feeef 0.9.3 → 0.9.5

package/build/src/core/entities/order.d.ts

@@ -220,4 +220,22 @@ export interface CalculateOrderPricingOptions {
     shippingType?: ShippingType;
     shippingAddress?: string;
 }
+/**
+ * Check if an order ID indicates a fake/honeypot order
+ * Fake orders use the "FuHe3nf" prefix
+ */
+export declare function isFakeOrderId(orderId: string | undefined | null): boolean;
+/**
+ * Check if an order is a fake order (by ID or metadata flag)
+ */
+export declare function isFakeOrder(order: OrderEntity): boolean;
+/**
+ * Check if an order has warning treatment (created but flagged)
+ */
+export declare function isWarningOrder(order: OrderEntity): boolean;
+/**
+ * Check if pixel events should be suppressed for this order
+ * Suppress for: fake orders, warning treatment, fake treatment
+ */
+export declare function shouldSuppressPixelEvents(order: OrderEntity): boolean;
 export {};

package/build/src/core/entities/store.d.ts

@@ -80,7 +80,8 @@ export declare const generatePublicStoreIntegrationOrderdz: (orderdz: OrderdzInt
 export declare const generatePublicStoreIntegrationWebhooks: (webhooks: WebhooksIntegration | null | undefined) => PublicWebhooksIntegration | null | undefined;
 /**
  * Generates public security integration data from private integration data.
- * Only exposes non-sensitive information, keeping backend protection details private for security.
+ * Exposes storefront-safe rules: frontend, doubleSend, minTimeInPage, countries, sources.
+ * Fingerprint, ip, phone, and ads stay server-only.
  */
 export declare const generatePublicStoreIntegrationSecurity: (security: SecurityIntegration | null | undefined) => PublicSecurityIntegration | null | undefined;
 /**
@@ -497,40 +498,70 @@ export interface ZrexpressIntegration {
     /** Additional metadata for the integration */
     metadata?: Record<string, any>;
 }
-export interface SecurityIntegrationOrdersProtection {
-    frontend: {
-        active: boolean;
-    };
-    backend: {
-        active: boolean;
-        phoneTtl: number;
-        ipTtl: number;
-        blockDirectOrders: boolean;
-        adsOnlyMode: boolean;
-        fingerprintTtl?: number | null;
-        minFormLoadTime?: number | null;
-        requireFingerprint?: boolean | null;
-    };
+export declare enum SecurityTreatment {
+    block = "block",
+    warning = "warning",
+    fake = "fake"
 }
-export interface PublicSecurityIntegrationOrdersProtection {
-    frontend: {
-        active: boolean;
-    };
+export interface SecurityOption {
+    active: boolean;
+    ttl?: number | null;
+    treatment: SecurityTreatment;
+}
+export interface SecurityMinTimeOption {
+    active: boolean;
+    duration: number;
+    treatment: SecurityTreatment;
+}
+export interface SecurityCountriesOption {
+    active: boolean;
+    treatment: SecurityTreatment;
+    allowed: string[] | null;
+    blocked: string[];
+}
+export interface SecuritySourcesOption {
+    active: boolean;
+    treatment: SecurityTreatment;
+    allowed: string[] | null;
+    blocked: string[];
+}
+/** Storefront-safe min-time rule (same shape as private; no secrets). */
+export type PublicSecurityMinTimeOption = SecurityMinTimeOption;
+/** Storefront-safe country allow/block lists (policy only). */
+export type PublicSecurityCountriesOption = SecurityCountriesOption;
+/** Storefront-safe traffic-source allow/block lists (policy only). */
+export type PublicSecuritySourcesOption = SecuritySourcesOption;
+export interface SecurityOptions {
+    fingerprint?: SecurityOption | null;
+    ip?: SecurityOption | null;
+    phone?: SecurityOption | null;
+    ads?: SecurityOption | null;
+    frontend?: SecurityOption | null;
+    doubleSend?: SecurityOption | null;
+    minTimeInPage?: SecurityMinTimeOption | null;
+    countries?: SecurityCountriesOption | null;
+    sources?: SecuritySourcesOption | null;
 }
 export interface SecurityIntegration {
-    orders?: SecurityIntegrationOrdersProtection;
-    /** Whether this integration is currently active */
     active: boolean;
-    /** Additional metadata for the integration */
+    options?: SecurityOptions | null;
     metadata?: Record<string, any>;
 }
+export interface PublicSecurityOption {
+    active: boolean;
+    ttl: number;
+    treatment: SecurityTreatment;
+}
+export interface PublicSecurityOptions {
+    frontend?: PublicSecurityOption;
+    doubleSend?: PublicSecurityOption;
+    minTimeInPage?: PublicSecurityMinTimeOption;
+    countries?: PublicSecurityCountriesOption;
+    sources?: PublicSecuritySourcesOption;
+}
 export interface PublicSecurityIntegration {
-    key?: string | null;
-    orders?: PublicSecurityIntegrationOrdersProtection;
-    /** Whether this integration is currently active */
     active: boolean;
-    /** Additional metadata for the integration */
-    metadata?: Record<string, any>;
+    options: PublicSecurityOptions;
 }
 /**
  * Webhook event types for order lifecycle

package/build/src/core/entities/user.d.ts

@@ -151,6 +151,27 @@ export interface SigninWithSocialOptions {
     code: string;
     fcmToken?: string | null;
 }
+/**
+ * Options for creating a short-lived, single-use Feeef auth code (QR / device login).
+ */
+export interface CreateAuthCodeOptions {
+    /** Optional deep-link destination to return alongside the code. */
+    redirect?: string;
+}
+/**
+ * Response from creating an auth code.
+ */
+export interface CreateAuthCodeResponse {
+    authCode: string;
+    expiresInSeconds: number;
+    redirect: string | null;
+}
+/**
+ * Options for signing in with a one-time Feeef auth code (OAuth-like semantics).
+ */
+export interface SigninWithCodeOptions {
+    authCode: string;
+}
 /**
  * Options for passkey registration start.
  */

package/build/src/feeef/repositories/users.d.ts

@@ -1,6 +1,6 @@
 import { AxiosInstance } from 'axios';
 import { ModelRepository } from './repository.js';
-import { AccessToken, AuthToken, CreateUserOptions, FinishPasskeyAuthenticationOptions, FinishPasskeyRegistrationOptions, LinkSocialAccountOptions, Passkey, SigninCredentials, SigninWithSocialOptions, SignupCredentials, TransferMoneyOptions, TransferMoneyResponse, UpdateUserOptions, UserEntity, UserUpdate, StartPasskeyAuthenticationOptions, StartPasskeyRegistrationOptions } from '../../core/entities/user.js';
+import { AccessToken, AuthToken, CreateUserOptions, FinishPasskeyAuthenticationOptions, FinishPasskeyRegistrationOptions, LinkSocialAccountOptions, Passkey, CreateAuthCodeOptions, CreateAuthCodeResponse, SigninCredentials, SigninWithCodeOptions, SigninWithSocialOptions, SignupCredentials, TransferMoneyOptions, TransferMoneyResponse, UpdateUserOptions, UserEntity, UserUpdate, StartPasskeyAuthenticationOptions, StartPasskeyRegistrationOptions } from '../../core/entities/user.js';
 /**
  * Represents the response returned by the authentication process.
  */
@@ -51,6 +51,18 @@ export declare class UserRepository extends ModelRepository<UserEntity, CreateUs
      * @returns A promise that resolves to the authentication response.
      */
     signinWithToken(token: string, fcmToken?: string | null): Promise<AuthResponse>;
+    /**
+     * Generates a short-lived, single-use Feeef auth code for cross-device / QR login.
+     *
+     * POST `/users/auth/code` (auth required).
+     */
+    createAuthCode(options?: CreateAuthCodeOptions): Promise<CreateAuthCodeResponse>;
+    /**
+     * Signs in using a one-time Feeef auth code (OAuth-like semantics).
+     *
+     * POST `/users/auth/code/consume` (public). On success it returns a bearer token and user.
+     */
+    signinWithCode(options: SigninWithCodeOptions): Promise<AuthResponse>;
     /**
      * Signs out the currently authenticated user.
      * Deletes the token on the server and clears local auth state.

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "feeef",
   "description": "feeef sdk for javascript",
-  "version": "0.9.3",
+  "version": "0.9.5",
   "main": "build/index.js",
   "type": "module",
   "files": [