fauxbase 0.5.6 → 0.5.7

package/dist/index.cjs

@@ -279,10 +279,15 @@ var AuthService = class extends Service {
   saveState = null;
   httpDriver = null;
   authChangeListeners = [];
+  refreshTimer = null;
+  _isRefreshing = null;
   /** @internal — called by createClient to wire persistence */
   _initAuth(loadState, saveState) {
     this.saveState = saveState;
     this.authState = loadState();
+    if (this.authState?.expiresAt) {
+      this.scheduleRefresh();
+    }
   }
   /** @internal — called by createClient when using HttpDriver */
   _setHttpMode(driver) {
@@ -301,9 +306,38 @@ var AuthService = class extends Service {
     return this.localRegister(data);
   }
   logout() {
+    this.clearRefreshTimer();
     this.authState = null;
     this.persistState();
   }
+  /** Manually refresh the token. Returns the new token. */
+  async refresh() {
+    if (!this.authState?.refreshToken) {
+      throw new ForbiddenError("No refresh token available");
+    }
+    if (this.httpDriver) {
+      return this.httpRefresh();
+    }
+    return this.localRefresh();
+  }
+  /**
+   * Ensure the token is valid before making a request.
+   * If expired, auto-refreshes. Safe to call concurrently.
+   */
+  async ensureValidToken() {
+    if (!this.authState) return;
+    if (!this.authState.expiresAt) return;
+    const buffer = 30 * 1e3;
+    if (Date.now() + buffer >= this.authState.expiresAt) {
+      if (!this._isRefreshing) {
+        this._isRefreshing = this.refresh().then(() => {
+        }).finally(() => {
+          this._isRefreshing = null;
+        });
+      }
+      await this._isRefreshing;
+    }
+  }
   get currentUser() {
     return this.authState ? { id: this.authState.userId, email: this.authState.email } : null;
   }
@@ -313,6 +347,16 @@ var AuthService = class extends Service {
   get token() {
     return this.authState?.token ?? null;
   }
+  get refreshToken() {
+    return this.authState?.refreshToken ?? null;
+  }
+  get expiresAt() {
+    return this.authState?.expiresAt ?? null;
+  }
+  get isExpired() {
+    if (!this.authState?.expiresAt) return false;
+    return Date.now() >= this.authState.expiresAt;
+  }
   hasRole(role) {
     return this.authState?.role === role;
   }
@@ -323,7 +367,7 @@ var AuthService = class extends Service {
       userName: this.authState.userName
     };
   }
-  // --- Local mode (original implementation) ---
+  // --- Local mode ---
   async localLogin(credentials) {
     const { items } = await this.list({ filter: { email: credentials.email } });
     if (items.length === 0) {
@@ -333,14 +377,18 @@ var AuthService = class extends Service {
     if (user.password !== credentials.password) {
       throw new ForbiddenError("Invalid email or password");
     }
+    const expiresAt = Date.now() + 60 * 60 * 1e3;
     this.authState = {
       userId: user.id,
       email: user.email,
       userName: user.name || user.email,
       role: user.role,
-      token: this.generateToken(user)
+      token: this.generateToken(user, expiresAt),
+      refreshToken: this.generateRefreshToken(user),
+      expiresAt
     };
     this.persistState();
+    this.scheduleRefresh();
     return user;
   }
   async localRegister(data) {
@@ -353,16 +401,33 @@ var AuthService = class extends Service {
     }
     const { data: user } = await this.create(data);
     const u = user;
+    const expiresAt = Date.now() + 60 * 60 * 1e3;
     this.authState = {
       userId: u.id,
       email: u.email,
       userName: u.name || u.email,
       role: u.role,
-      token: this.generateToken(u)
+      token: this.generateToken(u, expiresAt),
+      refreshToken: this.generateRefreshToken(u),
+      expiresAt
     };
     this.persistState();
+    this.scheduleRefresh();
     return user;
   }
+  async localRefresh() {
+    const payload = JSON.parse(atob(this.authState.refreshToken));
+    const expiresAt = Date.now() + 60 * 60 * 1e3;
+    this.authState = {
+      ...this.authState,
+      token: this.generateToken(payload, expiresAt),
+      refreshToken: this.generateRefreshToken(payload),
+      expiresAt
+    };
+    this.persistState();
+    this.scheduleRefresh();
+    return this.authState.token;
+  }
   // --- HTTP mode ---
   async httpLogin(credentials) {
     const preset = this.httpDriver.preset;
@@ -384,17 +449,8 @@ var AuthService = class extends Service {
       throw new ForbiddenError(body2.message ?? "Login failed");
     }
     const body = await response.json();
-    const token = body[preset.auth.tokenField];
-    const user = body[preset.auth.userField] ?? body;
-    this.authState = {
-      userId: user.id,
-      email: user.email ?? credentials.email,
-      userName: user.name || user.email || credentials.email,
-      role: user.role,
-      token
-    };
-    this.persistState();
-    return user;
+    this.setAuthFromResponse(body, preset, credentials.email);
+    return body[preset.auth.userField] ?? body;
   }
   async httpRegister(data) {
     const preset = this.httpDriver.preset;
@@ -413,27 +469,94 @@ var AuthService = class extends Service {
       throw new ForbiddenError(body2.message ?? "Registration failed");
     }
     const body = await response.json();
+    this.setAuthFromResponse(body, preset, data.email);
+    return body[preset.auth.userField] ?? body;
+  }
+  async httpRefresh() {
+    const preset = this.httpDriver.preset;
+    const baseUrl = this.httpDriver.baseUrl;
+    const refreshUrl = preset.auth.refreshUrl;
+    if (!refreshUrl) {
+      throw new ForbiddenError("Refresh URL not configured in preset");
+    }
+    const response = await fetch(`${baseUrl}${refreshUrl}`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ refreshToken: this.authState.refreshToken })
+    });
+    if (!response.ok) {
+      this.logout();
+      throw new ForbiddenError("Session expired. Please log in again.");
+    }
+    const body = await response.json();
+    const token = body[preset.auth.tokenField];
+    const refreshToken = preset.auth.refreshTokenField ? body[preset.auth.refreshTokenField] : this.authState.refreshToken;
+    const expiresIn = preset.auth.expiresInField ? body[preset.auth.expiresInField] : null;
+    const expiresAt = expiresIn ? Date.now() + expiresIn * 1e3 : void 0;
+    this.authState = {
+      ...this.authState,
+      token,
+      refreshToken,
+      expiresAt
+    };
+    this.persistState();
+    this.scheduleRefresh();
+    return token;
+  }
+  setAuthFromResponse(body, preset, fallbackEmail) {
     const token = body[preset.auth.tokenField];
     const user = body[preset.auth.userField] ?? body;
+    const refreshToken = preset.auth.refreshTokenField ? body[preset.auth.refreshTokenField] : void 0;
+    const expiresIn = preset.auth.expiresInField ? body[preset.auth.expiresInField] : null;
+    const expiresAt = expiresIn ? Date.now() + expiresIn * 1e3 : void 0;
     this.authState = {
       userId: user.id,
-      email: user.email ?? data.email,
-      userName: user.name || user.email || data.email,
+      email: user.email ?? fallbackEmail,
+      userName: user.name || user.email || fallbackEmail,
       role: user.role,
-      token
+      token,
+      refreshToken,
+      expiresAt
     };
     this.persistState();
-    return user;
+    this.scheduleRefresh();
   }
-  generateToken(user) {
+  // --- Token generation (local mode) ---
+  generateToken(user, expiresAt) {
     return btoa(JSON.stringify({
-      userId: user.id,
+      userId: user.id ?? user.userId,
       email: user.email,
       role: user.role,
       iat: Date.now(),
-      exp: Date.now() + 24 * 60 * 60 * 1e3
+      exp: expiresAt
     }));
   }
+  generateRefreshToken(user) {
+    return btoa(JSON.stringify({
+      userId: user.id ?? user.userId,
+      email: user.email,
+      role: user.role,
+      type: "refresh",
+      iat: Date.now()
+    }));
+  }
+  // --- Refresh scheduling ---
+  scheduleRefresh() {
+    this.clearRefreshTimer();
+    if (!this.authState?.expiresAt) return;
+    const delay = this.authState.expiresAt - Date.now() - 60 * 1e3;
+    if (delay <= 0) return;
+    this.refreshTimer = setTimeout(() => {
+      this.refresh().catch(() => {
+      });
+    }, delay);
+  }
+  clearRefreshTimer() {
+    if (this.refreshTimer) {
+      clearTimeout(this.refreshTimer);
+      this.refreshTimer = null;
+    }
+  }
   /** @internal — called by createClient to listen for auth state changes */
   _onAuthChange(listener) {
     this.authChangeListeners.push(listener);
@@ -1037,7 +1160,10 @@ var springBootPreset = definePreset({
   auth: {
     loginUrl: "/api/auth/login",
     registerUrl: "/api/auth/register",
+    refreshUrl: "/api/auth/refresh",
     tokenField: "token",
+    refreshTokenField: "refreshToken",
+    expiresInField: "expiresIn",
     userField: "user",
     headerFormat: "Bearer {token}"
   }
@@ -1277,6 +1403,7 @@ var HttpDriver = class {
   defaultHeaders;
   endpoints = /* @__PURE__ */ new Map();
   authProvider = null;
+  onUnauthorized = null;
   constructor(config) {
     this.baseUrl = config.baseUrl.replace(/\/$/, "");
     this.preset = typeof config.preset === "string" ? getPreset(config.preset ?? "default") : config.preset ?? getPreset("default");
@@ -1288,6 +1415,10 @@ var HttpDriver = class {
   setAuthProvider(provider) {
     this.authProvider = provider;
   }
+  /** @internal — set callback to refresh token on 401 */
+  setOnUnauthorized(handler) {
+    this.onUnauthorized = handler;
+  }
   registerEndpoint(resource, endpoint) {
     this.endpoints.set(resource, endpoint);
   }
@@ -1321,6 +1452,12 @@ var HttpDriver = class {
       });
       clearTimeout(timer);
       if (!response.ok) {
+        if (response.status === 401 && retryCount === 0 && this.onUnauthorized) {
+          const refreshed = await this.onUnauthorized();
+          if (refreshed) {
+            return this._fetch(url, options, 1);
+          }
+        }
         if (response.status >= 500 && retryCount < this.maxRetries) {
           const delay = this.baseDelay * Math.pow(2, retryCount);
           await new Promise((r) => setTimeout(r, delay));
@@ -1684,10 +1821,25 @@ function createClient(config) {
     } else if (defaultDriver instanceof HttpDriver) {
       authInstance._init(defaultDriver, resourceName);
       defaultDriver.registerEndpoint(resourceName, authInstance.endpoint);
+      const hasLocalStorage = typeof localStorage !== "undefined";
+      const LS_AUTH_KEY = "fauxbase:auth";
       let memoryAuthState = null;
       authInstance._initAuth(
-        () => memoryAuthState,
+        () => {
+          if (hasLocalStorage) {
+            const raw = localStorage.getItem(LS_AUTH_KEY);
+            return raw ? JSON.parse(raw) : null;
+          }
+          return memoryAuthState;
+        },
         (state) => {
+          if (hasLocalStorage) {
+            if (state) {
+              localStorage.setItem(LS_AUTH_KEY, JSON.stringify(state));
+            } else {
+              localStorage.removeItem(LS_AUTH_KEY);
+            }
+          }
           memoryAuthState = state;
         }
       );
@@ -1696,6 +1848,14 @@ function createClient(config) {
         const token = authInstance.token;
         return token ? { token } : null;
       });
+      defaultDriver.setOnUnauthorized(async () => {
+        try {
+          await authInstance.refresh();
+          return true;
+        } catch {
+          return false;
+        }
+      });
     }
     client.auth = authInstance;
     for (const driver of overrideDrivers.values()) {
@@ -1704,6 +1864,14 @@ function createClient(config) {
           const token = client.auth?.token;
           return token ? { token } : null;
         });
+        driver.setOnUnauthorized(async () => {
+          try {
+            await client.auth.refresh();
+            return true;
+          } catch {
+            return false;
+          }
+        });
       }
     }
   }