reddy-api-srm 1.0.12 → 1.1.0

package/dist/src/auth/login.d.ts

@@ -0,0 +1,14 @@
+import type { LoginResult } from "../type/auth";
+/**
+ * One-call login function that handles the complete authentication flow:
+ * 1. Verify user exists
+ * 2. Verify password
+ * 3. If concurrent session limit hit → auto-terminate → retry login
+ * 4. Return cookies or error
+ *
+ * @param email - SRM email address (e.g., hm3276@srmist.edu.in)
+ * @param password - Account password
+ * @param maxRetries - Max number of terminate + retry attempts (default: 2)
+ */
+export declare function login(email: string, password: string, maxRetries?: number): Promise<LoginResult>;
+//# sourceMappingURL=login.d.ts.map

package/dist/src/auth/login.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../src/auth/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAKhD;;;;;;;;;;GAUG;AACH,wBAAsB,KAAK,CACzB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,UAAU,GAAE,MAAU,GACrB,OAAO,CAAC,WAAW,CAAC,CAgGtB"}

package/dist/src/auth/login.js

@@ -0,0 +1,96 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.login = login;
+const validateUser_1 = require("./validateUser");
+const validatePassword_1 = require("./validatePassword");
+const terminateSessions_1 = require("./terminateSessions");
+/**
+ * One-call login function that handles the complete authentication flow:
+ * 1. Verify user exists
+ * 2. Verify password
+ * 3. If concurrent session limit hit → auto-terminate → retry login
+ * 4. Return cookies or error
+ *
+ * @param email - SRM email address (e.g., hm3276@srmist.edu.in)
+ * @param password - Account password
+ * @param maxRetries - Max number of terminate + retry attempts (default: 2)
+ */
+async function login(email, password, maxRetries = 2) {
+    // Step 1: Verify user
+    const userResult = await (0, validateUser_1.validateUser)(email);
+    if (userResult.error || !userResult.data) {
+        return {
+            isAuthenticated: false,
+            error: userResult.error ?? "Failed to verify user",
+            errorReason: userResult.errorReason,
+        };
+    }
+    if (userResult.data.status_code !== 200 &&
+        userResult.data.status_code !== 201) {
+        return {
+            isAuthenticated: false,
+            error: userResult.data.message ?? "User not found",
+        };
+    }
+    const { identifier, digest } = userResult.data;
+    if (!identifier || !digest) {
+        return {
+            isAuthenticated: false,
+            error: "User verification failed - missing identifier or digest",
+        };
+    }
+    // Step 2: Attempt login (with retry on concurrent session limit)
+    for (let attempt = 0; attempt <= maxRetries; attempt++) {
+        const authResult = await (0, validatePassword_1.validatePassword)({
+            identifier,
+            digest,
+            password,
+        });
+        if (authResult.error) {
+            return {
+                isAuthenticated: false,
+                error: authResult.error,
+                errorReason: authResult.errorReason,
+            };
+        }
+        if (authResult.isAuthenticated && authResult.data?.cookies) {
+            return {
+                cookies: authResult.data.cookies,
+                isAuthenticated: true,
+                userInfo: { identifier, digest },
+            };
+        }
+        // Check for concurrent session limit
+        const isConcurrent = authResult.data?.isConcurrentLimit ||
+            authResult.data?.statusCode === 435;
+        if (isConcurrent && attempt < maxRetries) {
+            // Auto-terminate existing sessions
+            const termResult = await (0, terminateSessions_1.terminateSessions)({
+                flowId: authResult.data?.flowId ?? null,
+                identifier,
+                digest,
+                csrfToken: authResult.data?.csrfToken ?? undefined,
+                sessionCookie: authResult.data?.sessionCookie ?? undefined,
+            });
+            // Even if termination "fails", the server sometimes processes it
+            // Wait briefly before retrying
+            await new Promise((resolve) => setTimeout(resolve, 1000));
+            // If this is the last retry attempt, continue to fail gracefully
+            if (!termResult.success && attempt === maxRetries - 1) {
+                // One more attempt anyway — sometimes termination works server-side
+            }
+            continue;
+        }
+        // Not concurrent limit, and not authenticated — something else is wrong
+        return {
+            isAuthenticated: false,
+            error: authResult.data?.message ??
+                "Authentication failed",
+        };
+    }
+    return {
+        isAuthenticated: false,
+        error: "Failed to authenticate after multiple attempts - concurrent session limit could not be resolved",
+    };
+}
+//# sourceMappingURL=login.js.map

package/dist/src/auth/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/auth/login.ts"],"names":[],"mappings":";;AAgBA,sBAoGC;AAnHD,iDAA8C;AAC9C,yDAAsD;AACtD,2DAAwD;AAExD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,KAAK,CACzB,KAAa,EACb,QAAgB,EAChB,aAAqB,CAAC;IAEtB,sBAAsB;IACtB,MAAM,UAAU,GAAG,MAAM,IAAA,2BAAY,EAAC,KAAK,CAAC,CAAC;IAE7C,IAAI,UAAU,CAAC,KAAK,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QACzC,OAAO;YACL,eAAe,EAAE,KAAK;YACtB,KAAK,EAAE,UAAU,CAAC,KAAK,IAAI,uBAAuB;YAClD,WAAW,EAAE,UAAU,CAAC,WAAW;SACpC,CAAC;IACJ,CAAC;IAED,IACE,UAAU,CAAC,IAAI,CAAC,WAAW,KAAK,GAAG;QACnC,UAAU,CAAC,IAAI,CAAC,WAAW,KAAK,GAAG,EACnC,CAAC;QACD,OAAO;YACL,eAAe,EAAE,KAAK;YACtB,KAAK,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO,IAAI,gBAAgB;SACnD,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC;IAE/C,IAAI,CAAC,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC;QAC3B,OAAO;YACL,eAAe,EAAE,KAAK;YACtB,KAAK,EAAE,yDAAyD;SACjE,CAAC;IACJ,CAAC;IAED,iEAAiE;IACjE,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,UAAU,EAAE,OAAO,EAAE,EAAE,CAAC;QACvD,MAAM,UAAU,GAAG,MAAM,IAAA,mCAAgB,EAAC;YACxC,UAAU;YACV,MAAM;YACN,QAAQ;SACT,CAAC,CAAC;QAEH,IAAI,UAAU,CAAC,KAAK,EAAE,CAAC;YACrB,OAAO;gBACL,eAAe,EAAE,KAAK;gBACtB,KAAK,EAAE,UAAU,CAAC,KAAK;gBACvB,WAAW,EAAE,UAAU,CAAC,WAAW;aACpC,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,CAAC,eAAe,IAAI,UAAU,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;YAC3D,OAAO;gBACL,OAAO,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;gBAChC,eAAe,EAAE,IAAI;gBACrB,QAAQ,EAAE,EAAE,UAAU,EAAE,MAAM,EAAE;aACjC,CAAC;QACJ,CAAC;QAED,qCAAqC;QACrC,MAAM,YAAY,GAChB,UAAU,CAAC,IAAI,EAAE,iBAAiB;YAClC,UAAU,CAAC,IAAI,EAAE,UAAU,KAAK,GAAG,CAAC;QAEtC,IAAI,YAAY,IAAI,OAAO,GAAG,UAAU,EAAE,CAAC;YACzC,mCAAmC;YACnC,MAAM,UAAU,GAAG,MAAM,IAAA,qCAAiB,EAAC;gBACzC,MAAM,EAAE,UAAU,CAAC,IAAI,EAAE,MAAM,IAAI,IAAI;gBACvC,UAAU;gBACV,MAAM;gBACN,SAAS,EAAE,UAAU,CAAC,IAAI,EAAE,SAAS,IAAI,SAAS;gBAClD,aAAa,EAAE,UAAU,CAAC,IAAI,EAAE,aAAa,IAAI,SAAS;aAC3D,CAAC,CAAC;YAEH,iEAAiE;YACjE,+BAA+B;YAC/B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;YAE1D,iEAAiE;YACjE,IAAI,CAAC,UAAU,CAAC,OAAO,IAAI,OAAO,KAAK,UAAU,GAAG,CAAC,EAAE,CAAC;gBACtD,oEAAoE;YACtE,CAAC;YAED,SAAS;QACX,CAAC;QAED,wEAAwE;QACxE,OAAO;YACL,eAAe,EAAE,KAAK;YACtB,KAAK,EACH,UAAU,CAAC,IAAI,EAAE,OAAO;gBACxB,uBAAuB;SAC1B,CAAC;IACJ,CAAC;IAED,OAAO;QACL,eAAe,EAAE,KAAK;QACtB,KAAK,EACH,iGAAiG;KACpG,CAAC;AACJ,CAAC"}

package/dist/src/auth/sessionSeed.d.ts

@@ -0,0 +1,7 @@
+import type { SessionSeed } from "../type/auth";
+/**
+ * Gets a fresh sign-in session from SRM's Zoho IAM.
+ * Returns cookies + CSRF token needed for subsequent auth requests.
+ */
+export declare function getSigninSessionHeaders(): Promise<SessionSeed>;
+//# sourceMappingURL=sessionSeed.d.ts.map

package/dist/src/auth/sessionSeed.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sessionSeed.d.ts","sourceRoot":"","sources":["../../../src/auth/sessionSeed.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEhD;;;GAGG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC,CAuCpE"}

package/dist/src/auth/sessionSeed.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getSigninSessionHeaders = getSigninSessionHeaders;
+/**
+ * Gets a fresh sign-in session from SRM's Zoho IAM.
+ * Returns cookies + CSRF token needed for subsequent auth requests.
+ */
+async function getSigninSessionHeaders() {
+    const signinUrl = "https://academia.srmist.edu.in/accounts/p/40-10002227248/signin?hide_fp=true&servicename=ZohoCreator&service_language=en&dcc=true&serviceurl=https%3A%2F%2Facademia.srmist.edu.in%2Fportal%2Facademia-academic-services%2FredirectFromLogin";
+    const seedRes = await fetch(signinUrl, {
+        method: "GET",
+        redirect: "manual",
+        headers: {
+            accept: "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
+            "accept-language": "en-US,en;q=0.9",
+        },
+    });
+    const setCookieHeaders = typeof seedRes.headers.getSetCookie === "function"
+        ? seedRes.headers.getSetCookie()
+        : [seedRes.headers.get("set-cookie")].filter(Boolean);
+    const cookiePairs = [];
+    let csrfToken = null;
+    for (const header of setCookieHeaders) {
+        const pair = header.split(";")[0]?.trim();
+        if (!pair || !pair.includes("="))
+            continue;
+        cookiePairs.push(pair);
+        if (pair.startsWith("iamcsr=")) {
+            csrfToken = pair.slice("iamcsr=".length);
+        }
+        if (!csrfToken && pair.startsWith("_zcsr_tmp=")) {
+            csrfToken = pair.slice("_zcsr_tmp=".length);
+        }
+    }
+    return {
+        cookie: cookiePairs.join("; "),
+        csrfToken,
+    };
+}
+//# sourceMappingURL=sessionSeed.js.map

package/dist/src/auth/sessionSeed.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sessionSeed.js","sourceRoot":"","sources":["../../../src/auth/sessionSeed.ts"],"names":[],"mappings":";;AAMA,0DAuCC;AA3CD;;;GAGG;AACI,KAAK,UAAU,uBAAuB;IAC3C,MAAM,SAAS,GACb,6OAA6O,CAAC;IAEhP,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;QACrC,MAAM,EAAE,KAAK;QACb,QAAQ,EAAE,QAAQ;QAClB,OAAO,EAAE;YACP,MAAM,EACJ,iEAAiE;YACnE,iBAAiB,EAAE,gBAAgB;SACpC;KACF,CAAC,CAAC;IAEH,MAAM,gBAAgB,GACpB,OAAO,OAAO,CAAC,OAAO,CAAC,YAAY,KAAK,UAAU;QAChD,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE;QAChC,CAAC,CAAE,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAc,CAAC;IAExE,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,IAAI,SAAS,GAAkB,IAAI,CAAC;IAEpC,KAAK,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;QAC1C,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,SAAS;QAC3C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEvB,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/B,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC3C,CAAC;QACD,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChD,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM,EAAE,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC;QAC9B,SAAS;KACV,CAAC;AACJ,CAAC"}

package/dist/src/auth/terminateSessions.d.ts

@@ -1,24 +1,9 @@
-export interface TerminateSessionsInput {
-    /** The concurrent session flow/ticket ID from validatePassword (isConcurrentLimit response) */
-    flowId: string | null;
-    /** Zoho identifier from verifyUser */
-    identifier: string;
-    /** Zoho digest from verifyUser */
-    digest: string;
-    /** Optional CSRF token (value of iamcsr cookie, without the prefix) */
-    csrfToken?: string;
-    /** Optional cookie string from validatePassword pre-announcement flow */
-    sessionCookie?: string;
-}
-
-export interface TerminateSessionsResult {
-    success: boolean;
-    status?: number;
-    /** Which strategy succeeded: "block-sessions" | "webclient-delete" | "none" */
-    strategy?: string;
-    data?: unknown;
-    error?: string;
-    errorReason?: unknown;
-}
-
-export declare function terminateSessions(params: TerminateSessionsInput): Promise<TerminateSessionsResult>;
+import type { TerminateSessionsInput, TerminateSessionsResult } from "../type/auth";
+/**
+ * Terminates all concurrent/existing sessions for a user on SRM Academia.
+ *
+ * Uses the Zoho preannouncement block-sessions DELETE endpoint (Strategy 3),
+ * which is the most reliable. Falls back to POST and webclient DELETE if needed.
+ */
+export declare function terminateSessions({ flowId, identifier, digest, csrfToken, sessionCookie, }: TerminateSessionsInput): Promise<TerminateSessionsResult>;
+//# sourceMappingURL=terminateSessions.d.ts.map

package/dist/src/auth/terminateSessions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"terminateSessions.d.ts","sourceRoot":"","sources":["../../../src/auth/terminateSessions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,sBAAsB,EACtB,uBAAuB,EACxB,MAAM,cAAc,CAAC;AAEtB;;;;;GAKG;AACH,wBAAsB,iBAAiB,CAAC,EACtC,MAAM,EACN,UAAU,EACV,MAAM,EACN,SAAS,EACT,aAAa,GACd,EAAE,sBAAsB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CA6K3D"}

package/dist/src/auth/terminateSessions.js

@@ -1,44 +1,67 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.terminateSessions = terminateSessions;
-
 /**
  * Terminates all concurrent/existing sessions for a user on SRM Academia.
  *
- * SRM uses Zoho Accounts for IAM. When the 2-device limit is hit during login,
- * the server redirects to a "block-sessions" preannouncement page where the user
- * can terminate old sessions to continue with the new login.
- *
- * Two strategies are tried in sequence:
- *
- * Strategy 1 – Block-Sessions page POST (login-time termination):
- *   POST https://academia.srmist.edu.in/accounts/p/40-10002227248/preannouncement/block-sessions
- *   with mode=terminate and the current login's digest/identifier.
- *   This is the endpoint hit when the user clicks "Terminate All Sessions" on the
- *   preannouncement page during a login attempt.
- *
- * Strategy 2 – webclient DELETE (session-ticket termination, used in "My Account → Sessions"):
- *   DELETE https://academia.srmist.edu.in/accounts/p/40-10002227248/webclient/v1/account/self/user/self/session/{SESSION_TICKET}
- *   with x-zcsrf-token header. Used to delete individual known sessions.
- *   flowId is used as the session ticket here if provided.
- *
- * @param {string} flowId      - The flow/session ID from validatePassword (concurrent limit response)
- * @param {string} identifier  - Zoho identifier from verifyUser
- * @param {string} digest      - Zoho digest from verifyUser
- * @param {string} [csrfToken] - Optional x-zcsrf-token value (extracted from iamcsr cookie)
+ * Uses the Zoho preannouncement block-sessions DELETE endpoint (Strategy 3),
+ * which is the most reliable. Falls back to POST and webclient DELETE if needed.
  */
-async function terminateSessions({ flowId, identifier, digest, csrfToken, sessionCookie }) {
+async function terminateSessions({ flowId, identifier, digest, csrfToken, sessionCookie, }) {
     const normalizedCsrfToken = csrfToken ??
         (((sessionCookie ?? "").match(/(?:^|;\s*)iamcsr=([^;]+)/) ??
             (sessionCookie ?? "").match(/(?:^|;\s*)_zcsr_tmp=([^;]+)/) ??
-            [])[1] ?? null);
-    // ── Strategy 1: Block-Sessions preannouncement POST ────────────────────────
-    // This is what fires when the user clicks "Terminate All Sessions" on the
-    // SRM concurrent-sessions warning page during a fresh login attempt.
+            [])?.[1] ??
+            null);
+    // ── Strategy 1: Announcement pre-blocksessions DELETE (most reliable) ──
+    if (sessionCookie) {
+        try {
+            const preBlockUrl = "https://academia.srmist.edu.in/accounts/p/40-10002227248/webclient/v1/announcement/pre/blocksessions";
+            const res = await fetch(preBlockUrl, {
+                method: "DELETE",
+                headers: {
+                    accept: "application/json, text/javascript, */*; q=0.01",
+                    "content-type": "application/x-www-form-urlencoded;charset=UTF-8",
+                    ...(normalizedCsrfToken
+                        ? {
+                            "X-ZCSRF-TOKEN": `iamcsrcoo=${encodeURIComponent(normalizedCsrfToken)}`,
+                        }
+                        : {}),
+                    cookie: sessionCookie,
+                    Referer: "https://academia.srmist.edu.in/accounts/p/40-10002227248/preannouncement/block-sessions",
+                    "Referrer-Policy": "strict-origin-when-cross-origin",
+                },
+            });
+            let data = null;
+            try {
+                data = (await res.json());
+            }
+            catch {
+                // Empty body is fine
+            }
+            if (res.ok ||
+                res.status === 200 ||
+                res.status === 202 ||
+                res.status === 204 ||
+                (data &&
+                    (String(data.status_code) === "204" ||
+                        data.code === "SUCCESS" ||
+                        data.code === "SES200"))) {
+                return {
+                    success: true,
+                    status: res.status,
+                    strategy: "announcement-pre-blocksessions",
+                    data,
+                };
+            }
+        }
+        catch {
+            // Continue to next strategy
+        }
+    }
+    // ── Strategy 2: Block-Sessions preannouncement POST ───────────────────
     try {
-        const blockSessionsUrl =
-            "https://academia.srmist.edu.in/accounts/p/40-10002227248/preannouncement/block-sessions";
-
+        const blockSessionsUrl = "https://academia.srmist.edu.in/accounts/p/40-10002227248/preannouncement/block-sessions";
         const body = new URLSearchParams({
             mode: "terminate",
             identifier: identifier ?? "",
@@ -46,14 +69,11 @@ async function terminateSessions({ flowId, identifier, digest, csrfToken, sessio
             cli_time: String(Date.now()),
             servicename: "ZohoCreator",
             service_language: "en",
-            serviceurl:
-                "https://academia.srmist.edu.in/portal/academia-academic-services/redirectFromLogin",
+            serviceurl: "https://academia.srmist.edu.in/portal/academia-academic-services/redirectFromLogin",
         });
-
-        // Append flowId if we have it (some Zoho versions need it in the body)
-        if (flowId) body.append("flowId", flowId);
-
-        const res1 = await fetch(blockSessionsUrl, {
+        if (flowId)
+            body.append("flowId", flowId);
+        const res = await fetch(blockSessionsUrl, {
             method: "POST",
             headers: {
                 accept: "*/*",
@@ -66,32 +86,38 @@ async function terminateSessions({ flowId, identifier, digest, csrfToken, sessio
                     ? { "x-zcsrf-token": `iamcsrcoo=${normalizedCsrfToken}` }
                     : {}),
                 ...(sessionCookie ? { cookie: sessionCookie } : {}),
-                Referer:
-                    "https://academia.srmist.edu.in/accounts/p/40-10002227248/signin?hide_fp=true&servicename=ZohoCreator&service_language=en&dcc=true&serviceurl=https%3A%2F%2Facademia.srmist.edu.in%2Fportal%2Facademia-academic-services%2FredirectFromLogin",
+                Referer: "https://academia.srmist.edu.in/accounts/p/40-10002227248/signin?hide_fp=true&servicename=ZohoCreator&service_language=en&dcc=true&serviceurl=https%3A%2F%2Facademia.srmist.edu.in%2Fportal%2Facademia-academic-services%2FredirectFromLogin",
                 "Referrer-Policy": "strict-origin-when-cross-origin",
             },
             body: body.toString(),
         });
-
-        if (res1.ok || res1.status === 200 || res1.status === 201 || res1.redirected) {
+        if (res.ok ||
+            res.status === 200 ||
+            res.status === 201 ||
+            res.redirected) {
             let data = null;
-            try { data = await res1.json(); } catch { /* redirect or empty body is fine */ }
-            return { success: true, status: res1.status, strategy: "block-sessions", data };
+            try {
+                data = await res.json();
+            }
+            catch {
+                // redirect or empty body is fine
+            }
+            return {
+                success: true,
+                status: res.status,
+                strategy: "block-sessions",
+                data,
+            };
         }
-
-        console.warn("[terminateSessions] Strategy 1 (block-sessions POST) returned:", res1.status);
-    } catch (e1) {
-        console.warn("[terminateSessions] Strategy 1 error:", e1);
     }
-
-    // ── Strategy 2: webclient DELETE by session ticket ─────────────────────────
-    // Used when we have a specific session ticket (flowId acts as session ticket).
-    // This is what the "My Account → Sessions" page uses to delete individual sessions.
+    catch {
+        // Continue to next strategy
+    }
+    // ── Strategy 3: webclient DELETE by session ticket ─────────────────────
     if (flowId) {
         try {
             const deleteUrl = `https://academia.srmist.edu.in/accounts/p/40-10002227248/webclient/v1/account/self/user/self/session/${encodeURIComponent(flowId)}`;
-
-            const res2 = await fetch(deleteUrl, {
+            const res = await fetch(deleteUrl, {
                 method: "DELETE",
                 headers: {
                     accept: "application/json, text/javascript, */*; q=0.01",
@@ -105,56 +131,33 @@ async function terminateSessions({ flowId, identifier, digest, csrfToken, sessio
                     "Referrer-Policy": "strict-origin-when-cross-origin",
                 },
             });
-
-            if (res2.ok || res2.status === 200 || res2.status === 202 || res2.status === 204) {
+            if (res.ok ||
+                res.status === 200 ||
+                res.status === 202 ||
+                res.status === 204) {
                 let data = null;
-                try { data = await res2.json(); } catch { /* 204 No Content is fine */ }
-                return { success: true, status: res2.status, strategy: "webclient-delete", data };
+                try {
+                    data = await res.json();
+                }
+                catch {
+                    // 204 No Content is fine
+                }
+                return {
+                    success: true,
+                    status: res.status,
+                    strategy: "webclient-delete",
+                    data,
+                };
             }
-
-            console.warn("[terminateSessions] Strategy 2 (webclient DELETE) returned:", res2.status);
-        } catch (e2) {
-            console.warn("[terminateSessions] Strategy 2 error:", e2);
         }
-    }
-    // ── Strategy 3: Announcement pre-blocksessions DELETE ───────────────────────
-    // This is what current SRM preannouncement page JS calls.
-    if (sessionCookie) {
-        try {
-            const preBlockUrl = "https://academia.srmist.edu.in/accounts/p/40-10002227248/webclient/v1/announcement/pre/blocksessions";
-            const res3 = await fetch(preBlockUrl, {
-                method: "DELETE",
-                headers: {
-                    accept: "application/json, text/javascript, */*; q=0.01",
-                    "content-type": "application/x-www-form-urlencoded;charset=UTF-8",
-                    ...(normalizedCsrfToken
-                        ? { "X-ZCSRF-TOKEN": `iamcsrcoo=${encodeURIComponent(normalizedCsrfToken)}` }
-                        : {}),
-                    cookie: sessionCookie,
-                    Referer: "https://academia.srmist.edu.in/accounts/p/40-10002227248/preannouncement/block-sessions",
-                    "Referrer-Policy": "strict-origin-when-cross-origin",
-                },
-            });
-            let data = null;
-            try {
-                data = await res3.json();
-            } catch (_) { }
-            if (res3.ok || res3.status === 200 || res3.status === 202 || res3.status === 204 ||
-                (data && (String(data.status_code) === "204" || data.code === "SUCCESS"))) {
-                return { success: true, status: res3.status, strategy: "announcement-pre-blocksessions", data };
-            }
-            console.warn("[terminateSessions] Strategy 3 (announcement pre-blocksessions DELETE) returned:", res3.status, data);
-        } catch (e3) {
-            console.warn("[terminateSessions] Strategy 3 error:", e3);
+        catch {
+            // All strategies exhausted
         }
     }
-
-    // Both strategies failed — return a non-fatal "best-effort" result.
-    // The caller (handleTerminateAndRetry) will still attempt to re-login because
-    // sometimes the termination succeeds server-side even if we get an odd HTTP response.
     return {
         success: false,
-        error: "Both termination strategies failed — re-login will still be attempted",
+        error: "All termination strategies failed — re-login will still be attempted",
         strategy: "none",
     };
 }
+//# sourceMappingURL=terminateSessions.js.map

package/dist/src/auth/terminateSessions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"terminateSessions.js","sourceRoot":"","sources":["../../../src/auth/terminateSessions.ts"],"names":[],"mappings":";;AAWA,8CAmLC;AAzLD;;;;;GAKG;AACI,KAAK,UAAU,iBAAiB,CAAC,EACtC,MAAM,EACN,UAAU,EACV,MAAM,EACN,SAAS,EACT,aAAa,GACU;IACvB,MAAM,mBAAmB,GACvB,SAAS;QACT,CAAC,CAAC,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC;YACvD,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,6BAA6B,CAAC;YAC1D,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YACR,IAAI,CAAC,CAAC;IAEV,0EAA0E;IAC1E,IAAI,aAAa,EAAE,CAAC;QAClB,IAAI,CAAC;YACH,MAAM,WAAW,GACf,sGAAsG,CAAC;YAEzG,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,QAAQ;gBAChB,OAAO,EAAE;oBACP,MAAM,EAAE,gDAAgD;oBACxD,cAAc,EACZ,iDAAiD;oBACnD,GAAG,CAAC,mBAAmB;wBACrB,CAAC,CAAC;4BACE,eAAe,EAAE,aAAa,kBAAkB,CAAC,mBAAmB,CAAC,EAAE;yBACxE;wBACH,CAAC,CAAC,EAAE,CAAC;oBACP,MAAM,EAAE,aAAa;oBACrB,OAAO,EACL,yFAAyF;oBAC3F,iBAAiB,EAAE,iCAAiC;iBACrD;aACF,CAAC,CAAC;YAEH,IAAI,IAAI,GAAmC,IAAI,CAAC;YAChD,IAAI,CAAC;gBACH,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA4B,CAAC;YACvD,CAAC;YAAC,MAAM,CAAC;gBACP,qBAAqB;YACvB,CAAC;YAED,IACE,GAAG,CAAC,EAAE;gBACN,GAAG,CAAC,MAAM,KAAK,GAAG;gBAClB,GAAG,CAAC,MAAM,KAAK,GAAG;gBAClB,GAAG,CAAC,MAAM,KAAK,GAAG;gBAClB,CAAC,IAAI;oBACH,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,KAAK;wBACjC,IAAI,CAAC,IAAI,KAAK,SAAS;wBACvB,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,EAC5B,CAAC;gBACD,OAAO;oBACL,OAAO,EAAE,IAAI;oBACb,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,QAAQ,EAAE,gCAAgC;oBAC1C,IAAI;iBACL,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,4BAA4B;QAC9B,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,IAAI,CAAC;QACH,MAAM,gBAAgB,GACpB,yFAAyF,CAAC;QAE5F,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;YAC/B,IAAI,EAAE,WAAW;YACjB,UAAU,EAAE,UAAU,IAAI,EAAE;YAC5B,MAAM,EAAE,MAAM,IAAI,EAAE;YACpB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;YAC5B,WAAW,EAAE,aAAa;YAC1B,gBAAgB,EAAE,IAAI;YACtB,UAAU,EACR,oFAAoF;SACvF,CAAC,CAAC;QAEH,IAAI,MAAM;YAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAE1C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,gBAAgB,EAAE;YACxC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,MAAM,EAAE,KAAK;gBACb,iBAAiB,EAAE,gBAAgB;gBACnC,cAAc,EACZ,iDAAiD;gBACnD,gBAAgB,EAAE,OAAO;gBACzB,gBAAgB,EAAE,MAAM;gBACxB,gBAAgB,EAAE,aAAa;gBAC/B,GAAG,CAAC,mBAAmB;oBACrB,CAAC,CAAC,EAAE,eAAe,EAAE,aAAa,mBAAmB,EAAE,EAAE;oBACzD,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACnD,OAAO,EACL,6OAA6O;gBAC/O,iBAAiB,EAAE,iCAAiC;aACrD;YACD,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;SACtB,CAAC,CAAC;QAEH,IACE,GAAG,CAAC,EAAE;YACN,GAAG,CAAC,MAAM,KAAK,GAAG;YAClB,GAAG,CAAC,MAAM,KAAK,GAAG;YAClB,GAAG,CAAC,UAAU,EACd,CAAC;YACD,IAAI,IAAI,GAAG,IAAI,CAAC;YAChB,IAAI,CAAC;gBACH,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAC1B,CAAC;YAAC,MAAM,CAAC;gBACP,iCAAiC;YACnC,CAAC;YACD,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,QAAQ,EAAE,gBAAgB;gBAC1B,IAAI;aACL,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,4BAA4B;IAC9B,CAAC;IAED,0EAA0E;IAC1E,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,wGAAwG,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC;YAEvJ,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;gBACjC,MAAM,EAAE,QAAQ;gBAChB,OAAO,EAAE;oBACP,MAAM,EAAE,gDAAgD;oBACxD,iBAAiB,EAAE,gBAAgB;oBACnC,kBAAkB,EAAE,gBAAgB;oBACpC,GAAG,CAAC,mBAAmB;wBACrB,CAAC,CAAC,EAAE,eAAe,EAAE,aAAa,mBAAmB,EAAE,EAAE;wBACzD,CAAC,CAAC,EAAE,CAAC;oBACP,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACnD,OAAO,EAAE,2BAA2B;oBACpC,iBAAiB,EAAE,iCAAiC;iBACrD;aACF,CAAC,CAAC;YAEH,IACE,GAAG,CAAC,EAAE;gBACN,GAAG,CAAC,MAAM,KAAK,GAAG;gBAClB,GAAG,CAAC,MAAM,KAAK,GAAG;gBAClB,GAAG,CAAC,MAAM,KAAK,GAAG,EAClB,CAAC;gBACD,IAAI,IAAI,GAAG,IAAI,CAAC;gBAChB,IAAI,CAAC;oBACH,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;gBAC1B,CAAC;gBAAC,MAAM,CAAC;oBACP,yBAAyB;gBAC3B,CAAC;gBACD,OAAO;oBACL,OAAO,EAAE,IAAI;oBACb,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,QAAQ,EAAE,kBAAkB;oBAC5B,IAAI;iBACL,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,KAAK;QACd,KAAK,EACH,sEAAsE;QACxE,QAAQ,EAAE,MAAM;KACjB,CAAC;AACJ,CAAC"}

package/dist/src/auth/validatePassword.d.ts

@@ -1,3 +1,3 @@
-import { PasswordInput, AuthResult } from "../type/auth";
+import type { AuthResult, PasswordInput } from "../type/auth";
 export declare function validatePassword({ identifier, digest, password, }: PasswordInput): Promise<AuthResult>;
 //# sourceMappingURL=validatePassword.d.ts.map

package/dist/src/auth/validatePassword.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"validatePassword.d.ts","sourceRoot":"","sources":["../../../src/auth/validatePassword.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAoB,UAAU,EAAE,MAAM,cAAc,CAAC;AAE3E,wBAAsB,gBAAgB,CAAC,EACrC,UAAU,EACV,MAAM,EACN,QAAQ,GACT,EAAE,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC,CA8DrC"}
+{"version":3,"file":"validatePassword.d.ts","sourceRoot":"","sources":["../../../src/auth/validatePassword.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAgE9D,wBAAsB,gBAAgB,CAAC,EACrC,UAAU,EACV,MAAM,EACN,QAAQ,GACT,EAAE,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC,CAgUrC"}