@vritti/quantum-ui 0.1.22 → 0.2.0

package/dist/axios.js

@@ -1,3 +1,54 @@
+const defaultConfig = {
+  csrf: {
+    endpoint: "/csrf/token",
+    enabled: true,
+    headerName: "x-csrf-token"
+  },
+  axios: {
+    baseURL: "/api",
+    timeout: 3e4,
+    withCredentials: true,
+    headers: {
+      "Content-Type": "application/json",
+      Accept: "application/json"
+    }
+  },
+  auth: {
+    tokenHeaderName: "Authorization",
+    tokenPrefix: "Bearer"
+  }
+};
+let currentConfig = { ...defaultConfig };
+function defineConfig(config) {
+  return config;
+}
+function configureQuantumUI(userConfig) {
+  currentConfig = {
+    csrf: {
+      ...defaultConfig.csrf,
+      ...userConfig.csrf || {}
+    },
+    axios: {
+      ...defaultConfig.axios,
+      ...userConfig.axios || {},
+      headers: {
+        ...defaultConfig.axios.headers,
+        ...userConfig.axios?.headers || {}
+      }
+    },
+    auth: {
+      ...defaultConfig.auth,
+      ...userConfig.auth || {}
+    }
+  };
+}
+function getConfig() {
+  return currentConfig;
+}
+function resetConfig() {
+  currentConfig = { ...defaultConfig };
+}
+
 function bind(fn, thisArg) {
   return function wrap() {
     return fn.apply(thisArg, arguments);
@@ -3841,111 +3892,106 @@ const {
   mergeConfig
 } = axios$1;
 
-const defaultConfig = {
-  csrf: {
-    endpoint: "/csrf/token",
-    enabled: true,
-    headerName: "x-csrf-token"
-  },
-  axios: {
-    baseURL: "/api",
-    timeout: 3e4,
-    withCredentials: true,
-    headers: {
-      "Content-Type": "application/json",
-      Accept: "application/json"
-    }
-  },
-  auth: {
-    tokenHeaderName: "Authorization",
-    tokenPrefix: "Bearer"
-  }
-};
-let currentConfig = { ...defaultConfig };
-function defineConfig(config) {
-  return config;
-}
-function configureQuantumUI(userConfig) {
-  currentConfig = {
-    csrf: {
-      ...defaultConfig.csrf,
-      ...userConfig.csrf || {}
-    },
-    axios: {
-      ...defaultConfig.axios,
-      ...userConfig.axios || {},
-      headers: {
-        ...defaultConfig.axios.headers,
-        ...userConfig.axios?.headers || {}
-      }
-    },
-    auth: {
-      ...defaultConfig.auth,
-      ...userConfig.auth || {}
-    }
-  };
-}
-function getConfig() {
-  return currentConfig;
-}
-function resetConfig() {
-  currentConfig = { ...defaultConfig };
-}
-
-const tokenStore = {};
+let accessToken = null;
+let refreshTimer = null;
+let sessionRecoveryPromise = null;
 let csrfToken = null;
 let csrfFetchPromise = null;
-const setCsrfToken = (token) => {
-  if (!token || typeof token !== "string") {
-    console.warn("[axios] Invalid CSRF token provided");
-    return;
+const setToken = (token) => {
+  if (token && typeof token === "string") {
+    accessToken = token;
   }
-  csrfToken = token;
 };
-const getCsrfToken = () => {
-  return csrfToken;
+const getToken = () => accessToken;
+const clearToken = () => {
+  accessToken = null;
+  cancelTokenRefresh();
 };
+const setCsrfToken = (token) => {
+  if (token && typeof token === "string") {
+    csrfToken = token;
+  }
+};
+const getCsrfToken = () => csrfToken;
 const clearCsrfToken = () => {
   csrfToken = null;
 };
-const TOKEN_PRIORITY = ["access", "refresh", "onboarding"];
-const setToken = (type, token) => {
-  if (!token || typeof token !== "string") {
-    console.warn(`[axios] Invalid token provided for type: ${type}`);
-    return;
+async function recoverToken() {
+  const config = getConfig();
+  try {
+    const response = await axios$1.get("/auth/token", {
+      baseURL: config.axios.baseURL,
+      withCredentials: true,
+      timeout: config.axios.timeout
+    });
+    if (response.data.accessToken) {
+      setToken(response.data.accessToken);
+      return { success: true, expiresIn: response.data.expiresIn };
+    }
+    return { success: false, expiresIn: 0 };
+  } catch {
+    clearToken();
+    return { success: false, expiresIn: 0 };
   }
-  tokenStore[type] = token;
-};
-const getToken = (type) => {
-  return tokenStore[type] || null;
-};
-const clearToken = (type) => {
-  delete tokenStore[type];
-};
-const clearAllTokens = () => {
-  Object.keys(tokenStore).forEach((key) => {
-    delete tokenStore[key];
-  });
-};
-const getActiveToken = () => {
-  for (const tokenType of TOKEN_PRIORITY) {
-    const token = tokenStore[tokenType];
-    if (token) {
-      return token;
+}
+async function recoverTokenIfNeeded() {
+  if (accessToken) return true;
+  if (sessionRecoveryPromise) {
+    return sessionRecoveryPromise;
+  }
+  sessionRecoveryPromise = (async () => {
+    try {
+      const result = await recoverToken();
+      if (result.success) {
+        scheduleTokenRefresh(result.expiresIn);
+        return true;
+      }
+      return false;
+    } catch {
+      return false;
+    } finally {
+      sessionRecoveryPromise = null;
+    }
+  })();
+  return sessionRecoveryPromise;
+}
+function scheduleTokenRefresh(expiresIn) {
+  cancelTokenRefresh();
+  const refreshAt = expiresIn * 0.8 * 1e3;
+  refreshTimer = setTimeout(async () => {
+    const config = getConfig();
+    try {
+      const response = await axios$1.post(
+        "/auth/refresh",
+        {},
+        {
+          baseURL: config.axios.baseURL,
+          withCredentials: true,
+          timeout: config.axios.timeout
+        }
+      );
+      if (response.data.accessToken) {
+        setToken(response.data.accessToken);
+        scheduleTokenRefresh(response.data.expiresIn);
+      }
+    } catch {
+      clearToken();
+      redirectToLogin();
     }
+  }, refreshAt);
+}
+function cancelTokenRefresh() {
+  if (refreshTimer) {
+    clearTimeout(refreshTimer);
+    refreshTimer = null;
   }
-  return null;
-};
+}
 async function fetchCsrfToken() {
-  if (csrfFetchPromise) {
-    return csrfFetchPromise;
-  }
+  if (csrfFetchPromise) return csrfFetchPromise;
   csrfFetchPromise = (async () => {
     try {
       const config = getConfig();
-      if (!config.csrf.enabled) {
-        return null;
-      }
+      if (!config.csrf.enabled) return null;
       const response = await axios$1.get(config.csrf.endpoint, {
         baseURL: config.axios.baseURL,
         withCredentials: config.axios.withCredentials,
@@ -3956,10 +4002,8 @@ async function fetchCsrfToken() {
         setCsrfToken(token);
         return token;
       }
-      console.warn("[axios] CSRF endpoint did not return a csrfToken field");
       return null;
-    } catch (error) {
-      console.error("[axios] Failed to fetch CSRF token:", error);
+    } catch {
       return null;
     } finally {
       csrfFetchPromise = null;
@@ -3967,6 +4011,22 @@ async function fetchCsrfToken() {
   })();
   return csrfFetchPromise;
 }
+function redirectToLogin() {
+  if (typeof window !== "undefined") {
+    window.location.href = "/login";
+  }
+}
+function getSubdomain() {
+  if (typeof window === "undefined") return null;
+  const parts = window.location.hostname.split(".");
+  if (parts.length >= 2 && parts[parts.length - 1] === "localhost") {
+    return parts[0];
+  }
+  if (parts.length >= 3) {
+    return parts[0];
+  }
+  return null;
+}
 function createAxiosInstance() {
   const config = getConfig();
   return axios$1.create({
@@ -3977,65 +4037,44 @@ function createAxiosInstance() {
   });
 }
 const axios = createAxiosInstance();
-const getSubdomain = () => {
-  if (typeof window === "undefined") {
-    return null;
+axios.interceptors.request.use(async (config) => {
+  const quantumConfig = getConfig();
+  const isPublicRequest = config.public === true;
+  if (!isPublicRequest) {
+    const hasSession = await recoverTokenIfNeeded();
+    if (!hasSession) {
+      redirectToLogin();
+      return Promise.reject(new Error("No valid session"));
+    }
+  }
+  const token = getToken();
+  if (token) {
+    config.headers[quantumConfig.auth.tokenHeaderName] = `${quantumConfig.auth.tokenPrefix} ${token}`;
+  }
+  const subdomain = getSubdomain();
+  if (subdomain) {
+    config.headers["x-subdomain"] = subdomain;
+  }
+  const isStateChanging = ["post", "put", "patch", "delete"].includes(config.method?.toLowerCase() || "");
+  if (isStateChanging && quantumConfig.csrf.enabled) {
+    let csrf = getCsrfToken();
+    if (!csrf) csrf = await fetchCsrfToken();
+    if (csrf) config.headers[quantumConfig.csrf.headerName] = csrf;
   }
-  const hostname = window.location.hostname;
-  const parts = hostname.split(".");
-  if (parts.length >= 2 && parts[parts.length - 1] === "localhost") {
-    return parts[0];
-  }
-  if (parts.length >= 3) {
-    return parts[0];
-  }
-  return null;
-};
-axios.interceptors.request.use(
-  async (config) => {
-    const quantumConfig = getConfig();
-    const token = getActiveToken();
-    if (token) {
-      const authHeaderName = quantumConfig.auth.tokenHeaderName;
-      const tokenPrefix = quantumConfig.auth.tokenPrefix;
-      config.headers[authHeaderName] = `${tokenPrefix} ${token}`;
-    }
-    const subdomain = getSubdomain();
-    if (subdomain) {
-      config.headers["x-subdomain"] = subdomain;
-    }
-    const isStateChangingRequest = ["post", "put", "patch", "delete"].includes(
-      config.method?.toLowerCase() || ""
-    );
-    if (isStateChangingRequest && quantumConfig.csrf.enabled) {
-      let csrfTokenValue = getCsrfToken();
-      if (!csrfTokenValue) {
-        csrfTokenValue = await fetchCsrfToken();
-      }
-      if (csrfTokenValue) {
-        config.headers[quantumConfig.csrf.headerName] = csrfTokenValue;
-      } else {
-        console.warn("[axios] CSRF token not available for state-changing request");
-      }
-    }
-    return config;
-  },
-  (error) => {
-    return Promise.reject(error);
-  }
-);
+  return config;
+});
 axios.interceptors.response.use(
-  (response) => {
-    return response;
-  },
-  async (error) => {
-    const originalRequest = error.config;
-    if (error.response?.status === 401 && !originalRequest._retry) {
-      originalRequest._retry = true;
+  (response) => response,
+  (error) => {
+    const isPublicRequest = error.config?.public === true;
+    if (error.response?.status === 401 && !isPublicRequest) {
+      clearToken();
+      cancelTokenRefresh();
+      redirectToLogin();
     }
     return Promise.reject(error);
   }
 );
 
-export { axios as a, getToken as b, configureQuantumUI as c, defineConfig as d, clearToken as e, clearAllTokens as f, getConfig as g, setCsrfToken as h, getCsrfToken as i, clearCsrfToken as j, resetConfig as r, setToken as s };
+export { axios as a, cancelTokenRefresh as b, configureQuantumUI as c, defineConfig as d, clearCsrfToken as e, clearToken as f, getConfig as g, getCsrfToken as h, getToken as i, recoverToken as j, setCsrfToken as k, setToken as l, resetConfig as r, scheduleTokenRefresh as s };
 //# sourceMappingURL=axios.js.map