From a3673175149383c46c62af9c559cafd7da4d05dc Mon Sep 17 00:00:00 2001
From: Ivan Kuznetsov <ivan@capk.me>
Date: Sat, 7 Dec 2024 17:06:13 +0000
Subject: [PATCH] feat: add support for Cloudflare Turnstile response param in
 signUp (#155)

---
 .../nhost_auth_dart/lib/src/auth_client.dart  | 33 ++++++++-----------
 1 file changed, 14 insertions(+), 19 deletions(-)

diff --git a/packages/nhost_auth_dart/lib/src/auth_client.dart b/packages/nhost_auth_dart/lib/src/auth_client.dart
index a621324e..4ca3c26c 100644
--- a/packages/nhost_auth_dart/lib/src/auth_client.dart
+++ b/packages/nhost_auth_dart/lib/src/auth_client.dart
@@ -71,9 +71,7 @@ class NhostAuthClient implements HasuraAuthClient {
   @override
   AuthenticationState get authenticationState {
     if (_loading) return AuthenticationState.inProgress;
-    return _session.session != null
-        ? AuthenticationState.signedIn
-        : AuthenticationState.signedOut;
+    return _session.session != null ? AuthenticationState.signedIn : AuthenticationState.signedOut;
   }
 
   /// The currently logged-in user's Json Web Token, or `null` if
@@ -113,8 +111,7 @@ class NhostAuthClient implements HasuraAuthClient {
   ///
   /// The returned function will remove the callback when called.
   @override
-  UnsubscribeDelegate addAuthStateChangedCallback(
-      AuthStateChangedCallback callback) {
+  UnsubscribeDelegate addAuthStateChangedCallback(AuthStateChangedCallback callback) {
     _authChangedCallbacks.add(callback);
     return () {
       _authChangedCallbacks.removeWhere((element) => element == callback);
@@ -130,12 +127,10 @@ class NhostAuthClient implements HasuraAuthClient {
   ///
   /// The returned function will remove the callback when called.
   @override
-  UnsubscribeDelegate addSessionRefreshFailedCallback(
-      SessionRefreshFailedCallback callback) {
+  UnsubscribeDelegate addSessionRefreshFailedCallback(SessionRefreshFailedCallback callback) {
     _sessionRefreshFailedCallbacks.add(callback);
     return () {
-      _sessionRefreshFailedCallbacks
-          .removeWhere((element) => element == callback);
+      _sessionRefreshFailedCallbacks.removeWhere((element) => element == callback);
     };
   }
 
@@ -171,6 +166,9 @@ class NhostAuthClient implements HasuraAuthClient {
   /// returned [AuthResponse] will not contain a session. The user must first
   /// activate their account by clicking an activation link sent to their email.
   ///
+  /// If [turnstileResponse] is provided, it will be included in the request headers
+  /// as `x-cf-turnstile-response` to support Cloudflare Turnstile protection.
+  ///
   /// Throws an [NhostException] if registration fails.
   @override
   Future<AuthResponse> signUp({
@@ -182,11 +180,12 @@ class NhostAuthClient implements HasuraAuthClient {
     List<String>? roles,
     String? displayName,
     String? redirectTo,
+    String? turnstileResponse,
   }) async {
     log.finer('Attempting user registration');
 
-    final includeRoleOptions =
-        defaultRole != null || (roles != null && roles.isNotEmpty);
+    final headers = turnstileResponse != null ? {'x-cf-turnstile-response': turnstileResponse} : null;
+    final includeRoleOptions = defaultRole != null || (roles != null && roles.isNotEmpty);
     final options = {
       if (metadata != null) 'metadata': metadata,
       if (locale != null) 'locale': locale,
@@ -205,6 +204,7 @@ class NhostAuthClient implements HasuraAuthClient {
           if (options.isNotEmpty) 'options': options,
         },
         responseDeserializer: AuthResponse.fromJson,
+        headers: headers,
       );
       log.finer('Registration successful');
 
@@ -421,8 +421,7 @@ class NhostAuthClient implements HasuraAuthClient {
   }) async {
     log.finer('Attempting sign in (passwordless SMS)');
 
-    final includeRoleOptions =
-        defaultRole != null || (roles != null && roles.isNotEmpty);
+    final includeRoleOptions = defaultRole != null || (roles != null && roles.isNotEmpty);
     final options = {
       if (metadata != null) 'metadata': metadata,
       if (locale != null) 'locale': locale,
@@ -471,8 +470,7 @@ class NhostAuthClient implements HasuraAuthClient {
   }) async {
     log.finer('Attempting sign in (otp)');
 
-    final includeRoleOptions =
-        defaultRole != null || (roles != null && roles.isNotEmpty);
+    final includeRoleOptions = defaultRole != null || (roles != null && roles.isNotEmpty);
     final options = {
       if (metadata != null) 'metadata': metadata,
       if (locale != null) 'locale': locale,
@@ -617,10 +615,7 @@ class NhostAuthClient implements HasuraAuthClient {
   }) async {
     await _apiClient.post(
       '/user/password',
-      jsonBody: {
-        'newPassword': newPassword,
-        if (ticket != null) 'ticket': ticket
-      },
+      jsonBody: {'newPassword': newPassword, if (ticket != null) 'ticket': ticket},
       headers: _session.authenticationHeaders,
     );
   }