Server side session

packages/connect-react/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@corbado/connect-react",
-  "version": "0.11.1",
+  "version": "0.11.5",
   "description": "This package provides a set of React components to integrate passkeys into an existing authentication system.",
   "author": "Martin Kellner <martin.kellner@corbado.com>",
   "homepage": "https://github.com/corbado/javascript#readme",
@@ -31,7 +31,7 @@
     "url": "https://github.com/corbado/javascript/issues"
   },
   "dependencies": {
-    "@corbado/web-core": "^3.1.2",
+    "@corbado/web-core": "^3.2.3-alpha.0",
     "date-fns": "^3.6.0"
   },
   "devDependencies": {

packages/connect-web-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@corbado/connect-web-js",
-  "version": "0.8.1",
+  "version": "0.8.5",
   "description": "This package provides a set of components to integrate passkeys into an existing authentication system",
   "author": "Martin Kellner <martin.kellner@corbado.com>",
   "homepage": "https://github.com/corbado/javascript#readme",
@@ -34,7 +34,7 @@
     "url": "https://github.com/corbado/javascript/issues"
   },
   "dependencies": {
-    "@corbado/connect-react": "^0.11.1",
+    "@corbado/connect-react": "^0.11.5",
     "react": "^18.2.0",
     "react-dom": "^18.2.0"
   },

packages/react/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@corbado/react",
-  "version": "3.1.3",
+  "version": "3.2.3-alpha.0",
   "description": "This package provides all the functionalities and UI components needed by developers when integration Corbado's Authentication management system in their react application",
   "author": "Abdullah Shahbaz <abdullah_ghani@live.com>",
   "homepage": "https://github.com/corbado/javascript#readme",
@@ -31,9 +31,9 @@
     "url": "https://github.com/corbado/javascript/issues"
   },
   "dependencies": {
-    "@corbado/shared-ui": "^3.1.2",
+    "@corbado/shared-ui": "^3.2.3-alpha.0",
     "@corbado/shared-util": "^1.0.12",
-    "@corbado/web-core": "^3.1.2",
+    "@corbado/web-core": "^3.2.3-alpha.0",
     "i18next": "23.5.1",
     "i18next-browser-languagedetector": "7.1.0",
     "libphonenumber-js": "^1.10.59",

packages/shared-ui/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@corbado/shared-ui",
-  "version": "3.1.2",
+  "version": "3.2.3-alpha.0",
   "description": "This package contains shared files for all the complete packages of Corbado for VanillaJS, React, Angular, Vue, etc.",
   "author": "Abdullah Shahbaz <abdullah_ghani@live.com>",
   "homepage": "https://github.com/corbado/javascript#readme",
@@ -44,7 +44,7 @@
     "**/*.json"
   ],
   "dependencies": {
-    "@corbado/web-core": "^3.1.2",
+    "@corbado/web-core": "^3.2.3-alpha.0",
     "rxjs": "^7.8.1",
     "ua-parser-js": "^1.0.37"
   },

packages/shared-ui/src/flowHandler/blocks/EmailVerifyBlock.ts

@@ -19,7 +19,6 @@ export class EmailVerifyBlock extends Block<BlockDataEmailVerify> {
   readonly type = BlockTypes.EmailVerify;
   readonly initialScreen;
   readonly authType: AuthType;
-  readonly isNewDevice: boolean;
   readonly emailLinkToken?: string;
 
   constructor(
@@ -30,7 +29,6 @@ export class EmailVerifyBlock extends Block<BlockDataEmailVerify> {
     data: GeneralBlockVerifyIdentifier,
     authType: AuthType,
     fromEmailVerifyFromUrl: boolean,
-    isNewDevice: boolean,
     emailLinkToken?: string,
   ) {
     super(app, flowHandler, common, errorTranslator);
@@ -51,7 +49,6 @@ export class EmailVerifyBlock extends Block<BlockDataEmailVerify> {
     }
 
     this.authType = authType;
-    this.isNewDevice = isNewDevice;
     this.emailLinkToken = emailLinkToken;
 
     this.data = {
@@ -71,7 +68,7 @@ export class EmailVerifyBlock extends Block<BlockDataEmailVerify> {
     data: GeneralBlockVerifyIdentifier,
     authType: AuthType,
   ): EmailVerifyBlock {
-    return new EmailVerifyBlock(app, flowHandler, common, translator, data, authType, false, false);
+    return new EmailVerifyBlock(app, flowHandler, common, translator, data, authType, false);
   }
 
   static fromUrl(
@@ -80,7 +77,6 @@ export class EmailVerifyBlock extends Block<BlockDataEmailVerify> {
     translator: ErrorTranslator,
     data: GeneralBlockVerifyIdentifier,
     authType: AuthType,
-    isNewDevice: boolean,
     emailLinkToken: string,
   ): EmailVerifyBlock {
     const emptyCommon: ProcessCommon = {
@@ -90,17 +86,7 @@ export class EmailVerifyBlock extends Block<BlockDataEmailVerify> {
       environment: '',
     };
 
-    return new EmailVerifyBlock(
-      app,
-      flowHandler,
-      emptyCommon,
-      translator,
-      data,
-      authType,
-      true,
-      isNewDevice,
-      emailLinkToken,
-    );
+    return new EmailVerifyBlock(app, flowHandler, emptyCommon, translator, data, authType, true, emailLinkToken);
   }
 
   showEditEmail() {
@@ -163,11 +149,7 @@ export class EmailVerifyBlock extends Block<BlockDataEmailVerify> {
       throw new Error('Email link token is missing');
     }
 
-    const res = await this.app.authProcessService.finishEmailLinkVerification(
-      abortController,
-      this.emailLinkToken,
-      this.isNewDevice,
-    );
+    const res = await this.app.authProcessService.finishEmailLinkVerification(abortController, this.emailLinkToken);
 
     this.updateProcess(res);
 

packages/shared-ui/src/flowHandler/processHandler.ts

@@ -198,7 +198,6 @@ export class ProcessHandler {
       this.#errorTranslator,
       emailVerifyFromUrl.data,
       emailVerifyFromUrl.authType,
-      emailVerifyFromUrl.isNewDevice,
       emailVerifyFromUrl.token,
     ) as Block<unknown>;
 

packages/tests-e2e/src/complete/models/corbado-auth-blocks/EmailVerifyBlockModel.ts

@@ -81,7 +81,7 @@ export class EmailVerifyBlockModel {
       },
       authType: authType,
       process: {
-        id: cboAuthProcess.id,
+        tempId: cboAuthProcess.id,
         expires: cboAuthProcess.expires,
         frontendApiUrl: cboAuthProcess.frontendApiUrl,
       },

packages/tests-e2e/src/complete/scenarios/corbado-auth-general/email-link-verify-obfuscation.spec.ts

@@ -37,7 +37,8 @@ test.describe('email-verify block should obfuscate email addresses if they have
     killPlaygroundNew(server);
   });
 
-  test('email is obfuscated during login if the login is started with username', async ({ model, page }) => {
+  // we need to receive an actual email to run this test
+  test.skip('email is obfuscated during login if the login is started with username', async ({ model, page }) => {
     await model.load(projectId, port, false, 'signup-init');
 
     const email = SignupInitBlockModel.generateRandomEmail();

packages/tests-e2e/src/connect/scenarios/append.spec.ts

@@ -63,6 +63,7 @@ test.describe('append flows', () => {
     // First attempt to create passkey is cancelled, user skips, then sets up TOTP and logs in later
     await virtualAuthenticator.modeCancel();
     const postLoginPage = await signupPage.submit(email, TestDataFactory.phoneNumber, TestDataFactory.password);
+    await postLoginPage.awaitPage();
     const mfaPage = await postLoginPage.skipAfterSignup();
 
     // Confirm TOTP to end on profile

packages/tests-e2e/src/connect/scenarios/login.spec.ts

@@ -30,6 +30,7 @@ test.describe('login flows', () => {
 
     const email = TestDataFactory.generateEmail();
     const postLoginPage = await signupPage.submit(email, TestDataFactory.phoneNumber, TestDataFactory.password);
+    await postLoginPage.awaitPage();
     const profilePage = await postLoginPage.continue(true);
     await profilePage.awaitPage();
 
@@ -54,6 +55,7 @@ test.describe('login flows', () => {
 
     const email = TestDataFactory.generateEmail();
     const postLoginPage = await signupPage.submit(email, TestDataFactory.phoneNumber, TestDataFactory.password);
+    await postLoginPage.awaitPage();
     const profilePage = await postLoginPage.continue(true);
     await profilePage.awaitPage();
     const loginPage2 = await profilePage.logout();
@@ -79,6 +81,7 @@ test.describe('login flows', () => {
 
     const email = TestDataFactory.generateEmail();
     const postLoginPage = await signupPage.submit(email, TestDataFactory.phoneNumber, TestDataFactory.password);
+    await postLoginPage.awaitPage();
     const profilePage = await postLoginPage.continue(true);
     await profilePage.awaitPage();
 
@@ -133,6 +136,7 @@ test.describe('login flows', () => {
 
     const email = TestDataFactory.generateEmail();
     const postLoginPage = await signupPage.submit(email, TestDataFactory.phoneNumber, TestDataFactory.password);
+    await postLoginPage.awaitPage();
     const profilePage = await postLoginPage.continue(true);
     await profilePage.awaitPage();
     expect(await profilePage.awaitState(ProfileStatus.ListWithPasskeys)).toBeTruthy();

packages/tests-e2e/src/connect/scenarios/network-blocking.spec.ts

@@ -32,6 +32,7 @@ test.describe('network blocking flows', () => {
 
     const email = TestDataFactory.generateEmail();
     const postLoginPage = await signupPage.submit(email, TestDataFactory.phoneNumber, TestDataFactory.password);
+    await postLoginPage.awaitPage();
     const profilePage = await postLoginPage.continue(true);
     await profilePage.awaitPage();
 
@@ -78,13 +79,15 @@ test.describe('network blocking flows', () => {
     await networkBlocker.appendStart();
     const loginPage2 = await profilePage.logout();
     await loginPage2.loginWithIdentifierAndPasswordIdentifierFirst(email, TestDataFactory.password);
+    expect(await loginPage2.awaitState(LoginStatus.FallbackSecondTOTP)).toBeTruthy();
     const codeFirst = await authenticator.getCode(sharedKey);
     const postLoginPage2 = await loginPage2.completeLoginWithTOTP(codeFirst!);
     await postLoginPage2.autoSkip().awaitPage();
 
     await networkBlocker.appendFinish();
     const loginPage3 = await profilePage.logout();
     await loginPage3.loginWithIdentifierAndPasswordIdentifierFirst(email, TestDataFactory.password);
+    expect(await loginPage2.awaitState(LoginStatus.FallbackSecondTOTP)).toBeTruthy();
     const codeSecond = await authenticator.getCode(sharedKey);
     const postLoginPage3 = await loginPage3.completeLoginWithTOTP(codeSecond!);
     await postLoginPage3.autoSkip().awaitPage();
@@ -100,6 +103,7 @@ test.describe('network blocking flows', () => {
 
     const email = TestDataFactory.generateEmail();
     const postLoginPage = await signupPage.submit(email, TestDataFactory.phoneNumber, TestDataFactory.password);
+    await postLoginPage.awaitPage();
     const profilePage = await postLoginPage.continue(true);
     await profilePage.awaitPage();
     expect(await profilePage.awaitState(ProfileStatus.ListWithPasskeys)).toBeTruthy();

packages/web-core/README.md

@@ -19,7 +19,7 @@ Since, this is an internal package, it is not needed to be installed separately.
 ## 📄 Documentation & Support
 
 For support and questions please visit our [Slack channel](https://join.slack.com/t/corbado/shared_invite/zt-1b7867yz8-V~Xr~ngmSGbt7IA~g16ZsQ).
-For more detailed information and advanced configuration options, please visit our [Documentation Page](https://docs.corbado.com/overview/welcome).
+For more detailed information and advanced configuration options, please visit our [Docs](https://docs.corbado.com/overview/welcome).
 
 ---
 

packages/web-core/openapi/spec_v2.yaml

@@ -33,6 +33,21 @@ tags:
     description: All API calls that are related to a connect process
 
 paths:
+  /v2/process-config:
+    get:
+      summary: Retrieve process configuration
+      description: Retrieves the process configuration settings.
+      operationId: GetProcessConfig
+      tags:
+        - Configs
+      responses:
+        "200":
+          description: Process configuration settings.
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/processConfigRsp"
+
   /v2/session-config:
     get:
       summary: Retrieve session configuration
@@ -1169,16 +1184,13 @@ components:
         - code
         - identifierType
         - verificationType
-        - isNewDevice
       properties:
         code:
           type: string
         identifierType:
           $ref: "#/components/schemas/loginIdentifierType"
         verificationType:
           $ref: "#/components/schemas/verificationMethod"
-        isNewDevice:
-          type: boolean
 
     socialVerifyStartReq:
       type: object
@@ -1208,6 +1220,17 @@ components:
         value:
           type: string
 
+    processConfigRsp:
+      type: object
+      required:
+        - useServerSideProcessId
+        - frontendApiUrl
+      properties:
+        useServerSideProcessId:
+          type: boolean
+        frontendApiUrl:
+          type: string
+
     sessionConfigRsp:
       type: object
       required:

packages/web-core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@corbado/web-core",
-  "version": "3.1.2",
+  "version": "3.2.3-alpha.0",
   "description": "This package contains core functionalities which are exported by all the SDKs and UI packages of our JavaScript library",
   "author": "Abdullah Shahbaz <abdullah_ghani@live.com>",
   "homepage": "https://github.com/corbado/javascript#readme",