQuery, useVerifyUserResendQuery, useLazyVerifyUserResendQuery, useUpdateUserMutation, useGetStreakQuery, useLazyGetStreakQuery, useGetWeeklyProgressQuery, useLazyGetWeeklyProgressQuery, useGetWatchProgressQuery, useLazyGetWatchProgressQuery, useGetRecommendationsQuery, useLazyGetRecommendationsQuery, useGetActivityStatsQuery, useLazyGetActivityStatsQuery, useLogActivityMutation, useGetActiveChallengesQuery, useGetChallengeProgressQuery, } = authApi;
+useResetPasswordAuthMutation, useRegisterMutation, useVerifyUserQuery, useLazyVerifyUserQuery, useGetUserInfoQuery, useLazyGetUserInfoQuery, useUpdateUserInfoMutation, useForgottenPasswordMutation, useVerifyUserAttributesQuery, useLazyVerifyUserAttributesQuery, useVerifyUserResendQuery, useLazyVerifyUserResendQuery, useUpdateUserMutation, useGetStreakQuery, useLazyGetStreakQuery, useGetWeeklyProgressQuery, useLazyGetWeeklyProgressQuery, useSetWeeklyGoalMutation, useGetWatchProgressQuery, useLazyGetWatchProgressQuery, useGetRecommendationsQuery, useLazyGetRecommendationsQuery, useGetActivityStatsQuery, useLazyGetActivityStatsQuery, useLogActivityMutation, useGetActiveChallengesQuery, useGetChallengeProgressQuery, } = authApi;
 
 // Create dynamic baseQuery that resolves URL at request time
 const createContentBaseQuery = () => {
@@ -5783,8 +5846,8 @@ const contentApi = createApi({
 });
 const { useGetDataQuery, useLazyGetDataQuery, useGetDataByIdQuery, useLazyGetDataByIdQuery, } = contentApi;
 
-// Dynamic baseQuery that resolves URL at request time and unwraps standard responses
-const dynamicBaseQuery$1 = async (args, api, extraOptions) => {
+// Dynamic baseQuery that resolves URL at request time, unwraps responses, and handles 401 reauth
+const dynamicBaseQuery$1 = withReauth(async (args, api, extraOptions) => {
     // Resolve base URL at request time, not module load time
     const baseUrl = typeof process !== 'undefined' && process.env?.NEXT_PUBLIC_API_PAYMENTS_PREFIX
         ? process.env.NEXT_PUBLIC_API_PAYMENTS_PREFIX
@@ -5803,7 +5866,7 @@ const dynamicBaseQuery$1 = async (args, api, extraOptions) => {
         credentials: 'include',
     });
     return baseQuery(args, api, extraOptions);
-};
+});
 const paymentApi = createApi({
     reducerPath: 'paymentApi',
     baseQuery: dynamicBaseQuery$1,
@@ -5848,8 +5911,8 @@ const paymentApi = createApi({
 // Export hooks for usage in functional components.
 const { useCheckUserSubscriptionQuery, useLazyCheckUserSubscriptionQuery, useGetPaymentPlansQuery, useLazyGetPaymentPlansQuery, useGetTaxRatesQuery, useLazyGetTaxRatesQuery, useCheckPromoCodeQuery, useLazyCheckPromoCodeQuery, } = paymentApi;
 
-// Dynamic baseQuery that resolves URL at request time and unwraps standard responses
-const dynamicBaseQuery = async (args, api, extraOptions) => {
+// Dynamic baseQuery that resolves URL at request time, unwraps responses, and handles 401 reauth
+const dynamicBaseQuery = withReauth(async (args, api, extraOptions) => {
     // Resolve base URL at request time, not module load time
     const baseUrl = typeof process !== 'undefined' && process.env?.NEXT_PUBLIC_API_PAYMENTS_PREFIX
         ? process.env.NEXT_PUBLIC_API_PAYMENTS_PREFIX
@@ -5868,7 +5931,7 @@ const dynamicBaseQuery = async (args, api, extraOptions) => {
         credentials: 'include',
     });
     return baseQuery(args, api, extraOptions);
-};
+});
 const productsApi = createApi({
     reducerPath: 'productsApi',
     baseQuery: dynamicBaseQuery,
@@ -5925,17 +5988,7 @@ const createOrdersBaseQuery = () => {
         credentials: 'include',
     });
 };
-const dataBaseQuery = createOrdersBaseQuery();
-/**
- * This function is used to retry a request if we get a 401 error.
- */
-const dataBaseQueryWithReauth = async (args, api, extraOptions) => {
-    const result = await dataBaseQuery(args, api, extraOptions);
-    if (result?.error?.status === 401) {
-        api.dispatch(slice.logout());
-    }
-    return result;
-};
+const dataBaseQueryWithReauth = withReauth(createOrdersBaseQuery());
 const ordersApi = createApi({
     reducerPath: 'ordersApi',
     baseQuery: dataBaseQueryWithReauth,
@@ -5958,9 +6011,12 @@ const ordersApi = createApi({
          * Get all partnership orders for a customer from Stripe.
          */
         getOrders: builder.query({
-            query: ({ customerId }) => ({
+            query: ({ customerId, email }) => ({
                 url: `/payment/orders`,
-                params: { customerId },
+                params: {
+                    ...(customerId && { customerId }),
+                    ...(email && { email }),
+                },
             }),
             providesTags: ['Orders'],
         }),
@@ -6229,9 +6285,11 @@ exports.usePurchaseProductMutation = usePurchaseProductMutation;
 exports.useRegisterMutation = useRegisterMutation;
 exports.useResetPasswordAuthMutation = useResetPasswordAuthMutation;
 exports.useResetPasswordMutation = useResetPasswordMutation;
+exports.useSetWeeklyGoalMutation = useSetWeeklyGoalMutation;
 exports.useUpdateUserInfoMutation = useUpdateUserInfoMutation;
 exports.useUpdateUserMutation = useUpdateUserMutation;
 exports.useVerifyUserAttributesQuery = useVerifyUserAttributesQuery;
 exports.useVerifyUserQuery = useVerifyUserQuery;
 exports.useVerifyUserResendQuery = useVerifyUserResendQuery;
-//# sourceMappingURL=slice-C4MKCa5N.js.map
+exports.withReauth = withReauth;
+//# sourceMappingURL=slice-2_5ax6TZ.js.map