npm - roboto-js - Versions diffs - 1.8.9 → 1.8.11 - Mend

roboto-js 1.8.9 → 1.8.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/.last-build CHANGED Viewed

	@@ -1 +1 @@
1	- 2025-11-~~12T07~~:28:57.~~602Z~~
1	+ 2025-11-14T12:07:32.032Z

package/dist/cjs/index.cjs CHANGED Viewed

@@ -55,7 +55,9 @@ var Roboto = exports["default"] = /*#__PURE__*/function () {
       disableWebSocket = _ref$disableWebSocket === void 0 ? false : _ref$disableWebSocket,
       metricsHost = _ref.metricsHost,
       _ref$useCookies = _ref.useCookies,
-      useCookies = _ref$useCookies === void 0 ? true : _ref$useCookies;
+      useCookies = _ref$useCookies === void 0 ? true : _ref$useCookies,
+      _ref$cookieDomain = _ref.cookieDomain,
+      cookieDomain = _ref$cookieDomain === void 0 ? 'auto' : _ref$cookieDomain;
     var proxyReq = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : null;
     _classCallCheck(this, Roboto);
     if (Roboto.instance && !proxyReq) {
@@ -69,11 +71,30 @@ var Roboto = exports["default"] = /*#__PURE__*/function () {
     // Auto-configure storage adaptor
     var storageAdaptor = localStorageAdaptor;
     if (!storageAdaptor && isBrowser && useCookies) {
+      // Determine cookie domain for cross-subdomain support
+      var domain = undefined;
+      if (cookieDomain === 'auto') {
+        // Auto-detect: extract root domain for cross-subdomain cookies
+        // e.g., "beta.ringable.ai" → ".ringable.ai"
+        var hostname = window.location.hostname;
+        var parts = hostname.split('.');
+        // Only set domain for multi-part domains (not localhost or IPs)
+        if (parts.length > 2 && !hostname.match(/^\d+\.\d+\.\d+\.\d+$/)) {
+          // Get last two parts (domain.tld) and prepend with dot
+          domain = '.' + parts.slice(-2).join('.');
+        }
+      } else if (cookieDomain && cookieDomain !== 'none') {
+        // Use explicitly provided domain
+        domain = cookieDomain;
+      }
       // Use cookies by default in browser for better server-side compatibility
       storageAdaptor = new _cookie_storage_adaptor["default"]({
         secure: window.location.protocol === 'https:',
         sameSite: 'Lax',
-        maxAge: 24 * 60 * 60 // 24 hours
+        maxAge: 24 * 60 * 60,
+        // 24 hours
+        domain: domain
       });
       // Set accessKey for server-side authentication (handled automatically by adapter)
       if (accessKey) {

package/dist/cjs/rbt_api.cjs CHANGED Viewed

@@ -60,7 +60,8 @@ var RbtApi = exports["default"] = /*#__PURE__*/function () {
       baseURL: baseUrl,
       headers: {
         'accesskey': accesskey
-      }
+      },
+      withCredentials: true // Enable sending cookies in cross-origin requests
     });
     this.axios.__rbtApiInstance = this;
     if (localStorageAdaptor) {

package/dist/esm/index.js CHANGED Viewed

@@ -28,7 +28,9 @@ var Roboto = /*#__PURE__*/function () {
       disableWebSocket = _ref$disableWebSocket === void 0 ? false : _ref$disableWebSocket,
       metricsHost = _ref.metricsHost,
       _ref$useCookies = _ref.useCookies,
-      useCookies = _ref$useCookies === void 0 ? true : _ref$useCookies;
+      useCookies = _ref$useCookies === void 0 ? true : _ref$useCookies,
+      _ref$cookieDomain = _ref.cookieDomain,
+      cookieDomain = _ref$cookieDomain === void 0 ? 'auto' : _ref$cookieDomain;
     var proxyReq = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : null;
     _classCallCheck(this, Roboto);
     if (Roboto.instance && !proxyReq) {
@@ -42,11 +44,30 @@ var Roboto = /*#__PURE__*/function () {
     // Auto-configure storage adaptor
     var storageAdaptor = localStorageAdaptor;
     if (!storageAdaptor && isBrowser && useCookies) {
+      // Determine cookie domain for cross-subdomain support
+      var domain = undefined;
+      if (cookieDomain === 'auto') {
+        // Auto-detect: extract root domain for cross-subdomain cookies
+        // e.g., "beta.ringable.ai" → ".ringable.ai"
+        var hostname = window.location.hostname;
+        var parts = hostname.split('.');
+        // Only set domain for multi-part domains (not localhost or IPs)
+        if (parts.length > 2 && !hostname.match(/^\d+\.\d+\.\d+\.\d+$/)) {
+          // Get last two parts (domain.tld) and prepend with dot
+          domain = '.' + parts.slice(-2).join('.');
+        }
+      } else if (cookieDomain && cookieDomain !== 'none') {
+        // Use explicitly provided domain
+        domain = cookieDomain;
+      }
       // Use cookies by default in browser for better server-side compatibility
       storageAdaptor = new CookieStorageAdaptor({
         secure: window.location.protocol === 'https:',
         sameSite: 'Lax',
-        maxAge: 24 * 60 * 60 // 24 hours
+        maxAge: 24 * 60 * 60,
+        // 24 hours
+        domain: domain
       });
       // Set accessKey for server-side authentication (handled automatically by adapter)
       if (accessKey) {

package/dist/esm/rbt_api.js CHANGED Viewed

@@ -53,7 +53,8 @@ var RbtApi = /*#__PURE__*/function () {
       baseURL: baseUrl,
       headers: {
         'accesskey': accesskey
-      }
+      },
+      withCredentials: true // Enable sending cookies in cross-origin requests
     });
     this.axios.__rbtApiInstance = this;
     if (localStorageAdaptor) {

package/dist/index.js CHANGED Viewed

@@ -89,19 +89,23 @@ var Roboto = /*#__PURE__*/function () {
     this.config.baseUrl = this._stripHttpsForDomains(this.config.baseUrl, ['localhost']);
     // Check if a request object is provided
-    if (proxyReq && proxyReq.headers) {
-      var header_authtoken = proxyReq.headers.authtoken;
-      var header_accesskey = proxyReq.headers.accesskey;
-      var header_apikey = proxyReq.headers.apikey;
+    if (proxyReq) {
+      var _proxyReq$headers, _proxyReq$headers2, _proxyReq$headers3;
+      // First priority: properties set by middleware (supports cookie-based auth)
+      // Second priority: custom headers (backward compatibility)
+      var req_authtoken = proxyReq.authToken || ((_proxyReq$headers = proxyReq.headers) === null || _proxyReq$headers === void 0 ? void 0 : _proxyReq$headers.authtoken);
+      var req_accesskey = proxyReq.accessKey || ((_proxyReq$headers2 = proxyReq.headers) === null || _proxyReq$headers2 === void 0 ? void 0 : _proxyReq$headers2.accesskey);
+      var req_apikey = proxyReq.apiKey || ((_proxyReq$headers3 = proxyReq.headers) === null || _proxyReq$headers3 === void 0 ? void 0 : _proxyReq$headers3.apikey);
       // Optionally add more headers as needed
-      if (header_authtoken) {
-        this.config.authtoken = header_authtoken; // Set the authtoken in the config
+      if (req_authtoken) {
+        this.config.authtoken = req_authtoken; // Set the authtoken in the config
       }
-      if (header_apikey) {
-        this.config.apikey = header_apikey; // Set the authtoken in the config
+      if (req_apikey) {
+        this.config.apikey = req_apikey; // Set the apikey in the config
       }
-      if (header_accesskey) {
-        this.config.accesskey = header_accesskey; // Set the accesskey in the config
+      if (req_accesskey) {
+        this.config.accesskey = req_accesskey; // Set the accesskey in the config
       }
     }
     this.api = new RbtApi(this.config);

package/dist/rbt_api.js CHANGED Viewed

@@ -1957,11 +1957,12 @@ var RbtApi = /*#__PURE__*/function () {
      * Performs a GET request to the specified endpoint.
      *
      * This method uses the Axios instance to make an authenticated GET request.
-     * The `authtoken` stored in the class instance is included in the request headers
-     * for authorization. It handles any errors and returns the response data.
+     * The `authtoken` and `accesskey` from axios defaults are automatically included.
+     * Additional custom headers can be passed and will be merged with the defaults.
      *
      * @param {string} endpoint - The endpoint URL to which the GET request is made.
      * @param {Object} [params={}] - Optional parameters to be sent with the request.
+     * @param {Object} [customHeaders=null] - Optional custom headers to merge with defaults.
      * @returns {Promise<Object>} - The response data from the API.
      */
     )
@@ -1970,7 +1971,8 @@ var RbtApi = /*#__PURE__*/function () {
     value: (function () {
       var _get = _asyncToGenerator(/*#__PURE__*/_regenerator().m(function _callee27(endpoint) {
         var params,
-          headers,
+          customHeaders,
+          config,
           response,
           _args27 = arguments,
           _t20;
@@ -1978,16 +1980,24 @@ var RbtApi = /*#__PURE__*/function () {
           while (1) switch (_context27.p = _context27.n) {
             case 0:
               params = _args27.length > 1 && _args27[1] !== undefined ? _args27[1] : {};
+              customHeaders = _args27.length > 2 && _args27[2] !== undefined ? _args27[2] : null;
               _context27.p = 1;
-              // Add the authToken to the headers
-              headers = {
-                authtoken: this.authtoken
-              }; // Make the GET request using Axios
+              // Build request config
+              config = {
+                params: params
+              }; // Only pass headers if custom headers are provided
+              // If no custom headers, let axios use its defaults automatically
+              // This ensures proper merging of all default headers (accesskey, authtoken, apikey)
+              if (customHeaders && Object.keys(customHeaders).length > 0) {
+                // When custom headers are provided, we need to manually merge with defaults
+                // Axios will handle merging when we pass them this way
+                config.headers = customHeaders;
+              }
+              // Otherwise, don't set config.headers at all - let axios use its defaults
+              // Make the GET request using Axios
               _context27.n = 2;
-              return this.axios.get(endpoint, {
-                params: params,
-                headers: headers
-              });
+              return this.axios.get(endpoint, config);
             case 2:
               response = _context27.v;
               if (!(response.data.ok === false)) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "roboto-js",
-  "version": "1.8.9",
+  "version": "1.8.11",
   "type": "module",
   "description": "",
   "main": "dist/cjs/index.cjs",

package/src/index.js CHANGED Viewed

@@ -20,9 +20,9 @@ export default class Roboto{
     return '1.7.3';
   }
-  constructor({ host, accessKey, apiKey, authToken, localStorageAdaptor, disableWebSocket = false, metricsHost, useCookies = true }, proxyReq = null) {
+  constructor({ host, accessKey, apiKey, authToken, localStorageAdaptor, disableWebSocket = false, metricsHost, useCookies = true, cookieDomain = 'auto' }, proxyReq = null) {
-    console.log('[Roboto] constructor', { host, accessKey, apiKey, authToken, localStorageAdaptor, disableWebSocket, metricsHost, useCookies, proxyReq });
+    console.log('[Roboto] constructor', { host, accessKey, apiKey, authToken, localStorageAdaptor, disableWebSocket, metricsHost, useCookies, cookieDomain, proxyReq });
     if (Roboto.instance && !proxyReq) {
       // if on client, there can only be one instance
@@ -36,11 +36,31 @@ export default class Roboto{
     // Auto-configure storage adaptor
     let storageAdaptor = localStorageAdaptor;
     if (!storageAdaptor && isBrowser && useCookies) {
+      // Determine cookie domain for cross-subdomain support
+      let domain = undefined;
+      if (cookieDomain === 'auto') {
+        // Auto-detect: extract root domain for cross-subdomain cookies
+        // e.g., "beta.ringable.ai" → ".ringable.ai"
+        const hostname = window.location.hostname;
+        const parts = hostname.split('.');
+        // Only set domain for multi-part domains (not localhost or IPs)
+        if (parts.length > 2 && !hostname.match(/^\d+\.\d+\.\d+\.\d+$/)) {
+          // Get last two parts (domain.tld) and prepend with dot
+          domain = '.' + parts.slice(-2).join('.');
+          console.log(`[Roboto] Auto-detected cookie domain: ${domain} from hostname: ${hostname}`);
+        }
+      } else if (cookieDomain && cookieDomain !== 'none') {
+        // Use explicitly provided domain
+        domain = cookieDomain;
+        console.log(`[Roboto] Using explicit cookie domain: ${domain}`);
+      }
       // Use cookies by default in browser for better server-side compatibility
       storageAdaptor = new CookieStorageAdaptor({
         secure: window.location.protocol === 'https:',
         sameSite: 'Lax',
-        maxAge: 24 * 60 * 60 // 24 hours
+        maxAge: 24 * 60 * 60, // 24 hours
+        domain: domain
       });
       console.log('[Roboto] Using CookieStorageAdaptor for authentication tokens');

package/src/rbt_api.js CHANGED Viewed

@@ -27,7 +27,8 @@ export default class RbtApi {
       baseURL: baseUrl,
       headers: {
         'accesskey': accesskey
-      }
+      },
+      withCredentials: true  // Enable sending cookies in cross-origin requests
     });
     this.axios.__rbtApiInstance = this;