Merge pull request #487 from nhost/changeset-release/main

chore: update versions

examples/nextjs/nhost/config.yaml

@@ -7,7 +7,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    version: 0.4.2
+    version: 0.7.1
 auth:
   access_control:
     email:

examples/react-apollo/nhost/config.yaml

@@ -7,7 +7,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    version: 0.6.3
+    version: 0.7.1
 auth:
   access_control:
     email:

packages/apollo/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost/apollo
 
+## 0.4.5
+
+### Patch Changes
+
+- Updated dependencies [7b23d33]
+  - @nhost/core@0.4.1
+
 ## 0.4.4
 
 ### Patch Changes

packages/apollo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/apollo",
-  "version": "0.4.4",
+  "version": "0.4.5",
   "description": "Nhost Apollo Client library",
   "license": "MIT",
   "keywords": [

packages/core/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/core
 
+## 0.4.1
+
+### Patch Changes
+
+- 7b23d33: Clean `refreshToken` and `type` from the url when the user is already signed in
+
 ## 0.4.0
 
 ### Minor Changes

packages/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/core",
-  "version": "0.4.0",
+  "version": "0.4.1",
   "description": "Nhost core client library",
   "license": "MIT",
   "keywords": [

packages/core/src/machines/index.ts

@@ -353,7 +353,7 @@ export const createAuthMachine = ({
             signedIn: {
               tags: ['ready'],
               type: 'parallel',
-              entry: 'reportSignedIn',
+              entry: ['reportSignedIn', 'cleanUrl'],
               on: {
                 SIGNOUT: '#nhost.authentication.signedOut.signingOut',
                 DEANONYMIZE: {
@@ -567,6 +567,17 @@ export const createAuthMachine = ({
             return { value: null }
           }
         }),
+
+        // * Clean the browser url when `autoSignIn` is activated
+        cleanUrl: () => {
+          if (autoSignIn && getParameterByName('refreshToken')) {
+            // * Remove the refresh token from the URL
+            removeParameterFromWindow('refreshToken')
+            removeParameterFromWindow('type')
+          }
+        },
+
+        // * Broadcast the token to other tabs when `autoSignIn` is activated
         broadcastToken: (context) => {
           if (autoSignIn) {
             try {
@@ -687,8 +698,6 @@ export const createAuthMachine = ({
                 // ? Which takes precedence? localStorage or the url?
                 refreshToken = urlToken
               }
-              // * Remove the refresh token from the URL
-              removeParameterFromWindow('refreshToken')
             } else {
               const error = getParameterByName('error')
               if (error) {

packages/core/src/machines/index.typegen.ts

@@ -72,6 +72,16 @@ export interface Typegen0 {
       | 'done.invoke.signInMfaTotp'
       | 'done.invoke.registerUser'
       | 'done.invoke.authenticateWithToken'
+    cleanUrl:
+      | 'SESSION_UPDATE'
+      | ''
+      | 'done.invoke.authenticatePasswordlessSmsOtp'
+      | 'done.invoke.authenticateUserWithPassword'
+      | 'done.invoke.signInToken'
+      | 'done.invoke.authenticateAnonymously'
+      | 'done.invoke.signInMfaTotp'
+      | 'done.invoke.registerUser'
+      | 'done.invoke.authenticateWithToken'
   }
   internalEvents: {
     'done.invoke.authenticatePasswordlessSmsOtp': {

packages/hasura-auth-js/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost/hasura-auth-js
 
+## 1.1.1
+
+### Patch Changes
+
+- Updated dependencies [7b23d33]
+  - @nhost/core@0.4.1
+
 ## 1.1.0
 
 ### Minor Changes

packages/hasura-auth-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/hasura-auth-js",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "description": "Hasura-auth client",
   "license": "MIT",
   "keywords": [

packages/nextjs/CHANGELOG.md

@@ -1,5 +1,14 @@
 # @nhost/nextjs
 
+## 1.1.1
+
+### Patch Changes
+
+- 7b23d33: Get the refresh token in the right place in the url
+  Hasura-auth puts the refresh token in the url as `refreshToken`, but it is not stored using the same key in localStorage / the cookie. This fix makes the right correspondance between the two.
+  - @nhost/nhost-js@1.1.6
+  - @nhost/react@0.6.1
+
 ## 1.1.0
 
 ### Minor Changes

packages/nextjs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/nextjs",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "description": "Nhost NextJS library",
   "license": "MIT",
   "keywords": [

packages/nextjs/src/create-server-side-client.ts

@@ -3,7 +3,7 @@ import { GetServerSidePropsContext } from 'next'
 import { StateFrom } from 'xstate'
 import { waitFor } from 'xstate/lib/waitFor'
 
-import { AuthMachine } from '@nhost/core'
+import { AuthMachine, NHOST_REFRESH_TOKEN_KEY } from '@nhost/core'
 import { NhostClient } from '@nhost/nhost-js'
 
 /**
@@ -24,9 +24,13 @@ export const createServerSideClient = async (
     backendUrl,
     clientStorageGetter: (key) => {
       // TODO does not perfectly work in the same way as the 'regular' client:
-      // * in the authentication machine, if the refresh token is null but an error is found in the url, then the authentication stops and fails
-      const urlValue = context.query[key]
-      return typeof urlValue === 'string' ? urlValue : cookies.get(key) ?? null
+      // in the authentication machine, if the refresh token is null but an error is found in the url, then the authentication stops and fails.
+      // * When the requested key is `NHOST_REFRESH_TOKEN_KEY`, we have to look for the given 'refreshToken' value
+      // * in the url as this is the key sent by hasura-auth
+      const urlKey = key === NHOST_REFRESH_TOKEN_KEY ? 'refreshToken' : key
+      const urlValue = context.query[urlKey]
+      const cookieValue = cookies.get(key) ?? null
+      return typeof urlValue === 'string' ? urlValue : cookieValue
     },
     clientStorageSetter: (key, value) => {
       cookies.set(key, value, { httpOnly: false, sameSite: true })

packages/nhost-js/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/nhost-js
 
+## 1.1.6
+
+### Patch Changes
+
+- @nhost/hasura-auth-js@1.1.1
+
 ## 1.1.5
 
 ### Patch Changes

packages/nhost-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/nhost-js",
-  "version": "1.1.5",
+  "version": "1.1.6",
   "description": "Nhost JavaScript SDK",
   "license": "MIT",
   "keywords": [

packages/react-apollo/CHANGELOG.md

@@ -1,4 +1,12 @@
 # @nhost/react-apollo
+
+## 4.1.1
+
+### Patch Changes
+
+- @nhost/apollo@0.4.5
+- @nhost/react@0.6.1
+
 ## 4.1.0
 
 ### Patch Changes

packages/react-apollo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/react-apollo",
-  "version": "4.1.0",
+  "version": "4.1.1",
   "description": "Nhost React Apollo client",
   "license": "MIT",
   "keywords": [

packages/react/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/react
 
+## 0.6.1
+
+### Patch Changes
+
+- @nhost/nhost-js@1.1.6
+
 ## 0.6.0
 
 ### Minor Changes

packages/react/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/react",
-  "version": "0.6.0",
+  "version": "0.6.1",
   "description": "Nhost React library",
   "license": "MIT",
   "keywords": [