glitch-javascript-sdk 3.0.4 → 3.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/cjs/index.js +73 -55
  2. package/dist/cjs/index.js.map +1 -1
  3. package/dist/esm/index.js +73 -55
  4. package/dist/esm/index.js.map +1 -1
  5. package/dist/esm/util/Storage.d.ts +2 -0
  6. package/dist/index.d.ts +2 -0
  7. package/package.json +1 -1
  8. package/src/util/Storage.ts +84 -57
package/dist/esm/index.js CHANGED
@@ -5588,10 +5588,11 @@ var Storage = /** @class */ (function () {
5588
5588
  Storage.getStorageKey = function (key) {
5589
5589
  return Storage.rootDomain ? "".concat(Storage.rootDomain, ":").concat(key) : key;
5590
5590
  };
5591
+ Storage.shouldShareAcrossSubdomains = function (key) {
5592
+ return !!Storage.rootDomain && Storage.crossDomainKeys.has(key);
5593
+ };
5591
5594
  Storage.set = function (key, value) {
5592
- // 1. Always update in-memory fallback for the current process
5593
5595
  Storage.data[key] = value;
5594
- // 2. Only attempt browser storage if window exists
5595
5596
  if (typeof window !== 'undefined') {
5596
5597
  try {
5597
5598
  var serializedValue = JSON.stringify(value);
@@ -5602,17 +5603,31 @@ var Storage = /** @class */ (function () {
5602
5603
  var serializedValue = JSON.stringify(value);
5603
5604
  window.sessionStorage.setItem(Storage.getStorageKey(key), serializedValue);
5604
5605
  }
5605
- catch (e) {
5606
- try {
5607
- this.setCookie(key, value, 31);
5608
- }
5609
- catch (e) { }
5610
- }
5606
+ catch (e) { }
5607
+ }
5608
+ }
5609
+ // Important: shared session keys must be written to a root-domain cookie.
5610
+ if (Storage.shouldShareAcrossSubdomains(key)) {
5611
+ if (value === null || value === undefined) {
5612
+ Storage.eraseCookie(key);
5613
+ }
5614
+ else {
5615
+ Storage.setCookie(key, value, 31);
5611
5616
  }
5612
5617
  }
5613
5618
  };
5614
5619
  Storage.get = function (key) {
5615
- // 1. Try Browser Storage if available
5620
+ // Important: for shared session keys, cookie must win over localStorage.
5621
+ // Otherwise stale www.glitch.fun localStorage can override the real shared cookie.
5622
+ if (Storage.shouldShareAcrossSubdomains(key)) {
5623
+ try {
5624
+ var cookieValue = Storage.getCookie(key);
5625
+ if (cookieValue !== null && cookieValue !== undefined && cookieValue !== 'null') {
5626
+ return cookieValue;
5627
+ }
5628
+ }
5629
+ catch (e) { }
5630
+ }
5616
5631
  if (typeof window !== 'undefined') {
5617
5632
  try {
5618
5633
  var serializedValue = window.localStorage.getItem(Storage.getStorageKey(key));
@@ -5628,42 +5643,32 @@ var Storage = /** @class */ (function () {
5628
5643
  catch (e) { }
5629
5644
  }
5630
5645
  }
5631
- // 2. Try Cookie (getCookie is now SSR safe)
5632
- var value = null;
5633
5646
  try {
5634
- value = Storage.getCookie(key);
5647
+ var cookieValue = Storage.getCookie(key);
5648
+ if (cookieValue !== null && cookieValue !== undefined && cookieValue !== 'null') {
5649
+ return cookieValue;
5650
+ }
5635
5651
  }
5636
5652
  catch (e) { }
5637
- // 3. Fallback to in-memory data
5638
- if (!value) {
5639
- value = Storage.data[key];
5640
- }
5641
- return value;
5653
+ return Storage.data[key];
5642
5654
  };
5643
5655
  Storage.setAuthToken = function (token) {
5644
- if (Storage.rootDomain) {
5645
- if (token) {
5646
- this.setCookie('glitch_auth_token', token, 31);
5647
- }
5648
- else {
5649
- this.eraseCookie('glitch_auth_token');
5650
- }
5651
- }
5652
5656
  Storage.set('glitch_auth_token', token);
5653
5657
  };
5654
5658
  Storage.getAuthToken = function () {
5655
- var token = Storage.getCookie('glitch_auth_token');
5656
- if (!token || token === 'null') {
5657
- token = Storage.get('glitch_auth_token');
5658
- }
5659
- return (token === 'null' || !token) ? null : token;
5659
+ var token = Storage.get('glitch_auth_token');
5660
+ return token === 'null' || !token ? null : token;
5660
5661
  };
5661
5662
  Storage.eraseCookie = function (name) {
5662
- // Use typeof check to prevent ReferenceError
5663
- if (typeof document !== 'undefined') {
5663
+ if (typeof document === 'undefined')
5664
+ return;
5665
+ // Clear host-only cookie.
5666
+ document.cookie =
5667
+ "".concat(name, "=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=Lax; Secure");
5668
+ // Clear root-domain cookie.
5669
+ if (Storage.rootDomain) {
5664
5670
  document.cookie =
5665
- name +
5666
- '=; Secure; HttpOnly=false; SameSite=none; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
5671
+ "".concat(name, "=; Path=/; Domain=").concat(Storage.rootDomain, "; Expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=Lax; Secure");
5667
5672
  }
5668
5673
  };
5669
5674
  Storage.setCookie = function (name, value, days) {
@@ -5671,47 +5676,49 @@ var Storage = /** @class */ (function () {
5671
5676
  if (days) {
5672
5677
  var date = new Date();
5673
5678
  date.setTime(date.getTime() + days * 24 * 60 * 60 * 1000);
5674
- expires = '; expires=' + date.toUTCString();
5679
+ expires = '; Expires=' + date.toUTCString();
5675
5680
  }
5676
5681
  if (typeof document !== 'undefined') {
5682
+ var encodedValue = encodeURIComponent(JSON.stringify(value));
5677
5683
  document.cookie =
5678
- name +
5679
- '=' +
5680
- (value || '') +
5681
- expires +
5682
- '; path=/; domain=' +
5683
- Storage.rootDomain +
5684
- '; SameSite=Lax; Secure';
5684
+ "".concat(name, "=").concat(encodedValue).concat(expires, "; Path=/; Domain=").concat(Storage.rootDomain, "; SameSite=Lax; Secure");
5685
5685
  }
5686
5686
  };
5687
5687
  Storage.getCookie = function (name) {
5688
- // Use typeof check to prevent ReferenceError
5689
5688
  if (typeof document !== 'undefined') {
5690
5689
  var nameEQ = name + '=';
5691
5690
  var ca = document.cookie.split(';');
5692
5691
  for (var i = 0; i < ca.length; i++) {
5693
5692
  var c = ca[i];
5694
- while (c.charAt(0) == ' ')
5693
+ while (c.charAt(0) === ' ') {
5695
5694
  c = c.substring(1, c.length);
5696
- if (c.indexOf(nameEQ) == 0)
5697
- return c.substring(nameEQ.length, c.length);
5695
+ }
5696
+ if (c.indexOf(nameEQ) === 0) {
5697
+ var rawValue = c.substring(nameEQ.length, c.length);
5698
+ try {
5699
+ var decodedValue = decodeURIComponent(rawValue);
5700
+ return JSON.parse(decodedValue);
5701
+ }
5702
+ catch (e) {
5703
+ try {
5704
+ return decodeURIComponent(rawValue);
5705
+ }
5706
+ catch (e2) {
5707
+ return rawValue;
5708
+ }
5709
+ }
5710
+ }
5698
5711
  }
5699
5712
  }
5700
5713
  return null;
5701
5714
  };
5702
5715
  Storage.setTokenExpiry = function (expiresInSeconds) {
5703
- var expiryTime = Date.now() + (expiresInSeconds * 1000);
5716
+ var expiryTime = Date.now() + expiresInSeconds * 1000;
5704
5717
  Storage.set('glitch_token_expiry', expiryTime);
5705
- if (Storage.rootDomain && typeof document !== 'undefined') {
5706
- this.setCookie('glitch_token_expiry', expiryTime.toString(), 31);
5707
- }
5708
5718
  };
5709
5719
  Storage.getTokenExpiry = function () {
5710
- var expiry = Storage.getCookie('glitch_token_expiry');
5711
- if (!expiry) {
5712
- expiry = Storage.get('glitch_token_expiry');
5713
- }
5714
- return expiry ? parseInt(expiry) : null;
5720
+ var expiry = Storage.get('glitch_token_expiry');
5721
+ return expiry ? parseInt(String(expiry), 10) : null;
5715
5722
  };
5716
5723
  Storage.isTokenExpired = function () {
5717
5724
  var expiry = this.getTokenExpiry();
@@ -5721,6 +5728,17 @@ var Storage = /** @class */ (function () {
5721
5728
  };
5722
5729
  Storage.rootDomain = '';
5723
5730
  Storage.data = {};
5731
+ Storage.crossDomainKeys = new Set([
5732
+ 'glitch_auth_token',
5733
+ 'glitch_token_expiry',
5734
+ 'user_id',
5735
+ 'user_first_name',
5736
+ 'user_last_name',
5737
+ 'username',
5738
+ 'email',
5739
+ 'session_id',
5740
+ 'community_id',
5741
+ ]);
5724
5742
  return Storage;
5725
5743
  }());
5726
5744