npm - fauxbase - Versions diffs - 0.5.5 → 0.5.7 - Mend

fauxbase 0.5.5 → 0.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -279,10 +279,15 @@ var AuthService = class extends Service {
   saveState = null;
   httpDriver = null;
   authChangeListeners = [];
+  refreshTimer = null;
+  _isRefreshing = null;
   /** @internal — called by createClient to wire persistence */
   _initAuth(loadState, saveState) {
     this.saveState = saveState;
     this.authState = loadState();
+    if (this.authState?.expiresAt) {
+      this.scheduleRefresh();
+    }
   }
   /** @internal — called by createClient when using HttpDriver */
   _setHttpMode(driver) {
@@ -301,9 +306,38 @@ var AuthService = class extends Service {
     return this.localRegister(data);
   }
   logout() {
+    this.clearRefreshTimer();
     this.authState = null;
     this.persistState();
   }
+  /** Manually refresh the token. Returns the new token. */
+  async refresh() {
+    if (!this.authState?.refreshToken) {
+      throw new ForbiddenError("No refresh token available");
+    }
+    if (this.httpDriver) {
+      return this.httpRefresh();
+    }
+    return this.localRefresh();
+  }
+  /**
+   * Ensure the token is valid before making a request.
+   * If expired, auto-refreshes. Safe to call concurrently.
+   */
+  async ensureValidToken() {
+    if (!this.authState) return;
+    if (!this.authState.expiresAt) return;
+    const buffer = 30 * 1e3;
+    if (Date.now() + buffer >= this.authState.expiresAt) {
+      if (!this._isRefreshing) {
+        this._isRefreshing = this.refresh().then(() => {
+        }).finally(() => {
+          this._isRefreshing = null;
+        });
+      }
+      await this._isRefreshing;
+    }
+  }
   get currentUser() {
     return this.authState ? { id: this.authState.userId, email: this.authState.email } : null;
   }
@@ -313,6 +347,16 @@ var AuthService = class extends Service {
   get token() {
     return this.authState?.token ?? null;
   }
+  get refreshToken() {
+    return this.authState?.refreshToken ?? null;
+  }
+  get expiresAt() {
+    return this.authState?.expiresAt ?? null;
+  }
+  get isExpired() {
+    if (!this.authState?.expiresAt) return false;
+    return Date.now() >= this.authState.expiresAt;
+  }
   hasRole(role) {
     return this.authState?.role === role;
   }
@@ -323,7 +367,7 @@ var AuthService = class extends Service {
       userName: this.authState.userName
     };
   }
-  // --- Local mode (original implementation) ---
+  // --- Local mode ---
   async localLogin(credentials) {
     const { items } = await this.list({ filter: { email: credentials.email } });
     if (items.length === 0) {
@@ -333,14 +377,18 @@ var AuthService = class extends Service {
     if (user.password !== credentials.password) {
       throw new ForbiddenError("Invalid email or password");
     }
+    const expiresAt = Date.now() + 60 * 60 * 1e3;
     this.authState = {
       userId: user.id,
       email: user.email,
       userName: user.name || user.email,
       role: user.role,
-      token: this.generateToken(user)
+      token: this.generateToken(user, expiresAt),
+      refreshToken: this.generateRefreshToken(user),
+      expiresAt
     };
     this.persistState();
+    this.scheduleRefresh();
     return user;
   }
   async localRegister(data) {
@@ -353,16 +401,33 @@ var AuthService = class extends Service {
     }
     const { data: user } = await this.create(data);
     const u = user;
+    const expiresAt = Date.now() + 60 * 60 * 1e3;
     this.authState = {
       userId: u.id,
       email: u.email,
       userName: u.name || u.email,
       role: u.role,
-      token: this.generateToken(u)
+      token: this.generateToken(u, expiresAt),
+      refreshToken: this.generateRefreshToken(u),
+      expiresAt
     };
     this.persistState();
+    this.scheduleRefresh();
     return user;
   }
+  async localRefresh() {
+    const payload = JSON.parse(atob(this.authState.refreshToken));
+    const expiresAt = Date.now() + 60 * 60 * 1e3;
+    this.authState = {
+      ...this.authState,
+      token: this.generateToken(payload, expiresAt),
+      refreshToken: this.generateRefreshToken(payload),
+      expiresAt
+    };
+    this.persistState();
+    this.scheduleRefresh();
+    return this.authState.token;
+  }
   // --- HTTP mode ---
   async httpLogin(credentials) {
     const preset = this.httpDriver.preset;
@@ -384,17 +449,8 @@ var AuthService = class extends Service {
       throw new ForbiddenError(body2.message ?? "Login failed");
     }
     const body = await response.json();
-    const token = body[preset.auth.tokenField];
-    const user = body[preset.auth.userField] ?? body;
-    this.authState = {
-      userId: user.id,
-      email: user.email ?? credentials.email,
-      userName: user.name || user.email || credentials.email,
-      role: user.role,
-      token
-    };
-    this.persistState();
-    return user;
+    this.setAuthFromResponse(body, preset, credentials.email);
+    return body[preset.auth.userField] ?? body;
   }
   async httpRegister(data) {
     const preset = this.httpDriver.preset;
@@ -413,27 +469,94 @@ var AuthService = class extends Service {
       throw new ForbiddenError(body2.message ?? "Registration failed");
     }
     const body = await response.json();
+    this.setAuthFromResponse(body, preset, data.email);
+    return body[preset.auth.userField] ?? body;
+  }
+  async httpRefresh() {
+    const preset = this.httpDriver.preset;
+    const baseUrl = this.httpDriver.baseUrl;
+    const refreshUrl = preset.auth.refreshUrl;
+    if (!refreshUrl) {
+      throw new ForbiddenError("Refresh URL not configured in preset");
+    }
+    const response = await fetch(`${baseUrl}${refreshUrl}`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ refreshToken: this.authState.refreshToken })
+    });
+    if (!response.ok) {
+      this.logout();
+      throw new ForbiddenError("Session expired. Please log in again.");
+    }
+    const body = await response.json();
+    const token = body[preset.auth.tokenField];
+    const refreshToken = preset.auth.refreshTokenField ? body[preset.auth.refreshTokenField] : this.authState.refreshToken;
+    const expiresIn = preset.auth.expiresInField ? body[preset.auth.expiresInField] : null;
+    const expiresAt = expiresIn ? Date.now() + expiresIn * 1e3 : void 0;
+    this.authState = {
+      ...this.authState,
+      token,
+      refreshToken,
+      expiresAt
+    };
+    this.persistState();
+    this.scheduleRefresh();
+    return token;
+  }
+  setAuthFromResponse(body, preset, fallbackEmail) {
     const token = body[preset.auth.tokenField];
     const user = body[preset.auth.userField] ?? body;
+    const refreshToken = preset.auth.refreshTokenField ? body[preset.auth.refreshTokenField] : void 0;
+    const expiresIn = preset.auth.expiresInField ? body[preset.auth.expiresInField] : null;
+    const expiresAt = expiresIn ? Date.now() + expiresIn * 1e3 : void 0;
     this.authState = {
       userId: user.id,
-      email: user.email ?? data.email,
-      userName: user.name || user.email || data.email,
+      email: user.email ?? fallbackEmail,
+      userName: user.name || user.email || fallbackEmail,
       role: user.role,
-      token
+      token,
+      refreshToken,
+      expiresAt
     };
     this.persistState();
-    return user;
+    this.scheduleRefresh();
   }
-  generateToken(user) {
+  // --- Token generation (local mode) ---
+  generateToken(user, expiresAt) {
     return btoa(JSON.stringify({
-      userId: user.id,
+      userId: user.id ?? user.userId,
       email: user.email,
       role: user.role,
       iat: Date.now(),
-      exp: Date.now() + 24 * 60 * 60 * 1e3
+      exp: expiresAt
+    }));
+  }
+  generateRefreshToken(user) {
+    return btoa(JSON.stringify({
+      userId: user.id ?? user.userId,
+      email: user.email,
+      role: user.role,
+      type: "refresh",
+      iat: Date.now()
     }));
   }
+  // --- Refresh scheduling ---
+  scheduleRefresh() {
+    this.clearRefreshTimer();
+    if (!this.authState?.expiresAt) return;
+    const delay = this.authState.expiresAt - Date.now() - 60 * 1e3;
+    if (delay <= 0) return;
+    this.refreshTimer = setTimeout(() => {
+      this.refresh().catch(() => {
+      });
+    }, delay);
+  }
+  clearRefreshTimer() {
+    if (this.refreshTimer) {
+      clearTimeout(this.refreshTimer);
+      this.refreshTimer = null;
+    }
+  }
   /** @internal — called by createClient to listen for auth state changes */
   _onAuthChange(listener) {
     this.authChangeListeners.push(listener);
@@ -748,7 +871,11 @@ var LocalDriver = class {
   authProvider = null;
   _ready;
   _isReady;
+  latencyMs;
+  errorRate;
   constructor(config) {
+    this.latencyMs = config.latency ?? 0;
+    this.errorRate = config.errorRate ?? 0;
     if (config.persist === "indexeddb") {
       const backend = new IndexedDBBackend(config.dbName ?? "fauxbase");
       this.storage = backend;
@@ -762,6 +889,27 @@ var LocalDriver = class {
       this._ready = Promise.resolve();
     }
   }
+  async simulate() {
+    if (this.errorRate > 0 && Math.random() < this.errorRate) {
+      const errors = [
+        () => new NetworkError("Simulated network failure"),
+        () => new TimeoutError("Simulated request timeout"),
+        () => new NetworkError("Simulated connection refused")
+      ];
+      const delay2 = this.getLatency();
+      if (delay2 > 0) await new Promise((r) => setTimeout(r, delay2 / 2));
+      throw errors[Math.floor(Math.random() * errors.length)]();
+    }
+    const delay = this.getLatency();
+    if (delay > 0) {
+      await new Promise((r) => setTimeout(r, delay));
+    }
+  }
+  getLatency() {
+    if (typeof this.latencyMs === "number") return this.latencyMs;
+    const { min, max } = this.latencyMs;
+    return Math.floor(Math.random() * (max - min + 1)) + min;
+  }
   get ready() {
     return this._ready;
   }
@@ -778,12 +926,14 @@ var LocalDriver = class {
     this.entityClasses.set(resource, entityClass);
   }
   async list(resource, query) {
+    await this.simulate();
     const items = this.storage.getAll(resource);
     const entityClass = this.entityClasses.get(resource);
     const processed = entityClass ? items.map((item) => applyComputedFields(item, entityClass)) : items;
     return executeQuery(processed, query);
   }
   async get(resource, id) {
+    await this.simulate();
     const item = this.storage.getById(resource, id);
     if (!item || item.deletedAt) {
       throw new NotFoundError(`${resource} with id "${id}" not found`);
@@ -793,6 +943,7 @@ var LocalDriver = class {
     return { data };
   }
   async create(resource, data) {
+    await this.simulate();
     const entityClass = this.entityClasses.get(resource);
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const authContext = this.authProvider?.();
@@ -819,6 +970,7 @@ var LocalDriver = class {
     return { data: result };
   }
   async update(resource, id, data) {
+    await this.simulate();
     const existing = this.storage.getById(resource, id);
     if (!existing || existing.deletedAt) {
       throw new NotFoundError(`${resource} with id "${id}" not found`);
@@ -845,6 +997,7 @@ var LocalDriver = class {
     return { data: result };
   }
   async delete(resource, id) {
+    await this.simulate();
     const existing = this.storage.getById(resource, id);
     if (!existing || existing.deletedAt) {
       throw new NotFoundError(`${resource} with id "${id}" not found`);
@@ -867,6 +1020,7 @@ var LocalDriver = class {
     return { data: record };
   }
   async count(resource, filter) {
+    await this.simulate();
     let items = this.storage.getAll(resource).filter((item) => !item.deletedAt);
     if (filter) {
       items = applyFilters(items, filter);
@@ -1006,7 +1160,10 @@ var springBootPreset = definePreset({
   auth: {
     loginUrl: "/api/auth/login",
     registerUrl: "/api/auth/register",
+    refreshUrl: "/api/auth/refresh",
     tokenField: "token",
+    refreshTokenField: "refreshToken",
+    expiresInField: "expiresIn",
     userField: "user",
     headerFormat: "Bearer {token}"
   }
@@ -1246,6 +1403,7 @@ var HttpDriver = class {
   defaultHeaders;
   endpoints = /* @__PURE__ */ new Map();
   authProvider = null;
+  onUnauthorized = null;
   constructor(config) {
     this.baseUrl = config.baseUrl.replace(/\/$/, "");
     this.preset = typeof config.preset === "string" ? getPreset(config.preset ?? "default") : config.preset ?? getPreset("default");
@@ -1257,6 +1415,10 @@ var HttpDriver = class {
   setAuthProvider(provider) {
     this.authProvider = provider;
   }
+  /** @internal — set callback to refresh token on 401 */
+  setOnUnauthorized(handler) {
+    this.onUnauthorized = handler;
+  }
   registerEndpoint(resource, endpoint) {
     this.endpoints.set(resource, endpoint);
   }
@@ -1290,6 +1452,12 @@ var HttpDriver = class {
       });
       clearTimeout(timer);
       if (!response.ok) {
+        if (response.status === 401 && retryCount === 0 && this.onUnauthorized) {
+          const refreshed = await this.onUnauthorized();
+          if (refreshed) {
+            return this._fetch(url, options, 1);
+          }
+        }
         if (response.status >= 500 && retryCount < this.maxRetries) {
           const delay = this.baseDelay * Math.pow(2, retryCount);
           await new Promise((r) => setTimeout(r, delay));
@@ -1653,10 +1821,25 @@ function createClient(config) {
     } else if (defaultDriver instanceof HttpDriver) {
       authInstance._init(defaultDriver, resourceName);
       defaultDriver.registerEndpoint(resourceName, authInstance.endpoint);
+      const hasLocalStorage = typeof localStorage !== "undefined";
+      const LS_AUTH_KEY = "fauxbase:auth";
       let memoryAuthState = null;
       authInstance._initAuth(
-        () => memoryAuthState,
+        () => {
+          if (hasLocalStorage) {
+            const raw = localStorage.getItem(LS_AUTH_KEY);
+            return raw ? JSON.parse(raw) : null;
+          }
+          return memoryAuthState;
+        },
         (state) => {
+          if (hasLocalStorage) {
+            if (state) {
+              localStorage.setItem(LS_AUTH_KEY, JSON.stringify(state));
+            } else {
+              localStorage.removeItem(LS_AUTH_KEY);
+            }
+          }
           memoryAuthState = state;
         }
       );
@@ -1665,6 +1848,14 @@ function createClient(config) {
         const token = authInstance.token;
         return token ? { token } : null;
       });
+      defaultDriver.setOnUnauthorized(async () => {
+        try {
+          await authInstance.refresh();
+          return true;
+        } catch {
+          return false;
+        }
+      });
     }
     client.auth = authInstance;
     for (const driver of overrideDrivers.values()) {
@@ -1673,6 +1864,14 @@ function createClient(config) {
           const token = client.auth?.token;
           return token ? { token } : null;
         });
+        driver.setOnUnauthorized(async () => {
+          try {
+            await client.auth.refresh();
+            return true;
+          } catch {
+            return false;
+          }
+        });
       }
     }
   }