npm - azirid-react - Versions diffs - 0.14.5 → 0.14.6 - Mend

azirid-react 0.14.5 → 0.14.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -1342,7 +1342,7 @@ The Azirid dashboard lets admins click "Sign in as user" to impersonate any end
 1. Admin clicks "Sign in as user" in the Azirid dashboard
 2. Dashboard generates a one-time handoff code (valid for 5 minutes) and redirects to your app at `/auth/handoff?code=<code>&api=<apiUrl>`
 3. Your app renders `<HandoffCallback>`, which exchanges the code for session tokens directly with the API
-4. Tokens are stored in `sessionStorage` — on redirect to `/`, `AziridProvider` picks them up automatically
+4. Tokens are stored in `sessionStorage` + `__session` cookie, then the component redirects to `redirectUrl` via hard navigation so `AziridProvider` re-bootstraps with the new session
 > **`<HandoffCallback>` is fully standalone** — it does NOT depend on `AziridProvider`. It works even when the provider wraps the entire layout and its bootstrap would redirect to `/login`. No special route groups or layout changes needed.
@@ -1356,20 +1356,19 @@ import { HandoffCallback } from 'azirid-react'
 export default function HandoffPage() {
   return (
     <HandoffCallback
-      onSuccess={() => window.location.href = '/'}
+      redirectUrl="/dashboard"
       onError={() => window.location.href = '/login'}
     />
   )
 }
 ```
-> **Important:** Use `window.location.href` (not `router.push()`) for redirects. This triggers a full page reload so `AziridProvider` re-bootstraps with the new tokens.
 **Props:**
 | Prop | Type | Default | Description |
 |------|------|---------|-------------|
-| `onSuccess` | `(user: unknown) => void` | — | Called when the handoff succeeds; redirect the user here |
+| `redirectUrl` | `string` | `"/"` | URL to redirect after successful handoff (hard navigation) |
+| `onSuccess` | `(user: unknown) => void` | — | Called before redirect for optional side effects (analytics, etc.) |
 | `onError` | `(error: Error) => void` | — | Called on failure (expired/invalid code); redirect to login |
 | `loadingText` | `string` | `"Signing you in..."` | Text shown while the exchange is in progress |
 | `errorText` | `string` | `"Failed to complete sign-in. The link may have expired."` | Fallback error text |

package/dist/index.cjs CHANGED Viewed

@@ -3977,6 +3977,7 @@ var subtextStyle = {
 function HandoffCallback({
   onSuccess,
   onError,
+  redirectUrl = "/",
   loadingText = "Signing you in...",
   errorText = "Failed to complete sign-in. The link may have expired."
 }) {
@@ -4003,6 +4004,7 @@ function HandoffCallback({
     }
     performHandoff(apiUrl, code).then((user) => {
       onSuccess?.(user);
+      window.location.href = redirectUrl;
     }).catch((err) => {
       setStatus("error");
       const error = err instanceof Error ? err : new Error("Handoff exchange failed");
@@ -4038,7 +4040,8 @@ async function performHandoff(apiUrl, code) {
   }
   const at = json.at ?? json.accessToken;
   if (at) {
-    document.cookie = `__session=${at}; Path=/; SameSite=Lax; Max-Age=900`;
+    const secure = window.location.protocol === "https:" ? "; Secure" : "";
+    document.cookie = `__session=${at}; Path=/; SameSite=Lax${secure}; Max-Age=900`;
   }
   return json.user;
 }
@@ -4853,7 +4856,7 @@ function usePasswordToggle() {
 }
 // src/index.ts
-var SDK_VERSION = "0.14.5";
+var SDK_VERSION = "0.14.6";
 exports.AUTH_BASE_PATH = AUTH_BASE_PATH;
 exports.AuthForm = AuthForm;