@artatol-acp/auth-nextjs 0.3.4 → 0.3.6

package/README.md

@@ -1,6 +1,6 @@
 # @artatol-acp/auth-nextjs
 
-Next.js SDK for Artatol Cloud Platform Authentication with support for App Router, Server Actions, and Middleware.
+Next.js SDK for Artatol Cloud Platform Authentication with support for App Router, Server Actions, Middleware, and automatic token refresh.
 
 ## Installation
 
@@ -568,6 +568,84 @@ const health = await client.health();
 console.log(health); // { status: 'ok', timestamp: '...' }
 ```
 
+## Automatic Token Refresh
+
+The Next.js SDK includes automatic token refresh functionality on the client side via the `ACPAuthProvider`.
+
+### How It Works
+
+1. When you use `ACPAuthProvider`, the SDK automatically manages access tokens
+2. After successful login, a background interval starts
+3. **Every 4 minutes**, the token is automatically refreshed (tokens expire after 5 minutes)
+4. If refresh fails, the user is automatically logged out
+5. The interval stops when the user logs out or the component unmounts
+
+### Client-Side Usage
+
+```typescript
+'use client';
+
+import { ACPAuthProvider } from '@artatol-acp/auth-nextjs/client';
+
+export default function RootLayout({ children }) {
+  return (
+    <html>
+      <body>
+        <ACPAuthProvider
+          baseUrl={process.env.NEXT_PUBLIC_ACP_AUTH_URL}
+        >
+          {children}
+        </ACPAuthProvider>
+      </body>
+    </html>
+  );
+}
+```
+
+The `ACPAuthProvider` internally creates an `ACPAuthClient` with auto-refresh enabled:
+- `autoRefresh: true` (enabled by default)
+- `refreshThresholdSeconds: 60` (refreshes 60 seconds before token expires)
+
+### Manual Token Management
+
+If you're using the client directly without the provider:
+
+```typescript
+import { ACPAuthClient } from '@artatol-acp/auth-js';
+
+const client = new ACPAuthClient({
+  baseUrl: 'https://sso.artatol.com',
+  apiKey: '',
+  autoRefresh: true,
+  refreshThresholdSeconds: 60
+});
+
+// After login, token is automatically managed
+const result = await client.login({ email: '...', password: '...' });
+
+// Subsequent calls automatically refresh if needed
+const user = await client.me(); // No manual token management required
+```
+
+### Server-Side Token Refresh
+
+For server-side token refresh, use the `refreshAccessToken()` function:
+
+```typescript
+'use server';
+
+import { refreshAccessToken } from '@artatol-acp/auth-nextjs/server';
+
+export async function refreshTokenAction() {
+  try {
+    await refreshAccessToken();
+    return { success: true };
+  } catch (error) {
+    return { success: false, error: 'Failed to refresh token' };
+  }
+}
+```
+
 ## Error Handling
 
 ```typescript

package/dist/client/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.tsx"],"names":[],"mappings":"AAGA,OAAO,EAAiB,KAAK,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAkD,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAEvF,MAAM,MAAM,mBAAmB,GAAG;IAChC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,kBAAkB,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACtD,CAAC;AAIF,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAgB,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,oBAAoB,2CA8C1E;AAED,wBAAgB,OAAO,IAAI,mBAAmB,CAM7C;AAGD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,mBAAmB,sBAAsB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.tsx"],"names":[],"mappings":"AAGA,OAAO,EAAiB,KAAK,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAkD,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAEvF,MAAM,MAAM,mBAAmB,GAAG;IAChC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,kBAAkB,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACtD,CAAC;AAIF,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAgB,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,oBAAoB,2CAoE1E;AAED,wBAAgB,OAAO,IAAI,mBAAmB,CAM7C;AAGD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,mBAAmB,sBAAsB,CAAC"}

package/dist/client/index.jsx

@@ -6,16 +6,22 @@ const ACPAuthContext = createContext(null);
 export function ACPAuthProvider({ children, baseUrl }) {
     const [user, setUser] = useState(null);
     const [isLoading, setIsLoading] = useState(true);
-    const [client] = useState(() => new ACPAuthClient({ baseUrl, apiKey: '' }));
+    const [client] = useState(() => new ACPAuthClient({
+        baseUrl,
+        apiKey: '',
+        autoRefresh: true,
+        refreshThresholdSeconds: 60
+    }));
     const refresh = async () => {
         try {
             await client.refresh();
-            // After refresh, we need to verify the new token
-            // This would require a server action or API route
-            // For now, we'll just mark as authenticated
+            // Fetch user data after successful refresh
+            const userData = await client.me();
+            setUser(userData);
         }
         catch (error) {
             setUser(null);
+            client.setAccessToken(null);
         }
     };
     const login = async (email, password) => {
@@ -23,7 +29,7 @@ export function ACPAuthProvider({ children, baseUrl }) {
         if ('requiresTwoFactor' in result) {
             throw new Error('2FA_REQUIRED');
         }
-        // User logged in successfully
+        // User logged in successfully, token is automatically set in client
         setUser(result.user);
     };
     const logout = async () => {
@@ -37,6 +43,20 @@ export function ACPAuthProvider({ children, baseUrl }) {
         // Try to restore session on mount
         refresh().finally(() => setIsLoading(false));
     }, []);
+    // Auto-refresh interval - refresh token every 4 minutes
+    useEffect(() => {
+        if (!user)
+            return;
+        const REFRESH_INTERVAL = 4 * 60 * 1000; // 4 minutes
+        const interval = setInterval(() => {
+            refresh().catch(() => {
+                // If refresh fails, user session is invalid
+                setUser(null);
+                client.setAccessToken(null);
+            });
+        }, REFRESH_INTERVAL);
+        return () => clearInterval(interval);
+    }, [user]);
     return (<ACPAuthContext.Provider value={{ user, isLoading, login, logout, refresh, resendVerification }}>
       {children}
     </ACPAuthContext.Provider>);

package/dist/client/index.jsx.map

@@ -1 +1 @@
-{"version":3,"file":"index.jsx","sourceRoot":"","sources":["../../src/client/index.tsx"],"names":[],"mappings":"AAAA,6BAA6B;AAC7B,YAAY,CAAC;AAEb,OAAO,EAAE,aAAa,EAAa,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAkB,MAAM,OAAO,CAAC;AAWvF,MAAM,cAAc,GAAG,aAAa,CAA6B,IAAI,CAAC,CAAC;AAOvE,MAAM,UAAU,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAwB;IACzE,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAc,IAAI,CAAC,CAAC;IACpD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,aAAa,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAE5E,MAAM,OAAO,GAAG,KAAK,IAAI,EAAE;QACzB,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;YACvB,iDAAiD;YACjD,kDAAkD;YAClD,4CAA4C;QAC9C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC;IACH,CAAC,CAAC;IAEF,MAAM,KAAK,GAAG,KAAK,EAAE,KAAa,EAAE,QAAgB,EAAE,EAAE;QACtD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;QAEvD,IAAI,mBAAmB,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC;QAED,8BAA8B;QAC9B,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,MAAM,MAAM,GAAG,KAAK,IAAI,EAAE;QACxB,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,IAAI,CAAC,CAAC;IAChB,CAAC,CAAC;IAEF,MAAM,kBAAkB,GAAG,KAAK,EAAE,KAAa,EAAE,EAAE;QACjD,MAAM,MAAM,CAAC,uBAAuB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IAClD,CAAC,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,kCAAkC;QAClC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;IAC/C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,OAAO,CACL,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAC9F;MAAA,CAAC,QAAQ,CACX;IAAA,EAAE,cAAc,CAAC,QAAQ,CAAC,CAC3B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,OAAO;IACrB,MAAM,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,kCAAkC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC"}
+{"version":3,"file":"index.jsx","sourceRoot":"","sources":["../../src/client/index.tsx"],"names":[],"mappings":"AAAA,6BAA6B;AAC7B,YAAY,CAAC;AAEb,OAAO,EAAE,aAAa,EAAa,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAkB,MAAM,OAAO,CAAC;AAWvF,MAAM,cAAc,GAAG,aAAa,CAA6B,IAAI,CAAC,CAAC;AAOvE,MAAM,UAAU,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAwB;IACzE,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAc,IAAI,CAAC,CAAC;IACpD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,aAAa,CAAC;QAChD,OAAO;QACP,MAAM,EAAE,EAAE;QACV,WAAW,EAAE,IAAI;QACjB,uBAAuB,EAAE,EAAE;KAC5B,CAAC,CAAC,CAAC;IAEJ,MAAM,OAAO,GAAG,KAAK,IAAI,EAAE;QACzB,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;YACvB,2CAA2C;YAC3C,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,EAAE,EAAE,CAAC;YACnC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACpB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC;YACd,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC;IAEF,MAAM,KAAK,GAAG,KAAK,EAAE,KAAa,EAAE,QAAgB,EAAE,EAAE;QACtD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;QAEvD,IAAI,mBAAmB,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC;QAED,oEAAoE;QACpE,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,MAAM,MAAM,GAAG,KAAK,IAAI,EAAE;QACxB,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,IAAI,CAAC,CAAC;IAChB,CAAC,CAAC;IAEF,MAAM,kBAAkB,GAAG,KAAK,EAAE,KAAa,EAAE,EAAE;QACjD,MAAM,MAAM,CAAC,uBAAuB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IAClD,CAAC,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,kCAAkC;QAClC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;IAC/C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,wDAAwD;IACxD,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,MAAM,gBAAgB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,YAAY;QACpD,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE;YAChC,OAAO,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE;gBACnB,4CAA4C;gBAC5C,OAAO,CAAC,IAAI,CAAC,CAAC;gBACd,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YAC9B,CAAC,CAAC,CAAC;QACL,CAAC,EAAE,gBAAgB,CAAC,CAAC;QAErB,OAAO,GAAG,EAAE,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAEX,OAAO,CACL,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAC9F;MAAA,CAAC,QAAQ,CACX;IAAA,EAAE,cAAc,CAAC,QAAQ,CAAC,CAC3B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,OAAO;IACrB,MAAM,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,kCAAkC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAGxD,MAAM,MAAM,wBAAwB,GAAG;IACrC,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAIF,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,wBAAwB,IAO/B,SAAS,WAAW,oCAuC7D"}
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAGxD,MAAM,MAAM,wBAAwB,GAAG;IACrC,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAIF,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,wBAAwB,IAO/B,SAAS,WAAW,oCAyD7D"}

package/dist/middleware.js

@@ -23,14 +23,30 @@ export function createACPAuthMiddleware(options) {
             if (!publicKey) {
                 publicKey = await importSPKI(jwtPublicKey, 'EdDSA');
             }
-            await jwtVerify(accessToken, publicKey, {
+            const { payload } = await jwtVerify(accessToken, publicKey, {
                 algorithms: ['EdDSA'],
             });
+            // Check if token is close to expiration (within 60 seconds)
+            const exp = payload.exp;
+            if (exp) {
+                const timeUntilExpiry = exp * 1000 - Date.now();
+                const refreshThreshold = 60 * 1000; // 60 seconds
+                if (timeUntilExpiry < refreshThreshold) {
+                    // Token is close to expiration, trigger refresh by redirecting to a refresh endpoint
+                    // This is a lightweight approach - the refresh will happen server-side
+                    const refreshToken = request.cookies.get('refresh_token')?.value;
+                    if (refreshToken) {
+                        // Note: In middleware, we can't directly make server calls easily
+                        // The best approach is to let the SDK handle this on the client side
+                        // or implement a refresh endpoint that middleware can call
+                        // For now, we'll let it pass and rely on client-side auto-refresh
+                    }
+                }
+            }
             return NextResponse.next();
         }
         catch (error) {
-            // Token invalid, try to refresh
-            // For now, redirect to login
+            // Token invalid or expired, redirect to login
             const url = request.nextUrl.clone();
             url.pathname = loginPath;
             url.searchParams.set('from', pathname);

package/dist/middleware.js.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAgB,MAAM,MAAM,CAAC;AAQ3D,IAAI,SAAS,GAAmB,IAAI,CAAC;AAErC,MAAM,UAAU,uBAAuB,CAAC,OAAiC;IACvE,MAAM,EACJ,YAAY,EACZ,WAAW,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,EAC5E,SAAS,GAAG,QAAQ,GACrB,GAAG,OAAO,CAAC;IAEZ,OAAO,KAAK,UAAU,iBAAiB,CAAC,OAAoB;QAC1D,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QAErC,qBAAqB;QACrB,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC1D,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAED,yBAAyB;QACzB,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC;QAE/D,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,oBAAoB;YACpB,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACpC,GAAG,CAAC,QAAQ,GAAG,SAAS,CAAC;YACzB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvC,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC;QAED,sBAAsB;QACtB,IAAI,CAAC;YACH,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,SAAS,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YACtD,CAAC;YAED,MAAM,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE;gBACtC,UAAU,EAAE,CAAC,OAAO,CAAC;aACtB,CAAC,CAAC;YAEH,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,gCAAgC;YAChC,6BAA6B;YAC7B,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACpC,GAAG,CAAC,QAAQ,GAAG,SAAS,CAAC;YACzB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvC,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAgB,MAAM,MAAM,CAAC;AAQ3D,IAAI,SAAS,GAAmB,IAAI,CAAC;AAErC,MAAM,UAAU,uBAAuB,CAAC,OAAiC;IACvE,MAAM,EACJ,YAAY,EACZ,WAAW,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,EAC5E,SAAS,GAAG,QAAQ,GACrB,GAAG,OAAO,CAAC;IAEZ,OAAO,KAAK,UAAU,iBAAiB,CAAC,OAAoB;QAC1D,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QAErC,qBAAqB;QACrB,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC1D,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAED,yBAAyB;QACzB,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC;QAE/D,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,oBAAoB;YACpB,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACpC,GAAG,CAAC,QAAQ,GAAG,SAAS,CAAC;YACzB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvC,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC;QAED,sBAAsB;QACtB,IAAI,CAAC;YACH,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,SAAS,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YACtD,CAAC;YAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE;gBAC1D,UAAU,EAAE,CAAC,OAAO,CAAC;aACtB,CAAC,CAAC;YAEH,4DAA4D;YAC5D,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;YACxB,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,eAAe,GAAG,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBAChD,MAAM,gBAAgB,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;gBAEjD,IAAI,eAAe,GAAG,gBAAgB,EAAE,CAAC;oBACvC,qFAAqF;oBACrF,uEAAuE;oBACvE,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,KAAK,CAAC;oBACjE,IAAI,YAAY,EAAE,CAAC;wBACjB,kEAAkE;wBAClE,qEAAqE;wBACrE,2DAA2D;wBAC3D,kEAAkE;oBACpE,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,8CAA8C;YAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACpC,GAAG,CAAC,QAAQ,GAAG,SAAS,CAAC;YACzB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvC,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@artatol-acp/auth-nextjs",
-  "version": "0.3.4",
+  "version": "0.3.6",
   "description": "Next.js SDK for Artatol Cloud Platform Authentication with support for App Router, Server Actions, and Middleware",
   "type": "module",
   "main": "./dist/index.js",
@@ -41,7 +41,7 @@
     "react": "^18.0.0 || ^19.0.0"
   },
   "dependencies": {
-    "@artatol-acp/auth-js": "^0.3.4",
+    "@artatol-acp/auth-js": "^0.3.6",
     "jose": "^5.9.6"
   },
   "devDependencies": {