varminer-app-header 2.2.2 → 2.2.4

package/dist/AppHeader.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AppHeader.d.ts","sourceRoot":"","sources":["../src/AppHeader.tsx"],"names":[],"mappings":"AA4BA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAe,MAAM,SAAS,CAAC;AAKtD,OAAO,sBAAsB,CAAC;AAQ9B,QAAA,MAAM,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC,cAAc,CA8yBvC,CAAC;AAEF,eAAe,SAAS,CAAC"}
+{"version":3,"file":"AppHeader.d.ts","sourceRoot":"","sources":["../src/AppHeader.tsx"],"names":[],"mappings":"AA4BA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAe,MAAM,SAAS,CAAC;AAKtD,OAAO,sBAAsB,CAAC;AAQ9B,QAAA,MAAM,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC,cAAc,CAszBvC,CAAC;AAEF,eAAe,SAAS,CAAC"}

package/dist/index.d.ts

@@ -11,6 +11,8 @@ interface UserProfile {
 }
 interface AppHeaderProps {
     language?: 'en' | 'es';
+    /** When provided, used as Bearer token for profile picture and other authenticated requests. */
+    accessToken?: string | null;
 }
 
 declare const AppHeader: React__default.FC<AppHeaderProps>;
@@ -120,25 +122,11 @@ declare const getAllDataFromStorage: () => any;
  */
 declare const getProfilePictureUrl: (baseUrl?: string) => string | null;
 /**
- * Fetch profile picture from API with headers, get S3 URL, generate presigned URL, and return as blob URL
- * This function:
- * 1. Fetches the profile picture path from the API
- * 2. Extracts the S3 filePath from the JSON response
- * 3. Generates a presigned URL for the S3 object
- * 4. Fetches the image using the presigned URL
- * 5. Converts it to a blob URL that can be used in img src
- * @param baseUrl - Base URL for the object store API (default: http://objectstore.impact0mics.local:9012)
- * @param messageId - Optional message ID for X-Message-Id header (default: generated UUID)
- * @param correlationId - Optional correlation ID for X-Correlation-Id header (default: generated UUID)
- * @param awsConfig - AWS configuration (accessKeyId, secretAccessKey, region, bucket)
- * @returns Promise that resolves to blob URL string or null if fetch fails
+ * Get access token from all known storage keys (header, IAM, userdb, and plain keys).
+ * persist:userdb shape: authDetails (stringified) contains auth.accessToken.
  */
-declare const fetchProfilePictureAsBlobUrl: (baseUrl?: string, messageId?: string, correlationId?: string, awsConfig?: {
-    accessKeyId: string;
-    secretAccessKey: string;
-    region?: string;
-    bucket?: string;
-}) => Promise<string | null>;
+declare function getAccessTokenForRequest(): string | undefined;
+declare const fetchProfilePictureAsBlobUrl: (baseUrl?: string, accessTokenOverride?: string | null) => Promise<string | null>;
 
-export { AppHeader, DrawerProvider, PERSIST_HEADER_KEY, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setHeaderAuth, setI18nLocaleToStorage, translations, useDrawer };
+export { AppHeader, DrawerProvider, PERSIST_HEADER_KEY, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAccessTokenForRequest, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setHeaderAuth, setI18nLocaleToStorage, translations, useDrawer };
 export type { AppHeaderProps, HeaderAuthState, SupportedLanguage, Translations, UserDetailsItem, UserDetailsStoredResponse, UserProfile };

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,SAAS,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5D,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACrE,YAAY,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,oBAAoB,EACpB,aAAa,EACb,sBAAsB,EACtB,+BAA+B,EAC/B,0BAA0B,EAC1B,wBAAwB,EACxB,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,4BAA4B,GAC7B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,eAAe,EAAE,yBAAyB,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,SAAS,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5D,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACrE,YAAY,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,oBAAoB,EACpB,aAAa,EACb,sBAAsB,EACtB,+BAA+B,EAC/B,0BAA0B,EAC1B,wBAAwB,EACxB,sBAAsB,EACtB,qBAAqB,EACrB,wBAAwB,EACxB,oBAAoB,EACpB,4BAA4B,GAC7B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,eAAe,EAAE,yBAAyB,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/index.esm.js

@@ -228,8 +228,8 @@ const getAllDataFromStorage = () => {
         try {
             const parsed = JSON.parse(headerStr);
             const auth = parsed?.auth;
-            const accessToken = auth?.accessToken;
-            if (accessToken) {
+            const accessToken = auth?.accessToken ?? auth?.access_token ?? auth?.token;
+            if (accessToken && typeof accessToken === "string") {
                 const decodedToken = decodeJWT(accessToken);
                 return {
                     ...emptyStorageResult(),
@@ -243,6 +243,48 @@ const getAllDataFromStorage = () => {
             console.error("Error parsing header persist:", err);
         }
     }
+    // Fallback: try IAM persist key (persist:linn-i-am) then persist:userdb
+    const tryParsePersistForAuth = (raw) => {
+        if (!raw)
+            return null;
+        try {
+            const outer = JSON.parse(raw);
+            const parseNested = (v) => typeof v === "string" ? (() => { try {
+                return JSON.parse(v);
+            }
+            catch {
+                return v;
+            } })() : v;
+            for (const key of Object.keys(outer)) {
+                const parsed = parseNested(outer[key]);
+                if (parsed?.accessToken || parsed?.access_token || parsed?.token || parsed?.refreshToken)
+                    return parsed;
+                if (parsed?.auth && typeof parsed.auth === "object") {
+                    const a = parsed.auth;
+                    if (a.accessToken || a.access_token || a.token)
+                        return a;
+                }
+            }
+        }
+        catch {
+            /* ignore */
+        }
+        return null;
+    };
+    const iamPersist = localStorage.getItem("persist:linn-i-am");
+    const iamAuth = tryParsePersistForAuth(iamPersist);
+    if (iamAuth) {
+        const token = (iamAuth.accessToken ?? iamAuth.access_token ?? iamAuth.token);
+        if (token) {
+            const decodedToken = decodeJWT(token);
+            return {
+                ...emptyStorageResult(),
+                auth: iamAuth,
+                decodedToken: decodedToken ? Object.fromEntries(Object.entries(decodedToken).map(([k, v]) => [k, v ?? null])) : null,
+                rawData: iamAuth,
+            };
+        }
+    }
     // Fallback: read access token from persist:userdb (e.g. legacy or shared auth)
     const userDbString = localStorage.getItem("persist:userdb");
     if (!userDbString) {
@@ -265,17 +307,14 @@ const getAllDataFromStorage = () => {
         // Parse all top-level keys dynamically (no hardcoding)
         const parsedData = {};
         let authData = null;
-        // Helper to recursively find auth data (contains accessToken or refreshToken)
+        // Helper to recursively find auth data (contains accessToken, access_token, token, or refreshToken)
         const findAuthData = (obj) => {
             if (!obj || typeof obj !== 'object')
                 return null;
-            // Check if this object itself is auth data
-            if (obj.accessToken || obj.refreshToken) {
+            if (obj.accessToken || obj.access_token || obj.token || obj.refreshToken)
                 return obj;
-            }
-            // Recursively search in nested objects
             for (const key in obj) {
-                if (obj.hasOwnProperty(key)) {
+                if (Object.prototype.hasOwnProperty.call(obj, key)) {
                     const nested = findAuthData(obj[key]);
                     if (nested)
                         return nested;
@@ -293,9 +332,11 @@ const getAllDataFromStorage = () => {
                 parsedData.auth = authData;
             }
         });
-        // Get accessToken and decode it
+        // Get accessToken (support accessToken, access_token, token) and decode it
         let decodedToken = null;
-        const accessToken = authData?.accessToken || parsedData.auth?.accessToken || parsedData.authDetails?.accessToken;
+        const accessToken = authData?.accessToken ?? authData?.access_token ?? authData?.token ??
+            parsedData.auth?.accessToken ?? parsedData.auth?.access_token ?? parsedData.auth?.token ??
+            parsedData.authDetails?.accessToken ?? parsedData.authDetails?.access_token ?? parsedData.authDetails?.token;
         if (accessToken) {
             decodedToken = decodeJWT(accessToken);
         }
@@ -346,175 +387,159 @@ const getProfilePictureUrl = (baseUrl = "http://objectstore.impact0mics.local:90
     }
 };
 /**
- * Generate AWS S3 presigned URL for accessing S3 object
- * @param s3Url - Full S3 URL (e.g., https://bucket.s3.region.amazonaws.com/key)
- * @param accessKeyId - AWS Access Key ID
- * @param secretAccessKey - AWS Secret Access Key
- * @param region - AWS Region (default: ap-south-2)
- * @param expiresIn - Expiration time in seconds (default: 3600 = 1 hour)
- * @returns Presigned URL string
+ * Fetch profile picture from object store API (plain GET with Authorization header).
+ * API returns the image directly; response is converted to a blob URL for use in img src.
+ * @param baseUrl - Base URL for the object store API (default: http://objectstore.impact0mics.local:9012)
+ * @returns Promise that resolves to blob URL string or null if fetch fails
  */
-const generateS3PresignedUrl = async (s3Url, accessKeyId, secretAccessKey, region = "ap-south-2", expiresIn = 3600) => {
+/** Resolve access token from auth object (supports accessToken, access_token, token). */
+function getAccessTokenFromAuth(auth) {
+    if (!auth || typeof auth !== "object")
+        return undefined;
+    const token = auth.accessToken ??
+        auth.access_token ??
+        auth.token;
+    return typeof token === "string" && token.length > 0 ? token : undefined;
+}
+/** True if string looks like a JWT (three base64 parts) or a bearer token, not JSON. */
+function looksLikeToken(s) {
+    return s.length > 0 && !s.trimStart().startsWith("{") && !s.trimStart().startsWith("[");
+}
+/** Recursively find first string value at keys accessToken, access_token, or token. */
+function findTokenInObject(obj) {
+    if (obj === null || obj === undefined)
+        return undefined;
+    if (typeof obj === "string")
+        return looksLikeToken(obj) ? obj : undefined;
+    if (typeof obj !== "object")
+        return undefined;
+    const rec = obj;
+    const direct = rec.accessToken ?? rec.access_token ?? rec.token;
+    if (typeof direct === "string" && looksLikeToken(direct))
+        return direct;
+    for (const key of Object.keys(rec)) {
+        const found = findTokenInObject(rec[key]);
+        if (found)
+            return found;
+    }
+    return undefined;
+}
+/** Parse redux-persist style value (may be double stringified). */
+function parsePersistValue(raw) {
+    if (!raw)
+        return null;
     try {
-        // Parse S3 URL to extract bucket, region, and key
-        // Format: https://bucket.s3.region.amazonaws.com/key or https://bucket.s3-region.amazonaws.com/key
-        const url = new URL(s3Url);
-        const hostnameParts = url.hostname.split('.');
-        let bucket = hostnameParts[0];
-        let extractedRegion = region;
-        // Try to extract region from hostname (format: bucket.s3.region.amazonaws.com)
-        if (hostnameParts.length >= 3 && hostnameParts[1] === 's3') {
-            extractedRegion = hostnameParts[2] || region;
-        }
-        else if (hostnameParts.length >= 2 && hostnameParts[1].startsWith('s3-')) {
-            // Format: bucket.s3-region.amazonaws.com
-            extractedRegion = hostnameParts[1].substring(3) || region;
+        const first = JSON.parse(raw);
+        if (typeof first === "string") {
+            try {
+                return JSON.parse(first);
+            }
+            catch {
+                return first;
+            }
         }
-        const key = url.pathname.substring(1); // Remove leading slash
-        // AWS credentials
-        const awsAccessKeyId = accessKeyId;
-        const awsSecretAccessKey = secretAccessKey;
-        const awsRegion = extractedRegion;
-        // Current timestamp
-        const now = new Date();
-        const dateStamp = now.toISOString().slice(0, 10).replace(/-/g, '');
-        const amzDate = dateStamp + 'T' + now.toISOString().slice(11, 19).replace(/[:-]/g, '') + 'Z';
-        // Step 1: Create canonical request
-        const canonicalUri = '/' + encodeURIComponent(key).replace(/%2F/g, '/');
-        const canonicalQuerystring = `X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=${encodeURIComponent(awsAccessKeyId + '/' + dateStamp + '/' + awsRegion + '/s3/aws4_request')}&X-Amz-Date=${amzDate}&X-Amz-Expires=${expiresIn}&X-Amz-SignedHeaders=host`;
-        const canonicalHeaders = `host:${bucket}.s3.${awsRegion}.amazonaws.com\n`;
-        const signedHeaders = 'host';
-        const payloadHash = 'UNSIGNED-PAYLOAD';
-        const canonicalRequest = `GET\n${canonicalUri}\n${canonicalQuerystring}\n${canonicalHeaders}\n${signedHeaders}\n${payloadHash}`;
-        // Step 2: Create string to sign
-        const algorithm = 'AWS4-HMAC-SHA256';
-        const credentialScope = `${dateStamp}/${awsRegion}/s3/aws4_request`;
-        const stringToSign = `${algorithm}\n${amzDate}\n${credentialScope}\n${await sha256(canonicalRequest)}`;
-        // Step 3: Calculate signature
-        const kDate = await hmacSha256('AWS4' + awsSecretAccessKey, dateStamp);
-        const kRegion = await hmacSha256(kDate, awsRegion);
-        const kService = await hmacSha256(kRegion, 's3');
-        const kSigning = await hmacSha256(kService, 'aws4_request');
-        const signature = await hmacSha256(kSigning, stringToSign);
-        // Convert signature to hex
-        const signatureHex = arrayBufferToHex(signature);
-        // Step 4: Construct presigned URL
-        const presignedUrl = `https://${bucket}.s3.${awsRegion}.amazonaws.com${canonicalUri}?${canonicalQuerystring}&X-Amz-Signature=${signatureHex}`;
-        return presignedUrl;
-    }
-    catch (err) {
-        console.error("Error generating S3 presigned URL:", err);
-        throw err;
-    }
-};
-// Helper function for SHA-256 hashing
-const sha256 = async (message) => {
-    const msgBuffer = new TextEncoder().encode(message);
-    const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
-    return Array.from(new Uint8Array(hashBuffer))
-        .map(b => b.toString(16).padStart(2, '0'))
-        .join('');
-};
-// Helper function for HMAC-SHA256
-const hmacSha256 = async (key, message) => {
-    const encoder = new TextEncoder();
-    let keyBuffer;
-    if (typeof key === 'string') {
-        keyBuffer = encoder.encode(key);
+        return first;
     }
-    else {
-        keyBuffer = new Uint8Array(key);
+    catch {
+        return null;
     }
-    const messageBuffer = encoder.encode(message);
-    const cryptoKey = await crypto.subtle.importKey('raw', keyBuffer, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
-    return await crypto.subtle.sign('HMAC', cryptoKey, messageBuffer);
-};
-// Helper function to convert ArrayBuffer to hex string
-const arrayBufferToHex = (buffer) => {
-    return Array.from(new Uint8Array(buffer))
-        .map(b => b.toString(16).padStart(2, '0'))
-        .join('');
-};
+}
+/** Get a nested value that may be a string (need parse) or already an object. */
+function parseNestedValue(val) {
+    if (val == null)
+        return null;
+    if (typeof val === "string")
+        return parsePersistValue(val);
+    return val;
+}
 /**
- * Fetch profile picture from API with headers, get S3 URL, generate presigned URL, and return as blob URL
- * This function:
- * 1. Fetches the profile picture path from the API
- * 2. Extracts the S3 filePath from the JSON response
- * 3. Generates a presigned URL for the S3 object
- * 4. Fetches the image using the presigned URL
- * 5. Converts it to a blob URL that can be used in img src
- * @param baseUrl - Base URL for the object store API (default: http://objectstore.impact0mics.local:9012)
- * @param messageId - Optional message ID for X-Message-Id header (default: generated UUID)
- * @param correlationId - Optional correlation ID for X-Correlation-Id header (default: generated UUID)
- * @param awsConfig - AWS configuration (accessKeyId, secretAccessKey, region, bucket)
- * @returns Promise that resolves to blob URL string or null if fetch fails
+ * Extract access token from persist:userdb shape: authDetails (string) → parse → auth.accessToken.
+ * Structure: { authDetails: "{\"auth\":{\"accessToken\":\"...\"}}", profileInformation: "...", _persist: "..." }
+ */
+function getTokenFromUserDbPersist(parsed) {
+    const authDetails = parsed.authDetails;
+    const inner = parseNestedValue(authDetails);
+    const obj = typeof inner === "object" && inner !== null ? inner : null;
+    if (!obj)
+        return undefined;
+    const auth = obj.auth;
+    const authObj = typeof auth === "object" && auth !== null ? auth : null;
+    if (!authObj)
+        return undefined;
+    const token = authObj.accessToken ??
+        authObj.access_token ??
+        authObj.token;
+    return typeof token === "string" && looksLikeToken(token) ? token : undefined;
+}
+/**
+ * Get access token from all known storage keys (header, IAM, userdb, and plain keys).
+ * persist:userdb shape: authDetails (stringified) contains auth.accessToken.
  */
-const fetchProfilePictureAsBlobUrl = async (baseUrl = "http://objectstore.impact0mics.local:9012", messageId, correlationId, awsConfig) => {
+function getAccessTokenForRequest() {
+    const keysToTry = [
+        PERSIST_HEADER_KEY,
+        "persist:linn-i-am",
+        "persist:userdb",
+        "token",
+        "accessToken",
+        "auth",
+    ];
+    for (const key of keysToTry) {
+        const raw = localStorage.getItem(key);
+        if (!raw)
+            continue;
+        const parsed = key.startsWith("persist:") ? parsePersistValue(raw) : (() => { try {
+            return JSON.parse(raw);
+        }
+        catch {
+            return raw;
+        } })();
+        const token = findTokenInObject(parsed);
+        if (token)
+            return token;
+        if (key.startsWith("persist:")) {
+            const outer = typeof parsed === "object" && parsed !== null ? parsed : null;
+            if (outer) {
+                if (key === "persist:userdb") {
+                    const fromUserDb = getTokenFromUserDbPersist(outer);
+                    if (fromUserDb)
+                        return fromUserDb;
+                }
+                for (const k of Object.keys(outer)) {
+                    const inner = parseNestedValue(outer[k]);
+                    const t = findTokenInObject(inner);
+                    if (t)
+                        return t;
+                }
+            }
+        }
+    }
+    return getAccessTokenFromAuth(getAllDataFromStorage().auth);
+}
+const fetchProfilePictureAsBlobUrl = async (baseUrl = "http://objectstore.impact0mics.local:9012", accessTokenOverride) => {
     try {
         const profilePictureUrl = getProfilePictureUrl(baseUrl);
-        if (!profilePictureUrl) {
+        if (!profilePictureUrl)
             return null;
-        }
-        // AWS credentials (default values provided by user)
-        const defaultAwsConfig = {
-            accessKeyId: "AKIAVRUVTJGLBCYZEI5L",
-            secretAccessKey: "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",
-            region: "ap-south-2",
-            bucket: "development-varminer-test"
-        };
-        const finalAwsConfig = awsConfig || defaultAwsConfig;
-        // Generate message ID and correlation ID if not provided
-        const msgId = messageId || `msg-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
-        const corrId = correlationId || `corr-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
-        const allData = getAllDataFromStorage();
-        const accessToken = allData.auth?.accessToken;
-        const headers = {
-            'X-Message-Id': msgId,
-            'X-Correlation-Id': corrId,
-        };
+        const accessToken = (typeof accessTokenOverride === "string" && accessTokenOverride.length > 0
+            ? accessTokenOverride
+            : null) ?? getAccessTokenForRequest();
+        const headers = {};
         if (accessToken) {
-            headers['Authorization'] = `Bearer ${accessToken}`;
-        }
-        // Step 1: Fetch the profile picture path from API (returns JSON with filePath)
-        const apiResponse = await fetch(profilePictureUrl, {
-            method: 'GET',
-            headers,
-        });
-        // Check if the API response is successful
-        if (!apiResponse.ok) {
-            console.warn(`Failed to fetch profile picture path: ${apiResponse.status} ${apiResponse.statusText}`);
-            return null;
+            headers["Authorization"] = `Bearer ${accessToken}`;
         }
-        // Parse JSON response
-        const apiData = await apiResponse.json();
-        // Extract filePath from response
-        const s3Url = apiData?.filePath;
-        if (!s3Url || typeof s3Url !== 'string') {
-            console.warn('Profile picture API response does not contain valid filePath');
-            return null;
-        }
-        // Step 2: Generate presigned URL for S3 object
-        const presignedUrl = await generateS3PresignedUrl(s3Url, finalAwsConfig.accessKeyId, finalAwsConfig.secretAccessKey, finalAwsConfig.region);
-        // Step 3: Fetch the image using presigned URL
-        const imageResponse = await fetch(presignedUrl, {
-            method: 'GET',
-        });
-        // Check if the image response is successful
-        if (!imageResponse.ok) {
-            console.warn(`Failed to fetch profile picture image: ${imageResponse.status} ${imageResponse.statusText}`);
+        const response = await fetch(profilePictureUrl, { method: "GET", headers });
+        if (!response.ok) {
+            console.warn(`Failed to fetch profile picture: ${response.status} ${response.statusText}`);
             return null;
         }
-        // Check if the response is an image
-        const contentType = imageResponse.headers.get('content-type');
-        if (!contentType || !contentType.startsWith('image/')) {
+        const contentType = response.headers.get("content-type");
+        if (!contentType || !contentType.startsWith("image/")) {
             console.warn(`Profile picture response is not an image: ${contentType}`);
             return null;
         }
-        // Step 4: Convert response to blob
-        const blob = await imageResponse.blob();
-        // Step 5: Create blob URL
-        const blobUrl = URL.createObjectURL(blob);
-        return blobUrl;
+        const blob = await response.blob();
+        return URL.createObjectURL(blob);
     }
     catch (err) {
         console.error("Error fetching profile picture:", err);
@@ -634,7 +659,7 @@ const DEFAULT_ROUTES = {
     profile: "/user/profile",
     logout: "/user/login",
 };
-const AppHeader = ({ language: languageProp }) => {
+const AppHeader = ({ language: languageProp, accessToken: accessTokenProp }) => {
     // Get initial language from props, URL, localStorage, or default to 'en'
     const getInitialLanguage = () => {
         // Priority 1: Props
@@ -731,12 +756,18 @@ const AppHeader = ({ language: languageProp }) => {
                 userRole = userRole || profileData.role || profileData.userRole || "";
             }
         }
+        const avatarSrc = storedUser?.avatar ??
+            allData.auth?.avatar ??
+            allData.profile?.avatar;
+        const initialsVal = storedUser?.initials ??
+            allData.auth?.initials ??
+            allData.profile?.initials;
         return {
             name: userName || "",
             email: userEmail || "",
             role: userRole || "",
-            avatar: storedUser?.avatar || allData.auth?.avatar || allData.profile?.avatar || undefined,
-            initials: storedUser?.initials || allData.auth?.initials || allData.profile?.initials || undefined,
+            avatar: typeof avatarSrc === "string" ? avatarSrc : undefined,
+            initials: typeof initialsVal === "string" ? initialsVal : undefined,
         };
     });
     const [notificationCount, setNotificationCount] = React__default.useState(() => {
@@ -751,8 +782,8 @@ const AppHeader = ({ language: languageProp }) => {
     // Fetch profile picture from API when component mounts or user data changes
     React__default.useEffect(() => {
         const fetchProfilePicture = async () => {
-            // Try to fetch profile picture from API
-            const blobUrl = await fetchProfilePictureAsBlobUrl();
+            const token = accessTokenProp ?? getAccessTokenForRequest();
+            const blobUrl = await fetchProfilePictureAsBlobUrl(undefined, token ?? undefined);
             if (blobUrl) {
                 // Clean up previous blob URL if it exists
                 setProfilePictureBlobUrl((prevUrl) => {
@@ -773,7 +804,7 @@ const AppHeader = ({ language: languageProp }) => {
                 return null;
             });
         };
-    }, []); // Only run once on mount - fetch when component loads
+    }, [accessTokenProp]); // Refetch when accessToken prop changes (e.g. after login)
     React__default.useEffect(() => {
         const allData = getAllDataFromStorage();
         let userName = "";
@@ -1105,5 +1136,5 @@ const AppHeader = ({ language: languageProp }) => {
                                 }, children: jsx(MoreIcon, {}) }) })] }) }), renderMobileMenu, renderMenu] }));
 };
 
-export { AppHeader, DrawerProvider, PERSIST_HEADER_KEY, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setHeaderAuth, setI18nLocaleToStorage, translations, useDrawer };
+export { AppHeader, DrawerProvider, PERSIST_HEADER_KEY, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAccessTokenForRequest, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setHeaderAuth, setI18nLocaleToStorage, translations, useDrawer };
 //# sourceMappingURL=index.esm.js.map