npm - dauth-context-react - Versions diffs - 4.0.3 → 5.0.0 - Mend

dauth-context-react 4.0.3 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/dist/index.d.mts +3 -6
package/dist/index.d.ts +3 -6
package/dist/index.js +190 -366
package/dist/index.js.map +1 -1
package/dist/index.mjs +191 -368
package/dist/index.mjs.map +1 -1
package/package.json +2 -1
package/src/api/dauth.api.ts +73 -93
package/src/api/interfaces/dauth.api.responses.ts +11 -13
package/src/api/utils/config.ts +3 -11
package/src/api/utils/routes.ts +0 -1
package/src/constants.ts +0 -2
package/src/index.tsx +42 -122
package/src/initialDauthState.ts +0 -1
package/src/interfaces.ts +8 -12
package/src/reducer/dauth.actions.ts +106 -187

package/dist/index.js CHANGED Viewed

@@ -38,7 +38,6 @@ var initialDauthState = {
   },
   logout: () => {
   },
-  getAccessToken: () => Promise.resolve(""),
   updateUser: () => Promise.resolve(false),
   updateUserWithRedirect: () => {
   },
@@ -86,133 +85,80 @@ function userReducer(state, action) {
   }
 }
-// src/api/utils/config.ts
-var apiVersion = "v1";
-var serverDomain = "dauth.ovh";
-var _dauthUrl;
-function setDauthUrl(url) {
-  _dauthUrl = url?.replace(/\/+$/, "");
-}
-function checkIsLocalhost() {
-  if (typeof window === "undefined") return false;
-  const hostname = window.location.hostname;
-  return Boolean(
-    hostname === "localhost" || hostname === "[::1]" || hostname.match(
-      /(192)\.(168)\.(1)\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/gm
-    ) || hostname.match(/^127(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/)
+// src/api/dauth.api.ts
+function getCsrfToken() {
+  const match = document.cookie.match(
+    /(?:^|;\s*)(?:__Host-csrf|csrf-token)=([^;]*)/
   );
+  return match?.[1] ?? "";
 }
-function getServerBasePath() {
-  if (_dauthUrl) return `${_dauthUrl}/api/${apiVersion}`;
-  const isLocalhost = checkIsLocalhost();
-  const serverPort = 4012;
-  const serverLocalUrl = `${window.location.protocol}//${window.location.hostname}:${serverPort}/api/${apiVersion}`;
-  const serverProdUrl = `https://${serverDomain}/api/${apiVersion}`;
-  return isLocalhost ? serverLocalUrl : serverProdUrl;
-}
-function getClientBasePath() {
-  if (_dauthUrl) return _dauthUrl;
-  const isLocalhost = checkIsLocalhost();
-  const clientPort = 5185;
-  const clientLocalUrl = `${window.location.protocol}//${window.location.hostname}:${clientPort}`;
-  const clientProdUrl = `https://${serverDomain}`;
-  return isLocalhost ? clientLocalUrl : clientProdUrl;
+async function exchangeCodeAPI(basePath, code) {
+  const response = await fetch(`${basePath}/exchange-code`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    credentials: "include",
+    body: JSON.stringify({ code })
+  });
+  const data = await response.json();
+  return { response, data };
 }
-// src/api/dauth.api.ts
-var getUserAPI = async (domainName, token) => {
-  const params = {
+async function getSessionAPI(basePath) {
+  const response = await fetch(`${basePath}/session`, {
     method: "GET",
-    headers: {
-      Authorization: token,
-      "Content-Type": "application/json"
-    }
-  };
-  const response = await fetch(
-    `${getServerBasePath()}/app/${domainName}/user`,
-    params
-  );
+    credentials: "include"
+  });
   const data = await response.json();
   return { response, data };
-};
-var updateUserAPI = async (domainName, user, token) => {
-  const params = {
+}
+async function logoutAPI(basePath) {
+  const response = await fetch(`${basePath}/logout`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "X-CSRF-Token": getCsrfToken()
+    },
+    credentials: "include"
+  });
+  return { response };
+}
+async function updateUserAPI(basePath, user) {
+  const response = await fetch(`${basePath}/user`, {
     method: "PATCH",
     headers: {
-      Authorization: token,
-      "Content-Type": "application/json"
+      "Content-Type": "application/json",
+      "X-CSRF-Token": getCsrfToken()
     },
+    credentials: "include",
     body: JSON.stringify(user)
-  };
-  const response = await fetch(
-    `${getServerBasePath()}/app/${domainName}/user`,
-    params
-  );
-  const data = await response.json();
-  return { response, data };
-};
-var refreshTokenAPI = async (domainName, refreshToken) => {
-  const params = {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({ refreshToken })
-  };
-  const response = await fetch(
-    `${getServerBasePath()}/app/${domainName}/refresh-token`,
-    params
-  );
+  });
   const data = await response.json();
   return { response, data };
-};
-var deleteAccountAPI = async (domainName, token) => {
-  const params = {
+}
+async function deleteAccountAPI(basePath) {
+  const response = await fetch(`${basePath}/user`, {
     method: "DELETE",
-    headers: {
-      Authorization: token,
-      "Content-Type": "application/json"
-    }
-  };
-  const response = await fetch(
-    `${getServerBasePath()}/app/${domainName}/user`,
-    params
-  );
+    headers: { "X-CSRF-Token": getCsrfToken() },
+    credentials: "include"
+  });
   const data = await response.json();
   return { response, data };
-};
-var exchangeCodeAPI = async (domainName, code) => {
-  const params = {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({ code })
-  };
+}
+async function profileRedirectAPI(basePath) {
   const response = await fetch(
-    `${getServerBasePath()}/app/${domainName}/exchange-code`,
-    params
+    `${basePath}/profile-redirect`,
+    {
+      method: "GET",
+      headers: { "X-CSRF-Token": getCsrfToken() },
+      credentials: "include"
+    }
   );
   const data = await response.json();
   return { response, data };
-};
-var logoutAPI = async (domainName, refreshToken) => {
-  const params = {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({ refreshToken })
-  };
-  const response = await fetch(
-    `${getServerBasePath()}/app/${domainName}/logout`,
-    params
-  );
-  return { response };
-};
+}
 // src/reducer/dauth.actions.ts
-async function exchangeCodeAction({
-  dispatch,
-  code,
-  domainName,
-  storageKeys,
-  onError
-}) {
+async function exchangeCodeAction(ctx, code) {
+  const { dispatch, authProxyPath, onError } = ctx;
   dispatch({
     type: SET_IS_LOADING,
     payload: { isLoading: true }
@@ -223,31 +169,24 @@ async function exchangeCodeAction({
       document.title,
       window.location.pathname
     );
-    const exchangeResult = await exchangeCodeAPI(domainName, code);
-    if (exchangeResult.response.status !== 200) {
-      return resetUser(dispatch, storageKeys);
-    }
-    const { accessToken, refreshToken } = exchangeResult.data;
-    localStorage.setItem(storageKeys.accessToken, accessToken);
-    localStorage.setItem(storageKeys.refreshToken, refreshToken);
-    const getUserFetch = await getUserAPI(domainName, accessToken);
-    if (getUserFetch.response.status === 200) {
+    const result = await exchangeCodeAPI(authProxyPath, code);
+    if (result.response.status === 200) {
       dispatch({
         type: LOGIN,
         payload: {
-          user: getUserFetch.data.user,
-          domain: getUserFetch.data.domain,
+          user: result.data.user,
+          domain: result.data.domain,
           isAuthenticated: true
         }
       });
       return;
     }
-    return resetUser(dispatch, storageKeys);
+    resetUser(dispatch);
   } catch (error) {
     onError(
       error instanceof Error ? error : new Error(String(error))
     );
-    return resetUser(dispatch, storageKeys);
+    resetUser(dispatch);
   } finally {
     dispatch({
       type: SET_IS_LOADING,
@@ -255,45 +194,31 @@ async function exchangeCodeAction({
     });
   }
 }
-async function setAutoLoginAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError
-}) {
-  dispatch({ type: SET_IS_LOADING, payload: { isLoading: true } });
-  const storedRefreshToken = localStorage.getItem(storageKeys.refreshToken);
-  if (!storedRefreshToken) {
-    dispatch({
-      type: SET_IS_LOADING,
-      payload: { isLoading: false }
-    });
-    return resetUser(dispatch, storageKeys);
-  }
+async function autoLoginAction(ctx) {
+  const { dispatch, authProxyPath, onError } = ctx;
+  dispatch({
+    type: SET_IS_LOADING,
+    payload: { isLoading: true }
+  });
   try {
-    const refreshResult = await refreshTokenAPI(domainName, storedRefreshToken);
-    if (refreshResult.response.status === 200) {
-      const newAccessToken = refreshResult.data.accessToken;
-      const newRefreshToken = refreshResult.data.refreshToken;
-      localStorage.setItem(storageKeys.accessToken, newAccessToken);
-      localStorage.setItem(storageKeys.refreshToken, newRefreshToken);
-      const getUserFetch = await getUserAPI(domainName, newAccessToken);
-      if (getUserFetch.response.status === 200) {
-        dispatch({
-          type: LOGIN,
-          payload: {
-            user: getUserFetch.data.user,
-            domain: getUserFetch.data.domain,
-            isAuthenticated: true
-          }
-        });
-        return;
-      }
+    const result = await getSessionAPI(authProxyPath);
+    if (result.response.status === 200) {
+      dispatch({
+        type: LOGIN,
+        payload: {
+          user: result.data.user,
+          domain: result.data.domain,
+          isAuthenticated: true
+        }
+      });
+      return;
     }
-    resetUser(dispatch, storageKeys);
+    resetUser(dispatch);
   } catch (error) {
-    onError(error instanceof Error ? error : new Error(String(error)));
-    resetUser(dispatch, storageKeys);
+    onError(
+      error instanceof Error ? error : new Error(String(error))
+    );
+    resetUser(dispatch);
   } finally {
     dispatch({
       type: SET_IS_LOADING,
@@ -301,19 +226,16 @@ async function setAutoLoginAction({
     });
   }
 }
-async function setLogoutAction({
-  dispatch,
-  domainName,
-  storageKeys
-}) {
-  const storedRefreshToken = localStorage.getItem(storageKeys.refreshToken);
-  if (storedRefreshToken && domainName) {
-    try {
-      await logoutAPI(domainName, storedRefreshToken);
-    } catch (_) {
-    }
+async function logoutAction(ctx) {
+  const { dispatch, authProxyPath } = ctx;
+  try {
+    await logoutAPI(authProxyPath);
+  } catch {
   }
-  dispatch({ type: SET_IS_LOADING, payload: { isLoading: true } });
+  dispatch({
+    type: SET_IS_LOADING,
+    payload: { isLoading: true }
+  });
   dispatch({
     type: LOGIN,
     payload: {
@@ -324,126 +246,73 @@ async function setLogoutAction({
       isAuthenticated: false
     }
   });
-  localStorage.removeItem(storageKeys.accessToken);
-  localStorage.removeItem(storageKeys.refreshToken);
-  return dispatch({
+  dispatch({
     type: SET_IS_LOADING,
     payload: { isLoading: false }
   });
 }
-async function refreshSessionAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError
-}) {
-  const storedRefreshToken = localStorage.getItem(storageKeys.refreshToken);
-  if (!storedRefreshToken) {
-    return resetUser(dispatch, storageKeys);
-  }
-  try {
-    const refreshResult = await refreshTokenAPI(domainName, storedRefreshToken);
-    if (refreshResult.response.status === 200) {
-      localStorage.setItem(
-        storageKeys.accessToken,
-        refreshResult.data.accessToken
-      );
-      localStorage.setItem(
-        storageKeys.refreshToken,
-        refreshResult.data.refreshToken
-      );
-      return;
-    }
-    resetUser(dispatch, storageKeys);
-  } catch (error) {
-    onError(error instanceof Error ? error : new Error(String(error)));
-    resetUser(dispatch, storageKeys);
-  }
-}
-async function setUpdateUserAction({
-  dispatch,
-  domainName,
-  user,
-  token,
-  onError
-}) {
+async function updateUserAction(ctx, user) {
+  const { dispatch, authProxyPath, onError } = ctx;
   if (user.language) {
-    window.document.documentElement.setAttribute("lang", user.language);
-  }
-  if (!token) {
-    dispatch({
-      type: UPDATE_USER,
-      payload: user
-    });
-    return false;
+    window.document.documentElement.setAttribute(
+      "lang",
+      user.language
+    );
   }
   try {
-    const getUserFetch = await updateUserAPI(domainName, user, token);
-    if (getUserFetch.response.status === 200) {
+    const result = await updateUserAPI(authProxyPath, user);
+    if (result.response.status === 200) {
       dispatch({
         type: UPDATE_USER,
-        payload: getUserFetch.data.user
+        payload: result.data.user
       });
       return true;
-    } else {
-      onError(new Error("Update user error: " + getUserFetch.data.message));
-      return false;
     }
+    onError(
+      new Error("Update user error: " + result.data.message)
+    );
+    return false;
   } catch (error) {
-    onError(error instanceof Error ? error : new Error("Update user error"));
+    onError(
+      error instanceof Error ? error : new Error("Update user error")
+    );
     return false;
   }
 }
-async function getAccessTokenAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError
-}) {
-  const token_ls = localStorage.getItem(storageKeys.accessToken);
-  if (!token_ls) return "token-not-found";
+async function updateUserWithRedirectAction(ctx) {
+  const { authProxyPath, onError } = ctx;
   try {
-    const payloadB64 = token_ls.split(".")[1];
-    if (payloadB64) {
-      const payload = JSON.parse(atob(payloadB64));
-      const expiresIn = (payload.exp || 0) * 1e3 - Date.now();
-      if (expiresIn < 5 * 60 * 1e3) {
-        await refreshSessionAction({
-          dispatch,
-          domainName,
-          storageKeys,
-          onError
-        });
-        const refreshedToken = localStorage.getItem(storageKeys.accessToken);
-        return refreshedToken || "token-not-found";
-      }
+    const result = await profileRedirectAPI(authProxyPath);
+    if (result.response.status === 200 && result.data.redirectUrl) {
+      window.location.replace(result.data.redirectUrl);
+      return;
     }
-  } catch (_) {
+    onError(
+      new Error("Could not generate profile redirect")
+    );
+  } catch (error) {
+    onError(
+      error instanceof Error ? error : new Error("Profile redirect error")
+    );
   }
-  return token_ls;
 }
-async function deleteAccountAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError,
-  token
-}) {
+async function deleteAccountAction(ctx) {
+  const { dispatch, authProxyPath, onError } = ctx;
   try {
-    const result = await deleteAccountAPI(domainName, token);
+    const result = await deleteAccountAPI(authProxyPath);
     if (result.response.status === 200) {
-      resetUser(dispatch, storageKeys);
+      resetUser(dispatch);
       return true;
     }
     return false;
   } catch (error) {
-    onError(error instanceof Error ? error : new Error("Delete account error"));
+    onError(
+      error instanceof Error ? error : new Error("Delete account error")
+    );
     return false;
   }
 }
-var resetUser = (dispatch, storageKeys) => {
-  localStorage.removeItem(storageKeys.accessToken);
-  localStorage.removeItem(storageKeys.refreshToken);
+var resetUser = (dispatch) => {
   return dispatch({
     type: LOGIN,
     payload: {
@@ -454,118 +323,87 @@ var resetUser = (dispatch, storageKeys) => {
   });
 };
+// src/api/utils/config.ts
+var serverDomain = "dauth.ovh";
+var _dauthUrl;
+function setDauthUrl(url) {
+  _dauthUrl = url?.replace(/\/+$/, "");
+}
+function checkIsLocalhost() {
+  if (typeof window === "undefined") return false;
+  const hostname = window.location.hostname;
+  return Boolean(
+    hostname === "localhost" || hostname === "[::1]" || hostname.match(
+      /(192)\.(168)\.(1)\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/gm
+    ) || hostname.match(
+      /^127(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/
+    )
+  );
+}
+function getClientBasePath() {
+  if (_dauthUrl) return _dauthUrl;
+  const isLocalhost = checkIsLocalhost();
+  const clientPort = 5185;
+  const clientLocalUrl = `${window.location.protocol}//${window.location.hostname}:${clientPort}`;
+  const clientProdUrl = `https://${serverDomain}`;
+  return isLocalhost ? clientLocalUrl : clientProdUrl;
+}
 // src/constants.ts
-var TOKEN_LS = "dauth_state";
-var REFRESH_TOKEN_LS = "dauth_refresh_token";
 var AUTH_CODE_PARAM = "code";
 // src/api/utils/routes.ts
 var routes = {
-  signin: "signin",
-  updateUser: "update-user"
+  signin: "signin"
 };
 // src/index.tsx
 var import_jsx_runtime = require("react/jsx-runtime");
 var defaultOnError = (error) => console.error(error);
 var DauthProvider = (props) => {
-  const { domainName, children, storageKey, onError, env, dauthUrl } = props;
-  const [dauthState, dispatch] = (0, import_react.useReducer)(userReducer, initialDauthState_default);
-  const refreshTimerRef = (0, import_react.useRef)(null);
+  const {
+    domainName,
+    children,
+    authProxyPath = "/api/auth",
+    onError,
+    env,
+    dauthUrl
+  } = props;
+  const [dauthState, dispatch] = (0, import_react.useReducer)(
+    userReducer,
+    initialDauthState_default
+  );
   (0, import_react.useEffect)(() => {
     setDauthUrl(dauthUrl);
   }, [dauthUrl]);
-  const storageKeys = (0, import_react.useMemo)(
-    () => ({
-      accessToken: storageKey?.accessToken ?? TOKEN_LS,
-      refreshToken: storageKey?.refreshToken ?? REFRESH_TOKEN_LS
-    }),
-    [storageKey?.accessToken, storageKey?.refreshToken]
-  );
   const handleError = (0, import_react.useCallback)(
     (error) => (onError ?? defaultOnError)(error),
     [onError]
   );
   const ctx = (0, import_react.useMemo)(
-    () => ({ dispatch, domainName, storageKeys, onError: handleError }),
-    [domainName, storageKeys, handleError]
+    () => ({ dispatch, authProxyPath, onError: handleError }),
+    [authProxyPath, handleError]
   );
-  const scheduleRefresh = (0, import_react.useCallback)(() => {
-    if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    const token = localStorage.getItem(storageKeys.accessToken);
-    if (!token) return;
-    try {
-      const payloadB64 = token.split(".")[1];
-      if (!payloadB64) return;
-      const payload = JSON.parse(atob(payloadB64));
-      const expiresIn = (payload.exp || 0) * 1e3 - Date.now();
-      const refreshIn = Math.max(expiresIn - 5 * 60 * 1e3, 1e4);
-      refreshTimerRef.current = setTimeout(async () => {
-        await refreshSessionAction(ctx);
-        scheduleRefresh();
-      }, refreshIn);
-    } catch (_) {
-      refreshTimerRef.current = setTimeout(
-        async () => {
-          await refreshSessionAction(ctx);
-          scheduleRefresh();
-        },
-        5 * 60 * 1e3
-      );
-    }
-  }, [ctx, storageKeys.accessToken]);
   (0, import_react.useEffect)(() => {
-    (async () => {
-      const queryString = window.location.search;
-      if (!queryString) return;
-      const urlParams = new URLSearchParams(queryString);
-      const code = urlParams.get(AUTH_CODE_PARAM);
-      if (code && !dauthState.isAuthenticated) {
-        return exchangeCodeAction({ ...ctx, code });
-      }
-    })();
-  }, []);
-  (0, import_react.useEffect)(() => {
-    (async () => {
-      const refreshToken = localStorage.getItem(storageKeys.refreshToken);
-      if (refreshToken && !dauthState.isAuthenticated) {
-        return setAutoLoginAction(ctx);
-      } else {
-        return dispatch({
-          type: SET_IS_LOADING,
-          payload: { isLoading: false }
-        });
-      }
-    })();
-  }, []);
-  (0, import_react.useEffect)(() => {
-    if (dauthState.isAuthenticated) {
-      scheduleRefresh();
+    const params = new URLSearchParams(window.location.search);
+    const code = params.get(AUTH_CODE_PARAM);
+    if (code) {
+      exchangeCodeAction(ctx, code);
+    } else {
+      autoLoginAction(ctx);
     }
-    return () => {
-      if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    };
-  }, [dauthState.isAuthenticated, scheduleRefresh]);
+  }, []);
   const loginWithRedirect = (0, import_react.useCallback)(() => {
     const base = `${getClientBasePath()}/${domainName}/${routes.signin}`;
     const url = env ? `${base}?env=${encodeURIComponent(env)}` : base;
     return window.location.replace(url);
   }, [domainName, env]);
-  const logout = (0, import_react.useCallback)(() => {
-    if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    return setLogoutAction({
-      dispatch,
-      domainName,
-      storageKeys
-    });
-  }, [domainName, storageKeys]);
-  const getAccessToken = (0, import_react.useCallback)(async () => {
-    const token = await getAccessTokenAction(ctx);
-    return token;
-  }, [ctx]);
+  const logout = (0, import_react.useCallback)(
+    () => logoutAction(ctx),
+    [ctx]
+  );
   const updateUser = (0, import_react.useCallback)(
     async (fields) => {
-      const token_ls = localStorage.getItem(storageKeys.accessToken);
       const {
         name,
         lastname,
@@ -590,36 +428,23 @@ var DauthProvider = (props) => {
         country,
         metadata
       };
-      return await setUpdateUserAction({
-        ...ctx,
-        user,
-        token: token_ls
-      });
+      return updateUserAction(ctx, user);
     },
-    [ctx, storageKeys.accessToken]
+    [ctx]
+  );
+  const updateUserWithRedirect = (0, import_react.useCallback)(
+    () => updateUserWithRedirectAction(ctx),
+    [ctx]
+  );
+  const deleteAccount = (0, import_react.useCallback)(
+    () => deleteAccountAction(ctx),
+    [ctx]
   );
-  const updateUserWithRedirect = (0, import_react.useCallback)(() => {
-    const token_ls = localStorage.getItem(storageKeys.accessToken);
-    if (!token_ls) return;
-    return window.location.replace(
-      `${getClientBasePath()}/${domainName}/${routes.updateUser}/${token_ls}`
-    );
-  }, [domainName, storageKeys.accessToken]);
-  const deleteAccount = (0, import_react.useCallback)(async () => {
-    const token_ls = localStorage.getItem(storageKeys.accessToken);
-    if (!token_ls) return false;
-    if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    return await deleteAccountAction({
-      ...ctx,
-      token: token_ls
-    });
-  }, [ctx, storageKeys.accessToken]);
   const memoProvider = (0, import_react.useMemo)(
     () => ({
       ...dauthState,
       loginWithRedirect,
       logout,
-      getAccessToken,
       updateUser,
       updateUserWithRedirect,
       deleteAccount
@@ -628,7 +453,6 @@ var DauthProvider = (props) => {
       dauthState,
       loginWithRedirect,
       logout,
-      getAccessToken,
       updateUser,
       updateUserWithRedirect,
       deleteAccount