@timeback/sdk 0.1.8 → 0.1.9

package/dist/client/adapters/solid/primitives/createTimebackVerification.ts

@@ -9,7 +9,9 @@
 
 import { createEffect, createSignal, onCleanup } from 'solid-js'
 
+import { DEFAULT_RETRY_ATTEMPTS, DEFAULT_RETRY_DELAYS_MS } from '../../../../shared/constants'
 import { getVerifyCache, verifyOnce } from '../../../lib/user-cache'
+import { getRetryDelay, sleep } from '../../../lib/utils'
 import { useTimeback } from '../context'
 
 import type { TimebackVerifyResult } from '../../../../shared/types'
@@ -37,8 +39,10 @@ function toState(result: TimebackVerifyResult): TimebackVerificationState {
  * Runs automatically once the Timeback client is available, and
  * provides a `refresh()` method to retry.
  *
+ * By default, retries failed verification attempts with exponential
+ * backoff to handle race conditions (e.g., user not yet created in backend).
+ *
  * @param options - Options
- * @param options.enabled - If false, does nothing and stays in loading state.
  * @returns Verification state and a refresh method
  *
  * @example
@@ -60,6 +64,8 @@ export function createTimebackVerification(
 	options: CreateTimebackVerificationOptions = {},
 ): CreateTimebackVerificationResult {
 	const enabled = options.enabled ?? true
+	const retryAttempts = options.retryAttempts ?? DEFAULT_RETRY_ATTEMPTS
+	const retryDelays = options.retryDelays ?? DEFAULT_RETRY_DELAYS_MS
 	const timeback = useTimeback()
 
 	const [state, setState] = createSignal<TimebackVerificationState>({ status: 'loading' })
@@ -96,26 +102,60 @@ export function createTimebackVerification(
 		setState({ status: 'loading' })
 
 		void (async () => {
-			try {
-				if (!client) return
+			if (!client) return
 
-				if (force) {
-					lastHandledRefreshNonce = nonce
-				}
+			if (force) {
+				lastHandledRefreshNonce = nonce
+			}
 
-				const result = await verifyOnce(client, force)
+			let lastError: Error | undefined
 
+			for (let attempt = 0; attempt <= retryAttempts; attempt++) {
 				if (cancelled) return
 
-				setState(toState(result))
-			} catch (err) {
-				if (!cancelled) {
-					setState({
-						status: 'error',
-						message:
-							err instanceof Error ? err.message : 'Failed to verify Timeback user',
-					})
+				/**
+				 * Wait for a calculated delay before retrying the verification request.
+				 *
+				 * This occurs only on subsequent attempts (not the initial try),
+				 * introducing a backoff based on the configured retry delays.
+				 */
+				if (attempt > 0) {
+					const delay = getRetryDelay(retryDelays, attempt - 1)
+					await sleep(delay)
+					if (cancelled) return
 				}
+
+				try {
+					const result = await verifyOnce(client, force || attempt > 0)
+
+					if (cancelled) return
+
+					setState(toState(result))
+
+					return
+				} catch (err) {
+					lastError =
+						err instanceof Error ? err : new Error('Failed to verify Timeback user')
+					/**
+					 * An error occurred during this verification attempt.
+					 * Proceeding to the next retry attempt if any remain.
+					 *
+					 * The last encountered error is saved for potential error state handling.
+					 */
+				}
+			}
+
+			/**
+			 * All verification attempts have failed after exhausting
+			 * the configured retry policy. The verification state will
+			 * transition to "error" if not cancelled, and the last encountered
+			 * error message (if available) will be presented to the consumer.
+			 */
+			if (!cancelled && lastError) {
+				setState({
+					status: 'error',
+					message: lastError.message,
+				})
 			}
 		})()
 

package/dist/client/adapters/solid/types.d.ts

@@ -39,9 +39,32 @@ export interface CreateTimebackVerificationOptions {
     /**
      * If false, does nothing and stays in loading state.
      *
+     * Use this to delay verification until prerequisites are met
+     * (e.g., user exists in your database).
+     *
      * @default true
      */
     enabled?: boolean;
+    /**
+     * Number of retry attempts on failure.
+     *
+     * This helps handle race conditions where the user may not be
+     * fully set up in the backend when verification first runs.
+     *
+     * Set to 0 to disable retries.
+     *
+     * @default 3
+     */
+    retryAttempts?: number;
+    /**
+     * Delay in ms before each retry attempt.
+     *
+     * Can be a single number (same delay for all retries) or an array
+     * of delays for each attempt (e.g., [100, 300, 1000] for exponential backoff).
+     *
+     * @default [100, 300, 1000]
+     */
+    retryDelays?: number | readonly number[];
 }
 /**
  * Return value of createTimebackVerification.

package/dist/client/adapters/solid/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/client/adapters/solid/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAE5D;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAClC;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,UAAU,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,MAAM,EAAE,YAAY,CAAA;CAAE,GACxB;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAC7B;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,GAClB;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,QAAQ,CAAC;IAAC,OAAO,EAAE,eAAe,CAAA;CAAE,GAC9C;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,WAAW,iCAAiC;IACjD;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,gCAAgC;IAChD,iCAAiC;IACjC,KAAK,EAAE,yBAAyB,CAAA;IAEhC,qDAAqD;IACrD,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC5C;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;IAEjB;;;;;OAKG;IACH,IAAI,CAAC,EAAE,OAAO,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC3C,4BAA4B;IAC5B,KAAK,EAAE,oBAAoB,CAAA;IAE3B,gFAAgF;IAChF,QAAQ,EAAE,OAAO,CAAA;IAEjB,oEAAoE;IACpE,YAAY,EAAE,MAAM,IAAI,CAAA;IAExB,2EAA2E;IAC3E,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/client/adapters/solid/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAE5D;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAClC;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,UAAU,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,MAAM,EAAE,YAAY,CAAA;CAAE,GACxB;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAC7B;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,GAClB;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,QAAQ,CAAC;IAAC,OAAO,EAAE,eAAe,CAAA;CAAE,GAC9C;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,WAAW,iCAAiC;IACjD;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;IAEjB;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;IAEtB;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAAA;CACxC;AAED;;GAEG;AACH,MAAM,WAAW,gCAAgC;IAChD,iCAAiC;IACjC,KAAK,EAAE,yBAAyB,CAAA;IAEhC,qDAAqD;IACrD,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC5C;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;IAEjB;;;;;OAKG;IACH,IAAI,CAAC,EAAE,OAAO,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC3C,4BAA4B;IAC5B,KAAK,EAAE,oBAAoB,CAAA;IAE3B,gFAAgF;IAChF,QAAQ,EAAE,OAAO,CAAA;IAEjB,oEAAoE;IACpE,YAAY,EAAE,MAAM,IAAI,CAAA;IAExB,2EAA2E;IAC3E,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB"}

package/dist/client/adapters/solid/types.ts

@@ -31,9 +31,34 @@ export interface CreateTimebackVerificationOptions {
 	/**
 	 * If false, does nothing and stays in loading state.
 	 *
+	 * Use this to delay verification until prerequisites are met
+	 * (e.g., user exists in your database).
+	 *
 	 * @default true
 	 */
 	enabled?: boolean
+
+	/**
+	 * Number of retry attempts on failure.
+	 *
+	 * This helps handle race conditions where the user may not be
+	 * fully set up in the backend when verification first runs.
+	 *
+	 * Set to 0 to disable retries.
+	 *
+	 * @default 3
+	 */
+	retryAttempts?: number
+
+	/**
+	 * Delay in ms before each retry attempt.
+	 *
+	 * Can be a single number (same delay for all retries) or an array
+	 * of delays for each attempt (e.g., [100, 300, 1000] for exponential backoff).
+	 *
+	 * @default [100, 300, 1000]
+	 */
+	retryDelays?: number | readonly number[]
 }
 
 /**

package/dist/client/adapters/svelte/stores/verification.d.ts

@@ -3,8 +3,8 @@
  *
  * Svelte store for user verification state.
  */
-import type { TimebackVerificationState } from '../types';
 import type { Readable } from 'svelte/store';
+import type { TimebackVerificationState } from '../types';
 export declare const verificationStore: import("svelte/store").Writable<TimebackVerificationState>;
 /**
  * Store containing the Timeback verification state.

package/dist/client/adapters/svelte/stores/verification.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verification.d.ts","sourceRoot":"","sources":["../../../../../src/client/adapters/svelte/stores/verification.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAOH,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,UAAU,CAAA;AACzD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAA;AAc5C,eAAO,MAAM,iBAAiB,4DAA6D,CAAA;AA8D3F;;;;;;;;;;;;;;;;;;;GAmBG;AACH,eAAO,MAAM,oBAAoB,EAAE,QAAQ,CAAC,yBAAyB,CAAqB,CAAA;AAE1F;;;;;;;;;;;GAWG;AACH,wBAAgB,2BAA2B,IAAI,IAAI,CAGlD"}
+{"version":3,"file":"verification.d.ts","sourceRoot":"","sources":["../../../../../src/client/adapters/svelte/stores/verification.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AASH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAA;AAE5C,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,UAAU,CAAA;AAczD,eAAO,MAAM,iBAAiB,4DAA6D,CAAA;AA6I3F;;;;;;;;;;;;;;;;;;;GAmBG;AACH,eAAO,MAAM,oBAAoB,EAAE,QAAQ,CAAC,yBAAyB,CAAqB,CAAA;AAE1F;;;;;;;;;;;GAWG;AACH,wBAAgB,2BAA2B,IAAI,IAAI,CAGlD"}

package/dist/client/adapters/svelte/stores/verification.ts

@@ -4,13 +4,16 @@
  * Svelte store for user verification state.
  */
 
+import { writable } from 'svelte/store'
+
+import { DEFAULT_RETRY_ATTEMPTS, DEFAULT_RETRY_DELAYS_MS } from '../../../../shared/constants'
 import { getVerifyCache, verifyOnce } from '../../../lib/user-cache'
+import { getRetryDelay, sleep } from '../../../lib/utils'
 import { clientStore, getClientInstance } from './client'
-import { writable } from 'svelte/store'
 
+import type { Readable } from 'svelte/store'
 import type { TimebackVerifyResult } from '../../../../shared/types'
 import type { TimebackVerificationState } from '../types'
-import type { Readable } from 'svelte/store'
 
 /**
  * Convert a verify result into a store-friendly state machine.
@@ -27,6 +30,16 @@ function toVerificationState(result: TimebackVerifyResult): TimebackVerification
 export const verificationStore = writable<TimebackVerificationState>({ status: 'loading' })
 let verificationInitialized = false
 
+/**
+ * Counter tracking the current verification run.
+ *
+ * Each call to `runVerification` increments this counter and captures
+ * its value. Before updating state, the run checks if it's still current.
+ * This prevents stale results from overwriting fresh ones when multiple
+ * verification attempts overlap (e.g., initial retry + user refresh).
+ */
+let currentRunId = 0
+
 /**
  * Check if we're running in the browser.
  *
@@ -37,7 +50,11 @@ function isBrowser(): boolean {
 }
 
 /**
- * Run the verification check.
+ * Run the verification check with retry logic.
+ *
+ * Uses a run ID to prevent race conditions when multiple verification
+ * attempts overlap. Each run captures the current ID and only updates
+ * state if it's still the active run.
  *
  * @param force - If true, bypass cache and force a fresh verification
  */
@@ -45,23 +62,79 @@ async function runVerification(force: boolean): Promise<void> {
 	const client = getClientInstance()
 	if (!client) return
 
+	/**
+	 * Capture this run's ID. Any subsequent call to runVerification
+	 * will increment currentRunId, making this run "cancelled".
+	 */
+	const runId = ++currentRunId
+
+	/**
+	 * Check if this run is still the active one.
+	 *
+	 * @returns False if a newer verification run has started
+	 */
+	const isCurrentRun = () => runId === currentRunId
+
 	if (!force) {
 		const cached = getVerifyCache(client)
 		if (cached) {
-			verificationStore.set(toVerificationState(cached))
+			if (isCurrentRun()) {
+				verificationStore.set(toVerificationState(cached))
+			}
 			return
 		}
 	}
 
-	verificationStore.set({ status: 'loading' })
+	if (isCurrentRun()) {
+		verificationStore.set({ status: 'loading' })
+	}
+
+	let lastError: Error | undefined
+
+	for (let attempt = 0; attempt <= DEFAULT_RETRY_ATTEMPTS; attempt++) {
+		if (!isCurrentRun()) return
+
+		/**
+		 * Wait for a calculated delay before retrying the verification request.
+		 *
+		 * This occurs only on subsequent attempts (not the initial try),
+		 * introducing a backoff based on the configured retry delays.
+		 */
+		if (attempt > 0) {
+			const delay = getRetryDelay(DEFAULT_RETRY_DELAYS_MS, attempt - 1)
+			await sleep(delay)
+			if (!isCurrentRun()) return
+		}
+
+		try {
+			const result = await verifyOnce(client, force || attempt > 0)
+
+			if (!isCurrentRun()) return
+
+			verificationStore.set(toVerificationState(result))
+
+			return
+		} catch (err) {
+			lastError = err instanceof Error ? err : new Error('Failed to verify Timeback user')
+			/**
+			 * An error occurred during this verification attempt.
+			 * Proceeding to the next retry attempt if any remain.
+			 *
+			 * The last encountered error is saved for potential error state handling.
+			 */
+		}
+	}
 
-	try {
-		const result = await verifyOnce(client, force)
-		verificationStore.set(toVerificationState(result))
-	} catch (err) {
+	/**
+	 * All verification attempts have failed after exhausting
+	 * the configured retry policy. The verification state will
+	 * transition to "error" if this run is still current, and the last
+	 * encountered error message (if available) will be presented to the consumer.
+	 */
+	if (isCurrentRun() && lastError) {
 		verificationStore.set({
 			status: 'error',
-			message: err instanceof Error ? err.message : 'Failed to verify Timeback user',
+			message: lastError.message,
 		})
 	}
 }
@@ -73,7 +146,17 @@ function initVerification(): void {
 	if (verificationInitialized) return
 	verificationInitialized = true
 
-	// Subscribe to client changes to auto-verify
+	/**
+	 * Subscribes to changes in the Timeback client store.
+	 *
+	 * Any time the client instance becomes available or changes,
+	 * automatically triggers a verification attempt to ensure the
+	 * user's Timeback verification status is kept up-to-date.
+	 *
+	 * This enables responsive status updates when authentication
+	 * state changes or when the client instance is re-initialized,
+	 * providing a seamless verification experience in Svelte apps.
+	 */
 	clientStore.subscribe(client => {
 		if (client && isBrowser()) {
 			void runVerification(false)
@@ -81,7 +164,6 @@ function initVerification(): void {
 	})
 }
 
-// Auto-init in browser
 if (isBrowser()) {
 	initVerification()
 }

package/dist/client/adapters/vue/composables/useTimebackVerification.d.ts

@@ -14,8 +14,10 @@ import type { TimebackVerificationState, UseTimebackVerificationOptions } from '
  * The composable runs automatically once the Timeback client is available, and
  * provides a `refresh()` method to retry.
  *
+ * By default, the composable retries failed verification attempts with exponential
+ * backoff to handle race conditions (e.g., user not yet created in backend).
+ *
  * @param options - Composable options
- * @param options.enabled - If false, the composable does nothing and stays in loading state.
  * @returns Verification state and a refresh method
  *
  * @example

package/dist/client/adapters/vue/composables/useTimebackVerification.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"useTimebackVerification.d.ts","sourceRoot":"","sources":["../../../../../src/client/adapters/vue/composables/useTimebackVerification.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAOH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,KAAK,CAAA;AAE9B,OAAO,KAAK,EAAE,yBAAyB,EAAE,8BAA8B,EAAE,MAAM,UAAU,CAAA;AAczF;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,wBAAgB,uBAAuB,CACtC,OAAO,GAAE,8BAAmC,GAC1C;IACF,KAAK,EAAE,GAAG,CAAC,yBAAyB,CAAC,CAAA;IACrC,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB,CA+DA"}
+{"version":3,"file":"useTimebackVerification.d.ts","sourceRoot":"","sources":["../../../../../src/client/adapters/vue/composables/useTimebackVerification.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AASH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,KAAK,CAAA;AAE9B,OAAO,KAAK,EAAE,yBAAyB,EAAE,8BAA8B,EAAE,MAAM,UAAU,CAAA;AAczF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,GAAE,8BAAmC,GAAG;IACtF,KAAK,EAAE,GAAG,CAAC,yBAAyB,CAAC,CAAA;IACrC,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB,CAsGA"}

package/dist/client/adapters/vue/composables/useTimebackVerification.ts

@@ -9,7 +9,9 @@
 
 import { ref, watch } from 'vue'
 
+import { DEFAULT_RETRY_ATTEMPTS, DEFAULT_RETRY_DELAYS_MS } from '../../../../shared/constants'
 import { getVerifyCache, verifyOnce } from '../../../lib/user-cache'
+import { getRetryDelay, sleep } from '../../../lib/utils'
 import { useTimeback } from '../provider'
 
 import type { Ref } from 'vue'
@@ -34,8 +36,10 @@ function toState(result: TimebackVerifyResult): TimebackVerificationState {
  * The composable runs automatically once the Timeback client is available, and
  * provides a `refresh()` method to retry.
  *
+ * By default, the composable retries failed verification attempts with exponential
+ * backoff to handle race conditions (e.g., user not yet created in backend).
+ *
  * @param options - Composable options
- * @param options.enabled - If false, the composable does nothing and stays in loading state.
  * @returns Verification state and a refresh method
  *
  * @example
@@ -57,16 +61,18 @@ function toState(result: TimebackVerifyResult): TimebackVerificationState {
  * </template>
  * ```
  */
-export function useTimebackVerification(
-	options: UseTimebackVerificationOptions = {},
-): {
+export function useTimebackVerification(options: UseTimebackVerificationOptions = {}): {
 	state: Ref<TimebackVerificationState>
 	refresh: () => void
 } {
 	const enabled = options.enabled ?? true
+	const retryAttempts = options.retryAttempts ?? DEFAULT_RETRY_ATTEMPTS
+	const retryDelays = options.retryDelays ?? DEFAULT_RETRY_DELAYS_MS
 	const timebackRef = useTimeback()
 
-	const state = ref<TimebackVerificationState>({ status: 'loading' }) as Ref<TimebackVerificationState>
+	const state = ref<TimebackVerificationState>({
+		status: 'loading',
+	}) as Ref<TimebackVerificationState>
 	const refreshNonce = ref(0)
 
 	let lastHandledRefreshNonce = 0
@@ -100,24 +106,59 @@ export function useTimebackVerification(
 
 			state.value = { status: 'loading' }
 
-			try {
-				if (!timeback) return
+			if (!timeback) return
 
-				if (force) {
-					lastHandledRefreshNonce = nonce
-				}
+			if (force) {
+				lastHandledRefreshNonce = nonce
+			}
 
-				const result = await verifyOnce(timeback, force)
+			let lastError: Error | undefined
 
+			for (let attempt = 0; attempt <= retryAttempts; attempt++) {
 				if (cancelled) return
 
-				state.value = toState(result)
-			} catch (err) {
-				if (!cancelled) {
-					state.value = {
-						status: 'error',
-						message: err instanceof Error ? err.message : 'Failed to verify Timeback user',
-					}
+				/**
+				 * Wait for a calculated delay before retrying the verification request.
+				 *
+				 * This occurs only on subsequent attempts (not the initial try),
+				 * introducing a backoff based on the configured retry delays.
+				 */
+				if (attempt > 0) {
+					const delay = getRetryDelay(retryDelays, attempt - 1)
+					await sleep(delay)
+					if (cancelled) return
+				}
+
+				try {
+					const result = await verifyOnce(timeback, force || attempt > 0)
+
+					if (cancelled) return
+
+					state.value = toState(result)
+
+					return
+				} catch (err) {
+					lastError =
+						err instanceof Error ? err : new Error('Failed to verify Timeback user')
+					/**
+					 * An error occurred during this verification attempt.
+					 * Proceeding to the next retry attempt if any remain.
+					 *
+					 * The last encountered error is saved for potential error state handling.
+					 */
+				}
+			}
+
+			/**
+			 * All verification attempts have failed after exhausting
+			 * the configured retry policy. The verification state will
+			 * transition to "error" if not cancelled, and the last encountered
+			 * error message (if available) will be presented to the consumer.
+			 */
+			if (!cancelled && lastError) {
+				state.value = {
+					status: 'error',
+					message: lastError.message,
 				}
 			}
 		},

package/dist/client/adapters/vue/types.d.ts

@@ -39,9 +39,32 @@ export interface UseTimebackVerificationOptions {
     /**
      * If false, the composable does nothing and stays in loading state.
      *
+     * Use this to delay verification until prerequisites are met
+     * (e.g., user exists in your database).
+     *
      * @default true
      */
     enabled?: boolean;
+    /**
+     * Number of retry attempts on failure.
+     *
+     * This helps handle race conditions where the user may not be
+     * fully set up in the backend when verification first runs.
+     *
+     * Set to 0 to disable retries.
+     *
+     * @default 3
+     */
+    retryAttempts?: number;
+    /**
+     * Delay in ms before each retry attempt.
+     *
+     * Can be a single number (same delay for all retries) or an array
+     * of delays for each attempt (e.g., [100, 300, 1000] for exponential backoff).
+     *
+     * @default [100, 300, 1000]
+     */
+    retryDelays?: number | readonly number[];
 }
 /**
  * Return value of the useTimebackVerification composable.

package/dist/client/adapters/vue/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/client/adapters/vue/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAE5D;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAClC;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,UAAU,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,MAAM,EAAE,YAAY,CAAA;CAAE,GACxB;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAC7B;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,GAClB;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,QAAQ,CAAC;IAAC,OAAO,EAAE,eAAe,CAAA;CAAE,GAC9C;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC9C;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,6BAA6B;IAC7C,gDAAgD;IAChD,KAAK,EAAE,yBAAyB,CAAA;IAEhC,qDAAqD;IACrD,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACzC;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;IAEjB;;;;;OAKG;IACH,IAAI,CAAC,EAAE,OAAO,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACxC,2CAA2C;IAC3C,KAAK,EAAE,oBAAoB,CAAA;IAE3B,gFAAgF;IAChF,QAAQ,EAAE,OAAO,CAAA;IAEjB,oEAAoE;IACpE,YAAY,EAAE,MAAM,IAAI,CAAA;IAExB,2EAA2E;IAC3E,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/client/adapters/vue/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAE5D;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAClC;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,UAAU,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,MAAM,EAAE,YAAY,CAAA;CAAE,GACxB;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAC7B;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,GAClB;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GACrB;IAAE,MAAM,EAAE,QAAQ,CAAC;IAAC,OAAO,EAAE,eAAe,CAAA;CAAE,GAC9C;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAA;AAEvC;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC9C;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;IAEjB;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;IAEtB;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAAA;CACxC;AAED;;GAEG;AACH,MAAM,WAAW,6BAA6B;IAC7C,gDAAgD;IAChD,KAAK,EAAE,yBAAyB,CAAA;IAEhC,qDAAqD;IACrD,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACzC;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;IAEjB;;;;;OAKG;IACH,IAAI,CAAC,EAAE,OAAO,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACxC,2CAA2C;IAC3C,KAAK,EAAE,oBAAoB,CAAA;IAE3B,gFAAgF;IAChF,QAAQ,EAAE,OAAO,CAAA;IAEjB,oEAAoE;IACpE,YAAY,EAAE,MAAM,IAAI,CAAA;IAExB,2EAA2E;IAC3E,OAAO,EAAE,MAAM,IAAI,CAAA;CACnB"}

package/dist/client/adapters/vue/types.ts

@@ -31,9 +31,34 @@ export interface UseTimebackVerificationOptions {
 	/**
 	 * If false, the composable does nothing and stays in loading state.
 	 *
+	 * Use this to delay verification until prerequisites are met
+	 * (e.g., user exists in your database).
+	 *
 	 * @default true
 	 */
 	enabled?: boolean
+
+	/**
+	 * Number of retry attempts on failure.
+	 *
+	 * This helps handle race conditions where the user may not be
+	 * fully set up in the backend when verification first runs.
+	 *
+	 * Set to 0 to disable retries.
+	 *
+	 * @default 3
+	 */
+	retryAttempts?: number
+
+	/**
+	 * Delay in ms before each retry attempt.
+	 *
+	 * Can be a single number (same delay for all retries) or an array
+	 * of delays for each attempt (e.g., [100, 300, 1000] for exponential backoff).
+	 *
+	 * @default [100, 300, 1000]
+	 */
+	retryDelays?: number | readonly number[]
 }
 
 /**

package/dist/client/lib/utils.d.ts

@@ -17,4 +17,19 @@ export declare function isBrowser(): boolean;
  * @returns The default base URL or undefined during SSR
  */
 export declare function getDefaultBaseURL(): string | undefined;
+/**
+ * Sleep for a given number of milliseconds.
+ *
+ * @param ms - Duration to sleep in milliseconds
+ * @returns Promise that resolves after the delay
+ */
+export declare function sleep(ms: number): Promise<void>;
+/**
+ * Get retry delay for a given attempt from a delay configuration.
+ *
+ * @param delays - Single delay or array of delays per attempt
+ * @param attempt - Zero-based attempt index
+ * @returns Delay in milliseconds
+ */
+export declare function getRetryDelay(delays: number | readonly number[], attempt: number): number;
 //# sourceMappingURL=utils.d.ts.map

package/dist/client/lib/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/client/lib/utils.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;;;GAIG;AACH,wBAAgB,SAAS,IAAI,OAAO,CAEnC;AAED;;;;;;GAMG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,GAAG,SAAS,CAMtD"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/client/lib/utils.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;;;GAIG;AACH,wBAAgB,SAAS,IAAI,OAAO,CAEnC;AAED;;;;;;GAMG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,GAAG,SAAS,CAMtD;AAED;;;;;GAKG;AACH,wBAAgB,KAAK,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAI/C;AAED;;;;;;GAMG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAMzF"}

package/dist/client.js

@@ -1 +1 @@
-import{a as o,b as y,c as b}from"./chunk-ahy54f2r.js";function r(e){let i=e.headerName??"Authorization",k=e.prefix??"Bearer ";return{wrapFetch(s){return async(t,m)=>{let a=await e.getToken();if(!a)throw Error("Missing bearer token (are you authenticated yet?)");let c=new Headers(m?.headers??(t instanceof Request?t.headers:void 0));if(!c.has(i))c.set(i,`${k}${a}`);return s(t,{...m,headers:c})}}}}export{b as createClient,r as bearer,y as TimebackClient,o as Activity};
+import{e as o,f as y,g as b}from"./chunk-8gg8n8v9.js";function r(e){let i=e.headerName??"Authorization",k=e.prefix??"Bearer ";return{wrapFetch(s){return async(t,m)=>{let a=await e.getToken();if(!a)throw Error("Missing bearer token (are you authenticated yet?)");let c=new Headers(m?.headers??(t instanceof Request?t.headers:void 0));if(!c.has(i))c.set(i,`${k}${a}`);return s(t,{...m,headers:c})}}}}export{b as createClient,r as bearer,y as TimebackClient,o as Activity};

package/dist/edge.js

@@ -1 +1 @@
-import{a as L,b as G,c as D}from"./chunk-3886xy48.js";import"./chunk-whc53e0y.js";function V(y){let g=y.trim();if(g==="")return"/";let x=g.indexOf("?");if(x===-1)return g;let C=g.slice(0,x);if(C==="")return"/";return C}function $(y){let g=V(y);if(g!==""&&!g.startsWith("/"))g=`/${g}`;if(g==="/"||g==="")return"";if(g.endsWith("/"))return g.slice(0,-1);return g}function X(y){let g=y.method.toUpperCase(),x=V(y.pathname),C=y.callbackPath?V(y.callbackPath):void 0;if(C&&x===C)return g==="GET"?"identity.callback":null;let I=y.basePath,M=I!==void 0,J=M?$(I):void 0,Q=(f)=>{if(g==="GET"){if(f===G.IDENTITY.SIGNIN)return"identity.signIn";if(f===G.IDENTITY.CALLBACK)return"identity.callback";if(f===G.IDENTITY.SIGNOUT)return"identity.signOut";if(f===G.USER.ME)return"user.me";if(f===G.USER.VERIFY)return"user.verify"}if(g==="POST"){if(f===G.ACTIVITY)return"activity"}return null};if(M&&J!==void 0){if(J!==""&&x===J)return null;if(J!==""&&!x.startsWith(`${J}/`))return null;let f=J===""?x:x.slice(J.length),_=f.startsWith("/")?f:`/${f}`;return Q(_)}if(g==="GET"){if(x.endsWith(G.IDENTITY.SIGNIN))return"identity.signIn";if(x.endsWith(G.IDENTITY.CALLBACK))return"identity.callback";if(x.endsWith(G.IDENTITY.SIGNOUT))return"identity.signOut";if(x.endsWith(G.USER.ME))return"user.me";if(x.endsWith(G.USER.VERIFY))return"user.verify"}if(g==="POST"){if(x.endsWith(G.ACTIVITY))return"activity"}return null}function Y(y){return"handle"in y?y.handle:y}function Z(y){return"activity"in y}function W(y){return"user"in y}function K(y){return typeof y==="object"&&y!==null&&"timeback"in y}function F(y){let{timeback:g,callbackPath:x}=K(y)?y:{timeback:y,callbackPath:void 0},C=Y(g);return(I)=>{let J=new URL(I.url).pathname,Q=I.method,f=X({pathname:J,method:Q,callbackPath:x});if(f==="identity.signIn")return C.identity.signIn(I);if(f==="identity.callback")return C.identity.callback(I);if(f==="identity.signOut")return Promise.resolve(C.identity.signOut());if(f==="user.me"){if(!W(C))return Promise.resolve(L({error:"Not found"},404));return C.user.me(I)}if(f==="user.verify"){if(!W(C))return Promise.resolve(L({error:"Not found"},404));return C.user.verify(I)}if(f==="activity"){if(!Z(C))return Promise.resolve(L({error:"Not found"},404));return C.activity(I)}return Promise.resolve(L({error:"Not found"},404))}}export{F as toNativeHandler,D as createTimebackIdentity,G as ROUTES};
+import{a as L,b as G,c as D}from"./chunk-63afdp3y.js";import"./chunk-whc53e0y.js";function V(y){let g=y.trim();if(g==="")return"/";let x=g.indexOf("?");if(x===-1)return g;let C=g.slice(0,x);if(C==="")return"/";return C}function $(y){let g=V(y);if(g!==""&&!g.startsWith("/"))g=`/${g}`;if(g==="/"||g==="")return"";if(g.endsWith("/"))return g.slice(0,-1);return g}function X(y){let g=y.method.toUpperCase(),x=V(y.pathname),C=y.callbackPath?V(y.callbackPath):void 0;if(C&&x===C)return g==="GET"?"identity.callback":null;let I=y.basePath,M=I!==void 0,J=M?$(I):void 0,Q=(f)=>{if(g==="GET"){if(f===G.IDENTITY.SIGNIN)return"identity.signIn";if(f===G.IDENTITY.CALLBACK)return"identity.callback";if(f===G.IDENTITY.SIGNOUT)return"identity.signOut";if(f===G.USER.ME)return"user.me";if(f===G.USER.VERIFY)return"user.verify"}if(g==="POST"){if(f===G.ACTIVITY)return"activity"}return null};if(M&&J!==void 0){if(J!==""&&x===J)return null;if(J!==""&&!x.startsWith(`${J}/`))return null;let f=J===""?x:x.slice(J.length),_=f.startsWith("/")?f:`/${f}`;return Q(_)}if(g==="GET"){if(x.endsWith(G.IDENTITY.SIGNIN))return"identity.signIn";if(x.endsWith(G.IDENTITY.CALLBACK))return"identity.callback";if(x.endsWith(G.IDENTITY.SIGNOUT))return"identity.signOut";if(x.endsWith(G.USER.ME))return"user.me";if(x.endsWith(G.USER.VERIFY))return"user.verify"}if(g==="POST"){if(x.endsWith(G.ACTIVITY))return"activity"}return null}function Y(y){return"handle"in y?y.handle:y}function Z(y){return"activity"in y}function W(y){return"user"in y}function K(y){return typeof y==="object"&&y!==null&&"timeback"in y}function F(y){let{timeback:g,callbackPath:x}=K(y)?y:{timeback:y,callbackPath:void 0},C=Y(g);return(I)=>{let J=new URL(I.url).pathname,Q=I.method,f=X({pathname:J,method:Q,callbackPath:x});if(f==="identity.signIn")return C.identity.signIn(I);if(f==="identity.callback")return C.identity.callback(I);if(f==="identity.signOut")return Promise.resolve(C.identity.signOut());if(f==="user.me"){if(!W(C))return Promise.resolve(L({error:"Not found"},404));return C.user.me(I)}if(f==="user.verify"){if(!W(C))return Promise.resolve(L({error:"Not found"},404));return C.user.verify(I)}if(f==="activity"){if(!Z(C))return Promise.resolve(L({error:"Not found"},404));return C.activity(I)}return Promise.resolve(L({error:"Not found"},404))}}export{F as toNativeHandler,D as createTimebackIdentity,G as ROUTES};

package/dist/identity.js

@@ -1 +1 @@
-import{c as e}from"./chunk-3886xy48.js";import"./chunk-whc53e0y.js";export{e as createTimebackIdentity};
+import{c as e}from"./chunk-63afdp3y.js";import"./chunk-whc53e0y.js";export{e as createTimebackIdentity};

package/dist/index.d.ts

@@ -28,8 +28,8 @@
  *   env: 'production',
  *   identity: {
  *     mode: 'sso',
- *     clientId: process.env.AWS_COGNITO_CLIENT_ID!,
- *     clientSecret: process.env.AWS_COGNITO_CLIENT_SECRET!,
+ *     clientId: process.env.TIMEBACK_SSO_CLIENT_ID!,
+ *     clientSecret: process.env.TIMEBACK_SSO_CLIENT_SECRET!,
  *     onCallbackSuccess: ({ user, redirect }) => redirect('/'),
  *     onCallbackError: ({ error, redirect }) => redirect('/?error=sso_failed'),
  *     getUser: (req) => getSession(req),