npm - dauth-context-react - Versions diffs - 1.0.2 → 2.0.0 - Mend

dauth-context-react 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/api/dauth.api.d.ts +5 -6
package/dist/api/interfaces/dauth.api.responses.d.ts +3 -3
package/dist/constants.d.ts +1 -0
package/dist/dauth-context-react.cjs.development.js +564 -805
package/dist/dauth-context-react.cjs.development.js.map +1 -1
package/dist/dauth-context-react.cjs.production.min.js +1 -1
package/dist/dauth-context-react.cjs.production.min.js.map +1 -1
package/dist/dauth-context-react.esm.js +565 -806
package/dist/dauth-context-react.esm.js.map +1 -1
package/dist/index.d.ts +0 -1
package/dist/reducer/dauth.actions.d.ts +11 -11
package/package.json +1 -1
package/src/api/dauth.api.ts +24 -16
package/src/api/interfaces/dauth.api.responses.ts +3 -3
package/src/constants.ts +1 -0
package/src/index.tsx +53 -71
package/src/reducer/dauth.actions.ts +83 -83

package/src/reducer/dauth.actions.ts CHANGED Viewed

@@ -1,23 +1,24 @@
 import {
   getUserAPI,
-  refreshAccessTokenAPI,
+  logoutAPI,
+  refreshTokenAPI,
   sendEmailVerificationAPI,
   updateUserAPI,
 } from '../api/dauth.api';
-import { getClientBasePath } from '../api/utils/config';
-import { TOKEN_LS } from '../constants';
+import { TOKEN_LS, REFRESH_TOKEN_LS } from '../constants';
 import { IDauthDomainState, IDauthUser } from '../interfaces';
-import { routes } from '../api/utils/routes';
 import * as DauthTypes from './dauth.types';
 type TSetDauthStateAction = {
   dispatch: React.Dispatch<any>;
   token: string;
+  refreshToken: string;
   domainName: string;
 };
 export async function setDauthStateAction({
   dispatch,
   token,
+  refreshToken,
   domainName,
 }: TSetDauthStateAction) {
   dispatch({ type: DauthTypes.SET_IS_LOADING, payload: { isLoading: true } });
@@ -32,12 +33,10 @@ export async function setDauthStateAction({
           isAuthenticated: true,
         },
       });
-      window.history.replaceState(
-        {},
-        document.title,
-        getUserFetch.data.domain.loginRedirect
-      );
-      return localStorage.setItem(TOKEN_LS, token);
+      window.history.replaceState({}, document.title, window.location.pathname);
+      localStorage.setItem(TOKEN_LS, token);
+      localStorage.setItem(REFRESH_TOKEN_LS, refreshToken);
+      return;
     } else {
       return resetUser(dispatch);
     }
@@ -54,23 +53,29 @@ export async function setDauthStateAction({
 type TSetAutoLoginAction = {
   dispatch: React.Dispatch<any>;
-  token_ls: string;
   domainName: string;
 };
 export async function setAutoLoginAction({
   dispatch,
-  token_ls,
   domainName,
 }: TSetAutoLoginAction) {
   dispatch({ type: DauthTypes.SET_IS_LOADING, payload: { isLoading: true } });
+  const storedRefreshToken = localStorage.getItem(REFRESH_TOKEN_LS);
+  if (!storedRefreshToken) {
+    dispatch({
+      type: DauthTypes.SET_IS_LOADING,
+      payload: { isLoading: false },
+    });
+    return resetUser(dispatch);
+  }
   try {
-    const refreshAccessTokenFetch = await refreshAccessTokenAPI(
-      domainName,
-      token_ls
-    );
-    if (refreshAccessTokenFetch.response.status === 200) {
-      const newToken = refreshAccessTokenFetch.data.accessToken || token_ls;
-      const getUserFetch = await getUserAPI(domainName, newToken);
+    const refreshResult = await refreshTokenAPI(domainName, storedRefreshToken);
+    if (refreshResult.response.status === 200) {
+      const newAccessToken = refreshResult.data.accessToken;
+      const newRefreshToken = refreshResult.data.refreshToken;
+      localStorage.setItem(TOKEN_LS, newAccessToken);
+      localStorage.setItem(REFRESH_TOKEN_LS, newRefreshToken);
+      const getUserFetch = await getUserAPI(domainName, newAccessToken);
       if (getUserFetch.response.status === 200) {
         dispatch({
           type: DauthTypes.LOGIN,
@@ -80,26 +85,14 @@ export async function setAutoLoginAction({
             isAuthenticated: true,
           },
         });
-        localStorage.setItem(
-          TOKEN_LS,
-          refreshAccessTokenFetch.data.accessToken
-        );
         return;
-      } else {
-        window.location.replace(
-          `${getClientBasePath()}/${domainName}/${routes.signin}`
-        );
-        return resetUser(dispatch);
       }
-    } else {
-      window.location.replace(
-        `${getClientBasePath()}/${domainName}/${routes.signin}`
-      );
-      return resetUser(dispatch);
     }
+    // Refresh failed — session expired
+    resetUser(dispatch);
   } catch (error) {
     console.error(error);
-    return resetUser(dispatch);
+    resetUser(dispatch);
   } finally {
     dispatch({
       type: DauthTypes.SET_IS_LOADING,
@@ -108,29 +101,67 @@ export async function setAutoLoginAction({
   }
 }
-export function setLogoutAction({
+export async function setLogoutAction({
   dispatch,
+  domainName,
 }: {
   dispatch: React.Dispatch<any>;
+  domainName: string;
 }) {
+  const storedRefreshToken = localStorage.getItem(REFRESH_TOKEN_LS);
+  if (storedRefreshToken && domainName) {
+    try {
+      await logoutAPI(domainName, storedRefreshToken);
+    } catch (_) {
+      // Best-effort server-side logout
+    }
+  }
   dispatch({ type: DauthTypes.SET_IS_LOADING, payload: { isLoading: true } });
   dispatch({
     type: DauthTypes.LOGIN,
     payload: {
       user: {
-        language: window.document.documentElement.getAttribute('lang') || 'es',
+        language:
+          window.document.documentElement.getAttribute('lang') || 'es',
       },
       domain: {},
       isAuthenticated: false,
     },
   });
   localStorage.removeItem(TOKEN_LS);
+  localStorage.removeItem(REFRESH_TOKEN_LS);
   return dispatch({
     type: DauthTypes.SET_IS_LOADING,
     payload: { isLoading: false },
   });
 }
+export async function refreshSessionAction({
+  dispatch,
+  domainName,
+}: {
+  dispatch: React.Dispatch<any>;
+  domainName: string;
+}) {
+  const storedRefreshToken = localStorage.getItem(REFRESH_TOKEN_LS);
+  if (!storedRefreshToken) {
+    return resetUser(dispatch);
+  }
+  try {
+    const refreshResult = await refreshTokenAPI(domainName, storedRefreshToken);
+    if (refreshResult.response.status === 200) {
+      localStorage.setItem(TOKEN_LS, refreshResult.data.accessToken);
+      localStorage.setItem(REFRESH_TOKEN_LS, refreshResult.data.refreshToken);
+      return;
+    }
+    // Refresh failed — revoked or expired
+    resetUser(dispatch);
+  } catch (error) {
+    console.error(error);
+    resetUser(dispatch);
+  }
+}
 type TSetUpdateAction = {
   dispatch: React.Dispatch<any>;
   domainName: string;
@@ -228,40 +259,6 @@ export async function sendEmailVerificationAction({
   }
 }
-export async function checkTokenAction({
-  dispatch,
-  domainName,
-  token,
-}: {
-  dispatch: React.Dispatch<any>;
-  domainName: string;
-  token: string;
-}) {
-  try {
-    const refreshAccessTokenFetch = await refreshAccessTokenAPI(
-      domainName,
-      token
-    );
-    if (refreshAccessTokenFetch.response.status === 200) {
-      if (refreshAccessTokenFetch.data.accessToken) {
-        localStorage.setItem(
-          TOKEN_LS,
-          refreshAccessTokenFetch.data.accessToken
-        );
-      }
-      return;
-    } else {
-      window.location.replace(
-        `${getClientBasePath()}/${domainName}/${routes.signin}`
-      );
-      return resetUser(dispatch);
-    }
-  } catch (error) {
-    resetUser(dispatch);
-    throw error;
-  }
-}
 export async function getAccessTokenAction({
   dispatch,
   domainName,
@@ -270,28 +267,31 @@ export async function getAccessTokenAction({
   domainName: string;
 }) {
   const token_ls = localStorage.getItem(TOKEN_LS);
-  if (!token_ls) return;
+  if (!token_ls) return 'token-not-found';
+  // Decode JWT to check expiry (without verification — that's the server's job)
   try {
-    const refreshAccessTokenFetch = await refreshAccessTokenAPI(
-      domainName,
-      token_ls
-    );
-    if (refreshAccessTokenFetch.response.status === 200) {
-      return refreshAccessTokenFetch.data.accessToken ?? token_ls;
-    } else {
-      resetUser(dispatch);
-      return 'token-not-found';
+    const payloadB64 = token_ls.split('.')[1];
+    if (payloadB64) {
+      const payload = JSON.parse(atob(payloadB64));
+      const expiresIn = (payload.exp || 0) * 1000 - Date.now();
+      // If token expires in less than 5 minutes, refresh proactively
+      if (expiresIn < 5 * 60 * 1000) {
+        await refreshSessionAction({ dispatch, domainName });
+        const refreshedToken = localStorage.getItem(TOKEN_LS);
+        return refreshedToken || 'token-not-found';
+      }
     }
-  } catch (error) {
-    resetUser(dispatch);
-    throw error;
+  } catch (_) {
+    // If decode fails, return stored token and let server validate
   }
+  return token_ls;
 }
 ///////////////////////////////////////////
 //////////////////////////////////////////
 export const resetUser = (dispatch: React.Dispatch<any>) => {
   localStorage.removeItem(TOKEN_LS);
+  localStorage.removeItem(REFRESH_TOKEN_LS);
   return dispatch({
     type: DauthTypes.LOGIN,
     payload: {