Web3Auth · chaitanyapotti · Feb 25, 2026 · Feb 20, 2026 · Feb 24, 2026 · Feb 24, 2026
diff --git a/examples/vue-example/package-lock.json b/examples/vue-example/package-lock.json
diff --git a/examples/vue-example/src/App.vue b/examples/vue-example/src/App.vue
@@ -604,7 +604,7 @@ const openloginInstance = computed(() => {
     buildEnv: selectedBuildEnv.value,
     sdkUrl: customSdkUrl.value,
     mfaSettings: mfaSettings.value,
-    sessionTime: 3600,
+    sessionTime: 86400,
     includeUserDataInToken: includeUserDataInToken.value,
   });
   op.init();
@@ -798,7 +798,7 @@ const getEd25519Key = () => {
     throw new Error("Openlogin is not available.");
   }
   const { sk } = getED25519Key(privKey.value);
-  const base58Key = bs58.encode(sk);
+  const base58Key = bs58.encode(new Uint8Array(sk));
   printToConsole("ED25519 Key", base58Key);
 };
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/src/core/AuthProvider.ts b/src/core/AuthProvider.ts
@@ -1,9 +1,18 @@
 import { randomId } from "@toruslabs/customauth";
 
 import { AUTH_SERVICE_PRODUCTION_URL, IFRAME_MODAL_ID, JRPC_METHODS } from "../utils/constants";
-import { AuthSessionConfig, THEME_MODE_TYPE, THEME_MODES, WEB3AUTH_NETWORK_TYPE, WhiteLabelData } from "../utils/interfaces";
+import {
+  type AuthFlowResult,
+  AuthRequestPayload,
+  AuthTokenResponse,
+  THEME_MODE_TYPE,
+  THEME_MODES,
+  WEB3AUTH_NETWORK_TYPE,
+  WhiteLabelData,
+} from "../utils/interfaces";
 import { log } from "../utils/logger";
 import { htmlToElement } from "../utils/utils";
+import { isAuthFlowError } from "./utils";
 
 export async function preloadIframe() {
   try {
@@ -37,10 +46,12 @@ export class AuthProvider {
 
   public initialized: boolean = false;
 
-  private loginCallbackSuccess: ((value: { sessionId?: string; sessionNamespace?: string }) => void) | null = null;
+  private loginCallbackSuccess: ((value: AuthTokenResponse) => void) | null = null;
 
   private loginCallbackFailed: ((reason?: string) => void) | null = null;
 
+  private messageHandler: ((event: MessageEvent) => void) | null = null;
+
   private readonly embedNonce = randomId();
 
   constructor({ sdkUrl, whiteLabel }: { sdkUrl: string; whiteLabel: WhiteLabelData }) {
@@ -61,11 +72,16 @@ export class AuthProvider {
   }
 
   public cleanup() {
+    if (this.messageHandler) {
+      window.removeEventListener("message", this.messageHandler);
+      this.messageHandler = null;
+    }
     const iframe = authServiceIframeMap.get(this.embedNonce);
     if (iframe && iframe.parentNode) {
       iframe.parentNode.removeChild(iframe);
       authServiceIframeMap.delete(this.embedNonce);
     }
+    this.initialized = false;
   }
 
   async init({ network, clientId }: { network: WEB3AUTH_NETWORK_TYPE; clientId: string }): Promise<void> {
@@ -101,10 +117,10 @@ export class AuthProvider {
       try {
         window.document.body.appendChild(authServiceIframe);
 
-        const handleMessage = (event: MessageEvent) => {
+        this.messageHandler = (event: MessageEvent) => {
           if (event.origin !== this.targetOrigin) return;
           const { data } = event as {
-            data: { type: string; nonce: string; data: { sessionId?: string; sessionNamespace?: string; error?: string } };
+            data: { type: string; nonce: string; data: AuthFlowResult };
           };
           const { type, nonce } = data;
           // dont do anything if the nonce is not the same.
@@ -126,7 +142,7 @@ export class AuthProvider {
               resolve();
               break;
             case JRPC_METHODS.LOGIN_FAILED:
-              this.loginCallbackFailed?.(messageData?.error || "Login failed, reason: unknown");
+              this.loginCallbackFailed?.(isAuthFlowError(messageData) ? messageData.error : "Login failed, reason: unknown");
               break;
             case JRPC_METHODS.DISPLAY_IFRAME:
               this.getAuthServiceIframe().style.display = "block";
@@ -137,22 +153,22 @@ export class AuthProvider {
             case JRPC_METHODS.LOGIN_SUCCESS:
               log.info("LOGIN_SUCCESS", messageData);
               this.getAuthServiceIframe().style.display = "none";
-              if (messageData?.sessionId) this.loginCallbackSuccess?.(messageData);
+              if (messageData && !isAuthFlowError(messageData)) this.loginCallbackSuccess?.(messageData);
               break;
             default:
               log.warn(`Unknown message type: ${type}`);
               break;
           }
         };
 
-        window.addEventListener("message", handleMessage);
+        window.addEventListener("message", this.messageHandler);
       } catch (error) {
         reject(error);
       }
     });
   }
 
-  public postLoginInitiatedMessage(loginConfig: AuthSessionConfig, nonce?: string) {
+  public postLoginInitiatedMessage(loginConfig: AuthRequestPayload, nonce?: string) {
     if (!this.initialized) throw new Error("Iframe not initialized");
     this.getAuthServiceIframe().contentWindow?.postMessage(
       {
@@ -161,7 +177,7 @@ export class AuthProvider {
       },
       this.targetOrigin
     );
-    return new Promise<{ sessionId?: string; sessionNamespace?: string; error?: string }>((resolve, reject) => {
+    return new Promise<AuthTokenResponse>((resolve, reject) => {
       this.loginCallbackSuccess = resolve;
       this.loginCallbackFailed = reject;
     });