formreader-session-timeout 0.2.3 → 0.2.5

package/dist/index.js

@@ -24,12 +24,17 @@ __export(session_timeout_exports, {
   SessionStatus: () => SessionStatus,
   clearToken: () => clearToken,
   getSessionManager: () => getSessionManager,
+  getStoredRefreshToken: () => getStoredRefreshToken,
   getStoredToken: () => getStoredToken,
   getTimeUntilExpiry: () => getTimeUntilExpiry,
   getTokenInfo: () => getTokenInfo,
+  initializeAuth: () => initializeAuth,
+  isAuthenticated: () => isAuthenticated,
   isTokenExpired: () => isTokenExpired,
   resetSessionManager: () => resetSessionManager,
+  storeRefreshToken: () => storeRefreshToken,
   storeToken: () => storeToken,
+  triggerAuthChange: () => triggerAuthChange,
   useSessionTimeout: () => useSessionTimeout,
   validateToken: () => validateToken
 });
@@ -47,11 +52,18 @@ var DEFAULT_SESSION_CONFIG = {
   // 8 hours max
   refreshEndpoint: "/auth/refresh/",
   logoutEndpoint: "/auth/logout/",
+  trackIdleTime: true,
   showIdleWarning: true,
   idleWarningThresholdMs: 2 * 60 * 1e3,
   // 2 minutes before idle timeout
   autoRefresh: true,
-  debug: false
+  debug: false,
+  accessTokenField: "access",
+  refreshTokenField: "refresh",
+  refreshAccessTokenField: "access",
+  refreshRefreshTokenField: "refresh",
+  storeRefreshToken: true,
+  validateOnInit: true
 };
 
 // services/tokenService.ts
@@ -101,34 +113,25 @@ function getTimeUntilExpiry(token) {
 function getStoredToken() {
   return sessionStorage.getItem("authToken") || localStorage.getItem("authToken");
 }
+function getStoredRefreshToken() {
+  return sessionStorage.getItem("refreshToken") || localStorage.getItem("refreshToken");
+}
 function storeToken(token, persistent = false) {
-  if (persistent) {
-    localStorage.setItem("authToken", token);
-    sessionStorage.removeItem("authToken");
-  } else {
-    sessionStorage.setItem("authToken", token);
-    localStorage.removeItem("authToken");
-  }
+  const storage = persistent ? localStorage : sessionStorage;
+  storage.setItem("authToken", token);
+}
+function storeRefreshToken(token, persistent = false) {
+  const storage = persistent ? localStorage : sessionStorage;
+  storage.setItem("refreshToken", token);
 }
 function clearToken() {
   sessionStorage.removeItem("authToken");
   localStorage.removeItem("authToken");
+  sessionStorage.removeItem("refreshToken");
+  localStorage.removeItem("refreshToken");
 }
 function validateToken(token) {
-  if (!token || typeof token !== "string") {
-    return { valid: false, error: "Token is missing or invalid" };
-  }
-  const payload = decodeJWT(token);
-  if (!payload) {
-    return { valid: false, error: "Failed to decode token" };
-  }
-  if (!payload.exp) {
-    return { valid: false, error: "Token missing expiry time" };
-  }
-  if (isTokenExpired(token)) {
-    return { valid: false, error: "Token has expired" };
-  }
-  return { valid: true };
+  return decodeJWT(token) !== null;
 }
 
 // services/sessionManager.ts
@@ -149,6 +152,20 @@ function defaultFetchClient() {
     }
   };
 }
+function extractTokenFromResponse(response, fieldName = "access") {
+  if (!response)
+    return null;
+  const parts = fieldName.split(".");
+  let value = response;
+  for (const part of parts) {
+    if (value && typeof value === "object") {
+      value = value[part];
+    } else {
+      return null;
+    }
+  }
+  return typeof value === "string" ? value : null;
+}
 var SessionManager = class {
   constructor(config) {
     this.refreshTimer = null;
@@ -171,20 +188,50 @@ var SessionManager = class {
     this.log("SessionManager initialized with config:", this.config);
   }
   /**
-   * Initialize session management
+   * Initialize session management with optional login response
+   * Extracts and stores tokens from login response using configured field names
    */
-  init() {
-    const token = getStoredToken();
+  init(loginResponse) {
+    const token = loginResponse ? extractTokenFromResponse(loginResponse, this.config.accessTokenField || "access") : getStoredToken();
     if (!token) {
       this.log("No token found, session not initialized");
+      this.emit("noToken");
       return;
     }
+    storeToken(token);
+    if (this.config.storeRefreshToken && loginResponse) {
+      const refreshToken = extractTokenFromResponse(
+        loginResponse,
+        this.config.refreshTokenField || "refresh"
+      );
+      if (refreshToken) {
+        storeRefreshToken(refreshToken);
+        this.log("Refresh token stored");
+      }
+    }
     const validation = validateToken(token);
-    if (!validation.valid) {
-      this.log("Invalid token:", validation.error);
+    if (!validation) {
+      this.log("Invalid token format");
+      this.emit("invalidToken");
       this.logout();
       return;
     }
+    if (isTokenExpired(token)) {
+      this.log("Token is expired, attempting refresh");
+      this.emit("tokenExpired");
+      const refreshToken = getStoredRefreshToken();
+      if (refreshToken && this.config.autoRefresh) {
+        this.refreshToken().then((success) => {
+          if (!success) {
+            this.logout();
+          }
+        });
+        return;
+      } else {
+        this.logout();
+        return;
+      }
+    }
     this.state.isActive = true;
     this.setupTokenRefresh();
     this.setupIdleTracking();
@@ -201,43 +248,33 @@ var SessionManager = class {
       return;
     const timeUntilExpiry = getTimeUntilExpiry(token);
     const refreshAt = Math.max(0, timeUntilExpiry - this.config.refreshThresholdMs);
-    this.log(`Token expires in ${timeUntilExpiry}ms, will refresh in ${refreshAt}ms`);
     if (this.refreshTimer) {
       clearTimeout(this.refreshTimer);
     }
-    if (this.config.autoRefresh && refreshAt > 0) {
-      this.refreshTimer = setTimeout(() => {
-        this.log("Scheduled token refresh triggered");
-        this.refreshToken();
-      }, refreshAt);
-    } else if (refreshAt <= 0 && this.config.autoRefresh) {
-      this.log("Token near expiry, refreshing immediately");
+    this.refreshTimer = setTimeout(() => {
+      this.log("Token refresh threshold reached, triggering refresh");
       this.refreshToken();
-    }
+    }, refreshAt);
+    this.log(`Token refresh scheduled in ${refreshAt}ms`);
   }
   /**
-   * Setup idle activity tracking
+   * Setup idle tracking with activity listeners
    */
   setupIdleTracking() {
-    const events = ["mousedown", "keydown", "scroll", "touchstart", "click"];
+    if (!this.config.trackIdleTime)
+      return;
     const handleActivity = () => {
       this.state.lastActivityTime = Date.now();
       this.state.isIdle = false;
       this.emit("activity");
-      if (this.idleTimer) {
-        clearTimeout(this.idleTimer);
-      }
-      this.idleTimer = setTimeout(() => {
-        var _a, _b;
-        this.state.isIdle = true;
-        this.emit("idle");
-        this.log("User idle timeout triggered");
-        (_b = (_a = this.config).onIdle) == null ? void 0 : _b.call(_a);
-      }, this.config.idleTimeoutMs);
     };
+    const events = ["mousedown", "keydown", "scroll", "touchstart", "click"];
     events.forEach((event) => {
-      window.addEventListener(event, handleActivity, { passive: true });
+      window.addEventListener(event, handleActivity, true);
     });
+    if (this.idleTimer) {
+      clearTimeout(this.idleTimer);
+    }
     this.idleTimer = setTimeout(() => {
       var _a, _b;
       this.state.isIdle = true;
@@ -269,7 +306,7 @@ var SessionManager = class {
     }, this.config.maxSessionDurationMs);
   }
   /**
-   * Refresh token
+   * Refresh token using stored refresh token
    */
   async refreshToken() {
     var _a, _b, _c, _d;
@@ -279,23 +316,49 @@ var SessionManager = class {
     }
     this.state.isRefreshing = true;
     this.state.refreshAttempts++;
-    const token = getStoredToken();
-    if (!token) {
+    const accessToken = getStoredToken();
+    const refreshToken = getStoredRefreshToken();
+    if (!accessToken && !refreshToken) {
       this.state.isRefreshing = false;
       return false;
     }
     try {
       this.log(`Refreshing token (attempt ${this.state.refreshAttempts})`);
       const client = this.config.httpClient || defaultFetchClient();
-      const refreshPayload = this.config.refreshPayloadFormatter ? this.config.refreshPayloadFormatter(token) : { token };
-      const refreshPromise = client.post(this.config.refreshEndpoint, refreshPayload, { headers: { Authorization: `Bearer ${token}` } });
+      const refreshPayload = this.config.refreshPayloadFormatter ? this.config.refreshPayloadFormatter(accessToken || "", refreshToken) : {
+        refresh: refreshToken || accessToken,
+        token: accessToken
+      };
+      const refreshPromise = client.post(
+        this.config.refreshEndpoint,
+        refreshPayload,
+        {
+          headers: {
+            Authorization: `Bearer ${accessToken || refreshToken}`
+          }
+        }
+      );
       this.requestDeduplication.set("refresh", refreshPromise);
       const response = await refreshPromise;
-      const newToken = response.data.token || response.data.access_token;
-      if (!newToken) {
-        throw new Error("No token in refresh response");
+      const responseData = response.data;
+      const newAccessToken = extractTokenFromResponse(
+        responseData,
+        this.config.refreshAccessTokenField || "access"
+      );
+      if (!newAccessToken) {
+        throw new Error("No access token in refresh response");
+      }
+      storeToken(newAccessToken);
+      if (this.config.storeRefreshToken) {
+        const newRefreshToken = extractTokenFromResponse(
+          responseData,
+          this.config.refreshRefreshTokenField || "refresh"
+        );
+        if (newRefreshToken) {
+          storeRefreshToken(newRefreshToken);
+          this.log("Refresh token updated");
+        }
       }
-      storeToken(newToken);
       this.state.isRefreshing = false;
       this.state.refreshAttempts = 0;
       this.requestDeduplication.delete("refresh");
@@ -317,41 +380,55 @@ var SessionManager = class {
     }
   }
   /**
-   * Logout and cleanup
+   * Manual logout
    */
   async logout() {
     var _a, _b;
+    this.log("Logging out");
     try {
       const token = getStoredToken();
-      if (token) {
+      if (token && this.config.logoutEndpoint) {
         const client = this.config.httpClient || defaultFetchClient();
-        const logoutPayload = this.config.logoutPayloadFormatter ? this.config.logoutPayloadFormatter(token) : { token };
-        await client.post(this.config.logoutEndpoint, logoutPayload, { headers: { Authorization: `Bearer ${token}` } });
+        const logoutPayload = this.config.logoutPayloadFormatter ? this.config.logoutPayloadFormatter(token, getStoredRefreshToken()) : { token };
+        await client.post(this.config.logoutEndpoint, logoutPayload, {
+          headers: { Authorization: `Bearer ${token}` }
+        });
       }
     } catch (error) {
-      this.log("Logout API call failed:", error);
+      this.log("Logout request failed:", error);
     }
-    this.cleanup();
+    clearToken();
     this.state.isActive = false;
     this.emit("loggedOut");
-    (_b = (_a = this.config).onSessionExpired) == null ? void 0 : _b.call(_a);
-    clearToken();
+    (_b = (_a = this.config).onLogout) == null ? void 0 : _b.call(_a);
+    this.cleanup();
   }
   /**
-   * Extend session (reset idle timer)
+   * Check if session is active and token is valid
    */
-  extendSession() {
-    this.state.lastActivityTime = Date.now();
-    this.state.isIdle = false;
-    if (this.idleTimer) {
-      clearTimeout(this.idleTimer);
+  isActive() {
+    if (!this.state.isActive)
+      return false;
+    const token = getStoredToken();
+    if (!token)
+      return false;
+    return !isTokenExpired(token);
+  }
+  /**
+   * Validate current session without initializing
+   */
+  validateSession() {
+    const token = getStoredToken();
+    if (!token) {
+      return { isValid: false, reason: "no_token" };
     }
-    this.idleTimer = setTimeout(() => {
-      this.state.isIdle = true;
-      this.emit("idle");
-    }, this.config.idleTimeoutMs);
-    this.log("Session extended");
-    this.emit("sessionExtended");
+    if (!validateToken(token)) {
+      return { isValid: false, reason: "invalid_token" };
+    }
+    if (isTokenExpired(token)) {
+      return { isValid: false, reason: "token_expired" };
+    }
+    return { isValid: true };
   }
   /**
    * Get current state
@@ -360,13 +437,7 @@ var SessionManager = class {
     return { ...this.state };
   }
   /**
-   * Get current config
-   */
-  getConfig() {
-    return { ...this.config };
-  }
-  /**
-   * Update config
+   * Update config at runtime
    */
   updateConfig(newConfig) {
     this.config = { ...this.config, ...newConfig };
@@ -456,122 +527,151 @@ function resetSessionManager() {
   }
 }
 
+// utils/authUtils.ts
+function isAuthenticated() {
+  const token = getStoredToken();
+  if (!token) {
+    return false;
+  }
+  if (!validateToken(token)) {
+    return false;
+  }
+  if (isTokenExpired(token)) {
+    return false;
+  }
+  return true;
+}
+async function initializeAuth(config) {
+  const manager = getSessionManager(config);
+  return new Promise((resolve) => {
+    const cleanup = [];
+    cleanup.push(manager.on("initialized", () => {
+      cleanup.forEach((fn) => fn());
+      resolve(true);
+    }));
+    cleanup.push(manager.on("noToken", () => {
+      cleanup.forEach((fn) => fn());
+      resolve(false);
+    }));
+    cleanup.push(manager.on("invalidToken", () => {
+      cleanup.forEach((fn) => fn());
+      resolve(false);
+    }));
+    cleanup.push(manager.on("tokenExpired", () => {
+      setTimeout(() => {
+        cleanup.forEach((fn) => fn());
+        resolve(manager.isActive());
+      }, 1e3);
+    }));
+    cleanup.push(manager.on("loggedOut", () => {
+      cleanup.forEach((fn) => fn());
+      resolve(false);
+    }));
+    manager.init();
+    setTimeout(() => {
+      cleanup.forEach((fn) => fn());
+      resolve(manager.isActive());
+    }, 3e3);
+  });
+}
+function triggerAuthChange() {
+  window.dispatchEvent(new CustomEvent("authChange"));
+}
+
 // hooks/useSessionTimeout.ts
 var import_react = require("react");
 function useSessionTimeout(options = {}) {
-  const {
-    config,
-    enabled = true,
-    onSessionExpiring,
-    onSessionExpired,
-    onIdle,
-    onRefreshSuccess
-  } = options;
-  const [sessionState, setSessionState] = (0, import_react.useState)({
+  const [state, setState] = (0, import_react.useState)({
     isActive: false,
     isIdle: false,
     lastActivityTime: Date.now(),
     refreshAttempts: 0,
     isRefreshing: false
   });
-  const [timeUntilIdle, setTimeUntilIdle] = (0, import_react.useState)(null);
-  const [idleWarningVisible, setIdleWarningVisible] = (0, import_react.useState)(false);
+  const [error, setError] = (0, import_react.useState)(null);
+  const [timeUntilTimeout, setTimeUntilTimeout] = (0, import_react.useState)(0);
+  const [timeUntilIdle, setTimeUntilIdle] = (0, import_react.useState)(0);
   const managerRef = (0, import_react.useRef)(null);
-  const unsubscribeRef = (0, import_react.useRef)(/* @__PURE__ */ new Map());
+  const updateTimerRef = (0, import_react.useRef)(null);
   (0, import_react.useEffect)(() => {
-    if (!enabled)
-      return;
-    const manager = getSessionManager({
-      ...config,
-      onSessionExpiring,
-      onSessionExpired,
-      onIdle,
-      onRefreshSuccess
-    });
+    const { loginResponse, autoInit, ...config } = options;
+    const manager = getSessionManager(config);
     managerRef.current = manager;
-    const subscriptions = /* @__PURE__ */ new Map();
-    subscriptions.set(
-      "initialized",
-      manager.on("initialized", () => {
-        setSessionState(manager.getState());
-      })
-    );
-    subscriptions.set(
-      "tokenRefreshed",
-      manager.on("tokenRefreshed", () => {
-        setSessionState(manager.getState());
-      })
-    );
-    subscriptions.set(
-      "idle",
-      manager.on("idle", () => {
-        setSessionState(manager.getState());
-      })
-    );
-    subscriptions.set(
-      "activity",
-      manager.on("activity", () => {
-        setSessionState(manager.getState());
-        setIdleWarningVisible(false);
-      })
-    );
-    subscriptions.set(
-      "idleWarning",
-      manager.on("idleWarning", (data) => {
-        setIdleWarningVisible(true);
-        setTimeUntilIdle(data.timeRemaining);
-      })
-    );
-    subscriptions.set(
-      "loggedOut",
-      manager.on("loggedOut", () => {
-        setSessionState(manager.getState());
-      })
-    );
-    unsubscribeRef.current = subscriptions;
-    manager.init();
+    const unsubscribeInitialized = manager.on("initialized", () => {
+      setState(manager.getState());
+    });
+    const unsubscribeTokenRefreshed = manager.on("tokenRefreshed", () => {
+      setState(manager.getState());
+    });
+    const unsubscribeRefreshFailed = manager.on("refreshFailed", (error2) => {
+      setError(error2);
+      setState(manager.getState());
+    });
+    const unsubscribeLogout = manager.on("logout", () => {
+      setState(manager.getState());
+    });
+    const unsubscribeIdle = manager.on("idle", () => {
+      setState(manager.getState());
+    });
+    const unsubscribeIdleWarning = manager.on("idleWarning", (data) => {
+      setTimeUntilIdle(data.timeRemaining);
+    });
+    const unsubscribeActivity = manager.on("activity", () => {
+      setTimeUntilIdle(0);
+    });
+    if (autoInit !== false && (autoInit === true || loginResponse)) {
+      manager.init(loginResponse);
+    }
     return () => {
-      subscriptions.forEach((unsub) => unsub());
-      unsubscribeRef.current.clear();
+      unsubscribeInitialized();
+      unsubscribeTokenRefreshed();
+      unsubscribeRefreshFailed();
+      unsubscribeLogout();
+      unsubscribeIdle();
+      unsubscribeIdleWarning();
+      unsubscribeActivity();
     };
-  }, [enabled, config, onSessionExpiring, onSessionExpired, onIdle, onRefreshSuccess]);
+  }, [options]);
   (0, import_react.useEffect)(() => {
-    if (!enabled || !sessionState.isActive)
+    var _a;
+    if (!((_a = managerRef.current) == null ? void 0 : _a.isActive())) {
       return;
-    const interval = setInterval(() => {
-      const manager = managerRef.current;
-      if (manager) {
-        setSessionState(manager.getState());
+    }
+    const updateCountdown = () => {
+      setState(managerRef.current.getState());
+    };
+    updateTimerRef.current = setInterval(updateCountdown, 1e3);
+    return () => {
+      if (updateTimerRef.current) {
+        clearInterval(updateTimerRef.current);
       }
-    }, 5e3);
-    return () => clearInterval(interval);
-  }, [enabled, sessionState.isActive]);
-  const extendSession = (0, import_react.useCallback)(() => {
-    var _a;
-    (_a = managerRef.current) == null ? void 0 : _a.extendSession();
+    };
   }, []);
   const refreshToken = (0, import_react.useCallback)(async () => {
-    var _a;
-    return (_a = managerRef.current) == null ? void 0 : _a.refreshToken();
+    if (managerRef.current) {
+      return managerRef.current.refreshToken();
+    }
+    return false;
   }, []);
   const logout = (0, import_react.useCallback)(async () => {
-    var _a;
-    return (_a = managerRef.current) == null ? void 0 : _a.logout();
+    if (managerRef.current) {
+      return managerRef.current.logout();
+    }
   }, []);
-  const updateConfig = (0, import_react.useCallback)((newConfig) => {
-    var _a;
-    (_a = managerRef.current) == null ? void 0 : _a.updateConfig(newConfig);
+  const dismissIdleWarning = (0, import_react.useCallback)(() => {
+    setTimeUntilIdle(0);
   }, []);
   return {
-    sessionState,
-    timeUntilExpiry: null,
+    isActive: state.isActive,
+    isIdle: state.isIdle,
+    isRefreshing: state.isRefreshing,
+    refreshAttempts: state.refreshAttempts,
+    timeUntilTimeout,
     timeUntilIdle,
-    idleWarningVisible,
-    extendSession,
+    error,
     refreshToken,
     logout,
-    updateConfig,
-    manager: managerRef.current
+    dismissIdleWarning
   };
 }
 
@@ -623,12 +723,17 @@ function SessionStatus() {
   SessionStatus,
   clearToken,
   getSessionManager,
+  getStoredRefreshToken,
   getStoredToken,
   getTimeUntilExpiry,
   getTokenInfo,
+  initializeAuth,
+  isAuthenticated,
   isTokenExpired,
   resetSessionManager,
+  storeRefreshToken,
   storeToken,
+  triggerAuthChange,
   useSessionTimeout,
   validateToken
 });