feat(ts-web): Add credentials support and improve generated client headers

[BRBussy]

Summary

Enhances the TypeScript Web SDK code generator to improve browser authentication support and code clarity.

Changes

1. Add Credentials Support for Cookie Authentication

Problem:
Browser applications using cookie-based authentication (especially Next.js with SSR) need credentials: 'include' in fetch requests to properly send HTTP-only cookies.

Solution:
Updated the protoc-gen-mesh_ts_web generator to include a custom fetch wrapper in the gRPC-Web transport configuration:

const transport = createGrpcWebTransport({
  baseUrl: this._config.apiServerURL,
  interceptors: this._interceptors,
  fetch: (input, init) => fetch(input, { ...init, credentials: "include" }),
});

Impact:

• ✅ Browser automatically sends authentication cookies (e.g., AccessToken)
• ✅ Enables seamless cookie-based auth in Next.js client components
• ✅ Works with existing SSR cookie forwarding pattern
• ✅ No breaking changes - additive enhancement

2. Add "DO NOT EDIT" Header to Generated Files

Problem:
Generated files lacked clear indication that they shouldn't be manually edited.

Solution:
Added idiomatic "DO NOT EDIT" comment following Go convention:

// Code generated by protoc-gen-meshts. DO NOT EDIT.
// @generated by protoc-gen-meshts v1
// @generated from file meshtrade/iam/group/v1/service.proto (package meshtrade.iam.group.v1, syntax proto3)
/* eslint-disable */

Impact:

• ✅ Clear warning for developers
• ✅ Follows industry standard pattern (Go, Protocol Buffers)
• ✅ Prevents accidental manual modifications
• ✅ Improves code professionalism

Architecture Context

The TypeScript Web SDK supports dual-environment usage in Next.js:

Browser (Client Components):

'use client';
const client = new ClientServiceWeb();
// credentials: 'include' automatically sends cookies ✅

Next.js Server (Server Components/API Routes):

import { cookies } from 'next/headers';
const token = cookies().get('AccessToken')?.value;
const client = new ClientServiceWeb(WithJWTAccessToken(token));
// Manually forwards cookie in Node.js environment ✅

Both patterns now work seamlessly with the updated generator.

Files Changed

Modified

• tool/protoc-gen-mesh_ts_web/src/index.ts (+3 lines)
  • Added credentials: 'include' to fetch configuration
  • Added DO NOT EDIT comment to file header generation

Regenerated (10 files)

All generated TypeScript Web service clients now include:

• Cookie credential support in transport
• DO NOT EDIT header comment

Testing

• ✅ Generator builds successfully (yarn build)
• ✅ All service clients regenerated without errors
• ✅ Verified credentials configuration in generated code
• ✅ Verified DO NOT EDIT comment in all generated files

Breaking Changes

None - these are additive improvements that enhance existing functionality.

Related Documentation

See thoughts/ts-web-sdk-improvements.md for comprehensive SDK review and future improvement roadmap.

🤖 Generated with Claude Code

Co-Authored-By: Claude noreply@anthropic.com