@volr/react 0.1.70 → 0.1.71

package/dist/index.d.cts

@@ -526,15 +526,52 @@ interface UseVolrLoginReturn {
 declare function useVolrLogin(): UseVolrLoginReturn;
 
 interface UseVolrAuthCallbackOptions {
+    /**
+     * Called when OAuth authentication is successful
+     */
     onSuccess?: (user: VolrUser) => void;
+    /**
+     * Called when OAuth authentication fails
+     */
     onError?: (error: string) => void;
+    /**
+     * If true, automatically clears the URL query params after processing
+     * @default true
+     */
+    clearUrlParams?: boolean;
 }
 interface UseVolrAuthCallbackReturn {
+    /** Whether the callback is being processed */
     isLoading: boolean;
+    /** Error message if authentication failed */
     error: string | null;
+    /** Whether this is a new user (first time sign in) */
     isNewUser: boolean;
+    /** The authenticated user object */
     user: VolrUser | null;
 }
+/**
+ * Hook to handle OAuth callback after social login redirect.
+ *
+ * Usage:
+ * ```tsx
+ * // In your /auth/callback page
+ * function AuthCallbackPage() {
+ *   const { isLoading, error, user, isNewUser } = useVolrAuthCallback({
+ *     onSuccess: (user) => {
+ *       navigate('/dashboard');
+ *     },
+ *     onError: (error) => {
+ *       navigate('/login?error=' + encodeURIComponent(error));
+ *     },
+ *   });
+ *
+ *   if (isLoading) return <LoadingSpinner />;
+ *   if (error) return <ErrorMessage message={error} />;
+ *   return null;
+ * }
+ * ```
+ */
 declare function useVolrAuthCallback(options?: UseVolrAuthCallbackOptions): UseVolrAuthCallbackReturn;
 
 type Erc20Token = {

package/dist/index.d.ts

@@ -526,15 +526,52 @@ interface UseVolrLoginReturn {
 declare function useVolrLogin(): UseVolrLoginReturn;
 
 interface UseVolrAuthCallbackOptions {
+    /**
+     * Called when OAuth authentication is successful
+     */
     onSuccess?: (user: VolrUser) => void;
+    /**
+     * Called when OAuth authentication fails
+     */
     onError?: (error: string) => void;
+    /**
+     * If true, automatically clears the URL query params after processing
+     * @default true
+     */
+    clearUrlParams?: boolean;
 }
 interface UseVolrAuthCallbackReturn {
+    /** Whether the callback is being processed */
     isLoading: boolean;
+    /** Error message if authentication failed */
     error: string | null;
+    /** Whether this is a new user (first time sign in) */
     isNewUser: boolean;
+    /** The authenticated user object */
     user: VolrUser | null;
 }
+/**
+ * Hook to handle OAuth callback after social login redirect.
+ *
+ * Usage:
+ * ```tsx
+ * // In your /auth/callback page
+ * function AuthCallbackPage() {
+ *   const { isLoading, error, user, isNewUser } = useVolrAuthCallback({
+ *     onSuccess: (user) => {
+ *       navigate('/dashboard');
+ *     },
+ *     onError: (error) => {
+ *       navigate('/login?error=' + encodeURIComponent(error));
+ *     },
+ *   });
+ *
+ *   if (isLoading) return <LoadingSpinner />;
+ *   if (error) return <ErrorMessage message={error} />;
+ *   return null;
+ * }
+ * ```
+ */
 declare function useVolrAuthCallback(options?: UseVolrAuthCallbackOptions): UseVolrAuthCallbackReturn;
 
 type Erc20Token = {

package/dist/index.js

@@ -18667,45 +18667,15 @@ function useVolrLogin() {
     handlePasskeyComplete
   };
 }
-function createAxiosInstance(baseUrl, apiKey) {
-  const instance = axios.create({
-    baseURL: baseUrl.replace(/\/+$/, ""),
-    // Remove trailing slashes
-    withCredentials: true,
-    // Include cookies
-    headers: {
-      "Content-Type": "application/json"
-    }
-  });
-  instance.interceptors.request.use((config) => {
-    if (apiKey) {
-      config.headers["X-API-Key"] = apiKey;
-    }
-    return config;
-  });
-  instance.interceptors.response.use(
-    (response) => response,
-    (error) => {
-      if (error.response?.data) {
-        const errorData = error.response.data;
-        if (errorData.error?.message) {
-          error.message = errorData.error.message;
-        }
-      }
-      return Promise.reject(error);
-    }
-  );
-  return instance;
-}
-
-// src/hooks/useVolrAuthCallback.ts
 function useVolrAuthCallback(options = {}) {
-  const { config, setUser } = useVolrContext();
-  const { refreshAccessToken, setAccessToken, setRefreshToken, client } = useInternalAuth();
+  const { clearUrlParams = true } = options;
+  const { setUser } = useVolrContext();
+  const { setAccessToken, setRefreshToken, client } = useInternalAuth();
   const [isLoading, setIsLoading] = useState(true);
   const [error, setError] = useState(null);
   const [isNewUser, setIsNewUser] = useState(false);
   const [user, setLocalUser] = useState(null);
+  const hasProcessed = useRef(false);
   const toVolrUser = useCallback((u) => {
     return {
       id: u.id,
@@ -18721,24 +18691,31 @@ function useVolrAuthCallback(options = {}) {
       credentialId: u.credentialId ?? void 0
     };
   }, []);
-  const apiBaseUrl = resolveApiBaseUrl(config);
   useEffect(() => {
     const handleCallback = async () => {
       if (typeof window === "undefined") return;
+      if (hasProcessed.current) return;
+      hasProcessed.current = true;
       const searchParams = new URLSearchParams(window.location.search);
-      const success = searchParams.get("success");
+      const authCode = searchParams.get("code");
       const errorParam = searchParams.get("error");
-      const userId = searchParams.get("userId");
       const isNew = searchParams.get("isNewUser") === "true";
       if (errorParam) {
-        const errorMsg = `Authentication failed: ${errorParam}`;
+        const errorMsg = `Authentication failed: ${errorParam.replace(/_/g, " ")}`;
+        setError(errorMsg);
+        setIsLoading(false);
+        options.onError?.(errorMsg);
+        return;
+      }
+      if (!authCode) {
+        const errorMsg = "No authorization code found. Please try logging in again.";
         setError(errorMsg);
         setIsLoading(false);
         options.onError?.(errorMsg);
         return;
       }
-      if (success !== "true" || !userId) {
-        const errorMsg = "Invalid callback parameters";
+      if (!authCode.startsWith("volr_auth_")) {
+        const errorMsg = "Invalid authorization code format";
         setError(errorMsg);
         setIsLoading(false);
         options.onError?.(errorMsg);
@@ -18746,45 +18723,44 @@ function useVolrAuthCallback(options = {}) {
       }
       try {
         setIsNewUser(isNew);
-        await refreshAccessToken();
-        const api = createAxiosInstance(
-          apiBaseUrl,
-          config.projectApiKey
-        );
-        const userRes = await api.get(`/auth/onboarding/${userId}`);
-        if (!userRes.data?.ok) {
-          throw new Error("Failed to fetch user details");
-        }
-        const currentRefreshToken = client.getRefreshToken();
-        if (!currentRefreshToken) {
-          throw new Error("No refresh token available. Please log in again.");
-        }
-        const refreshRes = await api.post("/auth/refresh", { refreshToken: currentRefreshToken });
-        if (!refreshRes.data?.ok) {
-          throw new Error("Failed to refresh session");
+        const response = await client.post("/auth/token/exchange", { code: authCode });
+        const { user: userData, accessToken, refreshToken } = response;
+        if (!accessToken) {
+          throw new Error("No access token received from server");
         }
-        const userData = refreshRes.data.data.user;
-        const accessToken = refreshRes.data.data.accessToken;
-        const newRefreshToken = refreshRes.data.data.refreshToken;
         setAccessToken(accessToken);
-        if (newRefreshToken) {
-          setRefreshToken(newRefreshToken);
+        if (refreshToken) {
+          setRefreshToken(refreshToken);
         }
         const volrUser = toVolrUser(userData);
         setUser(volrUser);
         setLocalUser(volrUser);
+        if (clearUrlParams && typeof window !== "undefined") {
+          const url = new URL(window.location.href);
+          url.search = "";
+          window.history.replaceState({}, "", url.toString());
+        }
         setIsLoading(false);
         options.onSuccess?.(volrUser);
       } catch (err) {
-        console.error("Callback error:", err);
-        const errorMsg = err.message || "Failed to complete authentication";
+        console.error("[useVolrAuthCallback] Token exchange error:", err);
+        let errorMsg = "Failed to complete authentication";
+        if (err instanceof Error) {
+          if (err.message.includes("AUTH_CODE_EXPIRED")) {
+            errorMsg = "Login link has expired. Please try again.";
+          } else if (err.message.includes("AUTH_INVALID_CODE")) {
+            errorMsg = "Invalid login link. Please try again.";
+          } else {
+            errorMsg = err.message;
+          }
+        }
         setError(errorMsg);
         setIsLoading(false);
         options.onError?.(errorMsg);
       }
     };
     handleCallback();
-  }, [apiBaseUrl, config.projectApiKey, refreshAccessToken, setAccessToken, setRefreshToken, setUser, toVolrUser, client]);
+  }, []);
   return {
     isLoading,
     error,
@@ -19334,6 +19310,36 @@ function useMpcConnection() {
     error
   };
 }
+function createAxiosInstance(baseUrl, apiKey) {
+  const instance = axios.create({
+    baseURL: baseUrl.replace(/\/+$/, ""),
+    // Remove trailing slashes
+    withCredentials: true,
+    // Include cookies
+    headers: {
+      "Content-Type": "application/json"
+    }
+  });
+  instance.interceptors.request.use((config) => {
+    if (apiKey) {
+      config.headers["X-API-Key"] = apiKey;
+    }
+    return config;
+  });
+  instance.interceptors.response.use(
+    (response) => response,
+    (error) => {
+      if (error.response?.data) {
+        const errorData = error.response.data;
+        if (errorData.error?.message) {
+          error.message = errorData.error.message;
+        }
+      }
+      return Promise.reject(error);
+    }
+  );
+  return instance;
+}
 
 // src/headless/blobs.ts
 async function uploadBlobViaPresign(params) {