Add API domain override and update OTP endpoint

0xFirekeeper · 0xFirekeeper · commit fbc8a7437d2f · 2025-09-06T03:25:35.000+07:00
Introduces an 'api' domain override in domains.ts and updates the OTP authentication flow to use the new API endpoint for initiation. This change improves flexibility for API server configuration and aligns OTP requests with the updated backend route.

Closes BLD-220
diff --git a/packages/thirdweb/src/utils/domains.ts b/packages/thirdweb/src/utils/domains.ts
@@ -14,6 +14,11 @@ type DomainOverrides = {
    * @default "embedded-wallet.thirdweb.com"
    */
   inAppWallet?: string;
+  /**
+   * The base URL for the API server.
+   * @default "api.thirdweb.com"
+   */
+  api?: string;
   /**
    * The base URL for the payment server.
    * @default "pay.thirdweb.com"
@@ -54,6 +59,7 @@ type DomainOverrides = {
 export const DEFAULT_RPC_URL = "rpc.thirdweb.com";
 const DEFAULT_SOCIAL_URL = "social.thirdweb.com";
 const DEFAULT_IN_APP_WALLET_URL = "embedded-wallet.thirdweb.com";
+const DEFAULT_API_URL = "api.thirdweb.com";
 const DEFAULT_PAY_URL = "pay.thirdweb.com";
 const DEFAULT_STORAGE_URL = "storage.thirdweb.com";
 const DEFAULT_BUNDLER_URL = "bundler.thirdweb.com";
@@ -64,6 +70,7 @@ const DEFAULT_BRIDGE_URL = "bridge.thirdweb.com";
 
 let domains: { [k in keyof DomainOverrides]-?: string } = {
   analytics: DEFAULT_ANALYTICS_URL,
+  api: DEFAULT_API_URL,
   bridge: DEFAULT_BRIDGE_URL,
   bundler: DEFAULT_BUNDLER_URL,
   engineCloud: DEFAULT_ENGINE_CLOUD_URL,
@@ -78,6 +85,7 @@ let domains: { [k in keyof DomainOverrides]-?: string } = {
 export const setThirdwebDomains = (DomainOverrides: DomainOverrides) => {
   domains = {
     analytics: DomainOverrides.analytics ?? DEFAULT_ANALYTICS_URL,
+    api: DomainOverrides.api ?? DEFAULT_API_URL,
     bridge: DomainOverrides.bridge ?? DEFAULT_BRIDGE_URL,
     bundler: DomainOverrides.bundler ?? DEFAULT_BUNDLER_URL,
     engineCloud: DomainOverrides.engineCloud ?? DEFAULT_ENGINE_CLOUD_URL,
diff --git a/packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts b/packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts
@@ -1,115 +1,115 @@
 import type { ThirdwebClient } from "../../../../../client/client.js";
+import { getThirdwebBaseUrl } from "../../../../../utils/domains.js";
 import { stringify } from "../../../../../utils/json.js";
-import {
-  getLoginCallbackUrl,
-  getLoginUrl,
-} from "../../../core/authentication/getLoginPath.js";
+import { getLoginCallbackUrl } from "../../../core/authentication/getLoginPath.js";
 import type {
-  AuthStoredTokenWithCookieReturnType,
-  MultiStepAuthArgsType,
-  PreAuthArgsType,
+	AuthStoredTokenWithCookieReturnType,
+	MultiStepAuthArgsType,
+	PreAuthArgsType,
 } from "../../../core/authentication/types.js";
 import type { Ecosystem } from "../../../core/wallet/types.js";
 
 /**
  * @internal
  */
 export const sendOtp = async (args: PreAuthArgsType): Promise<void> => {
-  const { client, ecosystem } = args;
-  const url = getLoginUrl({ authOption: args.strategy, client, ecosystem });
-
-  const headers: Record<string, string> = {
-    "Content-Type": "application/json",
-    "x-client-id": client.clientId,
-  };
-
-  if (ecosystem?.id) {
-    headers["x-ecosystem-id"] = ecosystem.id;
-  }
-
-  if (ecosystem?.partnerId) {
-    headers["x-ecosystem-partner-id"] = ecosystem.partnerId;
-  }
-
-  const body = (() => {
-    switch (args.strategy) {
-      case "email":
-        return {
-          email: args.email,
-        };
-      case "phone":
-        return {
-          phone: args.phoneNumber,
-        };
-    }
-  })();
-
-  const response = await fetch(url, {
-    body: stringify(body),
-    headers,
-    method: "POST",
-  });
-
-  if (!response.ok) {
-    throw new Error("Failed to send verification code");
-  }
-
-  return await response.json();
+	const { client, ecosystem } = args;
+	const url = `${getThirdwebBaseUrl("api")}/v1/auth/initiate`;
+
+	const headers: Record<string, string> = {
+		"Content-Type": "application/json",
+		"x-client-id": client.clientId,
+	};
+
+	if (ecosystem?.id) {
+		headers["x-ecosystem-id"] = ecosystem.id;
+	}
+
+	if (ecosystem?.partnerId) {
+		headers["x-ecosystem-partner-id"] = ecosystem.partnerId;
+	}
+
+	const body = (() => {
+		switch (args.strategy) {
+			case "email":
+				return {
+					type: "email",
+					email: args.email,
+				};
+			case "phone":
+				return {
+					type: "phone",
+					phone: args.phoneNumber,
+				};
+		}
+	})();
+
+	const response = await fetch(url, {
+		body: stringify(body),
+		headers,
+		method: "POST",
+	});
+
+	if (!response.ok) {
+		throw new Error("Failed to send verification code");
+	}
+
+	return await response.json();
 };
 
 /**
  * @internal
  */
 export const verifyOtp = async (
-  args: MultiStepAuthArgsType & {
-    client: ThirdwebClient;
-    ecosystem?: Ecosystem;
-  },
+	args: MultiStepAuthArgsType & {
+		client: ThirdwebClient;
+		ecosystem?: Ecosystem;
+	},
 ): Promise<AuthStoredTokenWithCookieReturnType> => {
-  const { client, ecosystem } = args;
-  const url = getLoginCallbackUrl({
-    authOption: args.strategy,
-    client: args.client,
-    ecosystem: args.ecosystem,
-  });
-
-  const headers: Record<string, string> = {
-    "Content-Type": "application/json",
-    "x-client-id": client.clientId,
-  };
-
-  if (ecosystem?.id) {
-    headers["x-ecosystem-id"] = ecosystem.id;
-  }
-
-  if (ecosystem?.partnerId) {
-    headers["x-ecosystem-partner-id"] = ecosystem.partnerId;
-  }
-
-  const body = (() => {
-    switch (args.strategy) {
-      case "email":
-        return {
-          code: args.verificationCode,
-          email: args.email,
-        };
-      case "phone":
-        return {
-          code: args.verificationCode,
-          phone: args.phoneNumber,
-        };
-    }
-  })();
-
-  const response = await fetch(url, {
-    body: stringify(body),
-    headers,
-    method: "POST",
-  });
-
-  if (!response.ok) {
-    throw new Error("Failed to verify verification code");
-  }
-
-  return await response.json();
+	const { client, ecosystem } = args;
+	const url = getLoginCallbackUrl({
+		authOption: args.strategy,
+		client: args.client,
+		ecosystem: args.ecosystem,
+	});
+
+	const headers: Record<string, string> = {
+		"Content-Type": "application/json",
+		"x-client-id": client.clientId,
+	};
+
+	if (ecosystem?.id) {
+		headers["x-ecosystem-id"] = ecosystem.id;
+	}
+
+	if (ecosystem?.partnerId) {
+		headers["x-ecosystem-partner-id"] = ecosystem.partnerId;
+	}
+
+	const body = (() => {
+		switch (args.strategy) {
+			case "email":
+				return {
+					code: args.verificationCode,
+					email: args.email,
+				};
+			case "phone":
+				return {
+					code: args.verificationCode,
+					phone: args.phoneNumber,
+				};
+		}
+	})();
+
+	const response = await fetch(url, {
+		body: stringify(body),
+		headers,
+		method: "POST",
+	});
+
+	if (!response.ok) {
+		throw new Error("Failed to verify verification code");
+	}
+
+	return await response.json();
 };
