spaps-sdk 1.1.51 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +10 -3
- package/dist/index.d.mts +81 -2
- package/dist/index.d.ts +81 -2
- package/dist/index.js +61 -4
- package/dist/index.mjs +58 -4
- package/package.json +3 -3
package/README.md
CHANGED
|
@@ -189,14 +189,21 @@ const user = await spaps.getUser();
|
|
|
189
189
|
|
|
190
190
|
### 💳 Stripe Integration
|
|
191
191
|
```javascript
|
|
192
|
-
// Create checkout session
|
|
193
|
-
const session = await spaps.
|
|
194
|
-
|
|
192
|
+
// Create checkout session with consent control
|
|
193
|
+
const session = await spaps.payments.createPaymentCheckout({
|
|
194
|
+
price_id: 'price_123',
|
|
195
|
+
success_url: 'https://app.example.com/success',
|
|
196
|
+
cancel_url: 'https://app.example.com/cancel',
|
|
197
|
+
require_legal_consent: true,
|
|
198
|
+
legal_consent_text: 'I agree I am 18+ and accept the HTMA Terms & Privacy.'
|
|
199
|
+
});
|
|
200
|
+
window.location.href = session.url;
|
|
195
201
|
|
|
196
202
|
// Manage subscription
|
|
197
203
|
const subscription = await spaps.getSubscription();
|
|
198
204
|
await spaps.cancelSubscription();
|
|
199
205
|
```
|
|
206
|
+
> `require_legal_consent` forces Stripe’s Terms/Privacy checkbox, and `legal_consent_text` (≤120 chars) customizes the copy. Text is sanitized and defaults to “I agree to the Terms of Service and Privacy Policy.” when omitted.
|
|
200
207
|
|
|
201
208
|
### 📊 Usage Tracking
|
|
202
209
|
```javascript
|
package/dist/index.d.mts
CHANGED
|
@@ -85,12 +85,53 @@ declare class PermissionChecker {
|
|
|
85
85
|
declare function createPermissionChecker(customAdmins?: (string | AdminConfig)[]): PermissionChecker;
|
|
86
86
|
declare const defaultPermissionChecker: PermissionChecker;
|
|
87
87
|
|
|
88
|
+
type ApiKeyType = 'publishable' | 'secret';
|
|
88
89
|
interface SPAPSConfig {
|
|
89
90
|
apiUrl?: string;
|
|
91
|
+
/** @deprecated Use publishableKey or secretKey instead */
|
|
90
92
|
apiKey?: string;
|
|
93
|
+
/** Browser-safe key for client-side usage (spaps_pub_xxx) */
|
|
94
|
+
publishableKey?: string;
|
|
95
|
+
/** Server-only key for full access (spaps_sec_xxx) */
|
|
96
|
+
secretKey?: string;
|
|
91
97
|
autoDetect?: boolean;
|
|
92
98
|
timeout?: number;
|
|
93
99
|
}
|
|
100
|
+
interface CheckoutLineItemPriceData {
|
|
101
|
+
currency: string;
|
|
102
|
+
unit_amount: number;
|
|
103
|
+
product_data: {
|
|
104
|
+
name: string;
|
|
105
|
+
description?: string;
|
|
106
|
+
metadata?: Record<string, string>;
|
|
107
|
+
};
|
|
108
|
+
}
|
|
109
|
+
interface CheckoutLineItem {
|
|
110
|
+
price_id?: string;
|
|
111
|
+
product_id?: string;
|
|
112
|
+
quantity: number;
|
|
113
|
+
price_data?: CheckoutLineItemPriceData;
|
|
114
|
+
}
|
|
115
|
+
interface CreateCheckoutSessionPayload {
|
|
116
|
+
mode: 'payment' | 'subscription';
|
|
117
|
+
line_items: CheckoutLineItem[];
|
|
118
|
+
success_url: string;
|
|
119
|
+
cancel_url: string;
|
|
120
|
+
metadata?: Record<string, string>;
|
|
121
|
+
customer_email?: string;
|
|
122
|
+
client_reference_id?: string;
|
|
123
|
+
payment_intent_data?: {
|
|
124
|
+
metadata?: Record<string, string>;
|
|
125
|
+
};
|
|
126
|
+
subscription_data?: {
|
|
127
|
+
metadata?: Record<string, string>;
|
|
128
|
+
trial_period_days?: number;
|
|
129
|
+
};
|
|
130
|
+
allow_promotion_codes?: boolean;
|
|
131
|
+
locale?: string;
|
|
132
|
+
require_legal_consent?: boolean;
|
|
133
|
+
legal_consent_text?: string;
|
|
134
|
+
}
|
|
94
135
|
|
|
95
136
|
declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Record<string, any>> {
|
|
96
137
|
private client;
|
|
@@ -269,18 +310,22 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
269
310
|
cursor?: Record<string, unknown>;
|
|
270
311
|
}>;
|
|
271
312
|
};
|
|
272
|
-
createCheckoutSession: (payload:
|
|
313
|
+
createCheckoutSession: (payload: CreateCheckoutSessionPayload) => Promise<CheckoutSession>;
|
|
273
314
|
createPaymentCheckout: (params: {
|
|
274
315
|
price_id: string;
|
|
275
316
|
quantity?: number;
|
|
276
317
|
success_url: string;
|
|
277
318
|
cancel_url: string;
|
|
319
|
+
require_legal_consent?: boolean;
|
|
320
|
+
legal_consent_text?: string;
|
|
278
321
|
}) => Promise<CheckoutSession>;
|
|
279
322
|
createSubscriptionCheckout: (params: {
|
|
280
323
|
price_id: string;
|
|
281
324
|
success_url: string;
|
|
282
325
|
cancel_url: string;
|
|
283
326
|
trial_period_days?: number;
|
|
327
|
+
require_legal_consent?: boolean;
|
|
328
|
+
legal_consent_text?: string;
|
|
284
329
|
}) => Promise<CheckoutSession>;
|
|
285
330
|
getCheckoutSession: (sessionId: string) => Promise<CheckoutSession>;
|
|
286
331
|
listCheckoutSessions: (query?: {
|
|
@@ -446,5 +491,39 @@ declare class WalletUtils {
|
|
|
446
491
|
static detectChainType(address: string): 'solana' | 'ethereum' | 'bitcoin' | null;
|
|
447
492
|
static isValidAddress(address: string, chainType?: 'solana' | 'ethereum' | 'bitcoin' | 'base'): boolean;
|
|
448
493
|
}
|
|
494
|
+
/**
|
|
495
|
+
* Create a SPAPS client for browser/client-side usage
|
|
496
|
+
* Uses publishable key which is safe to expose in client bundles
|
|
497
|
+
*
|
|
498
|
+
* @example
|
|
499
|
+
* ```typescript
|
|
500
|
+
* // In your frontend code
|
|
501
|
+
* const spaps = createBrowserClient('spaps_pub_xxx');
|
|
502
|
+
*
|
|
503
|
+
* // Use for authentication and checkout
|
|
504
|
+
* const { user } = await spaps.auth.signInWithPassword({ email, password });
|
|
505
|
+
* const checkout = await spaps.payments.createCheckoutSession({...});
|
|
506
|
+
* ```
|
|
507
|
+
*/
|
|
508
|
+
declare function createBrowserClient(publishableKey: string, options?: Omit<SPAPSConfig, 'publishableKey' | 'secretKey' | 'apiKey'>): SPAPSClient;
|
|
509
|
+
/**
|
|
510
|
+
* Create a SPAPS client for server-side usage
|
|
511
|
+
* Uses secret key which provides full access to all endpoints
|
|
512
|
+
*
|
|
513
|
+
* @example
|
|
514
|
+
* ```typescript
|
|
515
|
+
* // In your API routes (Next.js, Express, etc.)
|
|
516
|
+
* const spaps = createServerClient('spaps_sec_xxx');
|
|
517
|
+
*
|
|
518
|
+
* // Full access to admin operations
|
|
519
|
+
* await spaps.admin.createProduct({...});
|
|
520
|
+
* await spaps.payments.crypto.reconcile();
|
|
521
|
+
* ```
|
|
522
|
+
*/
|
|
523
|
+
declare function createServerClient(secretKey: string, options?: Omit<SPAPSConfig, 'publishableKey' | 'secretKey' | 'apiKey'>): SPAPSClient;
|
|
524
|
+
/**
|
|
525
|
+
* Detect key type from key prefix
|
|
526
|
+
*/
|
|
527
|
+
declare function detectKeyType(key: string): ApiKeyType | null;
|
|
449
528
|
|
|
450
|
-
export { type AdminConfig, DEFAULT_ADMIN_ACCOUNTS, type PermissionCheckResult, PermissionChecker, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, TokenManager, WalletUtils, canAccessAdmin, createPermissionChecker, SPAPSClient as default, defaultPermissionChecker, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, verifyCryptoWebhookSignature };
|
|
529
|
+
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, DEFAULT_ADMIN_ACCOUNTS, type PermissionCheckResult, PermissionChecker, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, TokenManager, WalletUtils, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, verifyCryptoWebhookSignature };
|
package/dist/index.d.ts
CHANGED
|
@@ -85,12 +85,53 @@ declare class PermissionChecker {
|
|
|
85
85
|
declare function createPermissionChecker(customAdmins?: (string | AdminConfig)[]): PermissionChecker;
|
|
86
86
|
declare const defaultPermissionChecker: PermissionChecker;
|
|
87
87
|
|
|
88
|
+
type ApiKeyType = 'publishable' | 'secret';
|
|
88
89
|
interface SPAPSConfig {
|
|
89
90
|
apiUrl?: string;
|
|
91
|
+
/** @deprecated Use publishableKey or secretKey instead */
|
|
90
92
|
apiKey?: string;
|
|
93
|
+
/** Browser-safe key for client-side usage (spaps_pub_xxx) */
|
|
94
|
+
publishableKey?: string;
|
|
95
|
+
/** Server-only key for full access (spaps_sec_xxx) */
|
|
96
|
+
secretKey?: string;
|
|
91
97
|
autoDetect?: boolean;
|
|
92
98
|
timeout?: number;
|
|
93
99
|
}
|
|
100
|
+
interface CheckoutLineItemPriceData {
|
|
101
|
+
currency: string;
|
|
102
|
+
unit_amount: number;
|
|
103
|
+
product_data: {
|
|
104
|
+
name: string;
|
|
105
|
+
description?: string;
|
|
106
|
+
metadata?: Record<string, string>;
|
|
107
|
+
};
|
|
108
|
+
}
|
|
109
|
+
interface CheckoutLineItem {
|
|
110
|
+
price_id?: string;
|
|
111
|
+
product_id?: string;
|
|
112
|
+
quantity: number;
|
|
113
|
+
price_data?: CheckoutLineItemPriceData;
|
|
114
|
+
}
|
|
115
|
+
interface CreateCheckoutSessionPayload {
|
|
116
|
+
mode: 'payment' | 'subscription';
|
|
117
|
+
line_items: CheckoutLineItem[];
|
|
118
|
+
success_url: string;
|
|
119
|
+
cancel_url: string;
|
|
120
|
+
metadata?: Record<string, string>;
|
|
121
|
+
customer_email?: string;
|
|
122
|
+
client_reference_id?: string;
|
|
123
|
+
payment_intent_data?: {
|
|
124
|
+
metadata?: Record<string, string>;
|
|
125
|
+
};
|
|
126
|
+
subscription_data?: {
|
|
127
|
+
metadata?: Record<string, string>;
|
|
128
|
+
trial_period_days?: number;
|
|
129
|
+
};
|
|
130
|
+
allow_promotion_codes?: boolean;
|
|
131
|
+
locale?: string;
|
|
132
|
+
require_legal_consent?: boolean;
|
|
133
|
+
legal_consent_text?: string;
|
|
134
|
+
}
|
|
94
135
|
|
|
95
136
|
declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Record<string, any>> {
|
|
96
137
|
private client;
|
|
@@ -269,18 +310,22 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
269
310
|
cursor?: Record<string, unknown>;
|
|
270
311
|
}>;
|
|
271
312
|
};
|
|
272
|
-
createCheckoutSession: (payload:
|
|
313
|
+
createCheckoutSession: (payload: CreateCheckoutSessionPayload) => Promise<CheckoutSession>;
|
|
273
314
|
createPaymentCheckout: (params: {
|
|
274
315
|
price_id: string;
|
|
275
316
|
quantity?: number;
|
|
276
317
|
success_url: string;
|
|
277
318
|
cancel_url: string;
|
|
319
|
+
require_legal_consent?: boolean;
|
|
320
|
+
legal_consent_text?: string;
|
|
278
321
|
}) => Promise<CheckoutSession>;
|
|
279
322
|
createSubscriptionCheckout: (params: {
|
|
280
323
|
price_id: string;
|
|
281
324
|
success_url: string;
|
|
282
325
|
cancel_url: string;
|
|
283
326
|
trial_period_days?: number;
|
|
327
|
+
require_legal_consent?: boolean;
|
|
328
|
+
legal_consent_text?: string;
|
|
284
329
|
}) => Promise<CheckoutSession>;
|
|
285
330
|
getCheckoutSession: (sessionId: string) => Promise<CheckoutSession>;
|
|
286
331
|
listCheckoutSessions: (query?: {
|
|
@@ -446,5 +491,39 @@ declare class WalletUtils {
|
|
|
446
491
|
static detectChainType(address: string): 'solana' | 'ethereum' | 'bitcoin' | null;
|
|
447
492
|
static isValidAddress(address: string, chainType?: 'solana' | 'ethereum' | 'bitcoin' | 'base'): boolean;
|
|
448
493
|
}
|
|
494
|
+
/**
|
|
495
|
+
* Create a SPAPS client for browser/client-side usage
|
|
496
|
+
* Uses publishable key which is safe to expose in client bundles
|
|
497
|
+
*
|
|
498
|
+
* @example
|
|
499
|
+
* ```typescript
|
|
500
|
+
* // In your frontend code
|
|
501
|
+
* const spaps = createBrowserClient('spaps_pub_xxx');
|
|
502
|
+
*
|
|
503
|
+
* // Use for authentication and checkout
|
|
504
|
+
* const { user } = await spaps.auth.signInWithPassword({ email, password });
|
|
505
|
+
* const checkout = await spaps.payments.createCheckoutSession({...});
|
|
506
|
+
* ```
|
|
507
|
+
*/
|
|
508
|
+
declare function createBrowserClient(publishableKey: string, options?: Omit<SPAPSConfig, 'publishableKey' | 'secretKey' | 'apiKey'>): SPAPSClient;
|
|
509
|
+
/**
|
|
510
|
+
* Create a SPAPS client for server-side usage
|
|
511
|
+
* Uses secret key which provides full access to all endpoints
|
|
512
|
+
*
|
|
513
|
+
* @example
|
|
514
|
+
* ```typescript
|
|
515
|
+
* // In your API routes (Next.js, Express, etc.)
|
|
516
|
+
* const spaps = createServerClient('spaps_sec_xxx');
|
|
517
|
+
*
|
|
518
|
+
* // Full access to admin operations
|
|
519
|
+
* await spaps.admin.createProduct({...});
|
|
520
|
+
* await spaps.payments.crypto.reconcile();
|
|
521
|
+
* ```
|
|
522
|
+
*/
|
|
523
|
+
declare function createServerClient(secretKey: string, options?: Omit<SPAPSConfig, 'publishableKey' | 'secretKey' | 'apiKey'>): SPAPSClient;
|
|
524
|
+
/**
|
|
525
|
+
* Detect key type from key prefix
|
|
526
|
+
*/
|
|
527
|
+
declare function detectKeyType(key: string): ApiKeyType | null;
|
|
449
528
|
|
|
450
|
-
export { type AdminConfig, DEFAULT_ADMIN_ACCOUNTS, type PermissionCheckResult, PermissionChecker, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, TokenManager, WalletUtils, canAccessAdmin, createPermissionChecker, SPAPSClient as default, defaultPermissionChecker, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, verifyCryptoWebhookSignature };
|
|
529
|
+
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, DEFAULT_ADMIN_ACCOUNTS, type PermissionCheckResult, PermissionChecker, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, TokenManager, WalletUtils, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, verifyCryptoWebhookSignature };
|
package/dist/index.js
CHANGED
|
@@ -201,10 +201,13 @@ __export(index_exports, {
|
|
|
201
201
|
TokenManager: () => TokenManager,
|
|
202
202
|
WalletUtils: () => WalletUtils,
|
|
203
203
|
canAccessAdmin: () => canAccessAdmin,
|
|
204
|
+
createBrowserClient: () => createBrowserClient,
|
|
204
205
|
createPermissionChecker: () => createPermissionChecker,
|
|
205
206
|
createSecureMessageRequestSchema: () => import_spaps_types.createSecureMessageRequestSchema,
|
|
207
|
+
createServerClient: () => createServerClient,
|
|
206
208
|
default: () => index_default,
|
|
207
209
|
defaultPermissionChecker: () => defaultPermissionChecker,
|
|
210
|
+
detectKeyType: () => detectKeyType,
|
|
208
211
|
getRoleAwareErrorMessage: () => getRoleAwareErrorMessage,
|
|
209
212
|
getUserDisplay: () => getUserDisplay,
|
|
210
213
|
getUserRole: () => getUserRole,
|
|
@@ -279,6 +282,20 @@ var SPAPSClient = class {
|
|
|
279
282
|
};
|
|
280
283
|
constructor(config = {}) {
|
|
281
284
|
const apiUrl = config.apiUrl || process.env.SPAPS_API_URL || process.env.NEXT_PUBLIC_SPAPS_API_URL;
|
|
285
|
+
const isBrowser = typeof window !== "undefined";
|
|
286
|
+
let effectiveApiKey;
|
|
287
|
+
if (config.publishableKey) {
|
|
288
|
+
effectiveApiKey = config.publishableKey;
|
|
289
|
+
} else if (config.secretKey) {
|
|
290
|
+
effectiveApiKey = config.secretKey;
|
|
291
|
+
if (isBrowser) {
|
|
292
|
+
console.warn("\u26A0\uFE0F SPAPS: Using secretKey in browser is not recommended. Use publishableKey instead.");
|
|
293
|
+
}
|
|
294
|
+
} else if (config.apiKey) {
|
|
295
|
+
effectiveApiKey = config.apiKey;
|
|
296
|
+
} else {
|
|
297
|
+
effectiveApiKey = process.env.SPAPS_API_KEY || process.env.NEXT_PUBLIC_SPAPS_API_KEY;
|
|
298
|
+
}
|
|
282
299
|
if (!apiUrl || apiUrl.includes("localhost") || apiUrl.includes("127.0.0.1")) {
|
|
283
300
|
this._isLocalMode = true;
|
|
284
301
|
this.client = import_axios.default.create({
|
|
@@ -289,10 +306,10 @@ var SPAPSClient = class {
|
|
|
289
306
|
}
|
|
290
307
|
});
|
|
291
308
|
} else {
|
|
292
|
-
if (!
|
|
309
|
+
if (!effectiveApiKey) {
|
|
293
310
|
console.warn("\u26A0\uFE0F SPAPS: No API key provided. Some features may not work.");
|
|
294
311
|
}
|
|
295
|
-
this.apiKey =
|
|
312
|
+
this.apiKey = effectiveApiKey;
|
|
296
313
|
this.client = import_axios.default.create({
|
|
297
314
|
baseURL: apiUrl,
|
|
298
315
|
timeout: config.timeout || 1e4,
|
|
@@ -600,11 +617,25 @@ var SPAPSClient = class {
|
|
|
600
617
|
return this.unwrapApiResponse(res, "Failed to create checkout session");
|
|
601
618
|
},
|
|
602
619
|
createPaymentCheckout: async (params) => {
|
|
603
|
-
const payload = {
|
|
620
|
+
const payload = {
|
|
621
|
+
mode: "payment",
|
|
622
|
+
line_items: [{ price_id: params.price_id, quantity: params.quantity ?? 1 }],
|
|
623
|
+
success_url: params.success_url,
|
|
624
|
+
cancel_url: params.cancel_url,
|
|
625
|
+
require_legal_consent: params.require_legal_consent,
|
|
626
|
+
legal_consent_text: params.legal_consent_text
|
|
627
|
+
};
|
|
604
628
|
return this.payments.createCheckoutSession(payload);
|
|
605
629
|
},
|
|
606
630
|
createSubscriptionCheckout: async (params) => {
|
|
607
|
-
const payload = {
|
|
631
|
+
const payload = {
|
|
632
|
+
mode: "subscription",
|
|
633
|
+
line_items: [{ price_id: params.price_id, quantity: 1 }],
|
|
634
|
+
success_url: params.success_url,
|
|
635
|
+
cancel_url: params.cancel_url,
|
|
636
|
+
require_legal_consent: params.require_legal_consent,
|
|
637
|
+
legal_consent_text: params.legal_consent_text
|
|
638
|
+
};
|
|
608
639
|
if (params.trial_period_days) payload.subscription_data = { trial_period_days: params.trial_period_days };
|
|
609
640
|
return this.payments.createCheckoutSession(payload);
|
|
610
641
|
},
|
|
@@ -1026,6 +1057,29 @@ var WalletUtils = class _WalletUtils {
|
|
|
1026
1057
|
}
|
|
1027
1058
|
}
|
|
1028
1059
|
};
|
|
1060
|
+
function createBrowserClient(publishableKey, options) {
|
|
1061
|
+
if (!publishableKey.startsWith("spaps_pub_")) {
|
|
1062
|
+
console.warn("\u26A0\uFE0F SPAPS: Expected a publishable key (spaps_pub_xxx). Using a secret key in browser is not recommended.");
|
|
1063
|
+
}
|
|
1064
|
+
return new SPAPSClient({
|
|
1065
|
+
...options,
|
|
1066
|
+
publishableKey
|
|
1067
|
+
});
|
|
1068
|
+
}
|
|
1069
|
+
function createServerClient(secretKey, options) {
|
|
1070
|
+
if (typeof window !== "undefined") {
|
|
1071
|
+
console.warn("\u26A0\uFE0F SPAPS: createServerClient should only be used in server environments. Use createBrowserClient for browser usage.");
|
|
1072
|
+
}
|
|
1073
|
+
return new SPAPSClient({
|
|
1074
|
+
...options,
|
|
1075
|
+
secretKey
|
|
1076
|
+
});
|
|
1077
|
+
}
|
|
1078
|
+
function detectKeyType(key) {
|
|
1079
|
+
if (key.startsWith("spaps_pub_")) return "publishable";
|
|
1080
|
+
if (key.startsWith("spaps_sec_") || key.startsWith("spaps_")) return "secret";
|
|
1081
|
+
return null;
|
|
1082
|
+
}
|
|
1029
1083
|
// Annotate the CommonJS export names for ESM import in node:
|
|
1030
1084
|
0 && (module.exports = {
|
|
1031
1085
|
DEFAULT_ADMIN_ACCOUNTS,
|
|
@@ -1035,9 +1089,12 @@ var WalletUtils = class _WalletUtils {
|
|
|
1035
1089
|
TokenManager,
|
|
1036
1090
|
WalletUtils,
|
|
1037
1091
|
canAccessAdmin,
|
|
1092
|
+
createBrowserClient,
|
|
1038
1093
|
createPermissionChecker,
|
|
1039
1094
|
createSecureMessageRequestSchema,
|
|
1095
|
+
createServerClient,
|
|
1040
1096
|
defaultPermissionChecker,
|
|
1097
|
+
detectKeyType,
|
|
1041
1098
|
getRoleAwareErrorMessage,
|
|
1042
1099
|
getUserDisplay,
|
|
1043
1100
|
getUserRole,
|
package/dist/index.mjs
CHANGED
|
@@ -255,6 +255,20 @@ var SPAPSClient = class {
|
|
|
255
255
|
};
|
|
256
256
|
constructor(config = {}) {
|
|
257
257
|
const apiUrl = config.apiUrl || process.env.SPAPS_API_URL || process.env.NEXT_PUBLIC_SPAPS_API_URL;
|
|
258
|
+
const isBrowser = typeof window !== "undefined";
|
|
259
|
+
let effectiveApiKey;
|
|
260
|
+
if (config.publishableKey) {
|
|
261
|
+
effectiveApiKey = config.publishableKey;
|
|
262
|
+
} else if (config.secretKey) {
|
|
263
|
+
effectiveApiKey = config.secretKey;
|
|
264
|
+
if (isBrowser) {
|
|
265
|
+
console.warn("\u26A0\uFE0F SPAPS: Using secretKey in browser is not recommended. Use publishableKey instead.");
|
|
266
|
+
}
|
|
267
|
+
} else if (config.apiKey) {
|
|
268
|
+
effectiveApiKey = config.apiKey;
|
|
269
|
+
} else {
|
|
270
|
+
effectiveApiKey = process.env.SPAPS_API_KEY || process.env.NEXT_PUBLIC_SPAPS_API_KEY;
|
|
271
|
+
}
|
|
258
272
|
if (!apiUrl || apiUrl.includes("localhost") || apiUrl.includes("127.0.0.1")) {
|
|
259
273
|
this._isLocalMode = true;
|
|
260
274
|
this.client = axios.create({
|
|
@@ -265,10 +279,10 @@ var SPAPSClient = class {
|
|
|
265
279
|
}
|
|
266
280
|
});
|
|
267
281
|
} else {
|
|
268
|
-
if (!
|
|
282
|
+
if (!effectiveApiKey) {
|
|
269
283
|
console.warn("\u26A0\uFE0F SPAPS: No API key provided. Some features may not work.");
|
|
270
284
|
}
|
|
271
|
-
this.apiKey =
|
|
285
|
+
this.apiKey = effectiveApiKey;
|
|
272
286
|
this.client = axios.create({
|
|
273
287
|
baseURL: apiUrl,
|
|
274
288
|
timeout: config.timeout || 1e4,
|
|
@@ -576,11 +590,25 @@ var SPAPSClient = class {
|
|
|
576
590
|
return this.unwrapApiResponse(res, "Failed to create checkout session");
|
|
577
591
|
},
|
|
578
592
|
createPaymentCheckout: async (params) => {
|
|
579
|
-
const payload = {
|
|
593
|
+
const payload = {
|
|
594
|
+
mode: "payment",
|
|
595
|
+
line_items: [{ price_id: params.price_id, quantity: params.quantity ?? 1 }],
|
|
596
|
+
success_url: params.success_url,
|
|
597
|
+
cancel_url: params.cancel_url,
|
|
598
|
+
require_legal_consent: params.require_legal_consent,
|
|
599
|
+
legal_consent_text: params.legal_consent_text
|
|
600
|
+
};
|
|
580
601
|
return this.payments.createCheckoutSession(payload);
|
|
581
602
|
},
|
|
582
603
|
createSubscriptionCheckout: async (params) => {
|
|
583
|
-
const payload = {
|
|
604
|
+
const payload = {
|
|
605
|
+
mode: "subscription",
|
|
606
|
+
line_items: [{ price_id: params.price_id, quantity: 1 }],
|
|
607
|
+
success_url: params.success_url,
|
|
608
|
+
cancel_url: params.cancel_url,
|
|
609
|
+
require_legal_consent: params.require_legal_consent,
|
|
610
|
+
legal_consent_text: params.legal_consent_text
|
|
611
|
+
};
|
|
584
612
|
if (params.trial_period_days) payload.subscription_data = { trial_period_days: params.trial_period_days };
|
|
585
613
|
return this.payments.createCheckoutSession(payload);
|
|
586
614
|
},
|
|
@@ -1002,6 +1030,29 @@ var WalletUtils = class _WalletUtils {
|
|
|
1002
1030
|
}
|
|
1003
1031
|
}
|
|
1004
1032
|
};
|
|
1033
|
+
function createBrowserClient(publishableKey, options) {
|
|
1034
|
+
if (!publishableKey.startsWith("spaps_pub_")) {
|
|
1035
|
+
console.warn("\u26A0\uFE0F SPAPS: Expected a publishable key (spaps_pub_xxx). Using a secret key in browser is not recommended.");
|
|
1036
|
+
}
|
|
1037
|
+
return new SPAPSClient({
|
|
1038
|
+
...options,
|
|
1039
|
+
publishableKey
|
|
1040
|
+
});
|
|
1041
|
+
}
|
|
1042
|
+
function createServerClient(secretKey, options) {
|
|
1043
|
+
if (typeof window !== "undefined") {
|
|
1044
|
+
console.warn("\u26A0\uFE0F SPAPS: createServerClient should only be used in server environments. Use createBrowserClient for browser usage.");
|
|
1045
|
+
}
|
|
1046
|
+
return new SPAPSClient({
|
|
1047
|
+
...options,
|
|
1048
|
+
secretKey
|
|
1049
|
+
});
|
|
1050
|
+
}
|
|
1051
|
+
function detectKeyType(key) {
|
|
1052
|
+
if (key.startsWith("spaps_pub_")) return "publishable";
|
|
1053
|
+
if (key.startsWith("spaps_sec_") || key.startsWith("spaps_")) return "secret";
|
|
1054
|
+
return null;
|
|
1055
|
+
}
|
|
1005
1056
|
export {
|
|
1006
1057
|
DEFAULT_ADMIN_ACCOUNTS,
|
|
1007
1058
|
PermissionChecker,
|
|
@@ -1010,10 +1061,13 @@ export {
|
|
|
1010
1061
|
TokenManager,
|
|
1011
1062
|
WalletUtils,
|
|
1012
1063
|
canAccessAdmin,
|
|
1064
|
+
createBrowserClient,
|
|
1013
1065
|
createPermissionChecker,
|
|
1014
1066
|
createSecureMessageRequestSchema,
|
|
1067
|
+
createServerClient,
|
|
1015
1068
|
index_default as default,
|
|
1016
1069
|
defaultPermissionChecker,
|
|
1070
|
+
detectKeyType,
|
|
1017
1071
|
getRoleAwareErrorMessage,
|
|
1018
1072
|
getUserDisplay,
|
|
1019
1073
|
getUserRole,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "spaps-sdk",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.2.0",
|
|
4
4
|
"description": "Sweet Potato Authentication & Payment Service SDK - Zero-config client with built-in permission checking and role-based access control",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -44,7 +44,7 @@
|
|
|
44
44
|
"email": "buildooor@gmail.com"
|
|
45
45
|
},
|
|
46
46
|
"dependencies": {
|
|
47
|
-
"spaps-types": "^1.0.
|
|
47
|
+
"spaps-types": "^1.0.58",
|
|
48
48
|
"axios": "^1.6.0",
|
|
49
49
|
"cross-fetch": "^4.0.0"
|
|
50
50
|
},
|
|
@@ -72,4 +72,4 @@
|
|
|
72
72
|
"engines": {
|
|
73
73
|
"node": ">=14.0.0"
|
|
74
74
|
}
|
|
75
|
-
}
|
|
75
|
+
}
|