@auditauth/next 0.2.0-beta.5 → 0.2.0-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/facade/createAuditAuth.d.cts +5 -5
  2. package/dist/facade/createAuditAuth.d.ts +5 -5
  3. package/dist/guard.cjs +41 -16
  4. package/dist/guard.d.cts +6 -2
  5. package/dist/guard.d.ts +6 -2
  6. package/dist/guard.js +42 -17
  7. package/dist/index.d.cts +1 -0
  8. package/dist/index.d.ts +1 -0
  9. package/dist/sdk.cjs +43 -9
  10. package/dist/sdk.d.cts +6 -5
  11. package/dist/sdk.d.ts +6 -5
  12. package/dist/sdk.js +45 -10
  13. package/package.json +3 -3
package/dist/facade/createAuditAuth.d.cts CHANGED
@@ -1,28 +1,28 @@
1
- import { NextRequest, NextResponse } from 'next/server.js';
1
+ import { NextResponse } from 'next/server.js';
2
2
  import { SessionUser, AuditAuthConfig } from '@auditauth/core';
3
3
  import { AuditAuthTokenPayload } from '@auditauth/node';
4
4
 
5
5
  type AuditAuthNextFacade = {
6
6
  handlers: {
7
- GET: (req: NextRequest, ctx: {
7
+ GET: (req: Request, ctx: {
8
8
  params: Promise<{
9
9
  auditauth: string[];
10
10
  }>;
11
11
  }) => Promise<Response>;
12
- POST: (req: NextRequest, ctx: {
12
+ POST: (req: Request, ctx: {
13
13
  params: Promise<{
14
14
  auditauth: string[];
15
15
  }>;
16
16
  }) => Promise<Response>;
17
17
  };
18
- middleware: (req: NextRequest) => Promise<NextResponse>;
18
+ middleware: (req: Request) => Promise<NextResponse>;
19
19
  getSession: () => Promise<SessionUser | null>;
20
20
  hasSession: () => Promise<boolean>;
21
21
  fetch: (url: string, init?: RequestInit) => Promise<Response>;
22
22
  getLoginUrl: () => URL;
23
23
  getLogoutUrl: () => URL;
24
24
  getPortalUrl: () => URL;
25
- withAuthRequest: <C>(handler: (req: NextRequest, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>) => (req: NextRequest, ctx: C) => Promise<Response>;
25
+ withAuthRequest: <C, R extends Request = Request>(handler: (req: R, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>) => (req: R, ctx: C) => Promise<Response>;
26
26
  };
27
27
  declare function createAuditAuthNext(config: AuditAuthConfig): AuditAuthNextFacade;
28
28
 
package/dist/facade/createAuditAuth.d.ts CHANGED
@@ -1,28 +1,28 @@
1
- import { NextRequest, NextResponse } from 'next/server.js';
1
+ import { NextResponse } from 'next/server.js';
2
2
  import { SessionUser, AuditAuthConfig } from '@auditauth/core';
3
3
  import { AuditAuthTokenPayload } from '@auditauth/node';
4
4
 
5
5
  type AuditAuthNextFacade = {
6
6
  handlers: {
7
- GET: (req: NextRequest, ctx: {
7
+ GET: (req: Request, ctx: {
8
8
  params: Promise<{
9
9
  auditauth: string[];
10
10
  }>;
11
11
  }) => Promise<Response>;
12
- POST: (req: NextRequest, ctx: {
12
+ POST: (req: Request, ctx: {
13
13
  params: Promise<{
14
14
  auditauth: string[];
15
15
  }>;
16
16
  }) => Promise<Response>;
17
17
  };
18
- middleware: (req: NextRequest) => Promise<NextResponse>;
18
+ middleware: (req: Request) => Promise<NextResponse>;
19
19
  getSession: () => Promise<SessionUser | null>;
20
20
  hasSession: () => Promise<boolean>;
21
21
  fetch: (url: string, init?: RequestInit) => Promise<Response>;
22
22
  getLoginUrl: () => URL;
23
23
  getLogoutUrl: () => URL;
24
24
  getPortalUrl: () => URL;
25
- withAuthRequest: <C>(handler: (req: NextRequest, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>) => (req: NextRequest, ctx: C) => Promise<Response>;
25
+ withAuthRequest: <C, R extends Request = Request>(handler: (req: R, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>) => (req: R, ctx: C) => Promise<Response>;
26
26
  };
27
27
  declare function createAuditAuthNext(config: AuditAuthConfig): AuditAuthNextFacade;
28
28
 
package/dist/guard.cjs CHANGED
@@ -25,47 +25,72 @@ __export(guard_exports, {
25
25
  module.exports = __toCommonJS(guard_exports);
26
26
  var import_jsx_runtime = require("react/jsx-runtime");
27
27
  var import_react = require("react");
28
+ var import_navigation = require("next/navigation");
28
29
  var import_settings = require("./settings.cjs");
29
30
  const AuthContext = (0, import_react.createContext)(null);
30
31
  const useAuditAuth = () => {
31
32
  const ctx = (0, import_react.useContext)(AuthContext);
32
33
  if (!ctx) {
33
- throw new Error("useAuditAuth must be used within AuditAuthProvider");
34
+ throw new Error("useAuditAuth must be used within AuditAuthGuard");
34
35
  }
35
36
  return ctx;
36
37
  };
37
- const AuditAuthGuard = (props) => {
38
- const [user, setUser] = (0, import_react.useState)({});
38
+ const defaultFallback = /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { children: "Verificando sesion..." });
39
+ const AuditAuthGuard = ({
40
+ children,
41
+ fallback,
42
+ unauthenticatedFallback,
43
+ mode = "redirect"
44
+ }) => {
45
+ const router = (0, import_navigation.useRouter)();
46
+ const [state, setState] = (0, import_react.useState)({
47
+ status: "loading",
48
+ user: null
49
+ });
39
50
  (0, import_react.useEffect)(() => {
40
- let cancelled = false;
51
+ const controller = new AbortController();
41
52
  const checkSession = async () => {
42
53
  try {
43
54
  const response = await fetch(import_settings.SETTINGS.bff.paths.session, {
44
55
  credentials: "include",
45
- cache: "no-store"
56
+ cache: "no-store",
57
+ signal: controller.signal
46
58
  });
47
- if (cancelled) return;
48
59
  if (!response.ok) {
49
- window.location.href = import_settings.SETTINGS.bff.paths.login;
60
+ setState({ status: "unauthenticated", user: null });
61
+ if (mode === "redirect") router.replace(import_settings.SETTINGS.bff.paths.login);
50
62
  return;
51
63
  }
52
64
  const data = await response.json();
53
- setUser(data.user);
65
+ if (!data?.user || typeof data.user !== "object") {
66
+ setState({ status: "unauthenticated", user: null });
67
+ if (mode === "redirect") router.replace(import_settings.SETTINGS.bff.paths.login);
68
+ return;
69
+ }
70
+ setState({ status: "authenticated", user: data.user });
54
71
  } catch {
55
- window.location.href = import_settings.SETTINGS.bff.paths.login;
72
+ if (controller.signal.aborted) return;
73
+ setState({ status: "unauthenticated", user: null });
74
+ if (mode === "redirect") router.replace(import_settings.SETTINGS.bff.paths.login);
56
75
  return;
57
76
  }
58
77
  };
59
78
  checkSession();
60
79
  return () => {
61
- cancelled = true;
80
+ controller.abort();
62
81
  };
63
- }, []);
64
- const value = (0, import_react.useMemo)(() => ({
65
- user
66
- }), [user]);
67
- if (!user.name) return null;
68
- return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(AuthContext.Provider, { value, children: props.children });
82
+ }, [mode, router]);
83
+ const value = (0, import_react.useMemo)(() => {
84
+ if (state.status !== "authenticated") return null;
85
+ return { user: state.user };
86
+ }, [state]);
87
+ if (!value) {
88
+ if (state.status === "unauthenticated") {
89
+ return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children: unauthenticatedFallback ?? fallback ?? defaultFallback });
90
+ }
91
+ return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children: fallback ?? defaultFallback });
92
+ }
93
+ return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(AuthContext.Provider, { value, children });
69
94
  };
70
95
  // Annotate the CommonJS export names for ESM import in node:
71
96
  0 && (module.exports = {
package/dist/guard.d.cts CHANGED
@@ -1,4 +1,5 @@
1
1
  import * as react_jsx_runtime from 'react/jsx-runtime';
2
+ import { ReactNode } from 'react';
2
3
  import { SessionUser } from '@auditauth/core';
3
4
 
4
5
  type AuthContextValue = {
@@ -6,8 +7,11 @@ type AuthContextValue = {
6
7
  };
7
8
  declare const useAuditAuth: () => AuthContextValue;
8
9
  type AuditAuthGuardProps = {
9
- children: React.ReactNode;
10
+ children: ReactNode;
11
+ fallback?: ReactNode;
12
+ unauthenticatedFallback?: ReactNode;
13
+ mode?: 'redirect' | 'fallback';
10
14
  };
11
- declare const AuditAuthGuard: (props: AuditAuthGuardProps) => react_jsx_runtime.JSX.Element | null;
15
+ declare const AuditAuthGuard: ({ children, fallback, unauthenticatedFallback, mode, }: AuditAuthGuardProps) => react_jsx_runtime.JSX.Element;
12
16
 
13
17
  export { AuditAuthGuard, useAuditAuth };
package/dist/guard.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import * as react_jsx_runtime from 'react/jsx-runtime';
2
+ import { ReactNode } from 'react';
2
3
  import { SessionUser } from '@auditauth/core';
3
4
 
4
5
  type AuthContextValue = {
@@ -6,8 +7,11 @@ type AuthContextValue = {
6
7
  };
7
8
  declare const useAuditAuth: () => AuthContextValue;
8
9
  type AuditAuthGuardProps = {
9
- children: React.ReactNode;
10
+ children: ReactNode;
11
+ fallback?: ReactNode;
12
+ unauthenticatedFallback?: ReactNode;
13
+ mode?: 'redirect' | 'fallback';
10
14
  };
11
- declare const AuditAuthGuard: (props: AuditAuthGuardProps) => react_jsx_runtime.JSX.Element | null;
15
+ declare const AuditAuthGuard: ({ children, fallback, unauthenticatedFallback, mode, }: AuditAuthGuardProps) => react_jsx_runtime.JSX.Element;
12
16
 
13
17
  export { AuditAuthGuard, useAuditAuth };
package/dist/guard.js CHANGED
@@ -1,47 +1,72 @@
1
1
  "use client";
2
- import { jsx } from "react/jsx-runtime";
2
+ import { Fragment, jsx } from "react/jsx-runtime";
3
3
  import { createContext, useContext, useEffect, useMemo, useState } from "react";
4
+ import { useRouter } from "next/navigation";
4
5
  import { SETTINGS } from "./settings.js";
5
6
  const AuthContext = createContext(null);
6
7
  const useAuditAuth = () => {
7
8
  const ctx = useContext(AuthContext);
8
9
  if (!ctx) {
9
- throw new Error("useAuditAuth must be used within AuditAuthProvider");
10
+ throw new Error("useAuditAuth must be used within AuditAuthGuard");
10
11
  }
11
12
  return ctx;
12
13
  };
13
- const AuditAuthGuard = (props) => {
14
- const [user, setUser] = useState({});
14
+ const defaultFallback = /* @__PURE__ */ jsx("div", { children: "Verificando sesion..." });
15
+ const AuditAuthGuard = ({
16
+ children,
17
+ fallback,
18
+ unauthenticatedFallback,
19
+ mode = "redirect"
20
+ }) => {
21
+ const router = useRouter();
22
+ const [state, setState] = useState({
23
+ status: "loading",
24
+ user: null
25
+ });
15
26
  useEffect(() => {
16
- let cancelled = false;
27
+ const controller = new AbortController();
17
28
  const checkSession = async () => {
18
29
  try {
19
30
  const response = await fetch(SETTINGS.bff.paths.session, {
20
31
  credentials: "include",
21
- cache: "no-store"
32
+ cache: "no-store",
33
+ signal: controller.signal
22
34
  });
23
- if (cancelled) return;
24
35
  if (!response.ok) {
25
- window.location.href = SETTINGS.bff.paths.login;
36
+ setState({ status: "unauthenticated", user: null });
37
+ if (mode === "redirect") router.replace(SETTINGS.bff.paths.login);
26
38
  return;
27
39
  }
28
40
  const data = await response.json();
29
- setUser(data.user);
41
+ if (!data?.user || typeof data.user !== "object") {
42
+ setState({ status: "unauthenticated", user: null });
43
+ if (mode === "redirect") router.replace(SETTINGS.bff.paths.login);
44
+ return;
45
+ }
46
+ setState({ status: "authenticated", user: data.user });
30
47
  } catch {
31
- window.location.href = SETTINGS.bff.paths.login;
48
+ if (controller.signal.aborted) return;
49
+ setState({ status: "unauthenticated", user: null });
50
+ if (mode === "redirect") router.replace(SETTINGS.bff.paths.login);
32
51
  return;
33
52
  }
34
53
  };
35
54
  checkSession();
36
55
  return () => {
37
- cancelled = true;
56
+ controller.abort();
38
57
  };
39
- }, []);
40
- const value = useMemo(() => ({
41
- user
42
- }), [user]);
43
- if (!user.name) return null;
44
- return /* @__PURE__ */ jsx(AuthContext.Provider, { value, children: props.children });
58
+ }, [mode, router]);
59
+ const value = useMemo(() => {
60
+ if (state.status !== "authenticated") return null;
61
+ return { user: state.user };
62
+ }, [state]);
63
+ if (!value) {
64
+ if (state.status === "unauthenticated") {
65
+ return /* @__PURE__ */ jsx(Fragment, { children: unauthenticatedFallback ?? fallback ?? defaultFallback });
66
+ }
67
+ return /* @__PURE__ */ jsx(Fragment, { children: fallback ?? defaultFallback });
68
+ }
69
+ return /* @__PURE__ */ jsx(AuthContext.Provider, { value, children });
45
70
  };
46
71
  export {
47
72
  AuditAuthGuard,
package/dist/index.d.cts CHANGED
@@ -8,3 +8,4 @@ import 'next/server.js';
8
8
  import '@auditauth/core';
9
9
  import '@auditauth/node';
10
10
  import 'react/jsx-runtime';
11
+ import 'react';
package/dist/index.d.ts CHANGED
@@ -8,3 +8,4 @@ import 'next/server.js';
8
8
  import '@auditauth/core';
9
9
  import '@auditauth/node';
10
10
  import 'react/jsx-runtime';
11
+ import 'react';
package/dist/sdk.cjs CHANGED
@@ -257,7 +257,7 @@ class AuditAuthNext {
257
257
  }
258
258
  async middleware(request) {
259
259
  const { access, refresh } = this.getCookieTokens();
260
- const url = request.nextUrl;
260
+ const url = new URL(request.url);
261
261
  if (access && refresh) {
262
262
  const sid = this.cookies.get(import_settings.SETTINGS.storage_keys.session_id);
263
263
  if (!sid) {
@@ -294,19 +294,31 @@ class AuditAuthNext {
294
294
  return {
295
295
  GET: async (req, ctx) => {
296
296
  const action = (await ctx.params).auditauth[0];
297
- const redirectUrl = req.nextUrl.searchParams.get("redirectUrl");
297
+ const redirectUrl = new URL(req.url).searchParams.get("redirectUrl");
298
298
  switch (action) {
299
299
  case "login":
300
300
  {
301
- const url = await (0, import_core.buildAuthUrl)({ apiKey: this.config.apiKey, redirectUrl: `${this.config.baseUrl}/api/auditauth/callback` });
302
- return import_server.NextResponse.redirect(url);
301
+ try {
302
+ const url = await (0, import_core.buildAuthUrl)({
303
+ apiKey: this.config.apiKey,
304
+ redirectUrl: `${this.config.baseUrl}/api/auditauth/callback`,
305
+ cancelUrl: this.config.baseUrl
306
+ });
307
+ return import_server.NextResponse.redirect(url);
308
+ } catch (err) {
309
+ return new Response("Invalid session", { status: 401 });
310
+ }
303
311
  }
304
312
  ;
305
313
  case "refresh":
306
314
  {
307
315
  const { ok } = await this.refresh();
308
316
  if (ok) return import_server.NextResponse.redirect(redirectUrl || this.config.redirectUrl);
309
- const url = await (0, import_core.buildAuthUrl)({ apiKey: this.config.apiKey, redirectUrl: `${this.config.baseUrl}/api/auditauth/callback` });
317
+ const url = await (0, import_core.buildAuthUrl)({
318
+ apiKey: this.config.apiKey,
319
+ redirectUrl: `${this.config.baseUrl}/api/auditauth/callback`,
320
+ cancelUrl: this.config.baseUrl
321
+ });
310
322
  return import_server.NextResponse.redirect(url);
311
323
  }
312
324
  ;
@@ -319,7 +331,7 @@ class AuditAuthNext {
319
331
  case "logout":
320
332
  {
321
333
  await this.logout();
322
- return import_server.NextResponse.redirect(this.config.redirectUrl);
334
+ return import_server.NextResponse.redirect(this.config.baseUrl);
323
335
  }
324
336
  ;
325
337
  case "portal":
@@ -337,8 +349,30 @@ class AuditAuthNext {
337
349
  case "session":
338
350
  {
339
351
  const user = this.getSession();
340
- if (!user) return new import_server.NextResponse(null, { status: 401 });
341
- return import_server.NextResponse.json({ user });
352
+ if (user) return import_server.NextResponse.json({ user });
353
+ try {
354
+ const { access } = this.getCookieTokens();
355
+ if (!access) throw new Error("Not auth token");
356
+ const refreshedUser = await (0, import_core.getSessionUser)({ access_token: access });
357
+ const session = {
358
+ user: refreshedUser
359
+ };
360
+ const isSecure = this.isSecureCookie();
361
+ this.cookies.set(
362
+ import_settings.SETTINGS.storage_keys.session,
363
+ JSON.stringify(session),
364
+ {
365
+ httpOnly: true,
366
+ sameSite: "lax",
367
+ secure: isSecure,
368
+ path: "/",
369
+ maxAge: 24 * 60 * 60 * 1e3 * 3
370
+ }
371
+ );
372
+ return import_server.NextResponse.json({ user: refreshedUser });
373
+ } catch (err) {
374
+ return new import_server.NextResponse(null, { status: 401 });
375
+ }
342
376
  }
343
377
  ;
344
378
  default:
@@ -364,7 +398,7 @@ class AuditAuthNext {
364
398
  ;
365
399
  case "refresh":
366
400
  {
367
- const redirectUrl = req.nextUrl.searchParams.get("redirectUrl");
401
+ const redirectUrl = new URL(req.url).searchParams.get("redirectUrl");
368
402
  const { ok } = await this.refresh();
369
403
  if (ok) return import_server.NextResponse.redirect(redirectUrl || this.config.redirectUrl);
370
404
  return new Response("Session expired", { status: 401 });
package/dist/sdk.d.cts CHANGED
@@ -1,8 +1,9 @@
1
- import { NextRequest, NextResponse } from 'next/server.js';
1
+ import { NextResponse } from 'next/server.js';
2
2
  import { CookieAdapter } from './types.cjs';
3
3
  import { AuditAuthConfig, SessionUser } from '@auditauth/core';
4
4
  import { AuditAuthTokenPayload } from '@auditauth/node';
5
5
 
6
+ type RouteRequest = Request;
6
7
  declare class AuditAuthNext {
7
8
  private config;
8
9
  private cookies;
@@ -22,17 +23,17 @@ declare class AuditAuthNext {
22
23
  getPortalUrl(): URL;
23
24
  private callback;
24
25
  private logout;
25
- withAuthRequest<C>(handler: (req: NextRequest, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>): (req: NextRequest, ctx: C) => Promise<Response>;
26
+ withAuthRequest<C, R extends Request = Request>(handler: (req: R, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>): (req: R, ctx: C) => Promise<Response>;
26
27
  fetch(url: string, init?: RequestInit): Promise<Response>;
27
28
  private refresh;
28
- middleware(request: NextRequest): Promise<NextResponse<unknown>>;
29
+ middleware(request: RouteRequest): Promise<NextResponse<unknown>>;
29
30
  getHandlers(): {
30
- GET: (req: NextRequest, ctx: {
31
+ GET: (req: RouteRequest, ctx: {
31
32
  params: Promise<{
32
33
  auditauth: string[];
33
34
  }>;
34
35
  }) => Promise<Response>;
35
- POST: (req: NextRequest, ctx: {
36
+ POST: (req: RouteRequest, ctx: {
36
37
  params: Promise<{
37
38
  auditauth: string[];
38
39
  }>;
package/dist/sdk.d.ts CHANGED
@@ -1,8 +1,9 @@
1
- import { NextRequest, NextResponse } from 'next/server.js';
1
+ import { NextResponse } from 'next/server.js';
2
2
  import { CookieAdapter } from './types.js';
3
3
  import { AuditAuthConfig, SessionUser } from '@auditauth/core';
4
4
  import { AuditAuthTokenPayload } from '@auditauth/node';
5
5
 
6
+ type RouteRequest = Request;
6
7
  declare class AuditAuthNext {
7
8
  private config;
8
9
  private cookies;
@@ -22,17 +23,17 @@ declare class AuditAuthNext {
22
23
  getPortalUrl(): URL;
23
24
  private callback;
24
25
  private logout;
25
- withAuthRequest<C>(handler: (req: NextRequest, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>): (req: NextRequest, ctx: C) => Promise<Response>;
26
+ withAuthRequest<C, R extends Request = Request>(handler: (req: R, ctx: C, session: AuditAuthTokenPayload) => Promise<Response>): (req: R, ctx: C) => Promise<Response>;
26
27
  fetch(url: string, init?: RequestInit): Promise<Response>;
27
28
  private refresh;
28
- middleware(request: NextRequest): Promise<NextResponse<unknown>>;
29
+ middleware(request: RouteRequest): Promise<NextResponse<unknown>>;
29
30
  getHandlers(): {
30
- GET: (req: NextRequest, ctx: {
31
+ GET: (req: RouteRequest, ctx: {
31
32
  params: Promise<{
32
33
  auditauth: string[];
33
34
  }>;
34
35
  }) => Promise<Response>;
35
- POST: (req: NextRequest, ctx: {
36
+ POST: (req: RouteRequest, ctx: {
36
37
  params: Promise<{
37
38
  auditauth: string[];
38
39
  }>;
package/dist/sdk.js CHANGED
@@ -7,7 +7,8 @@ import {
7
7
  revokeSession,
8
8
  buildPortalUrl,
9
9
  refreshTokens,
10
- sendMetrics
10
+ sendMetrics,
11
+ getSessionUser
11
12
  } from "@auditauth/core";
12
13
  import { verifyRequest } from "@auditauth/node";
13
14
  const CALLBACK_CODE_COOKIE = "auditauth_last_code";
@@ -241,7 +242,7 @@ class AuditAuthNext {
241
242
  }
242
243
  async middleware(request) {
243
244
  const { access, refresh } = this.getCookieTokens();
244
- const url = request.nextUrl;
245
+ const url = new URL(request.url);
245
246
  if (access && refresh) {
246
247
  const sid = this.cookies.get(SETTINGS.storage_keys.session_id);
247
248
  if (!sid) {
@@ -278,19 +279,31 @@ class AuditAuthNext {
278
279
  return {
279
280
  GET: async (req, ctx) => {
280
281
  const action = (await ctx.params).auditauth[0];
281
- const redirectUrl = req.nextUrl.searchParams.get("redirectUrl");
282
+ const redirectUrl = new URL(req.url).searchParams.get("redirectUrl");
282
283
  switch (action) {
283
284
  case "login":
284
285
  {
285
- const url = await buildAuthUrl({ apiKey: this.config.apiKey, redirectUrl: `${this.config.baseUrl}/api/auditauth/callback` });
286
- return NextResponse.redirect(url);
286
+ try {
287
+ const url = await buildAuthUrl({
288
+ apiKey: this.config.apiKey,
289
+ redirectUrl: `${this.config.baseUrl}/api/auditauth/callback`,
290
+ cancelUrl: this.config.baseUrl
291
+ });
292
+ return NextResponse.redirect(url);
293
+ } catch (err) {
294
+ return new Response("Invalid session", { status: 401 });
295
+ }
287
296
  }
288
297
  ;
289
298
  case "refresh":
290
299
  {
291
300
  const { ok } = await this.refresh();
292
301
  if (ok) return NextResponse.redirect(redirectUrl || this.config.redirectUrl);
293
- const url = await buildAuthUrl({ apiKey: this.config.apiKey, redirectUrl: `${this.config.baseUrl}/api/auditauth/callback` });
302
+ const url = await buildAuthUrl({
303
+ apiKey: this.config.apiKey,
304
+ redirectUrl: `${this.config.baseUrl}/api/auditauth/callback`,
305
+ cancelUrl: this.config.baseUrl
306
+ });
294
307
  return NextResponse.redirect(url);
295
308
  }
296
309
  ;
@@ -303,7 +316,7 @@ class AuditAuthNext {
303
316
  case "logout":
304
317
  {
305
318
  await this.logout();
306
- return NextResponse.redirect(this.config.redirectUrl);
319
+ return NextResponse.redirect(this.config.baseUrl);
307
320
  }
308
321
  ;
309
322
  case "portal":
@@ -321,8 +334,30 @@ class AuditAuthNext {
321
334
  case "session":
322
335
  {
323
336
  const user = this.getSession();
324
- if (!user) return new NextResponse(null, { status: 401 });
325
- return NextResponse.json({ user });
337
+ if (user) return NextResponse.json({ user });
338
+ try {
339
+ const { access } = this.getCookieTokens();
340
+ if (!access) throw new Error("Not auth token");
341
+ const refreshedUser = await getSessionUser({ access_token: access });
342
+ const session = {
343
+ user: refreshedUser
344
+ };
345
+ const isSecure = this.isSecureCookie();
346
+ this.cookies.set(
347
+ SETTINGS.storage_keys.session,
348
+ JSON.stringify(session),
349
+ {
350
+ httpOnly: true,
351
+ sameSite: "lax",
352
+ secure: isSecure,
353
+ path: "/",
354
+ maxAge: 24 * 60 * 60 * 1e3 * 3
355
+ }
356
+ );
357
+ return NextResponse.json({ user: refreshedUser });
358
+ } catch (err) {
359
+ return new NextResponse(null, { status: 401 });
360
+ }
326
361
  }
327
362
  ;
328
363
  default:
@@ -348,7 +383,7 @@ class AuditAuthNext {
348
383
  ;
349
384
  case "refresh":
350
385
  {
351
- const redirectUrl = req.nextUrl.searchParams.get("redirectUrl");
386
+ const redirectUrl = new URL(req.url).searchParams.get("redirectUrl");
352
387
  const { ok } = await this.refresh();
353
388
  if (ok) return NextResponse.redirect(redirectUrl || this.config.redirectUrl);
354
389
  return new Response("Session expired", { status: 401 });
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@auditauth/next",
3
- "version": "0.2.0-beta.5",
3
+ "version": "0.2.0-beta.7",
4
4
  "description": "AuditAuth NextJS SDK",
5
5
  "license": "MIT",
6
6
  "author": "Nimibyte",
@@ -53,8 +53,8 @@
53
53
  "react-dom": ">=18"
54
54
  },
55
55
  "dependencies": {
56
- "@auditauth/core": "^0.2.0-beta.5",
57
- "@auditauth/node": "^0.2.0-beta.5"
56
+ "@auditauth/core": "^0.2.0-beta.7",
57
+ "@auditauth/node": "^0.2.0-beta.7"
58
58
  },
59
59
  "devDependencies": {
60
60
  "typescript": "^5.9.0",