npm - dauth-context-react - Versions diffs - 4.0.3 → 5.0.0 - Mend

dauth-context-react 4.0.3 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/dist/index.d.mts +3 -6
package/dist/index.d.ts +3 -6
package/dist/index.js +190 -366
package/dist/index.js.map +1 -1
package/dist/index.mjs +191 -368
package/dist/index.mjs.map +1 -1
package/package.json +2 -1
package/src/api/dauth.api.ts +73 -93
package/src/api/interfaces/dauth.api.responses.ts +11 -13
package/src/api/utils/config.ts +3 -11
package/src/api/utils/routes.ts +0 -1
package/src/constants.ts +0 -2
package/src/index.tsx +42 -122
package/src/initialDauthState.ts +0 -1
package/src/interfaces.ts +8 -12
package/src/reducer/dauth.actions.ts +106 -187

package/src/index.tsx CHANGED Viewed

@@ -5,21 +5,18 @@ import React, {
   useCallback,
   createContext,
   useContext,
-  useRef,
 } from 'react';
 import initialDauthState from './initialDauthState';
 import userReducer from './reducer/dauth.reducer';
 import * as action from './reducer/dauth.actions';
 import { getClientBasePath, setDauthUrl } from './api/utils/config';
-import { TOKEN_LS, REFRESH_TOKEN_LS, AUTH_CODE_PARAM } from './constants';
+import { AUTH_CODE_PARAM } from './constants';
 import { routes } from './api/utils/routes';
 import type {
   IDauthProviderProps,
-  IDauthStorageKeys,
-  IDauthUser,
   IDauthAuthMethods,
+  IDauthUser,
 } from './interfaces';
-import { SET_IS_LOADING } from './reducer/dauth.types';
 export type { IDauthProviderProps, IDauthAuthMethods };
@@ -28,123 +25,60 @@ const defaultOnError = (error: Error) => console.error(error);
 export const DauthProvider: React.FC<IDauthProviderProps> = (
   props: IDauthProviderProps
 ) => {
-  const { domainName, children, storageKey, onError, env, dauthUrl } = props;
-  const [dauthState, dispatch] = useReducer(userReducer, initialDauthState);
-  const refreshTimerRef = useRef<ReturnType<typeof setTimeout> | null>(null);
+  const {
+    domainName,
+    children,
+    authProxyPath = '/api/auth',
+    onError,
+    env,
+    dauthUrl,
+  } = props;
+  const [dauthState, dispatch] = useReducer(
+    userReducer,
+    initialDauthState
+  );
   // Configure custom dauth URL before any API calls
   useEffect(() => {
     setDauthUrl(dauthUrl);
   }, [dauthUrl]);
-  const storageKeys: IDauthStorageKeys = useMemo(
-    () => ({
-      accessToken: storageKey?.accessToken ?? TOKEN_LS,
-      refreshToken: storageKey?.refreshToken ?? REFRESH_TOKEN_LS,
-    }),
-    [storageKey?.accessToken, storageKey?.refreshToken]
-  );
   const handleError = useCallback(
     (error: Error) => (onError ?? defaultOnError)(error),
     [onError]
   );
-  // Build action context
   const ctx = useMemo(
-    () => ({ dispatch, domainName, storageKeys, onError: handleError }),
-    [domainName, storageKeys, handleError]
+    () => ({ dispatch, authProxyPath, onError: handleError }),
+    [authProxyPath, handleError]
   );
-  // Schedule next proactive refresh based on access token expiry
-  const scheduleRefresh = useCallback(() => {
-    if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    const token = localStorage.getItem(storageKeys.accessToken);
-    if (!token) return;
-    try {
-      const payloadB64 = token.split('.')[1];
-      if (!payloadB64) return;
-      const payload = JSON.parse(atob(payloadB64));
-      const expiresIn = (payload.exp || 0) * 1000 - Date.now();
-      // Refresh 5 minutes before expiry, minimum 10 seconds
-      const refreshIn = Math.max(expiresIn - 5 * 60 * 1000, 10_000);
-      refreshTimerRef.current = setTimeout(async () => {
-        await action.refreshSessionAction(ctx);
-        scheduleRefresh();
-      }, refreshIn);
-    } catch (_) {
-      // If decode fails, retry in 5 minutes
-      refreshTimerRef.current = setTimeout(
-        async () => {
-          await action.refreshSessionAction(ctx);
-          scheduleRefresh();
-        },
-        5 * 60 * 1000
-      );
-    }
-  }, [ctx, storageKeys.accessToken]);
-  // Catch login redirect — exchange authorization code for tokens
+  // On mount: exchange code or auto-login via session cookie
   useEffect(() => {
-    (async () => {
-      const queryString = window.location.search;
-      if (!queryString) return;
-      const urlParams = new URLSearchParams(queryString);
-      const code = urlParams.get(AUTH_CODE_PARAM);
-      if (code && !dauthState.isAuthenticated) {
-        return action.exchangeCodeAction({ ...ctx, code });
-      }
-    })();
-  }, []);
-  // Auto Login
-  useEffect(() => {
-    (async () => {
-      const refreshToken = localStorage.getItem(storageKeys.refreshToken);
-      if (refreshToken && !dauthState.isAuthenticated) {
-        return action.setAutoLoginAction(ctx);
-      } else {
-        return dispatch({
-          type: SET_IS_LOADING,
-          payload: { isLoading: false },
-        });
-      }
-    })();
-  }, []);
-  // Schedule proactive refresh when authenticated
-  useEffect(() => {
-    if (dauthState.isAuthenticated) {
-      scheduleRefresh();
+    const params = new URLSearchParams(window.location.search);
+    const code = params.get(AUTH_CODE_PARAM);
+    if (code) {
+      action.exchangeCodeAction(ctx, code);
+    } else {
+      action.autoLoginAction(ctx);
     }
-    return () => {
-      if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    };
-  }, [dauthState.isAuthenticated, scheduleRefresh]);
+  }, []);
   const loginWithRedirect = useCallback(() => {
     const base = `${getClientBasePath()}/${domainName}/${routes.signin}`;
-    const url = env ? `${base}?env=${encodeURIComponent(env)}` : base;
+    const url = env
+      ? `${base}?env=${encodeURIComponent(env)}`
+      : base;
     return window.location.replace(url);
   }, [domainName, env]);
-  const logout = useCallback(() => {
-    if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    return action.setLogoutAction({
-      dispatch,
-      domainName,
-      storageKeys,
-    });
-  }, [domainName, storageKeys]);
-  const getAccessToken = useCallback(async () => {
-    const token = await action.getAccessTokenAction(ctx);
-    return token as string;
-  }, [ctx]);
+  const logout = useCallback(
+    () => action.logoutAction(ctx),
+    [ctx]
+  );
   const updateUser = useCallback(
     async (fields: Partial<IDauthUser>) => {
-      const token_ls = localStorage.getItem(storageKeys.accessToken);
       const {
         name,
         lastname,
@@ -169,39 +103,26 @@ export const DauthProvider: React.FC<IDauthProviderProps> = (
         country,
         metadata,
       } as Partial<IDauthUser>;
-      return (await action.setUpdateUserAction({
-        ...ctx,
-        user,
-        token: token_ls,
-      })) as boolean;
+      return action.updateUserAction(ctx, user);
     },
-    [ctx, storageKeys.accessToken]
+    [ctx]
   );
-  const updateUserWithRedirect = useCallback(() => {
-    const token_ls = localStorage.getItem(storageKeys.accessToken);
-    if (!token_ls) return;
-    return window.location.replace(
-      `${getClientBasePath()}/${domainName}/${routes.updateUser}/${token_ls}`
-    );
-  }, [domainName, storageKeys.accessToken]);
-  const deleteAccount = useCallback(async () => {
-    const token_ls = localStorage.getItem(storageKeys.accessToken);
-    if (!token_ls) return false;
-    if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
-    return (await action.deleteAccountAction({
-      ...ctx,
-      token: token_ls,
-    })) as boolean;
-  }, [ctx, storageKeys.accessToken]);
+  const updateUserWithRedirect = useCallback(
+    () => action.updateUserWithRedirectAction(ctx),
+    [ctx]
+  );
+  const deleteAccount = useCallback(
+    () => action.deleteAccountAction(ctx),
+    [ctx]
+  );
   const memoProvider = useMemo(
     () => ({
       ...dauthState,
       loginWithRedirect,
       logout,
-      getAccessToken,
       updateUser,
       updateUserWithRedirect,
       deleteAccount,
@@ -210,7 +131,6 @@ export const DauthProvider: React.FC<IDauthProviderProps> = (
       dauthState,
       loginWithRedirect,
       logout,
-      getAccessToken,
       updateUser,
       updateUserWithRedirect,
       deleteAccount,

package/src/initialDauthState.ts CHANGED Viewed

@@ -12,7 +12,6 @@ const initialDauthState: IDauthState = {
   isAuthenticated: false,
   loginWithRedirect: () => {},
   logout: () => {},
-  getAccessToken: () => Promise.resolve(''),
   updateUser: () => Promise.resolve(false),
   updateUserWithRedirect: () => {},
   deleteAccount: () => Promise.resolve(false),

package/src/interfaces.ts CHANGED Viewed

@@ -46,7 +46,6 @@ export interface IDauthState {
   isAuthenticated: boolean;
   loginWithRedirect: () => void;
   logout: () => void;
-  getAccessToken: () => Promise<string>;
   updateUser: (fields: Partial<IDauthUser>) => Promise<boolean>;
   updateUserWithRedirect: () => void;
   deleteAccount: () => Promise<boolean>;
@@ -56,22 +55,19 @@ export interface IActionStatus {
   type: TStatusTypes;
   message: string;
 }
-export type TStatusTypes = 'success' | 'error' | 'info' | 'warning';
-export interface IDauthStorageKeys {
-  accessToken: string;
-  refreshToken: string;
-}
+export type TStatusTypes =
+  | 'success'
+  | 'error'
+  | 'info'
+  | 'warning';
 export interface IDauthProviderProps {
   domainName: string;
   children: React.ReactNode;
-  storageKey?: {
-    accessToken?: string;
-    refreshToken?: string;
-  };
+  /** Base path of the auth proxy on the consumer backend. Default: '/api/auth'. */
+  authProxyPath?: string;
   onError?: (error: Error) => void;
   env?: string;
-  /** Override the dauth server URL (e.g. 'https://dev.dauth.ovh' for staging) */
+  /** Override the dauth frontend URL for loginWithRedirect (e.g. 'https://dev.dauth.ovh' for staging) */
   dauthUrl?: string;
 }

package/src/reducer/dauth.actions.ts CHANGED Viewed

@@ -1,33 +1,25 @@
 import {
-  deleteAccountAPI,
   exchangeCodeAPI,
-  getUserAPI,
+  getSessionAPI,
   logoutAPI,
-  refreshTokenAPI,
   updateUserAPI,
+  deleteAccountAPI,
+  profileRedirectAPI,
 } from '../api/dauth.api';
-import {
-  IDauthDomainState,
-  IDauthStorageKeys,
-  IDauthUser,
-} from '../interfaces';
+import { IDauthDomainState, IDauthUser } from '../interfaces';
 import * as DauthTypes from './dauth.types';
 export interface ActionContext {
   dispatch: React.Dispatch<any>;
-  domainName: string;
-  storageKeys: IDauthStorageKeys;
+  authProxyPath: string;
   onError: (error: Error) => void;
 }
-type TExchangeCodeAction = ActionContext & { code: string };
-export async function exchangeCodeAction({
-  dispatch,
-  code,
-  domainName,
-  storageKeys,
-  onError,
-}: TExchangeCodeAction) {
+export async function exchangeCodeAction(
+  ctx: ActionContext,
+  code: string
+) {
+  const { dispatch, authProxyPath, onError } = ctx;
   dispatch({
     type: DauthTypes.SET_IS_LOADING,
     payload: { isLoading: true },
@@ -39,31 +31,24 @@ export async function exchangeCodeAction({
       document.title,
       window.location.pathname
     );
-    const exchangeResult = await exchangeCodeAPI(domainName, code);
-    if (exchangeResult.response.status !== 200) {
-      return resetUser(dispatch, storageKeys);
-    }
-    const { accessToken, refreshToken } = exchangeResult.data;
-    localStorage.setItem(storageKeys.accessToken, accessToken);
-    localStorage.setItem(storageKeys.refreshToken, refreshToken);
-    const getUserFetch = await getUserAPI(domainName, accessToken);
-    if (getUserFetch.response.status === 200) {
+    const result = await exchangeCodeAPI(authProxyPath, code);
+    if (result.response.status === 200) {
       dispatch({
         type: DauthTypes.LOGIN,
         payload: {
-          user: getUserFetch.data.user,
-          domain: getUserFetch.data.domain,
+          user: result.data.user,
+          domain: result.data.domain,
           isAuthenticated: true,
         },
       });
       return;
     }
-    return resetUser(dispatch, storageKeys);
+    resetUser(dispatch);
   } catch (error) {
     onError(
       error instanceof Error ? error : new Error(String(error))
     );
-    return resetUser(dispatch, storageKeys);
+    resetUser(dispatch);
   } finally {
     dispatch({
       type: DauthTypes.SET_IS_LOADING,
@@ -72,46 +57,32 @@ export async function exchangeCodeAction({
   }
 }
-export async function setAutoLoginAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError,
-}: ActionContext) {
-  dispatch({ type: DauthTypes.SET_IS_LOADING, payload: { isLoading: true } });
-  const storedRefreshToken = localStorage.getItem(storageKeys.refreshToken);
-  if (!storedRefreshToken) {
-    dispatch({
-      type: DauthTypes.SET_IS_LOADING,
-      payload: { isLoading: false },
-    });
-    return resetUser(dispatch, storageKeys);
-  }
+export async function autoLoginAction(ctx: ActionContext) {
+  const { dispatch, authProxyPath, onError } = ctx;
+  dispatch({
+    type: DauthTypes.SET_IS_LOADING,
+    payload: { isLoading: true },
+  });
   try {
-    const refreshResult = await refreshTokenAPI(domainName, storedRefreshToken);
-    if (refreshResult.response.status === 200) {
-      const newAccessToken = refreshResult.data.accessToken;
-      const newRefreshToken = refreshResult.data.refreshToken;
-      localStorage.setItem(storageKeys.accessToken, newAccessToken);
-      localStorage.setItem(storageKeys.refreshToken, newRefreshToken);
-      const getUserFetch = await getUserAPI(domainName, newAccessToken);
-      if (getUserFetch.response.status === 200) {
-        dispatch({
-          type: DauthTypes.LOGIN,
-          payload: {
-            user: getUserFetch.data.user,
-            domain: getUserFetch.data.domain,
-            isAuthenticated: true,
-          },
-        });
-        return;
-      }
+    const result = await getSessionAPI(authProxyPath);
+    if (result.response.status === 200) {
+      dispatch({
+        type: DauthTypes.LOGIN,
+        payload: {
+          user: result.data.user,
+          domain: result.data.domain,
+          isAuthenticated: true,
+        },
+      });
+      return;
     }
-    // Refresh failed — session expired
-    resetUser(dispatch, storageKeys);
+    // No session — not authenticated (not an error)
+    resetUser(dispatch);
   } catch (error) {
-    onError(error instanceof Error ? error : new Error(String(error)));
-    resetUser(dispatch, storageKeys);
+    onError(
+      error instanceof Error ? error : new Error(String(error))
+    );
+    resetUser(dispatch);
   } finally {
     dispatch({
       type: DauthTypes.SET_IS_LOADING,
@@ -120,168 +91,116 @@ export async function setAutoLoginAction({
   }
 }
-export async function setLogoutAction({
-  dispatch,
-  domainName,
-  storageKeys,
-}: Omit<ActionContext, 'onError'>) {
-  const storedRefreshToken = localStorage.getItem(storageKeys.refreshToken);
-  if (storedRefreshToken && domainName) {
-    try {
-      await logoutAPI(domainName, storedRefreshToken);
-    } catch (_) {
-      // Best-effort server-side logout
-    }
+export async function logoutAction(ctx: ActionContext) {
+  const { dispatch, authProxyPath } = ctx;
+  try {
+    await logoutAPI(authProxyPath);
+  } catch {
+    // Best-effort server-side logout
   }
-  dispatch({ type: DauthTypes.SET_IS_LOADING, payload: { isLoading: true } });
+  dispatch({
+    type: DauthTypes.SET_IS_LOADING,
+    payload: { isLoading: true },
+  });
   dispatch({
     type: DauthTypes.LOGIN,
     payload: {
       user: {
-        language: window.document.documentElement.getAttribute('lang') || 'es',
+        language:
+          window.document.documentElement.getAttribute('lang') ||
+          'es',
       },
       domain: {},
       isAuthenticated: false,
     },
   });
-  localStorage.removeItem(storageKeys.accessToken);
-  localStorage.removeItem(storageKeys.refreshToken);
-  return dispatch({
+  dispatch({
     type: DauthTypes.SET_IS_LOADING,
     payload: { isLoading: false },
   });
 }
-export async function refreshSessionAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError,
-}: ActionContext) {
-  const storedRefreshToken = localStorage.getItem(storageKeys.refreshToken);
-  if (!storedRefreshToken) {
-    return resetUser(dispatch, storageKeys);
-  }
-  try {
-    const refreshResult = await refreshTokenAPI(domainName, storedRefreshToken);
-    if (refreshResult.response.status === 200) {
-      localStorage.setItem(
-        storageKeys.accessToken,
-        refreshResult.data.accessToken
-      );
-      localStorage.setItem(
-        storageKeys.refreshToken,
-        refreshResult.data.refreshToken
-      );
-      return;
-    }
-    // Refresh failed — revoked or expired
-    resetUser(dispatch, storageKeys);
-  } catch (error) {
-    onError(error instanceof Error ? error : new Error(String(error)));
-    resetUser(dispatch, storageKeys);
-  }
-}
-type TSetUpdateAction = ActionContext & {
-  user: Partial<IDauthUser>;
-  token: string | null;
-};
-export async function setUpdateUserAction({
-  dispatch,
-  domainName,
-  user,
-  token,
-  onError,
-}: TSetUpdateAction) {
+export async function updateUserAction(
+  ctx: ActionContext,
+  user: Partial<IDauthUser>
+): Promise<boolean> {
+  const { dispatch, authProxyPath, onError } = ctx;
   if (user.language) {
-    window.document.documentElement.setAttribute('lang', user.language);
-  }
-  if (!token) {
-    dispatch({
-      type: DauthTypes.UPDATE_USER,
-      payload: user,
-    });
-    return false;
+    window.document.documentElement.setAttribute(
+      'lang',
+      user.language
+    );
   }
   try {
-    const getUserFetch = await updateUserAPI(domainName, user, token);
-    if (getUserFetch.response.status === 200) {
+    const result = await updateUserAPI(authProxyPath, user);
+    if (result.response.status === 200) {
       dispatch({
         type: DauthTypes.UPDATE_USER,
-        payload: getUserFetch.data.user,
+        payload: result.data.user,
       });
       return true;
-    } else {
-      onError(new Error('Update user error: ' + getUserFetch.data.message));
-      return false;
     }
+    onError(
+      new Error('Update user error: ' + result.data.message)
+    );
+    return false;
   } catch (error) {
-    onError(error instanceof Error ? error : new Error('Update user error'));
+    onError(
+      error instanceof Error
+        ? error
+        : new Error('Update user error')
+    );
     return false;
   }
 }
-export async function getAccessTokenAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError,
-}: ActionContext) {
-  const token_ls = localStorage.getItem(storageKeys.accessToken);
-  if (!token_ls) return 'token-not-found';
-  // Decode JWT to check expiry (without verification — that's the server's job)
+export async function updateUserWithRedirectAction(
+  ctx: ActionContext
+) {
+  const { authProxyPath, onError } = ctx;
   try {
-    const payloadB64 = token_ls.split('.')[1];
-    if (payloadB64) {
-      const payload = JSON.parse(atob(payloadB64));
-      const expiresIn = (payload.exp || 0) * 1000 - Date.now();
-      // If token expires in less than 5 minutes, refresh proactively
-      if (expiresIn < 5 * 60 * 1000) {
-        await refreshSessionAction({
-          dispatch,
-          domainName,
-          storageKeys,
-          onError,
-        });
-        const refreshedToken = localStorage.getItem(storageKeys.accessToken);
-        return refreshedToken || 'token-not-found';
-      }
+    const result = await profileRedirectAPI(authProxyPath);
+    if (
+      result.response.status === 200 &&
+      result.data.redirectUrl
+    ) {
+      window.location.replace(result.data.redirectUrl);
+      return;
     }
-  } catch (_) {
-    // If decode fails, return stored token and let server validate
+    onError(
+      new Error('Could not generate profile redirect')
+    );
+  } catch (error) {
+    onError(
+      error instanceof Error
+        ? error
+        : new Error('Profile redirect error')
+    );
   }
-  return token_ls;
 }
-export async function deleteAccountAction({
-  dispatch,
-  domainName,
-  storageKeys,
-  onError,
-  token,
-}: ActionContext & { token: string }) {
+export async function deleteAccountAction(
+  ctx: ActionContext
+): Promise<boolean> {
+  const { dispatch, authProxyPath, onError } = ctx;
   try {
-    const result = await deleteAccountAPI(domainName, token);
+    const result = await deleteAccountAPI(authProxyPath);
     if (result.response.status === 200) {
-      resetUser(dispatch, storageKeys);
+      resetUser(dispatch);
       return true;
     }
     return false;
   } catch (error) {
-    onError(error instanceof Error ? error : new Error('Delete account error'));
+    onError(
+      error instanceof Error
+        ? error
+        : new Error('Delete account error')
+    );
     return false;
   }
 }
-///////////////////////////////////////////
-//////////////////////////////////////////
-export const resetUser = (
-  dispatch: React.Dispatch<any>,
-  storageKeys: IDauthStorageKeys
-) => {
-  localStorage.removeItem(storageKeys.accessToken);
-  localStorage.removeItem(storageKeys.refreshToken);
+export const resetUser = (dispatch: React.Dispatch<any>) => {
   return dispatch({
     type: DauthTypes.LOGIN,
     payload: {