@auth-ezz/nextjs 0.1.0

package/README.md

@@ -0,0 +1,418 @@
+# @ezz-auth/next
+
+A secure, high-performance authentication SDK designed specifically for modern Next.js applications using the App Router. Built on HTTP-only cookies and server-side session validation for maximum security.
+
+[![npm version](https://badge.fury.io/js/%40ezz-auth%2Fnext.svg)](https://badge.fury.io/js/%40ezz-auth%2Fnext)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+## ✨ Features
+
+- 🔒 **Zero Token Exposure** - Authentication tokens never reach the client-side
+- 🚀 **Next.js Optimized** - Deep integration with App Router, Server Components, and Middleware
+- 🛡️ **Session-Based** - Robust session management without complex token handling
+- ⚡ **Edge Ready** - Lightweight middleware for edge deployment
+- 🎯 **TypeScript First** - Full TypeScript support with comprehensive type definitions
+- 🧩 **Framework Agnostic** - Works with any React-based Next.js application
+
+## 📦 Installation
+
+```bash
+npm install @ezz-auth/next
+```
+
+## 🚀 Quick Start
+
+### 1. Environment Setup
+
+Add to your `.env.local`:
+
+```bash
+# Core Auth System URL
+AUTH_BASE_URL=https://auth.your-domain.com
+
+# Your Application Credentials
+AUTH_APP_KEY=your_public_key
+AUTH_APP_SECRET=your_secret_key
+```
+
+### 2. Initialize Routes
+
+```bash
+npx ezz-auth init
+```
+
+This creates the necessary API routes for authentication callbacks.
+
+### 3. Protect Your App
+
+```tsx
+// app/layout.tsx
+import { AuthProvider } from "@ezz-auth/next/client";
+import { auth } from "@ezz-auth/next/server";
+
+export default async function RootLayout({ children }) {
+  const { user } = await auth();
+
+  return (
+    <html>
+      <body>
+        <AuthProvider initialUser={user}>
+          {children}
+        </AuthProvider>
+      </body>
+    </html>
+  );
+}
+```
+
+```tsx
+// app/dashboard/page.tsx
+import { auth } from "@ezz-auth/next/server";
+import { redirect } from "next/navigation";
+
+export default async function Dashboard() {
+  const { user } = await auth();
+
+  if (!user) {
+    redirect("/");
+  }
+
+  return <h1>Welcome, {user.name}!</h1>;
+}
+```
+
+## 📚 API Reference
+
+### Client-Side API
+
+#### `AuthProvider`
+
+Context provider that manages authentication state across your React application.
+
+```tsx
+import { AuthProvider } from "@ezz-auth/next/client";
+
+<AuthProvider initialUser={user}>
+  <App />
+</AuthProvider>
+```
+
+**Props:**
+- `initialUser` (optional): Initial user object from server-side auth
+- `children`: React components to render
+
+#### `useUser()`
+
+React hook to access the current authenticated user in client components.
+
+```tsx
+import { useUser } from "@ezz-auth/next/client";
+
+function Profile() {
+  const { user, isSignedIn, isLoaded } = useUser();
+
+  if (!isLoaded) return <div>Loading...</div>;
+  if (!isSignedIn) return <div>Please sign in</div>;
+
+  return <div>Hello, {user.name}!</div>;
+}
+```
+
+**Returns:**
+- `user`: Current user object or `null`
+- `isSignedIn`: Boolean indicating authentication status
+- `isLoaded`: Boolean indicating if auth state has been determined
+
+#### `SignInButton`
+
+Pre-built component that redirects users to the authentication flow.
+
+```tsx
+import { SignInButton } from "@ezz-auth/next/client";
+
+<SignInButton />
+```
+
+**Props:** None (customizable via CSS classes)
+
+#### `UserButton`
+
+Component that displays user information and provides logout functionality.
+
+```tsx
+import { UserButton } from "@ezz-auth/next/client";
+
+<UserButton />
+```
+
+**Props:** None (customizable via CSS classes)
+
+#### `signOut()`
+
+Function to sign out the current user and clear their session.
+
+```tsx
+import { signOut } from "@ezz-auth/next/client";
+
+function handleLogout() {
+  signOut();
+  // User will be redirected and session cleared
+}
+```
+
+### Server-Side API
+
+#### `auth()`
+
+Primary server-side function to authenticate requests and get user data.
+
+```tsx
+import { auth } from "@ezz-auth/next/server";
+
+export default async function ProtectedPage() {
+  const { user, session } = await auth();
+
+  if (!user) {
+    redirect("/login");
+  }
+
+  return <div>User: {user.email}</div>;
+}
+```
+
+**Returns:**
+- `user`: User object or `null`
+- `session`: Session object or `null`
+
+#### `currentUser()`
+
+Simplified function that returns only the current user (alias for `auth().user`).
+
+```tsx
+import { currentUser } from "@ezz-auth/next/server";
+
+const user = await currentUser();
+```
+
+**Returns:** User object or `null`
+
+#### `requireAuth()`
+
+Throws an error if user is not authenticated. Useful for protecting API routes.
+
+```tsx
+import { requireAuth } from "@ezz-auth/next/server";
+
+export async function GET() {
+  const { user } = await requireAuth();
+
+  // User is guaranteed to be authenticated here
+  return Response.json({ data: "protected content" });
+}
+```
+
+**Options:**
+- `state` (optional): Custom state to pass through auth flow
+
+**Returns:** Object with `user` and `session` (throws if unauthenticated)
+
+#### `handleAuthCallback()`
+
+Route handler for processing OAuth callbacks after authentication.
+
+```tsx
+// app/api/auth/callback/route.ts
+import { handleAuthCallback } from "@ezz-auth/next/server";
+
+export const GET = handleAuthCallback({
+  redirectTo: "/dashboard"
+});
+```
+
+**Options:**
+- `redirectTo` (optional): Where to redirect after successful authentication (default: "/")
+
+#### `handleLogout()`
+
+Route handler for processing logout requests.
+
+```tsx
+// app/api/auth/logout/route.ts
+import { handleLogout } from "@ezz-auth/next/server";
+
+export const POST = handleLogout();
+```
+
+### Middleware API
+
+#### `authMiddleware()`
+
+Next.js middleware for protecting routes at the edge.
+
+```tsx
+// middleware.ts
+import { authMiddleware } from "@ezz-auth/next/middleware";
+
+export default authMiddleware();
+
+export const config = {
+  matcher: ["/dashboard/:path*"]
+};
+```
+
+**Returns:** Next.js middleware function
+
+### CLI API
+
+#### `ezz-auth init`
+
+Scaffolds the necessary authentication routes for your Next.js application.
+
+```bash
+npx ezz-auth init
+```
+
+Creates:
+- `app/api/auth/callback/route.ts` - OAuth callback handler
+- `app/api/auth/logout/route.ts` - Logout handler
+
+## 🔧 Configuration
+
+### Environment Variables
+
+| Variable | Description | Required |
+|----------|-------------|----------|
+| `AUTH_BASE_URL` | URL of your Ezz Auth core system | ✅ |
+| `AUTH_APP_KEY` | Public application key from developer console | ✅ |
+| `AUTH_APP_SECRET` | Secret application key for server-side operations | ✅ |
+
+### Advanced Configuration
+
+The SDK automatically detects your Next.js app directory structure:
+- `src/app/` (if `src` directory exists)
+- `app/` (standard App Router location)
+
+## 📝 Examples
+
+### Complete App Setup
+
+```tsx
+// app/layout.tsx
+import { AuthProvider } from "@ezz-auth/next/client";
+import { auth } from "@ezz-auth/next/server";
+
+export default async function Layout({ children }) {
+  const { user } = await auth();
+
+  return (
+    <html>
+      <body>
+        <AuthProvider initialUser={user}>
+          <Header />
+          {children}
+        </AuthProvider>
+      </body>
+    </html>
+  );
+}
+
+// app/components/Header.tsx
+"use client";
+import { SignInButton, UserButton, useUser } from "@ezz-auth/next/client";
+
+export function Header() {
+  const { isSignedIn } = useUser();
+
+  return (
+    <header>
+      <nav>
+        <Link href="/">Home</Link>
+        {isSignedIn ? <UserButton /> : <SignInButton />}
+      </nav>
+    </header>
+  );
+}
+```
+
+### API Route Protection
+
+```tsx
+// app/api/user/profile/route.ts
+import { auth } from "@ezz-auth/next/server";
+
+export async function GET() {
+  const { user } = await auth();
+
+  if (!user) {
+    return Response.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  return Response.json({ profile: user });
+}
+```
+
+### Middleware Protection
+
+```tsx
+// middleware.ts
+import { authMiddleware } from "@ezz-auth/next/middleware";
+
+export default authMiddleware();
+
+export const config = {
+  matcher: ["/dashboard/:path*", "/api/protected/:path*"]
+};
+```
+
+## 🔄 How It Works
+
+1. **Authorization Request**: User clicks sign-in, SDK redirects to Ezz Auth core with your `AUTH_APP_KEY`
+2. **User Authentication**: Core system handles login via configured providers (OAuth, email, etc.)
+3. **Callback Processing**: Core redirects back with authorization code
+4. **Token Exchange**: Your app exchanges code for session token using `AUTH_APP_SECRET`
+5. **Session Storage**: Session stored in HTTP-only, secure, SameSite=Lax cookie
+6. **Request Validation**: Each request validates cookie against core introspection endpoint
+
+## 🛡️ Security Features
+
+- **No Token Exposure**: Authentication tokens never reach client-side JavaScript
+- **HTTP-Only Cookies**: Session cookies cannot be accessed via JavaScript
+- **Secure by Default**: Automatic security headers and cookie configuration
+- **Server-Side Validation**: All authentication checks happen server-side
+- **CSRF Protection**: Built-in protection against cross-site request forgery
+
+## 🐛 Troubleshooting
+
+### Common Issues
+
+**"No app directory found"**
+- Ensure you're using Next.js App Router (not Pages Router)
+- Check that your app directory is at `app/` or `src/app/`
+
+**"Authentication failed"**
+- Verify `AUTH_BASE_URL` is correct and accessible
+- Check that `AUTH_APP_KEY` and `AUTH_APP_SECRET` are valid
+- Ensure callback URL is configured in your auth provider
+
+**"Session not persisting"**
+- Check that cookies are enabled in the browser
+- Verify your domain configuration matches the auth core
+
+## 📄 License
+
+MIT © [Your Organization]
+
+## 🤝 Contributing
+
+1. Fork the repository
+2. Create your feature branch (`git checkout -b feature/amazing-feature`)
+3. Commit your changes (`git commit -m 'Add amazing feature'`)
+4. Push to the branch (`git push origin feature/amazing-feature`)
+5. Open a Pull Request
+
+## 📞 Support
+
+- 📖 [Documentation](https://docs.ezz-auth.com)
+- 💬 [Discord Community](https://discord.gg/ezz-auth)
+- 🐛 [Issue Tracker](https://github.com/your-org/ezz-auth/issues)
+- 📧 [Email Support](mailto:support@ezz-auth.com)

package/bin/index.js

@@ -0,0 +1,67 @@
+#!/usr/bin/env node
+
+import fs from "fs";
+import path from "path";
+import url from "url";
+
+const __dirname = path.dirname(url.fileURLToPath(import.meta.url));
+const projectRoot = process.cwd();
+
+const command = process.argv[2];
+
+/* ---------------- helpers ---------------- */
+
+function findAppDir() {
+  const srcApp = path.join(projectRoot, "src", "app");
+  const app = path.join(projectRoot, "app");
+
+  if (fs.existsSync(srcApp)) return srcApp;
+  if (fs.existsSync(app)) return app;
+
+  console.error("❌ No app or src/app directory found");
+  process.exit(1);
+}
+
+function copyTemplate(relativePath) {
+  const source = path.join(__dirname, "..", "templates", relativePath);
+  const target = path.join(
+    findAppDir(),
+    relativePath.replace(/^app\//, "")
+  );
+
+  fs.mkdirSync(path.dirname(target), { recursive: true });
+
+  if (fs.existsSync(target)) {
+    console.log("⚠ Skipped:", target);
+    return;
+  }
+
+  fs.copyFileSync(source, target);
+  console.log("✔ Created:", target);
+}
+
+/* ---------------- commands ---------------- */
+
+function runInit() {
+  copyTemplate("app/api/auth/callback/route.ts");
+  copyTemplate("app/api/auth/logout/route.ts");
+
+  console.log("\n✅ ezz-auth initialized");
+  console.log("Next steps:");
+  console.log("1. Set env variables");
+  console.log("2. Redirect users to ezz-auth login");
+}
+
+/* ---------------- entry ---------------- */
+
+if (command === "init") {
+  runInit();
+} else {
+  console.log(`
+Usage:
+  npx ezz-auth init
+
+Description:
+  Scaffold ezz-auth routes for Next.js App Router
+`);
+}

package/client/AuthProvider.js

@@ -0,0 +1,18 @@
+
+"use client";
+import React, { createContext, useContext } from "react";
+const AuthContext = createContext(null);
+
+export function AuthProvider({ children, user }) {
+  return (
+    <AuthContext.Provider value={{ user, isSignedIn: !!user }}>
+      {children}
+    </AuthContext.Provider>
+  );
+}
+
+export function useAuthContext() {
+  const ctx = useContext(AuthContext);
+  if (!ctx) throw new Error("AuthProvider missing");
+  return ctx;
+}

package/client/SignInButton.js

@@ -0,0 +1,28 @@
+"use client";
+
+export function SignInButton({ state }) {
+  const signIn = () => {
+    const url = new URL(
+      "/api/app/v1/authorize",
+      process.env.NEXT_PUBLIC_AUTH_BASE_URL
+    );
+
+    url.searchParams.set(
+      "app_key",
+      process.env.NEXT_PUBLIC_AUTH_PUBLIC_KEY
+    );
+
+    url.searchParams.set(
+      "redirect_uri",
+      window.location.origin + "/api/auth/callback"
+    );
+
+    // ✅ ADD THIS
+    const finalState = state ?? window.location.pathname;
+    url.searchParams.set("state", finalState);
+
+    window.location.href = url.toString();
+  };
+
+  return <button onClick={signIn}>Sign in</button>;
+}

package/client/index.d.ts

@@ -0,0 +1,16 @@
+export function AuthProvider(props: {
+  children: React.ReactNode;
+  user: any;
+}): JSX.Element;
+
+export function useUser(): {
+  user: any;
+  isSignedIn: boolean;
+  isLoaded: boolean;
+};
+
+export function SignInButton(): JSX.Element;
+
+export function UserButton(): JSX.Element;
+
+export function signOut(): void;

package/client/index.js

@@ -0,0 +1,7 @@
+
+export { AuthProvider } from "./AuthProvider.js";
+export { useUser } from "./useUser.js";
+export { SignInButton } from "./SignInButton.js";
+export { UserButton } from "./userButton.js";
+export { signOut } from "./signOut.js";
+

package/client/signOut.js

@@ -0,0 +1,8 @@
+// packages/next/client/signOut.js
+export async function signOut() {
+  try {
+    await fetch("/api/auth/logout", { method: "POST" });
+  } catch {}
+
+  window.location.reload();
+}

package/client/useUser.js

@@ -0,0 +1,6 @@
+
+import { useAuthContext } from "./AuthProvider.js";
+export function useUser() {
+  const { user, isSignedIn } = useAuthContext();
+  return { user, isSignedIn, isLoaded: true };
+}

package/client/userButton.js

@@ -0,0 +1,65 @@
+"use client";
+
+import { useUser } from "./useUser.js";
+import { signOut } from "./signOut.js";
+
+import {
+  DropdownMenu,
+  DropdownMenuTrigger,
+  DropdownMenuContent,
+  DropdownMenuItem,
+  DropdownMenuLabel,
+  DropdownMenuSeparator,
+} from "@/components/ui/dropdown-menu";
+
+import { Avatar, AvatarFallback } from "@/components/ui/avatar";
+import { Button } from "@/components/ui/button";
+
+export function UserButton() {
+  const { user, isSignedIn, isLoaded } = useUser();
+
+  if (!isLoaded || !isSignedIn || !user) return null;
+
+  const initial =
+    user.name?.charAt(0)?.toUpperCase() ||
+    user.email?.charAt(0)?.toUpperCase() ||
+    "?";
+
+  return (
+    <DropdownMenu>
+      <DropdownMenuTrigger asChild>
+        <Button
+          variant="ghost"
+          size="icon"
+          className="rounded-full"
+        >
+          <Avatar className="h-8 w-8">
+            <AvatarFallback>{initial}</AvatarFallback>
+          </Avatar>
+        </Button>
+      </DropdownMenuTrigger>
+
+      <DropdownMenuContent align="end" className="w-64">
+        <DropdownMenuLabel className="font-normal">
+          <div className="flex flex-col space-y-1">
+            <p className="text-xs text-muted-foreground">
+              Signed in as
+            </p>
+            <p className="text-sm font-medium leading-none">
+              {user.email}
+            </p>
+          </div>
+        </DropdownMenuLabel>
+
+        <DropdownMenuSeparator />
+
+        <DropdownMenuItem
+          onClick={signOut}
+          className="cursor-pointer"
+        >
+          Log out
+        </DropdownMenuItem>
+      </DropdownMenuContent>
+    </DropdownMenu>
+  );
+}

package/index.d.ts

@@ -0,0 +1,5 @@
+export * from "./client";
+export * from "./server";
+export * from "./bin";
+export * from "./middleware";
+

package/middleware/authMiddleware.d.ts

@@ -0,0 +1,3 @@
+import type { NextMiddleware } from "next/server";
+
+export function authMiddleware(): NextMiddleware;

package/middleware/authMiddleware.js

@@ -0,0 +1,14 @@
+
+import { NextResponse } from "next/server";
+export function authMiddleware() {
+  return function middleware(req) {
+    const session = req.cookies.get("__auth_session")?.value;
+    if (!session) {
+      const loginUrl = new URL("/api/app/v1/authorize", process.env.NEXT_PUBLIC_AUTH_BASE_URL);
+      loginUrl.searchParams.set("app_key", process.env.NEXT_PUBLIC_AUTH_PUBLIC_KEY);
+      loginUrl.searchParams.set("redirect_uri", req.nextUrl.href);
+      return NextResponse.redirect(loginUrl);
+    }
+    return NextResponse.next();
+  };
+}

package/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "@auth-ezz/nextjs",
+  "version": "0.1.0",
+  "type": "module",
+  "types": "./index.d.ts",
+  "bin": {
+    "ezz-auth": "bin/index.js"
+  },
+  "publishConfig": {
+  "access": "public"
+},
+
+  "exports": {
+    ".": {
+      "types": "./index.d.ts",
+      "default": "./client/index.js"
+    },
+    "./client": {
+      "types": "./client/index.d.ts",
+      "default": "./client/index.js"
+    },
+    "./server": {
+      "types": "./server/index.d.ts",
+      "default": "./server/index.js"
+    },
+    "./middleware": {
+      "types": "./middleware/authMiddleware.d.ts",
+      "default": "./middleware/authMiddleware.js"
+    }
+  }
+}

package/server/auth.js

@@ -0,0 +1,18 @@
+
+import { cookies } from "next/headers";
+const AUTH_COOKIE = "user_session";
+
+export async function auth() {
+  const cookieStore = await cookies();
+  const sessionToken = cookieStore.get(AUTH_COOKIE)?.value;
+  if (!sessionToken) return { user: null, session: null };
+
+  const res = await fetch(
+    `${process.env.AUTH_BASE_URL}/api/app/v1/userinfo`,
+    { headers: { Authorization: `Bearer ${sessionToken}` }, cache: "no-store" }
+  );
+
+  if (!res.ok) return { user: null, session: null };
+  const data = await res.json();
+  return { user: data.user, session: { token: sessionToken } };
+}

package/server/currentUser.js

@@ -0,0 +1,6 @@
+
+import { auth } from "./auth.js";
+export async function currentUser() {
+  const { user } = await auth();
+  return user;
+}

package/server/handleAuthCallback.js

@@ -0,0 +1,50 @@
+import { NextResponse } from "next/server";
+
+export function handleAuthCallback(options = {}) {
+  const fallbackRedirect = options.redirectTo ?? "/";
+
+  return async function GET(req) {
+    const { searchParams, origin } = req.nextUrl;
+
+    const code = searchParams.get("code");
+    const rawState = searchParams.get("state");
+
+    // ✅ SAFETY CHECK
+    const state =
+      rawState && rawState.startsWith("/") ? rawState : fallbackRedirect;
+
+    if (!code) {
+      return NextResponse.redirect(new URL(state, origin));
+    }
+
+    const res = await fetch(
+      `${process.env.AUTH_BASE_URL}/api/app/v1/token`,
+      {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${process.env.AUTH_APP_SECRET}`,
+        },
+        body: JSON.stringify({ code }),
+      }
+    );
+
+    if (!res.ok) {
+      return NextResponse.redirect(new URL(state, origin));
+    }
+
+    const data = await res.json();
+
+    const response = NextResponse.redirect(new URL(state, origin));
+
+    response.cookies.set("user_session", data.sessionToken, {
+      httpOnly: true,
+      sameSite: "lax",
+      secure: process.env.NODE_ENV === "production",
+      path: "/",
+      expires: new Date(data.expiresAt),
+    });
+
+    return response;
+  };
+}

package/server/handleLogout.js

@@ -0,0 +1,5 @@
+import { logout } from "./logout";
+
+export function handleLogout() {
+  return async (req) => logout(req);
+}

package/server/index.d.ts

@@ -0,0 +1,24 @@
+export function auth(): Promise<{
+  user: any | null;
+  session: any | null;
+}>;
+
+export function currentUser(): Promise<any | null>;
+
+
+
+export function handleAuthCallback(options?: {
+  redirectTo?: string;
+}): (req: import("next/server").NextRequest) =>
+  Promise<import("next/server").NextResponse>;
+
+
+export function handleLogout(): (req: import("next/server").NextRequest) =>
+  Promise<import("next/server").NextResponse>;
+
+export function requireAuth(options?: {
+  state?: string;
+}): Promise<{
+  user: any | null;
+  session: any | null;
+}>;

package/server/index.js

@@ -0,0 +1,6 @@
+
+export { auth } from "./auth.js";
+export { currentUser } from "./currentUser.js";
+export { requireAuth } from "./requireAuth.js";
+export { handleAuthCallback } from "./handleAuthCallback.js";
+export { handleLogout } from "./handleLogout.js";

package/server/logout.js

@@ -0,0 +1,25 @@
+import {  NextResponse } from "next/server";
+
+export async function logout(req) {
+  const sessionToken = req.cookies.get("user_session")?.value;
+
+  const res = NextResponse.json({ ok: true });
+  res.cookies.delete("user_session", { path: "/" });
+
+  if (!sessionToken) return res;
+
+  try {
+    await fetch(`${process.env.AUTH_BASE_URL}/api/app/v1/logout`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${process.env.AUTH_APP_SECRET}`,
+        "Content-Type": "application/json",
+      },
+      body: JSON.stringify({ sessionToken }),
+    });
+  } catch {
+    // logout must never block UX
+  }
+
+  return res;
+}

package/server/requireAuth.js

@@ -0,0 +1,34 @@
+import { redirect } from "next/navigation";
+import { auth } from "./auth.js";
+
+export async function requireAuth(options = {}) {
+  const result = await auth();
+
+  if (result.user) {
+    return result;
+  }
+
+  const state = options.state || "/";
+
+  // 🔒 Safety check
+  const safeState = state.startsWith("/") ? state : "/";
+
+  const url = new URL(
+    "/api/app/v1/authorize",
+    process.env.NEXT_PUBLIC_AUTH_BASE_URL
+  );
+
+  url.searchParams.set(
+    "app_key",
+    process.env.NEXT_PUBLIC_AUTH_PUBLIC_KEY
+  );
+
+  url.searchParams.set(
+    "redirect_uri",
+    `${process.env.NEXT_PUBLIC_APP_URL}/api/auth/callback`
+  );
+
+  url.searchParams.set("state", safeState);
+
+  redirect(url.toString());
+}

package/templates/app/api/auth/callback/route.ts

@@ -0,0 +1,5 @@
+import { handleAuthCallback } from "@ezz-auth/next/server";
+
+export const GET = handleAuthCallback({
+  redirectTo: "/dashboard",
+});

package/templates/app/api/auth/logout/route.ts

@@ -0,0 +1,4 @@
+// test-app/app/api/auth/logout/route.js
+import { handleLogout } from "@ezz-auth/next/server";
+
+export const POST = handleLogout();