squarefi-bff-api-module 1.36.18 → 1.36.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  export { squarefi_bff_api_client } from './api';
2
2
  export * from './utils/apiClientFactory';
3
- export { setAccessTokenProvider, setOnUnauthorized, type AccessTokenProvider, type ResolveTokenOptions, type UnauthorizedHandler, } from './utils/accessTokenProvider';
3
+ export { setAccessTokenProvider, setOnTwoFactorRequired, setOnUnauthorized, type AccessTokenProvider, type ResolveTokenOptions, type TwoFactorRequiredHandler, type UnauthorizedHandler, } from './utils/accessTokenProvider';
4
4
  export * from './utils/tokensFactory';
5
5
  export * from './utils/fileStorage';
6
6
  export * from './constants';
package/dist/index.js CHANGED
@@ -1,6 +1,6 @@
1
1
  export { squarefi_bff_api_client } from './api';
2
2
  export * from './utils/apiClientFactory';
3
- export { setAccessTokenProvider, setOnUnauthorized, } from './utils/accessTokenProvider';
3
+ export { setAccessTokenProvider, setOnTwoFactorRequired, setOnUnauthorized, } from './utils/accessTokenProvider';
4
4
  export * from './utils/tokensFactory';
5
5
  export * from './utils/fileStorage';
6
6
  export * from './constants';
@@ -4,6 +4,7 @@ export type ResolveTokenOptions = {
4
4
  };
5
5
  export type AccessTokenProvider = (options?: ResolveTokenOptions) => Promise<string | null | undefined>;
6
6
  export type UnauthorizedHandler = () => void;
7
+ export type TwoFactorRequiredHandler = () => void;
7
8
  /**
8
9
  * Register an external source of the access token (e.g. Clerk `getToken`).
9
10
  * When set, the API clients stop reading tokens from localStorage and delegate
@@ -16,7 +17,15 @@ export declare const setAccessTokenProvider: (provider: AccessTokenProvider | nu
16
17
  * recovered by refreshing the token (e.g. to trigger a Clerk sign-out).
17
18
  */
18
19
  export declare const setOnUnauthorized: (handler: UnauthorizedHandler | null) => void;
20
+ /**
21
+ * Register a callback invoked when the backend rejects a request because
22
+ * two-factor authentication is required but not yet satisfied (HTTP 403 with a
23
+ * `two_factor_required` error code). The consumer typically redirects the user
24
+ * to the 2FA setup flow. Pass `null` to unregister.
25
+ */
26
+ export declare const setOnTwoFactorRequired: (handler: TwoFactorRequiredHandler | null) => void;
19
27
  /** Whether an external token provider is active (Clerk mode). */
20
28
  export declare const isExternalAuthMode: () => boolean;
21
29
  export declare const resolveAccessToken: (options?: ResolveTokenOptions) => Promise<string | null>;
22
30
  export declare const triggerUnauthorized: () => void;
31
+ export declare const triggerTwoFactorRequired: () => void;
@@ -1,6 +1,7 @@
1
1
  import { getFromLocalStorage } from './storage';
2
2
  let accessTokenProvider = null;
3
3
  let unauthorizedHandler = null;
4
+ let twoFactorRequiredHandler = null;
4
5
  let inFlightRefresh = null;
5
6
  /**
6
7
  * Register an external source of the access token (e.g. Clerk `getToken`).
@@ -18,6 +19,15 @@ export const setAccessTokenProvider = (provider) => {
18
19
  export const setOnUnauthorized = (handler) => {
19
20
  unauthorizedHandler = handler;
20
21
  };
22
+ /**
23
+ * Register a callback invoked when the backend rejects a request because
24
+ * two-factor authentication is required but not yet satisfied (HTTP 403 with a
25
+ * `two_factor_required` error code). The consumer typically redirects the user
26
+ * to the 2FA setup flow. Pass `null` to unregister.
27
+ */
28
+ export const setOnTwoFactorRequired = (handler) => {
29
+ twoFactorRequiredHandler = handler;
30
+ };
21
31
  /** Whether an external token provider is active (Clerk mode). */
22
32
  export const isExternalAuthMode = () => accessTokenProvider !== null;
23
33
  export const resolveAccessToken = async (options) => {
@@ -48,3 +58,6 @@ export const resolveAccessToken = async (options) => {
48
58
  export const triggerUnauthorized = () => {
49
59
  unauthorizedHandler?.();
50
60
  };
61
+ export const triggerTwoFactorRequired = () => {
62
+ twoFactorRequiredHandler?.();
63
+ };
@@ -3,9 +3,11 @@ import { isTMA } from '@telegram-apps/sdk-react';
3
3
  import axios from 'axios';
4
4
  import { telegramSignUpPath, telegramSignInPath, refreshTokenPath } from '../api/auth';
5
5
  import { AppEnviroment, ResponseStatus } from '../constants';
6
- import { isExternalAuthMode, resolveAccessToken, triggerUnauthorized } from './accessTokenProvider';
6
+ import { isExternalAuthMode, resolveAccessToken, triggerTwoFactorRequired, triggerUnauthorized, } from './accessTokenProvider';
7
7
  import { deleteTokens, getTokens, refreshTokens } from './tokensFactory';
8
8
  // eslint-disable-next-line no-constant-condition
9
+ // Backend signals that a still-unsatisfied 2FA requirement blocks the request with this error code.
10
+ const TWO_FACTOR_REQUIRED_ERROR_CODE = 'two_factor_required';
9
11
  const apiV1BaseURL = process.env.API_URL ?? 'ENV variable API_URL is not defined';
10
12
  const apiV2BaseURL = process.env.API_V2_URL ?? 'ENV variable API_V2_URL is not defined';
11
13
  const apiTOTPBaseURL = process.env.API_TOTP_URL ?? 'ENV variable API_TOTP_URL is not defined';
@@ -41,6 +43,11 @@ export const createApiClient = ({ baseURL, isBearerToken, tenantId }) => {
41
43
  if (typeof window === 'undefined') {
42
44
  return Promise.reject(error);
43
45
  }
46
+ if (error?.response?.status === ResponseStatus.FORBIDDEN &&
47
+ error?.response?.data?.code === TWO_FACTOR_REQUIRED_ERROR_CODE) {
48
+ triggerTwoFactorRequired();
49
+ return Promise.reject(error);
50
+ }
44
51
  if (error?.response?.status === ResponseStatus.UNAUTHORIZED &&
45
52
  !error?.response?.config.context?.bypassUnauthorizedHandler) {
46
53
  const { response, config: failedRequestConfig } = error;
@@ -182,6 +189,9 @@ export const createFetchApiClient = ({ baseURL, isBearerToken, tenantId }) => {
182
189
  let errorMessage = `HTTP error! status: ${response.status}`;
183
190
  try {
184
191
  const errorData = await response.json();
192
+ if (response.status === ResponseStatus.FORBIDDEN && errorData?.code === TWO_FACTOR_REQUIRED_ERROR_CODE) {
193
+ triggerTwoFactorRequired();
194
+ }
185
195
  errorMessage = errorData.message || errorData.error || errorMessage;
186
196
  }
187
197
  catch {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "squarefi-bff-api-module",
3
- "version": "1.36.18",
3
+ "version": "1.36.19",
4
4
  "description": "Squarefi BFF API client module",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",