@akinon/next 2.0.0-beta.12 → 2.0.0-beta.13

package/CHANGELOG.md

@@ -1,78 +1,331 @@
 # @akinon/next
 
-## 2.0.0-beta.12
+## 2.0.0-beta.13
 
 ### Minor Changes
 
-- 1d79e32: ZERO-3540: Next.js Upgrade to 15.4.5
+- b12527ec: ZERO-4102: Add support for post-checkout redirect in middleware
+- a9f5cdb1: ZERO-4102: Fix post-checkout condition to additionally check for empty search parameters.
+- 01ee41f1: ZERO-4102: Implement a post-checkout flow by dynamically determining checkout paths and managing a pz-post-checkout-flow cookie.
 
-## 2.0.0-beta.11
+## 1.118.0
 
 ### Minor Changes
 
-- ac783d6: ZERO-3482: Update tailwindcss to version 4.1.11 and enhance button cursor styles
+- 729fe756: ZERO-3895: improve non-3D payment handling and error display
 
-## 2.0.0-beta.10
+## 1.117.0
+
+## 1.116.0
 
 ### Minor Changes
 
-- 2806320: ZERO-3390: Update version tailwindcss, autoprefixer, tailwind-merge, postcss
+- d7ec6b08: ZERO-3988: Add Google Pay option to plugin selection
+- 726491df: ZERO-3988: Add google pay integration
 
-## 2.0.0-beta.9
+## 1.115.0
 
 ### Minor Changes
 
-- 0fe7711: ZERO-3387: Upgrade nextjs, eslint-config-next
+- b59bed4d: ZERO-3878: Reintegrated similar products and removed localStorage checks and implemented props based showing of buttons
+- b5f9d75c: ZERO-3873: Refactor payment redirection middlewares to properly forward all set-cookie headers from upstream responses
+- cbcfdf4d: ZERO-3859: Haso payment gateway implmeneted
+- 71882722: ZERO-3897: Add compress option to default Next.js configuration
+- 7056203a: ZERO-3875: removed shared_tags through stripTags function for unused keys
 
-## 2.0.0-beta.8
+## 1.114.0
 
 ### Minor Changes
 
-- 071d0f5: ZERO-3352: Resolve Single item size exceeds maxSize error and upgrade dependencies
+- 65d3b862: ZERO-3054: Update headers in appFetch
+- 43c182ee: ZERO-3054: Update Redis variable checks to conditionally include CACHE_SECRET
+- eeb20bea: Revert "ZERO-3054: Refactor cache handler to use custom Redis handler and implement key hashing"
+- fdd255ee: ZERO-3054: Refactor cache handler to use custom Redis handler and implement key hashing
 
-## 2.0.0-beta.7
+## 1.113.0
 
-## 2.0.0-beta.6
+## 1.112.0
 
 ### Minor Changes
 
-- 8f05f9b: ZERO-3250: Beta branch synchronized with Main branch
+- 888fdec: ZERO-3792: Virtual Try On new features are implemented and also basket support implemented.
 
-## 2.0.0-beta.5
+## 1.111.0
 
 ### Minor Changes
 
-- e791eab: ZERO-3133: Add fallbackReducer for handling missing plugin reducers
+- c026300: ZERO-3833: fix masterpass rest conflicts
+- b47b9d8: ZERO-3414: create masterpass-rest package
+
+## 1.110.0
+
+### Minor Changes
 
-## 2.0.0-beta.4
+- fc752c9: ZERO-3795: Remove unnecessary redirection logic from payment middleware
+- 757af4a: ZERO-3783: Update image remote patterns for security compliance
 
-## 2.0.0-beta.3
+## 1.109.0
 
 ### Minor Changes
 
-- 5536b80: ZERO-3104: Add optional headers parameter
+- fcbbea79: ZERO-3648: Add virtual try-on feature with localization support
 
-## 2.0.0-beta.2
+## 1.108.0
 
 ### Minor Changes
 
-- a006015: ZERO-3116: Add not-found page and update default middleware.
-- 999168d: ZERO-3104: Remove local cache handler from CacheHandler initialization
-- 1eeb3d8: ZERO-3116: Add not found page
-- 86a5a62: ZERO-3104: Add optional headers parameter to data fetching functions
-- dd69cc6: ZERO-3079: Modularize pre-order middleware
+- d8883ce6: ZERO-3640: Refactor wallet completion handling to accept additional parameters; update related API calls
+- 59ed7a7e: ZERO-3640: Add order number state and update FlowPayment component for wallet payment response handling
+- 31a2d35a: ZERO-3640: Refactor checkout API call to include useFormData option; update FlowPayment component for improved error handling and code readability
+
+## 1.107.0
+
+### Minor Changes
+
+- 4ca44c78: ZERO-3634: add register_consumer_card
+- 28c7ea79: ZERO-3427: Refactor redirect utility to handle undefined URL and improve locale handling
+- b6e5b624: ZERO-3257: Enhance locale middleware to redirect using existing or default locale and support 303 status for POST requests
+- 5b500797: ZERO-3634: iyzico saved card
+
+## 1.106.0
+
+### Minor Changes
+
+- 9dc7298: ZERO-3416: Refactor Accordion component to enhance props and improve styling flexibility
+- 2d3f178: ZERO-3417: Enhance FileInput component with additional props for customization
+
+## 1.105.0
+
+### Minor Changes
+
+- c39c700: ZERO-3420: Refactor Modal component
+- d512ea2: ZERO-3656: update setLoyaltyData mutation to accept string type
+- 3b255fe: ZERO-3629 :edit warnings in build
+
+## 1.104.0
+
+### Minor Changes
+
+- 63774a6: ZERO-3351: Add commerce redirection ignore list functionality and related utility
+- a2fbee6: ZERO-3651: Fix correct is Iframe property in contextListMiddleware
+- 0de5573: ZERO-3418: Update remotePatterns hostname to allow all subdomains
+- 5ad87ff: ZERO-3646: Refactor form submission API to handle form data and improve error responses
+
+## 1.103.0
+
+## 1.102.0
+
+### Minor Changes
+
+- 6b949cb: ZERO-3615: Refactor product data handling and improve 404 error handling
+- 9a3885b: ZERO-3660: skip catch-all not_found route in generate route script
+
+## 1.101.0
+
+### Minor Changes
+
+- 4e863f7: ZERO-3654: add null check for resetMasterpassState in PaymentOptionResetMiddleware
+
+## 1.100.0
+
+### Minor Changes
+
+- e57cd93: ZERO-3460: prevent installment loop on payment method switch
+- 5f7edd6: ZERO-3571: Enhance Jest configuration by adding base directory resolution and module name mapping
+- b00a90b: ZERO-3436: Preserve query params on redirect
+- 26b2d0b: ZERO-3571: Remove test script execution from prebuild and simplify Jest module name mapping
+- c51de38: ZERO-3637: Add action creators and RTK Query API endpoints to Redux store
+- d1bb93a: ZERO-3460: fix installment request loop"
+
+## 1.99.0
+
+### Minor Changes
+
+- cf90355: ZERO-3586_2: Enhance caching functionality by adding support for compressed data storage and retrieval, along with a new method for setting multiple key-value pairs.
+- d58538b: ZERO-3638: Enhance RC pipeline: add fetch, merge, and pre-release setup with conditional commit
+- 95a4cd1: ZERO-3631: add automatic route generation
+
+## 1.98.0
+
+### Minor Changes
+
+- 67308f0: ZERO-3633: Revert IndexPage parameter from fetchCheckout request
+
+## 1.97.0
+
+### Minor Changes
+
+- 0014305: ZERO-3629 :edit warnings in build
+
+## 1.96.0
+
+### Minor Changes
+
+- af5c93a: ZERO-3617: Add pre-order middleware instruction file
+- a420947: ZERO-3517: Fix optional chaining for rawData in error logging for category data handlers
+
+## 1.95.0
+
+### Minor Changes
+
+- 35dfb8f: ZERO-3363: Refactor URL handling in checkout and redirection middlewares to use url.origin instead of process.env.NEXT_PUBLIC_URL
+- 99b6e7b: ZERO-3421: Enhance Sentry error handling by adding network error detection logic and refining initialization options
+- cbdb5c1: ZERO-3448: fix set cookie domain handling for subdomain locale strategy
+
+## 1.94.0
+
+### Minor Changes
+
+- 6e6b0a9: ZERO-3422: Add pz-flow-payment package
+- adf0eeb: ZERO-3597: Add copilot instruction files
+- c806fad: ZERO-3422: Add Flow Payment plugin to the defined plugins list
+- 0abde6b: ZERO-3422: Update fetch method to use dynamic request method in wallet complete redirection middleware
+- 72ad7bb: ZERO-3422: Add Flow Payment to the list of available plugins
+- e7cd3a5: ZERO-3435: Add Accept-Language to requestHeaders
+- 17bfadc: ZERO-3275: Disable OpenTelemetry monitoring in production environment
+- dfaceff: ZERO-3356: Add useLoyaltyAvailability hook and update checkout state management
+- 86642cf: ZERO-3531: Add saveSampleProducts endpoint and update URLs in checkout
+- 485e8ef: ZERO-3422: Refactor parameter handling in wallet complete redirection middleware to use forEach
+- b434ac8: ZERO-3545: Update fetchCheckout API URL to include page parameter
+- fee608d: ZERO-3422: Refactor body handling in wallet complete redirection middleware
+
+## 1.93.0
+
+### Minor Changes
+
+- 185396f: ZERO-3569: Refactor logging in cache handler to use console_log instead of logger
+- 0bdab12: ZERO-3569: Refactor cache handler to improve Redis connection management and logging
+- 3e4aadc: ZERO-3569: Fix import statement for logger in cache handler
+
+## 1.92.0
+
+## 1.91.0
+
+### Minor Changes
+
+- d8fad39: ZERO-3370: include plugins test to build stage
+- 2552486: ZERO-3391: Add subdomain support to setLocale function
+- f8e4cac: ZERO-3343: restrict root hostname to only locale subdomains
+- 832bee3: ZERO-3343: add domain to cookie for subdomain locale strategy
+- 28a59d4: ZERO-3400: refactor cookie domain logic using fallback host
+- 8feabe9: ZERO-3343: add custom NextAuth options support
+- bf354de: ZERO-3321: add babel compiler for akinon/next test
+- 448adef: ZERO-3321: move csp test to akinon-next
+- 6c3629c: ZERO-3321: fix jest tests in akinon-next for standalone projects
+- 6bc260b: ZERO-3295: update default tailwind content list
+- 943a239: ZERO-3370: add allowJs in akinon-next test tsconfig
+- 068dc39: ZERO-3343: update get-root-hostname logic
+- 942490f: ZERO-3295: move third party tailwind content list to akinon-next
+- b6d5bda: ZERO-3343: update changeset config
+- acf0320: ZERO-3321: remove babel config
+- 387356b: ZERO-3323: Refactor locale filtering logic in URL matcher regex
+- b2ee69b: ZERO-3321: delete unnecessary files
+- 0cabbda: ZERO-3370: replace inline monorepo check with reusable utility
+
+## 1.90.0
+
+### Minor Changes
+
+- e68e120: ZERO-3398: Add redirectUrlMiddleware to handle redirection based on checkout results
 
-## 2.0.0-beta.1
+## 1.89.0
+
+## 1.88.0
+
+### Minor Changes
+
+- c4f0568: ZERO-3293: Remove unnecessary pretty URL route check in Cache class method
+- f3dcb1e: ZERO-3337 :Add support for cash register hook in middleware routing
+- 8154859: ZERO-3337 :Add support for cash register pre-order hook in middleware
+
+## 1.87.0
+
+## 1.86.0
 
 ### Minor Changes
 
-- ZERO-3091: Upgrade Next.js to v15 and React to v19
+- 6fc8ac5: ZERO-3229: Implement mini basket query for basket total quantity
+- ef75c03: ZERO-3267: Update error-page component to use ROUTES for link navigation
+- e4761d2: Refactor import statement for ROUTES in error-page component
+- e2c6d42: ZERO-2935: Add @sentry/nextjs dependency to akinon-next and remove from projectzeronext
+- 4d3deb4: ZERO-2935: sentry 8 upgrade
+- c3f8d4a: ZERO-3274: Adjust button styles
+- 9abd011: ZERO-3267: Refactor error handling in ErrorPage component to set error details in Sentry scope
+- c3b2f3f: ZERO-3267: Enable sentry client errors and filter them by log type
+- 70bc0ae: ZERO-3284: Set tracesSampleRate in Sentry configuration
+- ac65ca9: ZERO-3269: Enhance locale handling by adding Subdomain strategy and updating related functions
+- 0cb3ec0: ZERO-3281: Remove prebuild tests script from pz-prebuild
+- 2d305aa: ZERO-2935: Update Sentry configuration: remove hideSourceMaps option and add it to withPzConfig
+- 2f3588f: ZERO-3287: Add user session handling in authentication flow
+- e5529cd: ZERO-3267: Update error-page component to use root path for links instead of ROUTES
 
-## 2.0.0-beta.0
+## 1.85.0
+
+### Minor Changes
 
-### Major Changes
+- 4167dcd: ZERO-3253: Update Content-Security-Policy to include akinoncloud.com
+- 0b1bd07: ZERO-3240: Remove unused preOrderMiddleware
 
-- be6c09d: ZERO-3114: Create beta version.
+## 1.84.0
+
+### Minor Changes
+
+- 757ee53: ZERO-3207: Add SMS send & verify endpoints with state management
+- c0c1962: ZERO-3258: Add new API endpoints for fetching Bukalemun image URL and bundle product data
+- 0e05135: ZERO-3244: Encode URL search parameters
+
+## 1.83.0
+
+## 1.82.0
+
+### Minor Changes
+
+- 2e0b7ff: ZERO-3226: Refactor checkoutApi to simplify request body structure by removing device_info parameter
+- 778aabf: ZERO-3163: Add frontend ID header to authentication requests and forgot password mutation
+- c0fef07: ZERO-3197: Refetch payment options after loyalty usage
+- 2d2ab44: ZERO-3226: Add device_info param to WalletPaymentPage request
+- 0200d56: ZERO-3163: Add frontendIds property to Settings interface
+- 7d1b5af: ZERO-3206: Encode search parameters in product data URL
+- aa05ed7: ZERO-3170: Add commerceRedirectionIgnoreList to settings and update URL redirection middleware
+
+## 1.81.0
+
+### Minor Changes
+
+- fd4b74e: ZERO-3126: add reset checkout state query
+- 4cc22c7: ZERO-3125: replace X-Frame-Options with CSP frame-ancestors
+- 6a0a080: ZERO-3112: Update button
+
+## 1.80.0
+
+### Minor Changes
+
+- 7ab9e2f: ZERO-3166: add tamara payment package
+
+## 1.79.0
+
+### Minor Changes
+
+- 59fa21c: ZERO-3149: Add name-based mechanism for Redux middleware override
+
+## 1.78.0
+
+### Minor Changes
+
+- e791eab: ZERO-3133: Add fallbackReducer for handling missing plugin reducers
+
+## 1.77.0
+
+### Minor Changes
+
+- 999168d: ZERO-3104: Remove local cache handler from CacheHandler initialization
+- 86a5a62: ZERO-3104: Add optional headers parameter to data fetching functions
+
+## 1.76.0
+
+### Minor Changes
+
+- dd69cc6: ZERO-3079: Modularize pre-order middleware
 
 ## 1.75.0
 

package/api/auth.ts

@@ -1,6 +1,5 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import NextAuth, { Session, NextAuthOptions } from 'next-auth';
-import CredentialProvider from 'next-auth/providers/credentials';
+import NextAuth, { Session, CredentialsSignin } from 'next-auth';
+import Credentials from 'next-auth/providers/credentials';
 import { ROUTES } from 'routes';
 import { URLS, user } from '../data/urls';
 import Settings from 'settings';
@@ -9,9 +8,20 @@ import logger from '@akinon/next/utils/log';
 import { AuthError } from '../types';
 import getRootHostname from '../utils/get-root-hostname';
 import { LocaleUrlStrategy } from '../localization';
+import { cookies, headers } from 'next/headers';
+
+import type { NextAuthConfig } from 'next-auth';
+
+class PzCredentialsError extends CredentialsSignin {
+  code = 'credentials';
+  constructor(errors: AuthError[]) {
+    super();
+    this.code = JSON.stringify(errors);
+  }
+}
 
 async function getCurrentUser(sessionId: string, currency = '') {
-  const headers = {
+  const reqHeaders = {
     'Content-Type': 'application/json',
     Cookie: `osessionid=${sessionId}`,
     'x-currency': currency
@@ -19,7 +29,7 @@ async function getCurrentUser(sessionId: string, currency = '') {
 
   const currentUser = await (
     await fetch(URLS.user.currentUser, {
-      headers
+      headers: reqHeaders
     })
   ).json();
 
@@ -42,23 +52,18 @@ async function getCurrentUser(sessionId: string, currency = '') {
   };
 }
 
-type CustomNextAuthOptions = (
-  req: NextApiRequest,
-  res: NextApiResponse
-) => Partial<NextAuthOptions>;
+type CustomNextAuthOptions = () => Partial<NextAuthConfig>;
 
-const defaultNextAuthOptions = (
-  req: NextApiRequest,
-  res: NextApiResponse
-): NextAuthOptions => {
+const getDefaultAuthConfig = (): NextAuthConfig => {
   return {
     providers: [
-      CredentialProvider({
+      Credentials({
         id: 'oauth',
         name: 'credentials',
         credentials: {},
         authorize: async (credentials) => {
-          const sessionId = req.cookies['osessionid'];
+          const cookieStore = await cookies();
+          const sessionId = cookieStore.get('osessionid')?.value;
 
           if (!sessionId) {
             return null;
@@ -66,12 +71,12 @@ const defaultNextAuthOptions = (
 
           const currentUser = await getCurrentUser(
             sessionId,
-            req.cookies['pz-currency'] ?? ''
+            cookieStore.get('pz-currency')?.value ?? ''
           );
           return currentUser;
         }
       }),
-      CredentialProvider({
+      Credentials({
         id: 'default',
         name: 'credentials',
         credentials: {
@@ -86,49 +91,58 @@ const defaultNextAuthOptions = (
           captchaValidated: {}
         },
         authorize: async (credentials) => {
-          const headers: HeadersInit = new Headers();
+          const cookieStore = await cookies();
+          const headerStore = await headers();
+
+          const reqHeaders: HeadersInit = new Headers();
           const language = Settings.localization.locales.find(
-            (item) => item.value === credentials.locale
+            (item) => item.value === (credentials as any).locale
           ).apiValue;
-          const userIp = req.headers['x-forwarded-for']?.toString() ?? '';
-
-          headers.set('Content-Type', 'application/json');
-          headers.set('cookie', `${req.headers.cookie}`);
-          headers.set('Accept-Language', `${language}`);
-          headers.set('x-currency', req.cookies['pz-currency'] ?? '');
-          headers.set('x-forwarded-for', userIp);
-          headers.set(
+          const userIp = headerStore.get('x-forwarded-for') ?? '';
+
+          reqHeaders.set('Content-Type', 'application/json');
+          reqHeaders.set('cookie', headerStore.get('cookie') ?? '');
+          reqHeaders.set('Accept-Language', `${language}`);
+          reqHeaders.set(
+            'x-currency',
+            cookieStore.get('pz-currency')?.value ?? ''
+          );
+          reqHeaders.set('x-forwarded-for', userIp);
+          reqHeaders.set(
             'x-app-device',
-            req.headers['x-app-device']?.toString() ?? ''
+            headerStore.get('x-app-device') ?? ''
           );
 
-          headers.set('x-frontend-id', req.cookies['pz-frontend-id'] || '');
+          reqHeaders.set(
+            'x-frontend-id',
+            cookieStore.get('pz-frontend-id')?.value || ''
+          );
 
           logger.debug('Trying to login/register', {
-            formType: credentials.formType,
+            formType: (credentials as any).formType,
             userIp
           });
 
           const checkCurrentUser = await getCurrentUser(
-            req.cookies['osessionid'] ?? '',
-            req.cookies['pz-currency'] ?? ''
+            cookieStore.get('osessionid')?.value ?? '',
+            cookieStore.get('pz-currency')?.value ?? ''
           );
 
           if (checkCurrentUser?.pk) {
-            const sessionCookie = headers
+            const sessionCookie = reqHeaders
               .get('cookie')
               ?.match(/osessionid=\w+/)?.[0]
               .replace(/osessionid=/, '');
             if (sessionCookie) {
-              headers.set('cookie', sessionCookie);
+              reqHeaders.set('cookie', sessionCookie);
             }
           }
 
           const apiRequest = await fetch(
-            `${Settings.commerceUrl}${user[credentials.formType]}`,
+            `${Settings.commerceUrl}${user[(credentials as any).formType]}`,
             {
               method: 'POST',
-              headers,
+              headers: reqHeaders,
               body: JSON.stringify(credentials)
             }
           );
@@ -163,21 +177,25 @@ const defaultNextAuthOptions = (
             const { localeUrlStrategy } = Settings.localization;
 
             const fallbackHost =
-              req.headers['x-forwarded-host']?.toString() ||
-              req.headers.host?.toString();
+              headerStore.get('x-forwarded-host') ||
+              headerStore.get('host');
             const hostname =
               process.env.NEXT_PUBLIC_URL || `https://${fallbackHost}`;
             const rootHostname =
               localeUrlStrategy === LocaleUrlStrategy.Subdomain
                 ? getRootHostname(hostname)
                 : null;
-            const domainOption = rootHostname ? `Domain=${rootHostname};` : '';
-            const cookieOptions = `Path=/; HttpOnly; Secure; Max-Age=${maxAge}; ${domainOption}`;
 
-            res.setHeader('Set-Cookie', [
-              `osessionid=${sessionId}; ${cookieOptions}`,
-              `sessionid=${sessionId}; ${cookieOptions}` // required to get 3D redirection form
-            ]);
+            const cookieOptions = {
+              path: '/',
+              httpOnly: true,
+              secure: true,
+              maxAge,
+              ...(rootHostname ? { domain: rootHostname } : {})
+            };
+
+            cookieStore.set('osessionid', sessionId, cookieOptions);
+            cookieStore.set('sessionid', sessionId, cookieOptions);
           }
 
           if (!response.key) {
@@ -198,8 +216,8 @@ const defaultNextAuthOptions = (
               });
 
               logger.debug('Captcha required', {
-                email: credentials.email,
-                formType: credentials.formType
+                email: (credentials as any).email,
+                formType: (credentials as any).formType
               });
             } else if (apiRequest.status === 202) {
               errors.push({
@@ -218,13 +236,13 @@ const defaultNextAuthOptions = (
             }
 
             if (errors.length) {
-              throw new Error(JSON.stringify(errors));
+              throw new PzCredentialsError(errors);
             }
           }
 
           const currentUser = await getCurrentUser(
             sessionId,
-            req.cookies['pz-currency'] ?? ''
+            cookieStore.get('pz-currency')?.value ?? ''
           );
           return currentUser;
         }
@@ -238,18 +256,20 @@ const defaultNextAuthOptions = (
 
         return token;
       },
-      async session({ session, user, token }) {
-        session.user = token.user as Session['user'];
+      async session({ session, token }) {
+        session.user = token.user as any;
         return session;
       },
       async redirect({ url, baseUrl }: { url: string; baseUrl: string }) {
+        const headerStore = await headers();
         const pathname = url.startsWith('/') ? url : url.replace(baseUrl, '');
         const pathnameWithoutLocale = pathname.replace(
           urlLocaleMatcherRegex,
           ''
         );
 
-        const localeResults = req.headers.referer
+        const localeResults = headerStore
+          .get('referer')
           ?.replace(baseUrl, '')
           ?.match(urlLocaleMatcherRegex);
 
@@ -260,11 +280,16 @@ const defaultNextAuthOptions = (
       signIn: () => {
         logger.debug('Successfully signed in');
       },
-      signOut: () => {
-        res.setHeader('Set-Cookie', [
-          `osessionid=; Path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT`,
-          `sessionid=; Path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT`
-        ]);
+      signOut: async () => {
+        const cookieStore = await cookies();
+        cookieStore.set('osessionid', '', {
+          path: '/',
+          maxAge: 0
+        });
+        cookieStore.set('sessionid', '', {
+          path: '/',
+          maxAge: 0
+        });
         logger.debug('Successfully signed out');
       }
     },
@@ -275,36 +300,33 @@ const defaultNextAuthOptions = (
   };
 };
 
-const Auth = (
-  req: NextApiRequest,
-  res: NextApiResponse,
-  customOptions?: CustomNextAuthOptions
-) => {
-  const baseOptions = defaultNextAuthOptions(req, res);
-  const customOptionsResult = customOptions ? customOptions(req, res) : {};
-
-  const mergedOptions = {
-    ...baseOptions,
-    ...customOptionsResult,
+export const createAuth = (customOptions?: CustomNextAuthOptions) => {
+  const baseConfig = getDefaultAuthConfig();
+  const customConfig = customOptions ? customOptions() : {};
+
+  const mergedConfig: NextAuthConfig = {
+    trustHost: true,
+    ...baseConfig,
+    ...customConfig,
     providers: [
-      ...baseOptions.providers,
-      ...(customOptionsResult.providers || [])
+      ...baseConfig.providers,
+      ...(customConfig.providers || [])
     ],
     callbacks: {
-      ...baseOptions.callbacks,
-      ...customOptionsResult.callbacks
+      ...baseConfig.callbacks,
+      ...customConfig.callbacks
     },
     events: {
-      ...baseOptions.events,
-      ...customOptionsResult.events
+      ...baseConfig.events,
+      ...customConfig.events
     },
     pages: {
-      ...baseOptions.pages,
-      ...customOptionsResult.pages
+      ...baseConfig.pages,
+      ...customConfig.pages
     }
   };
 
-  return NextAuth(req, res, mergedOptions);
+  return NextAuth(mergedConfig);
 };
 
-export default Auth;
+export default createAuth;