@vansite/ts-sharetribe-flex-sdk 3.0.6 → 3.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/index.js +1 -1
  2. package/dist/index.js.map +1 -1
  3. package/dist/index.mjs +1 -1
  4. package/dist/index.mjs.map +1 -1
  5. package/dist/index.umd.js +1 -1
  6. package/dist/index.umd.js.map +1 -1
  7. package/dist/types/utils/stores/BrowserStore.d.ts +3 -2
  8. package/dist/types/utils/stores/BrowserStore.d.ts.map +1 -1
  9. package/dist/types/utils/stores/ExpressStore.d.ts +7 -3
  10. package/dist/types/utils/stores/ExpressStore.d.ts.map +1 -1
  11. package/dist/utils/stores/BrowserStore.d.ts +3 -2
  12. package/dist/utils/stores/ExpressStore.d.ts +7 -3
  13. package/package.json +1 -1
package/dist/types/utils/stores/BrowserStore.d.ts CHANGED
@@ -28,8 +28,9 @@ export type BrowserStoreOptions = {
28
28
  /**
29
29
  * `BrowserStore` is an implementation of the `TokenStore` interface for storing authentication tokens in browser cookies.
30
30
  *
31
- * **Security Note:** This store uses JavaScript-accessible cookies. For maximum security in production,
32
- * consider using `ExpressStore` with `httpOnly: true` which prevents JavaScript access to tokens.
31
+ * **Note:** This store shares the same cookie key as `ExpressStore` (using the `st` namespace).
32
+ * The `ExpressStore` must NOT use `httpOnly: true` when both stores are used together,
33
+ * as that would prevent this store from reading or writing the shared cookie.
33
34
  */
34
35
  declare class BrowserStore implements TokenStore {
35
36
  expiration: number;
package/dist/types/utils/stores/BrowserStore.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"BrowserStore.d.ts","sourceRoot":"","sources":["../../../../src/utils/stores/BrowserStore.ts"],"names":[],"mappings":"AAEA,OAAO,EAAC,SAAS,EAAE,UAAU,EAAC,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF;;;;;GAKG;AACH,cAAM,YAAa,YAAW,UAAU;IACtC,UAAU,EAAE,MAAM,CAAM;IACxB,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAK5B;IAEF;;;OAGG;gBACS,EACV,QAAQ,EACR,MAAc,EACd,QAAgB,EAChB,IAAU,EACV,MAAM,GACP,EAAE,mBAAmB;IAkBtB;;;OAGG;IACH,QAAQ,IAAI,SAAS,GAAG,IAAI;IAc5B;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,IAAI;IAOhC;;OAEG;IACH,WAAW,IAAI,IAAI;CAGpB;AAED,eAAe,YAAY,CAAC"}
1
+ {"version":3,"file":"BrowserStore.d.ts","sourceRoot":"","sources":["../../../../src/utils/stores/BrowserStore.ts"],"names":[],"mappings":"AAEA,OAAO,EAAC,SAAS,EAAE,UAAU,EAAC,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF;;;;;;GAMG;AACH,cAAM,YAAa,YAAW,UAAU;IACtC,UAAU,EAAE,MAAM,CAAM;IACxB,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAK5B;IAEF;;;OAGG;gBACS,EACV,QAAQ,EACR,MAAc,EACd,QAAgB,EAChB,IAAU,EACV,MAAM,GACP,EAAE,mBAAmB;IAkBtB;;;OAGG;IACH,QAAQ,IAAI,SAAS,GAAG,IAAI;IAc5B;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,IAAI;IAOhC;;OAEG;IACH,WAAW,IAAI,IAAI;CAGpB;AAED,eAAe,YAAY,CAAC"}
package/dist/types/utils/stores/ExpressStore.d.ts CHANGED
@@ -14,7 +14,10 @@ export type ExpressStoreOptions = {
14
14
  secure?: boolean;
15
15
  /**
16
16
  * Whether to set httpOnly flag (prevents JavaScript access).
17
- * Defaults to true for security. This is the recommended setting for server-side token storage.
17
+ * Defaults to false to match the original Sharetribe SDK behavior and allow
18
+ * the BrowserStore to share the same cookie. Setting to true will prevent
19
+ * client-side JavaScript from reading or writing the token cookie, which
20
+ * breaks the shared session model between server and client SDK instances.
18
21
  */
19
22
  httpOnly?: boolean;
20
23
  /**
@@ -26,8 +29,9 @@ export type ExpressStoreOptions = {
26
29
  /**
27
30
  * `ExpressStore` is an implementation of the `TokenStore` interface for managing authentication tokens via cookies in an Express application.
28
31
  *
29
- * **Security Note:** This store supports `httpOnly` cookies (default: true), which prevents JavaScript access to tokens
30
- * and is the recommended approach for production server-side token storage.
32
+ * **Note:** This store defaults to `httpOnly: false` to match the original Sharetribe SDK behavior.
33
+ * Server and client SDK instances share the same cookie, so httpOnly must be false
34
+ * for the BrowserStore to read/write the token set by the server.
31
35
  */
32
36
  declare class ExpressStore implements TokenStore {
33
37
  expiration: number;
package/dist/types/utils/stores/ExpressStore.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ExpressStore.d.ts","sourceRoot":"","sources":["../../../../src/utils/stores/ExpressStore.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,MAAM,SAAS,CAAC;AAE1C,OAAO,EAAC,SAAS,EAAE,UAAU,EAAC,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,EAAE,QAAQ,CAAC;IACd;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;;OAGG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;OAGG;IACH,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;CACtC,CAAC;AAEF;;;;;GAKG;AACH,cAAM,YAAa,YAAW,UAAU;IACtC,UAAU,EAAE,MAAM,CAAO;IACzB,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,GAAG,CAAS;IACpB,OAAO,CAAC,aAAa,CAInB;IACF,OAAO,CAAC,GAAG,CAAU;IACrB,OAAO,CAAC,GAAG,CAAW;IACtB,OAAO,CAAC,YAAY,CAA0B;IAE9C;;;OAGG;gBACS,EAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,EAAE,MAAc,EAAE,QAAe,EAAE,QAAgB,EAAC,EAAE,mBAAmB;IAqBxG;;;OAGG;IACH,QAAQ,IAAI,SAAS,GAAG,IAAI;IAK5B;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,IAAI;IAQhC;;OAEG;IACH,WAAW,IAAI,IAAI;IAKnB;;;OAGG;IACH,OAAO,CAAC,UAAU;CAanB;AAED,eAAe,YAAY,CAAC"}
1
+ {"version":3,"file":"ExpressStore.d.ts","sourceRoot":"","sources":["../../../../src/utils/stores/ExpressStore.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,MAAM,SAAS,CAAC;AAE1C,OAAO,EAAC,SAAS,EAAE,UAAU,EAAC,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,EAAE,QAAQ,CAAC;IACd;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;OAGG;IACH,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;CACtC,CAAC;AAEF;;;;;;GAMG;AACH,cAAM,YAAa,YAAW,UAAU;IACtC,UAAU,EAAE,MAAM,CAAO;IACzB,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,GAAG,CAAS;IACpB,OAAO,CAAC,aAAa,CAInB;IACF,OAAO,CAAC,GAAG,CAAU;IACrB,OAAO,CAAC,GAAG,CAAW;IACtB,OAAO,CAAC,YAAY,CAA0B;IAE9C;;;OAGG;gBACS,EAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,EAAE,MAAc,EAAE,QAAgB,EAAE,QAAgB,EAAC,EAAE,mBAAmB;IAqBzG;;;OAGG;IACH,QAAQ,IAAI,SAAS,GAAG,IAAI;IAK5B;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,IAAI;IAQhC;;OAEG;IACH,WAAW,IAAI,IAAI;IAKnB;;;OAGG;IACH,OAAO,CAAC,UAAU;CAanB;AAED,eAAe,YAAY,CAAC"}
package/dist/utils/stores/BrowserStore.d.ts CHANGED
@@ -28,8 +28,9 @@ export type BrowserStoreOptions = {
28
28
  /**
29
29
  * `BrowserStore` is an implementation of the `TokenStore` interface for storing authentication tokens in browser cookies.
30
30
  *
31
- * **Security Note:** This store uses JavaScript-accessible cookies. For maximum security in production,
32
- * consider using `ExpressStore` with `httpOnly: true` which prevents JavaScript access to tokens.
31
+ * **Note:** This store shares the same cookie key as `ExpressStore` (using the `st` namespace).
32
+ * The `ExpressStore` must NOT use `httpOnly: true` when both stores are used together,
33
+ * as that would prevent this store from reading or writing the shared cookie.
33
34
  */
34
35
  declare class BrowserStore implements TokenStore {
35
36
  expiration: number;
package/dist/utils/stores/ExpressStore.d.ts CHANGED
@@ -14,7 +14,10 @@ export type ExpressStoreOptions = {
14
14
  secure?: boolean;
15
15
  /**
16
16
  * Whether to set httpOnly flag (prevents JavaScript access).
17
- * Defaults to true for security. This is the recommended setting for server-side token storage.
17
+ * Defaults to false to match the original Sharetribe SDK behavior and allow
18
+ * the BrowserStore to share the same cookie. Setting to true will prevent
19
+ * client-side JavaScript from reading or writing the token cookie, which
20
+ * breaks the shared session model between server and client SDK instances.
18
21
  */
19
22
  httpOnly?: boolean;
20
23
  /**
@@ -26,8 +29,9 @@ export type ExpressStoreOptions = {
26
29
  /**
27
30
  * `ExpressStore` is an implementation of the `TokenStore` interface for managing authentication tokens via cookies in an Express application.
28
31
  *
29
- * **Security Note:** This store supports `httpOnly` cookies (default: true), which prevents JavaScript access to tokens
30
- * and is the recommended approach for production server-side token storage.
32
+ * **Note:** This store defaults to `httpOnly: false` to match the original Sharetribe SDK behavior.
33
+ * Server and client SDK instances share the same cookie, so httpOnly must be false
34
+ * for the BrowserStore to read/write the token set by the server.
31
35
  */
32
36
  declare class ExpressStore implements TokenStore {
33
37
  expiration: number;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vansite/ts-sharetribe-flex-sdk",
3
- "version": "3.0.6",
3
+ "version": "3.0.7",
4
4
  "description": "This is a TypeScript SDK for Sharetribe Flex API. It reduces the complexity of the API and provides a more user-friendly interface.",
5
5
  "keywords": [
6
6
  "sharetribe",