astro-tokenkit 1.0.9 → 1.0.11

package/README.md

@@ -125,6 +125,11 @@ const specializedClient = createClient({
 | `login` | `string` | Endpoint path for login (POST). |
 | `refresh` | `string` | Endpoint path for token refresh (POST). |
 | `logout` | `string` | Endpoint path for logout (POST). |
+| `contentType` | `'application/json' \| 'application/x-www-form-urlencoded'` | Content type for auth requests (default: `application/json`). |
+| `headers` | `Record<string, string>` | Extra headers for login/refresh requests. |
+| `loginData` | `Record<string, any>` | Extra data to be sent with login request. |
+| `refreshData` | `Record<string, any>` | Extra data to be sent with refresh request. |
+| `refreshRequestField` | `string` | Field name for the refresh token in the refresh request (default: `refreshToken`). |
 | `fields` | `FieldMapping` | Custom mapping for token fields in API responses. |
 | `parseLogin` | `Function` | Custom parser for login response: `(body: any) => TokenBundle`. |
 | `parseRefresh`| `Function` | Custom parser for refresh response: `(body: any) => TokenBundle`. |
@@ -136,17 +141,33 @@ const specializedClient = createClient({
 
 | Property | Type | Description |
 | :--- | :--- | :--- |
-| `ctx` | `TokenKitContext` | Optional Astro context. |
 | `onLogin` | `Function` | Callback after successful login: `(bundle, body, ctx) => void`. |
+| `headers` | `Record<string, string>` | Extra headers for this specific login request. |
+| `data` | `Record<string, any>` | Extra data for this specific login request. |
+
+### Request Auth Overrides
+
+When calling `api.get()`, `api.post()`, etc., you can override auth configuration (e.g., for multi-tenancy). Headers provided in the request options are automatically propagated to any automatic token refresh operations:
+
+```typescript
+await api.get('/data', {
+  headers: { 'x-tenant-name': 'lynx' },
+  auth: {
+    data: { extra_refresh_param: 'value' }
+  }
+});
+```
 
 ## Advanced Usage
 
 ### Manual Context
 
-If you prefer not to use middleware, you can pass the Astro context explicitly to any request:
+If you prefer not to use middleware, you can bind the Astro context manually for a specific scope:
 
 ```typescript
-const data = await api.get('/data', { ctx: Astro });
+import { runWithContext } from 'astro-tokenkit';
+
+const data = await runWithContext(Astro, () => api.get('/data'));
 ```
 
 ### Interceptors

package/dist/auth/manager.d.ts

@@ -1,4 +1,4 @@
-import type { TokenBundle, Session, AuthConfig, TokenKitContext, OnLoginCallback } from '../types';
+import type { TokenBundle, Session, AuthConfig, TokenKitContext, AuthOptions, LoginOptions } from '../types';
 /**
  * Token Manager handles all token operations
  */
@@ -10,11 +10,11 @@ export declare class TokenManager {
     /**
      * Perform login
      */
-    login(ctx: TokenKitContext, credentials: any, onLogin?: OnLoginCallback): Promise<TokenBundle>;
+    login(ctx: TokenKitContext, credentials: any, options?: LoginOptions): Promise<TokenBundle>;
     /**
      * Perform token refresh
      */
-    refresh(ctx: TokenKitContext, refreshToken: string): Promise<TokenBundle | null>;
+    refresh(ctx: TokenKitContext, refreshToken: string, options?: AuthOptions, headers?: Record<string, string>): Promise<TokenBundle | null>;
     /**
      * Internal refresh implementation
      */
@@ -22,7 +22,7 @@ export declare class TokenManager {
     /**
      * Ensure valid tokens (with automatic refresh)
      */
-    ensure(ctx: TokenKitContext): Promise<Session | null>;
+    ensure(ctx: TokenKitContext, options?: AuthOptions, headers?: Record<string, string>): Promise<Session | null>;
     /**
      * Logout (clear tokens)
      */

package/dist/auth/manager.js

@@ -52,13 +52,23 @@ export class TokenManager {
     /**
      * Perform login
      */
-    login(ctx, credentials, onLogin) {
+    login(ctx, credentials, options) {
         return __awaiter(this, void 0, void 0, function* () {
             const url = this.baseURL + this.config.login;
+            const contentType = this.config.contentType || 'application/json';
+            const headers = Object.assign(Object.assign({ 'Content-Type': contentType }, this.config.headers), options === null || options === void 0 ? void 0 : options.headers);
+            const data = Object.assign(Object.assign(Object.assign({}, this.config.loginData), options === null || options === void 0 ? void 0 : options.data), credentials);
+            let requestBody;
+            if (contentType === 'application/x-www-form-urlencoded') {
+                requestBody = new URLSearchParams(data).toString();
+            }
+            else {
+                requestBody = JSON.stringify(data);
+            }
             const response = yield fetch(url, {
                 method: 'POST',
-                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify(credentials),
+                headers,
+                body: requestBody,
             }).catch(error => {
                 throw new AuthError(`Login request failed: ${error.message}`);
             });
@@ -79,8 +89,8 @@ export class TokenManager {
             // Store in cookies
             storeTokens(ctx, bundle, this.config.cookies);
             // Call onLogin callback if provided
-            if (onLogin) {
-                yield onLogin(bundle, body, ctx);
+            if (options === null || options === void 0 ? void 0 : options.onLogin) {
+                yield options.onLogin(bundle, body, ctx);
             }
             return bundle;
         });
@@ -88,10 +98,10 @@ export class TokenManager {
     /**
      * Perform token refresh
      */
-    refresh(ctx, refreshToken) {
+    refresh(ctx, refreshToken, options, headers) {
         return __awaiter(this, void 0, void 0, function* () {
             try {
-                return yield this.performRefresh(ctx, refreshToken);
+                return yield this.performRefresh(ctx, refreshToken, options, headers);
             }
             catch (error) {
                 clearTokens(ctx, this.config.cookies);
@@ -102,13 +112,24 @@ export class TokenManager {
     /**
      * Internal refresh implementation
      */
-    performRefresh(ctx, refreshToken) {
+    performRefresh(ctx, refreshToken, options, extraHeaders) {
         return __awaiter(this, void 0, void 0, function* () {
             const url = this.baseURL + this.config.refresh;
+            const contentType = this.config.contentType || 'application/json';
+            const headers = Object.assign(Object.assign({ 'Content-Type': contentType }, this.config.headers), extraHeaders);
+            const refreshField = this.config.refreshRequestField || 'refreshToken';
+            const data = Object.assign(Object.assign(Object.assign({}, this.config.refreshData), options === null || options === void 0 ? void 0 : options.data), { [refreshField]: refreshToken });
+            let requestBody;
+            if (contentType === 'application/x-www-form-urlencoded') {
+                requestBody = new URLSearchParams(data).toString();
+            }
+            else {
+                requestBody = JSON.stringify(data);
+            }
             const response = yield fetch(url, {
                 method: 'POST',
-                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify({ refreshToken }),
+                headers,
+                body: requestBody,
             }).catch(error => {
                 throw new AuthError(`Refresh request failed: ${error.message}`);
             });
@@ -143,7 +164,7 @@ export class TokenManager {
     /**
      * Ensure valid tokens (with automatic refresh)
      */
-    ensure(ctx) {
+    ensure(ctx, options, headers) {
         return __awaiter(this, void 0, void 0, function* () {
             var _a, _b, _c, _d, _e;
             const now = Math.floor(Date.now() / 1000);
@@ -155,7 +176,7 @@ export class TokenManager {
             // Token expired
             if (isExpired(tokens.expiresAt, now, this.config.policy)) {
                 const flightKey = this.createFlightKey(tokens.refreshToken);
-                const bundle = yield this.singleFlight.execute(flightKey, () => this.refresh(ctx, tokens.refreshToken));
+                const bundle = yield this.singleFlight.execute(flightKey, () => this.refresh(ctx, tokens.refreshToken, options, headers));
                 if (!bundle)
                     return null;
                 return {
@@ -167,7 +188,7 @@ export class TokenManager {
             // Proactive refresh
             if (shouldRefresh(tokens.expiresAt, now, tokens.lastRefreshAt, this.config.policy)) {
                 const flightKey = this.createFlightKey(tokens.refreshToken);
-                const bundle = yield this.singleFlight.execute(flightKey, () => this.refresh(ctx, tokens.refreshToken));
+                const bundle = yield this.singleFlight.execute(flightKey, () => this.refresh(ctx, tokens.refreshToken, options, headers));
                 if (bundle) {
                     return {
                         accessToken: bundle.accessToken,

package/dist/client/client.d.ts

@@ -1,4 +1,4 @@
-import type { ClientConfig, RequestConfig, RequestOptions, Session, TokenKitContext, TokenKitConfig, LoginOptions } from '../types';
+import type { ClientConfig, RequestConfig, RequestOptions, Session, TokenKitConfig, LoginOptions } from '../types';
 import { TokenManager } from '../auth/manager';
 /**
  * API Client
@@ -65,19 +65,19 @@ export declare class APIClient {
     /**
      * Login
      */
-    login(credentials: any, options?: LoginOptions | TokenKitContext): Promise<void>;
+    login(credentials: any, options?: LoginOptions): Promise<void>;
     /**
      * Logout
      */
-    logout(ctx?: TokenKitContext): Promise<void>;
+    logout(): Promise<void>;
     /**
      * Check if authenticated
      */
-    isAuthenticated(ctx?: TokenKitContext): boolean;
+    isAuthenticated(): boolean;
     /**
      * Get current session
      */
-    getSession(ctx?: TokenKitContext): Session | null;
+    getSession(): Session | null;
 }
 /**
  * Global API client instance.

package/dist/client/client.js

@@ -113,7 +113,7 @@ export class APIClient {
      */
     request(config) {
         return __awaiter(this, void 0, void 0, function* () {
-            const ctx = getContextStore(config.ctx);
+            const ctx = getContextStore();
             let attempt = 0;
             let lastError;
             while (true) {
@@ -144,7 +144,7 @@ export class APIClient {
             var _a, _b, _c, _d, _e;
             // Ensure valid session (if auth is enabled)
             if (this.tokenManager && !config.skipAuth) {
-                yield this.tokenManager.ensure(ctx);
+                yield this.tokenManager.ensure(ctx, config.auth, config.headers);
             }
             // Build full URL
             const fullURL = this.buildURL(config.url, config.params);
@@ -177,7 +177,7 @@ export class APIClient {
                 // Handle 401 (try refresh and retry once)
                 if (response.status === 401 && this.tokenManager && !config.skipAuth && attempt === 1) {
                     // Clear and try fresh session
-                    const session = yield this.tokenManager.ensure(ctx);
+                    const session = yield this.tokenManager.ensure(ctx, config.auth, config.headers);
                     if (session) {
                         // Retry with new token
                         return this.executeRequest(config, ctx, attempt + 1);
@@ -288,48 +288,38 @@ export class APIClient {
             if (!this.tokenManager) {
                 throw new Error('Auth is not configured for this client');
             }
-            let ctx;
-            let onLogin;
-            if (options && 'cookies' in options) {
-                ctx = options;
-            }
-            else if (options) {
-                const opt = options;
-                ctx = opt.ctx;
-                onLogin = opt.onLogin;
-            }
-            const context = getContextStore(ctx);
-            yield this.tokenManager.login(context, credentials, onLogin);
+            const context = getContextStore();
+            yield this.tokenManager.login(context, credentials, options);
         });
     }
     /**
      * Logout
      */
-    logout(ctx) {
+    logout() {
         return __awaiter(this, void 0, void 0, function* () {
             if (!this.tokenManager) {
                 throw new Error('Auth is not configured for this client');
             }
-            const context = getContextStore(ctx);
+            const context = getContextStore();
             yield this.tokenManager.logout(context);
         });
     }
     /**
      * Check if authenticated
      */
-    isAuthenticated(ctx) {
+    isAuthenticated() {
         if (!this.tokenManager)
             return false;
-        const context = getContextStore(ctx);
+        const context = getContextStore();
         return this.tokenManager.isAuthenticated(context);
     }
     /**
      * Get current session
      */
-    getSession(ctx) {
+    getSession() {
         if (!this.tokenManager)
             return null;
-        const context = getContextStore(ctx);
+        const context = getContextStore();
         return this.tokenManager.getSession(context);
     }
 }

package/dist/client/context-shared.d.ts

@@ -10,7 +10,7 @@ export declare function setSharedContextStorage(storage: AsyncLocalStorage<any>,
 /**
  * Get context from shared storage
  */
-export declare function getContextStore(explicitCtx?: TokenKitContext): TokenKitContext;
+export declare function getContextStore(): TokenKitContext;
 /**
  * Bind context (only needed if not using shared storage)
  */

package/dist/client/context-shared.js

@@ -33,10 +33,7 @@ export function setSharedContextStorage(storage, key = 'astro') {
 /**
  * Get context from shared storage
  */
-export function getContextStore(explicitCtx) {
-    if (explicitCtx) {
-        return explicitCtx;
-    }
+export function getContextStore() {
     const config = getConfig();
     const getStore = config.getContextStore;
     if (getStore) {
@@ -51,10 +48,7 @@ export function getContextStore(explicitCtx) {
             return ctx;
         }
     }
-    throw new Error('Astro context not found. Either:\n' +
-        '1. Use api.middleware() to bind context automatically, or\n' +
-        '2. Pass context explicitly: api.get("/path", { ctx: Astro })\n' +
-        '3. Configure shared storage: setSharedContextStorage(storage, "key")');
+    throw new Error('Astro context not found. Make sure to use api.middleware() to bind context automatically.');
 }
 /**
  * Bind context (only needed if not using shared storage)

package/dist/client/context.d.ts

@@ -6,8 +6,8 @@ export declare function runWithContext<T>(ctx: TokenKitContext, fn: () => T): T;
 /**
  * Get current Astro context (from middleware binding or explicit)
  */
-export declare function getContextStore(explicitCtx?: TokenKitContext): TokenKitContext;
+export declare function getContextStore(): TokenKitContext;
 /**
  * Check if context is available
  */
-export declare function hasContext(explicitCtx?: TokenKitContext): boolean;
+export declare function hasContext(): boolean;

package/dist/client/context.js

@@ -19,30 +19,27 @@ export function runWithContext(ctx, fn) {
 /**
  * Get current Astro context (from middleware binding or explicit)
  */
-export function getContextStore(explicitCtx) {
+export function getContextStore() {
     const config = getConfig();
     const getStore = config.getContextStore;
     const context = config.context || als;
     const store = getStore
         ? getStore()
         : context.getStore();
-    const ctx = explicitCtx || store;
-    if (!ctx) {
-        throw new Error('Astro context not found. Either:\n' +
-            '1. Use api.middleware() to bind context automatically, or\n' +
-            '2. Pass context explicitly: api.get("/path", { ctx: Astro })');
+    if (!store) {
+        throw new Error('Astro context not found. Make sure to use api.middleware() to bind context automatically.');
     }
-    return ctx;
+    return store;
 }
 /**
  * Check if context is available
  */
-export function hasContext(explicitCtx) {
+export function hasContext() {
     const config = getConfig();
     const getStore = config.getContextStore;
     const context = config.context || als;
     const store = getStore
         ? getStore()
         : context.getStore();
-    return !!(explicitCtx || store);
+    return !!store;
 }

package/dist/config.js

@@ -3,6 +3,7 @@ import { TokenManager } from "./auth/manager";
 let config = {
     runWithContext: undefined,
     getContextStore: undefined,
+    setContextStore: undefined,
     baseURL: "",
 };
 let tokenManager;
@@ -10,8 +11,13 @@ let tokenManager;
  * Set configuration
  */
 export function setConfig(userConfig) {
-    // Store validated config
-    config = Object.assign(Object.assign({}, config), userConfig);
+    const finalConfig = Object.assign(Object.assign({}, config), userConfig);
+    // Validate that getter and setter are defined together
+    if ((finalConfig.getContextStore && !finalConfig.setContextStore) ||
+        (!finalConfig.getContextStore && finalConfig.setContextStore)) {
+        throw new Error("[TokenKit] getContextStore and setContextStore must be defined together.");
+    }
+    config = finalConfig;
     // Re-initialize global token manager if auth changed
     if (config.auth) {
         tokenManager = new TokenManager(config.auth, config.baseURL);