@cabin-id/nextjs 0.1.3 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -29,7 +29,6 @@ var import_server = require("next/server");
|
|
|
29
29
|
var import_constants = require("../constants");
|
|
30
30
|
var import_routeMatcher = require("./routeMatcher");
|
|
31
31
|
var import_utils = require("./utils");
|
|
32
|
-
var import_response = require("../utils/response");
|
|
33
32
|
var import_createRedirect = require("./createRedirect");
|
|
34
33
|
const DEFAULT_CONFIG_MATCHER = [
|
|
35
34
|
"/((?!.+\\.[\\w]+$|_next).*)",
|
|
@@ -64,28 +63,10 @@ const authMiddleware = (...args) => {
|
|
|
64
63
|
const isPublicRoute = (0, import_routeMatcher.createRouteMatcher)(
|
|
65
64
|
withDefaultPublicRoutes(options.publicRoutes)
|
|
66
65
|
);
|
|
67
|
-
return async (_req
|
|
66
|
+
return async (_req) => {
|
|
68
67
|
const url = _req.nextUrl;
|
|
69
68
|
const accessToken = url.searchParams.get(import_constants.constants.QueryParams.Token);
|
|
70
69
|
const userId = url.searchParams.get(import_constants.constants.QueryParams.UserId);
|
|
71
|
-
if (isIgnoredRoute(_req) || isPublicRoute(_req)) {
|
|
72
|
-
return;
|
|
73
|
-
}
|
|
74
|
-
const nextRequest = _req;
|
|
75
|
-
const beforeAuthRes = await (options.beforeAuth && options.beforeAuth(nextRequest, evt));
|
|
76
|
-
if (beforeAuthRes === false) {
|
|
77
|
-
return (0, import_response.setHeader)(
|
|
78
|
-
import_server.NextResponse.next(),
|
|
79
|
-
import_constants.constants.Headers.AuthReason,
|
|
80
|
-
"skip"
|
|
81
|
-
);
|
|
82
|
-
} else if (beforeAuthRes && (0, import_response.isRedirect)(beforeAuthRes)) {
|
|
83
|
-
return (0, import_response.setHeader)(
|
|
84
|
-
beforeAuthRes,
|
|
85
|
-
import_constants.constants.Headers.AuthReason,
|
|
86
|
-
"before-auth-redirect"
|
|
87
|
-
);
|
|
88
|
-
}
|
|
89
70
|
if (accessToken && userId) {
|
|
90
71
|
const path = url.pathname;
|
|
91
72
|
const response = import_server.NextResponse.redirect(new URL(path || "/", _req.url));
|
|
@@ -93,6 +74,9 @@ const authMiddleware = (...args) => {
|
|
|
93
74
|
response.cookies.set(import_constants.constants.Cookies.User, userId);
|
|
94
75
|
return response;
|
|
95
76
|
}
|
|
77
|
+
if (isIgnoredRoute(_req) || isPublicRoute(_req)) {
|
|
78
|
+
return;
|
|
79
|
+
}
|
|
96
80
|
const result = checkAuth(_req);
|
|
97
81
|
return result;
|
|
98
82
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextFetchEvent, NextMiddleware, NextResponse } from 'next/server';\nimport { NextRequest } from 'next/server';\nimport {\n constants,\n CUSTOM_AFTER_SIGN_IN_URL,\n CUSTOM_SIGN_IN_URL,\n frontendApi,\n PUBLISHABLE_KEY,\n SECRET_KEY,\n} from '../constants';\nimport { createRouteMatcher, RouteMatcherParam } from './routeMatcher';\nimport {\n apiEndpointUnauthorizedNextResponse,\n assertKey,\n // decorateRequest,\n redirectAdapter,\n} from './utils';\nimport { NextMiddlewareReturn } from './type';\nimport { isRedirect, setHeader } from '../utils/response';\nimport { createRedirect } from './createRedirect';\n// import { serverRedirectWithAuth } from './serverRedirectWithAuth';\n\ntype BeforeAuthHandler = (\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn | false | Promise<false>;\n\ntype AfterAuthHandler = (\n auth: { isPublicRoute: boolean; isApiRoute: boolean },\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn;\n\nexport type AuthenticateRequestOptions = {\n publishableKey?: string;\n secretKey?: string;\n domain?: string;\n isSatellite?: boolean;\n proxyUrl?: string;\n signInUrl?: string;\n signUpUrl?: string;\n afterSignInUrl?: string;\n afterSignUpUrl?: string;\n};\n\ntype AuthMiddlewareParams = AuthenticateRequestOptions & {\n /**\n * A function that is called before the authentication middleware is executed.\n * If a redirect response is returned, the middleware will respect it and redirect the user.\n * If false is returned, the auth middleware will not execute and the request will be handled as if the auth middleware was not present.\n */\n beforeAuth?: BeforeAuthHandler;\n /**\n * A function that is called after the authentication middleware is executed.\n * This function has access to the auth object and can be used to execute logic based on the auth state.\n */\n afterAuth?: AfterAuthHandler;\n /**\n * A list of routes that should be accessible without authentication.\n * You can use glob patterns to match multiple routes or a function to match against the request object.\n * Path patterns and regular expressions are supported, for example: `['/foo', '/bar(.*)'] or `[/^\\/foo\\/.*$/]`\n * The sign in and sign up URLs are included by default, unless a function is provided.\n * For more information, see: https://clerk.com/docs\n */\n publicRoutes?: RouteMatcherParam;\n /**\n * A list of routes that should be ignored by the middleware.\n * This list typically includes routes for static files or Next.js internals.\n * For improved performance, these routes should be skipped using the default config.matcher instead.\n */\n ignoredRoutes?: IgnoredRoutesParam;\n /**\n * A list of routes that should be treated as API endpoints.\n * When user is signed out, the middleware will return a 401 response for these routes, instead of redirecting the user.\n *\n * If omitted, the following heuristics will be used to determine an API endpoint:\n * - The route path is ['/api/(.*)', '/trpc/(.*)'],\n * - or the request has `Content-Type` set to `application/json`,\n * - or the request method is not one of: `GET`, `OPTIONS` ,` HEAD`\n *\n * @default undefined\n */\n apiRoutes?: ApiRoutesParam;\n};\n\nexport interface AuthMiddleware {\n (params?: AuthMiddlewareParams): NextMiddleware;\n}\n\n/**\n * The default ideal matcher that excludes the _next directory (internals) and all static files,\n * but it will match the root route (/) and any routes that start with /api or /trpc.\n */\nexport const DEFAULT_CONFIG_MATCHER = [\n '/((?!.+\\\\.[\\\\w]+$|_next).*)',\n '/',\n '/(api|trpc)(.*)',\n];\n\n/**\n * Any routes matching this path will be ignored by the middleware.\n * This is the inverted version of DEFAULT_CONFIG_MATCHER.\n */\nexport const DEFAULT_IGNORED_ROUTES = [`/((?!api|trpc))(_next.*|.+\\\\.[\\\\w]+$)`];\n/**\n * Any routes matching this path will be treated as API endpoints by the middleware.\n */\nexport const DEFAULT_API_ROUTES = ['/api/(.*)', '/trpc/(.*)'];\n\ntype IgnoredRoutesParam =\n | Array<RegExp | string>\n | RegExp\n | string\n | ((req: NextRequest) => boolean);\n\ntype ApiRoutesParam = IgnoredRoutesParam;\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]) => {\n const [params = {}] = args as [AuthMiddlewareParams?];\n\n const publishableKey = assertKey(\n params.publishableKey || PUBLISHABLE_KEY,\n () => {\n throw new Error('Publish Key is not exist');\n }\n );\n const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n throw new Error('Secret Key is not valid');\n });\n\n const signInUrl = params.signInUrl || CUSTOM_SIGN_IN_URL;\n const signUpUrl = params.signUpUrl || CUSTOM_SIGN_IN_URL;\n\n const options = {\n ...params,\n publishableKey,\n secretKey,\n signInUrl,\n signUpUrl,\n };\n\n const isIgnoredRoute = createRouteMatcher(\n options.ignoredRoutes || DEFAULT_IGNORED_ROUTES\n );\n const isPublicRoute = createRouteMatcher(\n withDefaultPublicRoutes(options.publicRoutes)\n );\n // const isApiRoute = createApiRoutes(options.apiRoutes);\n // const defaultAfterAuth = createDefaultAfterAuth(\n // isPublicRoute,\n // isApiRoute,\n // options\n // );\n\n return async (_req: NextRequest, evt: NextFetchEvent) => {\n const url = _req.nextUrl;\n\n const accessToken = url.searchParams.get(constants.QueryParams.Token);\n const userId = url.searchParams.get(constants.QueryParams.UserId);\n\n if (isIgnoredRoute(_req) || isPublicRoute(_req)) {\n return;\n }\n const nextRequest = _req;\n\n const beforeAuthRes = await (options.beforeAuth &&\n options.beforeAuth(nextRequest, evt));\n\n if (beforeAuthRes === false) {\n return setHeader(\n NextResponse.next(),\n constants.Headers.AuthReason,\n 'skip'\n );\n } else if (beforeAuthRes && isRedirect(beforeAuthRes)) {\n return setHeader(\n beforeAuthRes,\n constants.Headers.AuthReason,\n 'before-auth-redirect'\n );\n }\n\n // const requestState = {\n // token: accessToken,\n // userId,\n // };\n\n // const auth = {\n // ...requestState,\n // isPublicRoute: isPublicRoute(nextRequest),\n // isApiRoute: isApiRoute(nextRequest),\n // };\n\n // const afterAuthRes = await (options.afterAuth || defaultAfterAuth)(\n // auth,\n // nextRequest,\n // evt\n // );\n\n // const finalRes =\n // mergeResponses(beforeAuthRes, afterAuthRes) || NextResponse.next();\n\n if (accessToken && userId) {\n const path = url.pathname;\n const response = NextResponse.redirect(new URL(path || '/', _req.url));\n response.cookies.set(constants.Cookies.Client, accessToken);\n response.cookies.set(constants.Cookies.User, userId);\n return response;\n }\n\n // console.log(finalRes);\n\n // if (isRedirect(finalRes)) {\n // const res = serverRedirectWithAuth(finalRes);\n // return res;\n // }\n\n const result = checkAuth(_req);\n\n return result;\n };\n};\n\nconst withDefaultPublicRoutes = (\n publicRoutes: RouteMatcherParam | undefined\n) => {\n if (typeof publicRoutes === 'function') {\n return publicRoutes;\n }\n\n const routes = [publicRoutes || ''].flat().filter(Boolean);\n // TODO: refactor it to use common config file eg SIGN_IN_URL from ./clerkClient\n // we use process.env for now to support testing\n const signInUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_IN_URL || '';\n if (signInUrl) {\n routes.push(matchRoutesStartingWith(signInUrl));\n }\n // TODO: refactor it to use common config file eg SIGN_UP_URL from ./clerkClient\n // we use process.env for now to support testing\n const signUpUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_UP_URL || '';\n if (signUpUrl) {\n routes.push(matchRoutesStartingWith(signUpUrl));\n }\n return routes;\n};\n\nconst matchRoutesStartingWith = (path: string) => {\n path = path.replace(/\\/$/, '');\n return new RegExp(`^${path}(/.*)?$`);\n};\n\nconst isRequestMethodIndicatingApiRoute = (req: NextRequest): boolean => {\n const requestMethod = req.method.toLowerCase();\n return !['get', 'head', 'options'].includes(requestMethod);\n};\n\nconst isRequestContentTypeJson = (req: NextRequest): boolean => {\n const requestContentType = req.headers.get(constants.Headers.ContentType);\n return requestContentType === constants.ContentTypes.Json;\n};\n\n// - Default behavior:\n// If the route path is `['/api/(.*)*', '*/trpc/(.*)']`\n// or Request has `Content-Type: application/json`\n// or Request method is not-GET,OPTIONS,HEAD,\n// then this is considered an API route.\n//\n// - If the user has provided a specific `apiRoutes` prop in `authMiddleware` then all the above are discarded,\n// and only routes that match the user’s provided paths are considered API routes.\nconst createApiRoutes = (\n apiRoutes: RouteMatcherParam | undefined\n): ((req: NextRequest) => boolean) => {\n if (apiRoutes) {\n return createRouteMatcher(apiRoutes);\n }\n const isDefaultApiRoute = createRouteMatcher(DEFAULT_API_ROUTES);\n return (req: NextRequest) =>\n isDefaultApiRoute(req) ||\n isRequestMethodIndicatingApiRoute(req) ||\n isRequestContentTypeJson(req);\n};\n\nexport const createDefaultAfterAuth = (\n isPublicRoute: ReturnType<typeof createRouteMatcher>,\n isApiRoute: ReturnType<typeof createApiRoutes>,\n options: {\n signInUrl: string;\n signUpUrl: string;\n publishableKey: string;\n secretKey: string;\n }\n) => {\n return (auth: any, req: NextRequest) => {\n if (!auth.userId && !isPublicRoute(req)) {\n if (isApiRoute(req)) {\n return apiEndpointUnauthorizedNextResponse();\n }\n return createRedirect({\n redirectAdapter,\n signInUrl: options.signInUrl,\n signUpUrl: options.signUpUrl,\n publishableKey: options.publishableKey,\n // We're setting baseUrl to '' here as we want to keep the legacy behavior of\n // the redirectToSignIn, redirectToSignUp helpers in the backend package.\n baseUrl: '',\n }).redirectToSignIn({ returnBackUrl: req.nextUrl.href });\n }\n return NextResponse.next();\n };\n};\n\nconst checkAuth = (req: NextRequest): any => {\n const accessToken = req.cookies.get(constants.Cookies.Client);\n\n if (!accessToken && req.nextUrl.href !== CUSTOM_SIGN_IN_URL) {\n if (CUSTOM_SIGN_IN_URL) {\n return NextResponse.redirect(new URL(CUSTOM_SIGN_IN_URL));\n }\n\n if (frontendApi) {\n const params = new URLSearchParams({\n redirect_url: CUSTOM_AFTER_SIGN_IN_URL || '/',\n });\n return NextResponse.redirect(\n new URL(`${frontendApi}/sign-in?${params.toString()}`)\n );\n }\n throw new Error(\n 'You are not authentication. Please provide CABIN ID PUBLISH KEY to redirect to authentication page'\n );\n }\n return NextResponse.next();\n};\n\nexport { authMiddleware };\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA6D;AAE7D,uBAOO;AACP,0BAAsD;AACtD,mBAKO;AAEP,sBAAsC;AACtC,4BAA+B;AA0ExB,MAAM,yBAAyB;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AACF;AAMO,MAAM,yBAAyB,CAAC,uCAAuC;AAIvE,MAAM,qBAAqB,CAAC,aAAa,YAAY;AAU5D,MAAM,iBAAiC,IAAI,SAAoB;AAC7D,QAAM,CAAC,SAAS,CAAC,CAAC,IAAI;AAEtB,QAAM,qBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,gBAAY,wBAAU,OAAO,aAAa,6BAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,qBAAiB;AAAA,IACrB,QAAQ,iBAAiB;AAAA,EAC3B;AACA,QAAM,oBAAgB;AAAA,IACpB,wBAAwB,QAAQ,YAAY;AAAA,EAC9C;AAQA,SAAO,OAAO,MAAmB,QAAwB;AACvD,UAAM,MAAM,KAAK;AAEjB,UAAM,cAAc,IAAI,aAAa,IAAI,2BAAU,YAAY,KAAK;AACpE,UAAM,SAAS,IAAI,aAAa,IAAI,2BAAU,YAAY,MAAM;AAEhE,QAAI,eAAe,IAAI,KAAK,cAAc,IAAI,GAAG;AAC/C;AAAA,IACF;AACA,UAAM,cAAc;AAEpB,UAAM,gBAAgB,OAAO,QAAQ,cACnC,QAAQ,WAAW,aAAa,GAAG;AAErC,QAAI,kBAAkB,OAAO;AAC3B,iBAAO;AAAA,QACL,2BAAa,KAAK;AAAA,QAClB,2BAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,WAAW,qBAAiB,4BAAW,aAAa,GAAG;AACrD,iBAAO;AAAA,QACL;AAAA,QACA,2BAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF;AAsBA,QAAI,eAAe,QAAQ;AACzB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,2BAAa,SAAS,IAAI,IAAI,QAAQ,KAAK,KAAK,GAAG,CAAC;AACrE,eAAS,QAAQ,IAAI,2BAAU,QAAQ,QAAQ,WAAW;AAC1D,eAAS,QAAQ,IAAI,2BAAU,QAAQ,MAAM,MAAM;AACnD,aAAO;AAAA,IACT;AASA,UAAM,SAAS,UAAU,IAAI;AAE7B,WAAO;AAAA,EACT;AACF;AAEA,MAAM,0BAA0B,CAC9B,iBACG;AACH,MAAI,OAAO,iBAAiB,YAAY;AACtC,WAAO;AAAA,EACT;AAEA,QAAM,SAAS,CAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,OAAO,OAAO;AAGzD,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AAGA,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AACA,SAAO;AACT;AAEA,MAAM,0BAA0B,CAAC,SAAiB;AAChD,SAAO,KAAK,QAAQ,OAAO,EAAE;AAC7B,SAAO,IAAI,OAAO,IAAI,IAAI,SAAS;AACrC;AAEA,MAAM,oCAAoC,CAAC,QAA8B;AACvE,QAAM,gBAAgB,IAAI,OAAO,YAAY;AAC7C,SAAO,CAAC,CAAC,OAAO,QAAQ,SAAS,EAAE,SAAS,aAAa;AAC3D;AAEA,MAAM,2BAA2B,CAAC,QAA8B;AAC9D,QAAM,qBAAqB,IAAI,QAAQ,IAAI,2BAAU,QAAQ,WAAW;AACxE,SAAO,uBAAuB,2BAAU,aAAa;AACvD;AAUA,MAAM,kBAAkB,CACtB,cACoC;AACpC,MAAI,WAAW;AACb,eAAO,wCAAmB,SAAS;AAAA,EACrC;AACA,QAAM,wBAAoB,wCAAmB,kBAAkB;AAC/D,SAAO,CAAC,QACN,kBAAkB,GAAG,KACrB,kCAAkC,GAAG,KACrC,yBAAyB,GAAG;AAChC;AAEO,MAAM,yBAAyB,CACpC,eACA,YACA,YAMG;AACH,SAAO,CAAC,MAAW,QAAqB;AACtC,QAAI,CAAC,KAAK,UAAU,CAAC,cAAc,GAAG,GAAG;AACvC,UAAI,WAAW,GAAG,GAAG;AACnB,mBAAO,kDAAoC;AAAA,MAC7C;AACA,iBAAO,sCAAe;AAAA,QACpB;AAAA,QACA,WAAW,QAAQ;AAAA,QACnB,WAAW,QAAQ;AAAA,QACnB,gBAAgB,QAAQ;AAAA;AAAA;AAAA,QAGxB,SAAS;AAAA,MACX,CAAC,EAAE,iBAAiB,EAAE,eAAe,IAAI,QAAQ,KAAK,CAAC;AAAA,IACzD;AACA,WAAO,2BAAa,KAAK;AAAA,EAC3B;AACF;AAEA,MAAM,YAAY,CAAC,QAA0B;AAC3C,QAAM,cAAc,IAAI,QAAQ,IAAI,2BAAU,QAAQ,MAAM;AAE5D,MAAI,CAAC,eAAe,IAAI,QAAQ,SAAS,qCAAoB;AAC3D,QAAI,qCAAoB;AACtB,aAAO,2BAAa,SAAS,IAAI,IAAI,mCAAkB,CAAC;AAAA,IAC1D;AAEA,QAAI,8BAAa;AACf,YAAM,SAAS,IAAI,gBAAgB;AAAA,QACjC,cAAc,6CAA4B;AAAA,MAC5C,CAAC;AACD,aAAO,2BAAa;AAAA,QAClB,IAAI,IAAI,GAAG,4BAAW,YAAY,OAAO,SAAS,CAAC,EAAE;AAAA,MACvD;AAAA,IACF;AACA,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO,2BAAa,KAAK;AAC3B;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextFetchEvent, NextMiddleware, NextResponse } from 'next/server';\nimport { NextRequest } from 'next/server';\nimport {\n constants,\n CUSTOM_AFTER_SIGN_IN_URL,\n CUSTOM_SIGN_IN_URL,\n frontendApi,\n PUBLISHABLE_KEY,\n SECRET_KEY,\n} from '../constants';\nimport { createRouteMatcher, RouteMatcherParam } from './routeMatcher';\nimport {\n apiEndpointUnauthorizedNextResponse,\n assertKey,\n // decorateRequest,\n redirectAdapter,\n} from './utils';\nimport { NextMiddlewareReturn } from './type';\n// import { isRedirect, setHeader } from '../utils/response';\nimport { createRedirect } from './createRedirect';\n// import { serverRedirectWithAuth } from './serverRedirectWithAuth';\n\ntype BeforeAuthHandler = (\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn | false | Promise<false>;\n\ntype AfterAuthHandler = (\n auth: { isPublicRoute: boolean; isApiRoute: boolean },\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn;\n\nexport type AuthenticateRequestOptions = {\n publishableKey?: string;\n secretKey?: string;\n domain?: string;\n isSatellite?: boolean;\n proxyUrl?: string;\n signInUrl?: string;\n signUpUrl?: string;\n afterSignInUrl?: string;\n afterSignUpUrl?: string;\n};\n\ntype AuthMiddlewareParams = AuthenticateRequestOptions & {\n /**\n * A function that is called before the authentication middleware is executed.\n * If a redirect response is returned, the middleware will respect it and redirect the user.\n * If false is returned, the auth middleware will not execute and the request will be handled as if the auth middleware was not present.\n */\n beforeAuth?: BeforeAuthHandler;\n /**\n * A function that is called after the authentication middleware is executed.\n * This function has access to the auth object and can be used to execute logic based on the auth state.\n */\n afterAuth?: AfterAuthHandler;\n /**\n * A list of routes that should be accessible without authentication.\n * You can use glob patterns to match multiple routes or a function to match against the request object.\n * Path patterns and regular expressions are supported, for example: `['/foo', '/bar(.*)'] or `[/^\\/foo\\/.*$/]`\n * The sign in and sign up URLs are included by default, unless a function is provided.\n * For more information, see: https://clerk.com/docs\n */\n publicRoutes?: RouteMatcherParam;\n /**\n * A list of routes that should be ignored by the middleware.\n * This list typically includes routes for static files or Next.js internals.\n * For improved performance, these routes should be skipped using the default config.matcher instead.\n */\n ignoredRoutes?: IgnoredRoutesParam;\n /**\n * A list of routes that should be treated as API endpoints.\n * When user is signed out, the middleware will return a 401 response for these routes, instead of redirecting the user.\n *\n * If omitted, the following heuristics will be used to determine an API endpoint:\n * - The route path is ['/api/(.*)', '/trpc/(.*)'],\n * - or the request has `Content-Type` set to `application/json`,\n * - or the request method is not one of: `GET`, `OPTIONS` ,` HEAD`\n *\n * @default undefined\n */\n apiRoutes?: ApiRoutesParam;\n};\n\nexport interface AuthMiddleware {\n (params?: AuthMiddlewareParams): NextMiddleware;\n}\n\n/**\n * The default ideal matcher that excludes the _next directory (internals) and all static files,\n * but it will match the root route (/) and any routes that start with /api or /trpc.\n */\nexport const DEFAULT_CONFIG_MATCHER = [\n '/((?!.+\\\\.[\\\\w]+$|_next).*)',\n '/',\n '/(api|trpc)(.*)',\n];\n\n/**\n * Any routes matching this path will be ignored by the middleware.\n * This is the inverted version of DEFAULT_CONFIG_MATCHER.\n */\nexport const DEFAULT_IGNORED_ROUTES = [`/((?!api|trpc))(_next.*|.+\\\\.[\\\\w]+$)`];\n/**\n * Any routes matching this path will be treated as API endpoints by the middleware.\n */\nexport const DEFAULT_API_ROUTES = ['/api/(.*)', '/trpc/(.*)'];\n\ntype IgnoredRoutesParam =\n | Array<RegExp | string>\n | RegExp\n | string\n | ((req: NextRequest) => boolean);\n\ntype ApiRoutesParam = IgnoredRoutesParam;\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]) => {\n const [params = {}] = args as [AuthMiddlewareParams?];\n\n const publishableKey = assertKey(\n params.publishableKey || PUBLISHABLE_KEY,\n () => {\n throw new Error('Publish Key is not exist');\n }\n );\n const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n throw new Error('Secret Key is not valid');\n });\n\n const signInUrl = params.signInUrl || CUSTOM_SIGN_IN_URL;\n const signUpUrl = params.signUpUrl || CUSTOM_SIGN_IN_URL;\n\n const options = {\n ...params,\n publishableKey,\n secretKey,\n signInUrl,\n signUpUrl,\n };\n\n const isIgnoredRoute = createRouteMatcher(\n options.ignoredRoutes || DEFAULT_IGNORED_ROUTES\n );\n const isPublicRoute = createRouteMatcher(\n withDefaultPublicRoutes(options.publicRoutes)\n );\n // const isApiRoute = createApiRoutes(options.apiRoutes);\n // const defaultAfterAuth = createDefaultAfterAuth(\n // isPublicRoute,\n // isApiRoute,\n // options\n // );\n\n return async (_req: NextRequest) => {\n const url = _req.nextUrl;\n\n const accessToken = url.searchParams.get(constants.QueryParams.Token);\n const userId = url.searchParams.get(constants.QueryParams.UserId);\n\n if (accessToken && userId) {\n const path = url.pathname;\n const response = NextResponse.redirect(new URL(path || '/', _req.url));\n response.cookies.set(constants.Cookies.Client, accessToken);\n response.cookies.set(constants.Cookies.User, userId);\n return response;\n }\n\n if (isIgnoredRoute(_req) || isPublicRoute(_req)) {\n return;\n }\n // const nextRequest = _req;\n\n // const beforeAuthRes = await (options.beforeAuth &&\n // options.beforeAuth(nextRequest, evt));\n\n // if (beforeAuthRes === false) {\n // return setHeader(\n // NextResponse.next(),\n // constants.Headers.AuthReason,\n // 'skip'\n // );\n // } else if (beforeAuthRes && isRedirect(beforeAuthRes)) {\n // return setHeader(\n // beforeAuthRes,\n // constants.Headers.AuthReason,\n // 'before-auth-redirect'\n // );\n // }\n\n // const requestState = {\n // token: accessToken,\n // userId,\n // };\n\n // const auth = {\n // ...requestState,\n // isPublicRoute: isPublicRoute(nextRequest),\n // isApiRoute: isApiRoute(nextRequest),\n // };\n\n // const afterAuthRes = await (options.afterAuth || defaultAfterAuth)(\n // auth,\n // nextRequest,\n // evt\n // );\n\n // const finalRes =\n // mergeResponses(beforeAuthRes, afterAuthRes) || NextResponse.next();\n\n // console.log(finalRes);\n\n // if (isRedirect(finalRes)) {\n // const res = serverRedirectWithAuth(finalRes);\n // return res;\n // }\n\n const result = checkAuth(_req);\n\n return result;\n };\n};\n\nconst withDefaultPublicRoutes = (\n publicRoutes: RouteMatcherParam | undefined\n) => {\n if (typeof publicRoutes === 'function') {\n return publicRoutes;\n }\n\n const routes = [publicRoutes || ''].flat().filter(Boolean);\n // TODO: refactor it to use common config file eg SIGN_IN_URL from ./clerkClient\n // we use process.env for now to support testing\n const signInUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_IN_URL || '';\n if (signInUrl) {\n routes.push(matchRoutesStartingWith(signInUrl));\n }\n // TODO: refactor it to use common config file eg SIGN_UP_URL from ./clerkClient\n // we use process.env for now to support testing\n const signUpUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_UP_URL || '';\n if (signUpUrl) {\n routes.push(matchRoutesStartingWith(signUpUrl));\n }\n return routes;\n};\n\nconst matchRoutesStartingWith = (path: string) => {\n path = path.replace(/\\/$/, '');\n return new RegExp(`^${path}(/.*)?$`);\n};\n\nconst isRequestMethodIndicatingApiRoute = (req: NextRequest): boolean => {\n const requestMethod = req.method.toLowerCase();\n return !['get', 'head', 'options'].includes(requestMethod);\n};\n\nconst isRequestContentTypeJson = (req: NextRequest): boolean => {\n const requestContentType = req.headers.get(constants.Headers.ContentType);\n return requestContentType === constants.ContentTypes.Json;\n};\n\n// - Default behavior:\n// If the route path is `['/api/(.*)*', '*/trpc/(.*)']`\n// or Request has `Content-Type: application/json`\n// or Request method is not-GET,OPTIONS,HEAD,\n// then this is considered an API route.\n//\n// - If the user has provided a specific `apiRoutes` prop in `authMiddleware` then all the above are discarded,\n// and only routes that match the user’s provided paths are considered API routes.\nconst createApiRoutes = (\n apiRoutes: RouteMatcherParam | undefined\n): ((req: NextRequest) => boolean) => {\n if (apiRoutes) {\n return createRouteMatcher(apiRoutes);\n }\n const isDefaultApiRoute = createRouteMatcher(DEFAULT_API_ROUTES);\n return (req: NextRequest) =>\n isDefaultApiRoute(req) ||\n isRequestMethodIndicatingApiRoute(req) ||\n isRequestContentTypeJson(req);\n};\n\nexport const createDefaultAfterAuth = (\n isPublicRoute: ReturnType<typeof createRouteMatcher>,\n isApiRoute: ReturnType<typeof createApiRoutes>,\n options: {\n signInUrl: string;\n signUpUrl: string;\n publishableKey: string;\n secretKey: string;\n }\n) => {\n return (auth: any, req: NextRequest) => {\n if (!auth.userId && !isPublicRoute(req)) {\n if (isApiRoute(req)) {\n return apiEndpointUnauthorizedNextResponse();\n }\n return createRedirect({\n redirectAdapter,\n signInUrl: options.signInUrl,\n signUpUrl: options.signUpUrl,\n publishableKey: options.publishableKey,\n // We're setting baseUrl to '' here as we want to keep the legacy behavior of\n // the redirectToSignIn, redirectToSignUp helpers in the backend package.\n baseUrl: '',\n }).redirectToSignIn({ returnBackUrl: req.nextUrl.href });\n }\n return NextResponse.next();\n };\n};\n\nconst checkAuth = (req: NextRequest): any => {\n const accessToken = req.cookies.get(constants.Cookies.Client);\n\n if (!accessToken && req.nextUrl.href !== CUSTOM_SIGN_IN_URL) {\n if (CUSTOM_SIGN_IN_URL) {\n return NextResponse.redirect(new URL(CUSTOM_SIGN_IN_URL));\n }\n\n if (frontendApi) {\n const params = new URLSearchParams({\n redirect_url: CUSTOM_AFTER_SIGN_IN_URL || '/',\n });\n return NextResponse.redirect(\n new URL(`${frontendApi}/sign-in?${params.toString()}`)\n );\n }\n throw new Error(\n 'You are not authentication. Please provide CABIN ID PUBLISH KEY to redirect to authentication page'\n );\n }\n return NextResponse.next();\n};\n\nexport { authMiddleware };\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA6D;AAE7D,uBAOO;AACP,0BAAsD;AACtD,mBAKO;AAGP,4BAA+B;AA0ExB,MAAM,yBAAyB;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AACF;AAMO,MAAM,yBAAyB,CAAC,uCAAuC;AAIvE,MAAM,qBAAqB,CAAC,aAAa,YAAY;AAU5D,MAAM,iBAAiC,IAAI,SAAoB;AAC7D,QAAM,CAAC,SAAS,CAAC,CAAC,IAAI;AAEtB,QAAM,qBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,gBAAY,wBAAU,OAAO,aAAa,6BAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,qBAAiB;AAAA,IACrB,QAAQ,iBAAiB;AAAA,EAC3B;AACA,QAAM,oBAAgB;AAAA,IACpB,wBAAwB,QAAQ,YAAY;AAAA,EAC9C;AAQA,SAAO,OAAO,SAAsB;AAClC,UAAM,MAAM,KAAK;AAEjB,UAAM,cAAc,IAAI,aAAa,IAAI,2BAAU,YAAY,KAAK;AACpE,UAAM,SAAS,IAAI,aAAa,IAAI,2BAAU,YAAY,MAAM;AAEhE,QAAI,eAAe,QAAQ;AACzB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,2BAAa,SAAS,IAAI,IAAI,QAAQ,KAAK,KAAK,GAAG,CAAC;AACrE,eAAS,QAAQ,IAAI,2BAAU,QAAQ,QAAQ,WAAW;AAC1D,eAAS,QAAQ,IAAI,2BAAU,QAAQ,MAAM,MAAM;AACnD,aAAO;AAAA,IACT;AAEA,QAAI,eAAe,IAAI,KAAK,cAAc,IAAI,GAAG;AAC/C;AAAA,IACF;AA+CA,UAAM,SAAS,UAAU,IAAI;AAE7B,WAAO;AAAA,EACT;AACF;AAEA,MAAM,0BAA0B,CAC9B,iBACG;AACH,MAAI,OAAO,iBAAiB,YAAY;AACtC,WAAO;AAAA,EACT;AAEA,QAAM,SAAS,CAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,OAAO,OAAO;AAGzD,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AAGA,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AACA,SAAO;AACT;AAEA,MAAM,0BAA0B,CAAC,SAAiB;AAChD,SAAO,KAAK,QAAQ,OAAO,EAAE;AAC7B,SAAO,IAAI,OAAO,IAAI,IAAI,SAAS;AACrC;AAEA,MAAM,oCAAoC,CAAC,QAA8B;AACvE,QAAM,gBAAgB,IAAI,OAAO,YAAY;AAC7C,SAAO,CAAC,CAAC,OAAO,QAAQ,SAAS,EAAE,SAAS,aAAa;AAC3D;AAEA,MAAM,2BAA2B,CAAC,QAA8B;AAC9D,QAAM,qBAAqB,IAAI,QAAQ,IAAI,2BAAU,QAAQ,WAAW;AACxE,SAAO,uBAAuB,2BAAU,aAAa;AACvD;AAUA,MAAM,kBAAkB,CACtB,cACoC;AACpC,MAAI,WAAW;AACb,eAAO,wCAAmB,SAAS;AAAA,EACrC;AACA,QAAM,wBAAoB,wCAAmB,kBAAkB;AAC/D,SAAO,CAAC,QACN,kBAAkB,GAAG,KACrB,kCAAkC,GAAG,KACrC,yBAAyB,GAAG;AAChC;AAEO,MAAM,yBAAyB,CACpC,eACA,YACA,YAMG;AACH,SAAO,CAAC,MAAW,QAAqB;AACtC,QAAI,CAAC,KAAK,UAAU,CAAC,cAAc,GAAG,GAAG;AACvC,UAAI,WAAW,GAAG,GAAG;AACnB,mBAAO,kDAAoC;AAAA,MAC7C;AACA,iBAAO,sCAAe;AAAA,QACpB;AAAA,QACA,WAAW,QAAQ;AAAA,QACnB,WAAW,QAAQ;AAAA,QACnB,gBAAgB,QAAQ;AAAA;AAAA;AAAA,QAGxB,SAAS;AAAA,MACX,CAAC,EAAE,iBAAiB,EAAE,eAAe,IAAI,QAAQ,KAAK,CAAC;AAAA,IACzD;AACA,WAAO,2BAAa,KAAK;AAAA,EAC3B;AACF;AAEA,MAAM,YAAY,CAAC,QAA0B;AAC3C,QAAM,cAAc,IAAI,QAAQ,IAAI,2BAAU,QAAQ,MAAM;AAE5D,MAAI,CAAC,eAAe,IAAI,QAAQ,SAAS,qCAAoB;AAC3D,QAAI,qCAAoB;AACtB,aAAO,2BAAa,SAAS,IAAI,IAAI,mCAAkB,CAAC;AAAA,IAC1D;AAEA,QAAI,8BAAa;AACf,YAAM,SAAS,IAAI,gBAAgB;AAAA,QACjC,cAAc,6CAA4B;AAAA,MAC5C,CAAC;AACD,aAAO,2BAAa;AAAA,QAClB,IAAI,IAAI,GAAG,4BAAW,YAAY,OAAO,SAAS,CAAC,EAAE;AAAA,MACvD;AAAA,IACF;AACA,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO,2BAAa,KAAK;AAC3B;","names":[]}
|
|
@@ -13,7 +13,6 @@ import {
|
|
|
13
13
|
assertKey,
|
|
14
14
|
redirectAdapter
|
|
15
15
|
} from "./utils";
|
|
16
|
-
import { isRedirect, setHeader } from "../utils/response";
|
|
17
16
|
import { createRedirect } from "./createRedirect";
|
|
18
17
|
const DEFAULT_CONFIG_MATCHER = [
|
|
19
18
|
"/((?!.+\\.[\\w]+$|_next).*)",
|
|
@@ -48,28 +47,10 @@ const authMiddleware = (...args) => {
|
|
|
48
47
|
const isPublicRoute = createRouteMatcher(
|
|
49
48
|
withDefaultPublicRoutes(options.publicRoutes)
|
|
50
49
|
);
|
|
51
|
-
return async (_req
|
|
50
|
+
return async (_req) => {
|
|
52
51
|
const url = _req.nextUrl;
|
|
53
52
|
const accessToken = url.searchParams.get(constants.QueryParams.Token);
|
|
54
53
|
const userId = url.searchParams.get(constants.QueryParams.UserId);
|
|
55
|
-
if (isIgnoredRoute(_req) || isPublicRoute(_req)) {
|
|
56
|
-
return;
|
|
57
|
-
}
|
|
58
|
-
const nextRequest = _req;
|
|
59
|
-
const beforeAuthRes = await (options.beforeAuth && options.beforeAuth(nextRequest, evt));
|
|
60
|
-
if (beforeAuthRes === false) {
|
|
61
|
-
return setHeader(
|
|
62
|
-
NextResponse.next(),
|
|
63
|
-
constants.Headers.AuthReason,
|
|
64
|
-
"skip"
|
|
65
|
-
);
|
|
66
|
-
} else if (beforeAuthRes && isRedirect(beforeAuthRes)) {
|
|
67
|
-
return setHeader(
|
|
68
|
-
beforeAuthRes,
|
|
69
|
-
constants.Headers.AuthReason,
|
|
70
|
-
"before-auth-redirect"
|
|
71
|
-
);
|
|
72
|
-
}
|
|
73
54
|
if (accessToken && userId) {
|
|
74
55
|
const path = url.pathname;
|
|
75
56
|
const response = NextResponse.redirect(new URL(path || "/", _req.url));
|
|
@@ -77,6 +58,9 @@ const authMiddleware = (...args) => {
|
|
|
77
58
|
response.cookies.set(constants.Cookies.User, userId);
|
|
78
59
|
return response;
|
|
79
60
|
}
|
|
61
|
+
if (isIgnoredRoute(_req) || isPublicRoute(_req)) {
|
|
62
|
+
return;
|
|
63
|
+
}
|
|
80
64
|
const result = checkAuth(_req);
|
|
81
65
|
return result;
|
|
82
66
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextFetchEvent, NextMiddleware, NextResponse } from 'next/server';\nimport { NextRequest } from 'next/server';\nimport {\n constants,\n CUSTOM_AFTER_SIGN_IN_URL,\n CUSTOM_SIGN_IN_URL,\n frontendApi,\n PUBLISHABLE_KEY,\n SECRET_KEY,\n} from '../constants';\nimport { createRouteMatcher, RouteMatcherParam } from './routeMatcher';\nimport {\n apiEndpointUnauthorizedNextResponse,\n assertKey,\n // decorateRequest,\n redirectAdapter,\n} from './utils';\nimport { NextMiddlewareReturn } from './type';\nimport { isRedirect, setHeader } from '../utils/response';\nimport { createRedirect } from './createRedirect';\n// import { serverRedirectWithAuth } from './serverRedirectWithAuth';\n\ntype BeforeAuthHandler = (\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn | false | Promise<false>;\n\ntype AfterAuthHandler = (\n auth: { isPublicRoute: boolean; isApiRoute: boolean },\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn;\n\nexport type AuthenticateRequestOptions = {\n publishableKey?: string;\n secretKey?: string;\n domain?: string;\n isSatellite?: boolean;\n proxyUrl?: string;\n signInUrl?: string;\n signUpUrl?: string;\n afterSignInUrl?: string;\n afterSignUpUrl?: string;\n};\n\ntype AuthMiddlewareParams = AuthenticateRequestOptions & {\n /**\n * A function that is called before the authentication middleware is executed.\n * If a redirect response is returned, the middleware will respect it and redirect the user.\n * If false is returned, the auth middleware will not execute and the request will be handled as if the auth middleware was not present.\n */\n beforeAuth?: BeforeAuthHandler;\n /**\n * A function that is called after the authentication middleware is executed.\n * This function has access to the auth object and can be used to execute logic based on the auth state.\n */\n afterAuth?: AfterAuthHandler;\n /**\n * A list of routes that should be accessible without authentication.\n * You can use glob patterns to match multiple routes or a function to match against the request object.\n * Path patterns and regular expressions are supported, for example: `['/foo', '/bar(.*)'] or `[/^\\/foo\\/.*$/]`\n * The sign in and sign up URLs are included by default, unless a function is provided.\n * For more information, see: https://clerk.com/docs\n */\n publicRoutes?: RouteMatcherParam;\n /**\n * A list of routes that should be ignored by the middleware.\n * This list typically includes routes for static files or Next.js internals.\n * For improved performance, these routes should be skipped using the default config.matcher instead.\n */\n ignoredRoutes?: IgnoredRoutesParam;\n /**\n * A list of routes that should be treated as API endpoints.\n * When user is signed out, the middleware will return a 401 response for these routes, instead of redirecting the user.\n *\n * If omitted, the following heuristics will be used to determine an API endpoint:\n * - The route path is ['/api/(.*)', '/trpc/(.*)'],\n * - or the request has `Content-Type` set to `application/json`,\n * - or the request method is not one of: `GET`, `OPTIONS` ,` HEAD`\n *\n * @default undefined\n */\n apiRoutes?: ApiRoutesParam;\n};\n\nexport interface AuthMiddleware {\n (params?: AuthMiddlewareParams): NextMiddleware;\n}\n\n/**\n * The default ideal matcher that excludes the _next directory (internals) and all static files,\n * but it will match the root route (/) and any routes that start with /api or /trpc.\n */\nexport const DEFAULT_CONFIG_MATCHER = [\n '/((?!.+\\\\.[\\\\w]+$|_next).*)',\n '/',\n '/(api|trpc)(.*)',\n];\n\n/**\n * Any routes matching this path will be ignored by the middleware.\n * This is the inverted version of DEFAULT_CONFIG_MATCHER.\n */\nexport const DEFAULT_IGNORED_ROUTES = [`/((?!api|trpc))(_next.*|.+\\\\.[\\\\w]+$)`];\n/**\n * Any routes matching this path will be treated as API endpoints by the middleware.\n */\nexport const DEFAULT_API_ROUTES = ['/api/(.*)', '/trpc/(.*)'];\n\ntype IgnoredRoutesParam =\n | Array<RegExp | string>\n | RegExp\n | string\n | ((req: NextRequest) => boolean);\n\ntype ApiRoutesParam = IgnoredRoutesParam;\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]) => {\n const [params = {}] = args as [AuthMiddlewareParams?];\n\n const publishableKey = assertKey(\n params.publishableKey || PUBLISHABLE_KEY,\n () => {\n throw new Error('Publish Key is not exist');\n }\n );\n const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n throw new Error('Secret Key is not valid');\n });\n\n const signInUrl = params.signInUrl || CUSTOM_SIGN_IN_URL;\n const signUpUrl = params.signUpUrl || CUSTOM_SIGN_IN_URL;\n\n const options = {\n ...params,\n publishableKey,\n secretKey,\n signInUrl,\n signUpUrl,\n };\n\n const isIgnoredRoute = createRouteMatcher(\n options.ignoredRoutes || DEFAULT_IGNORED_ROUTES\n );\n const isPublicRoute = createRouteMatcher(\n withDefaultPublicRoutes(options.publicRoutes)\n );\n // const isApiRoute = createApiRoutes(options.apiRoutes);\n // const defaultAfterAuth = createDefaultAfterAuth(\n // isPublicRoute,\n // isApiRoute,\n // options\n // );\n\n return async (_req: NextRequest, evt: NextFetchEvent) => {\n const url = _req.nextUrl;\n\n const accessToken = url.searchParams.get(constants.QueryParams.Token);\n const userId = url.searchParams.get(constants.QueryParams.UserId);\n\n if (isIgnoredRoute(_req) || isPublicRoute(_req)) {\n return;\n }\n const nextRequest = _req;\n\n const beforeAuthRes = await (options.beforeAuth &&\n options.beforeAuth(nextRequest, evt));\n\n if (beforeAuthRes === false) {\n return setHeader(\n NextResponse.next(),\n constants.Headers.AuthReason,\n 'skip'\n );\n } else if (beforeAuthRes && isRedirect(beforeAuthRes)) {\n return setHeader(\n beforeAuthRes,\n constants.Headers.AuthReason,\n 'before-auth-redirect'\n );\n }\n\n // const requestState = {\n // token: accessToken,\n // userId,\n // };\n\n // const auth = {\n // ...requestState,\n // isPublicRoute: isPublicRoute(nextRequest),\n // isApiRoute: isApiRoute(nextRequest),\n // };\n\n // const afterAuthRes = await (options.afterAuth || defaultAfterAuth)(\n // auth,\n // nextRequest,\n // evt\n // );\n\n // const finalRes =\n // mergeResponses(beforeAuthRes, afterAuthRes) || NextResponse.next();\n\n if (accessToken && userId) {\n const path = url.pathname;\n const response = NextResponse.redirect(new URL(path || '/', _req.url));\n response.cookies.set(constants.Cookies.Client, accessToken);\n response.cookies.set(constants.Cookies.User, userId);\n return response;\n }\n\n // console.log(finalRes);\n\n // if (isRedirect(finalRes)) {\n // const res = serverRedirectWithAuth(finalRes);\n // return res;\n // }\n\n const result = checkAuth(_req);\n\n return result;\n };\n};\n\nconst withDefaultPublicRoutes = (\n publicRoutes: RouteMatcherParam | undefined\n) => {\n if (typeof publicRoutes === 'function') {\n return publicRoutes;\n }\n\n const routes = [publicRoutes || ''].flat().filter(Boolean);\n // TODO: refactor it to use common config file eg SIGN_IN_URL from ./clerkClient\n // we use process.env for now to support testing\n const signInUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_IN_URL || '';\n if (signInUrl) {\n routes.push(matchRoutesStartingWith(signInUrl));\n }\n // TODO: refactor it to use common config file eg SIGN_UP_URL from ./clerkClient\n // we use process.env for now to support testing\n const signUpUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_UP_URL || '';\n if (signUpUrl) {\n routes.push(matchRoutesStartingWith(signUpUrl));\n }\n return routes;\n};\n\nconst matchRoutesStartingWith = (path: string) => {\n path = path.replace(/\\/$/, '');\n return new RegExp(`^${path}(/.*)?$`);\n};\n\nconst isRequestMethodIndicatingApiRoute = (req: NextRequest): boolean => {\n const requestMethod = req.method.toLowerCase();\n return !['get', 'head', 'options'].includes(requestMethod);\n};\n\nconst isRequestContentTypeJson = (req: NextRequest): boolean => {\n const requestContentType = req.headers.get(constants.Headers.ContentType);\n return requestContentType === constants.ContentTypes.Json;\n};\n\n// - Default behavior:\n// If the route path is `['/api/(.*)*', '*/trpc/(.*)']`\n// or Request has `Content-Type: application/json`\n// or Request method is not-GET,OPTIONS,HEAD,\n// then this is considered an API route.\n//\n// - If the user has provided a specific `apiRoutes` prop in `authMiddleware` then all the above are discarded,\n// and only routes that match the user’s provided paths are considered API routes.\nconst createApiRoutes = (\n apiRoutes: RouteMatcherParam | undefined\n): ((req: NextRequest) => boolean) => {\n if (apiRoutes) {\n return createRouteMatcher(apiRoutes);\n }\n const isDefaultApiRoute = createRouteMatcher(DEFAULT_API_ROUTES);\n return (req: NextRequest) =>\n isDefaultApiRoute(req) ||\n isRequestMethodIndicatingApiRoute(req) ||\n isRequestContentTypeJson(req);\n};\n\nexport const createDefaultAfterAuth = (\n isPublicRoute: ReturnType<typeof createRouteMatcher>,\n isApiRoute: ReturnType<typeof createApiRoutes>,\n options: {\n signInUrl: string;\n signUpUrl: string;\n publishableKey: string;\n secretKey: string;\n }\n) => {\n return (auth: any, req: NextRequest) => {\n if (!auth.userId && !isPublicRoute(req)) {\n if (isApiRoute(req)) {\n return apiEndpointUnauthorizedNextResponse();\n }\n return createRedirect({\n redirectAdapter,\n signInUrl: options.signInUrl,\n signUpUrl: options.signUpUrl,\n publishableKey: options.publishableKey,\n // We're setting baseUrl to '' here as we want to keep the legacy behavior of\n // the redirectToSignIn, redirectToSignUp helpers in the backend package.\n baseUrl: '',\n }).redirectToSignIn({ returnBackUrl: req.nextUrl.href });\n }\n return NextResponse.next();\n };\n};\n\nconst checkAuth = (req: NextRequest): any => {\n const accessToken = req.cookies.get(constants.Cookies.Client);\n\n if (!accessToken && req.nextUrl.href !== CUSTOM_SIGN_IN_URL) {\n if (CUSTOM_SIGN_IN_URL) {\n return NextResponse.redirect(new URL(CUSTOM_SIGN_IN_URL));\n }\n\n if (frontendApi) {\n const params = new URLSearchParams({\n redirect_url: CUSTOM_AFTER_SIGN_IN_URL || '/',\n });\n return NextResponse.redirect(\n new URL(`${frontendApi}/sign-in?${params.toString()}`)\n );\n }\n throw new Error(\n 'You are not authentication. Please provide CABIN ID PUBLISH KEY to redirect to authentication page'\n );\n }\n return NextResponse.next();\n};\n\nexport { authMiddleware };\n"],"mappings":"AAAA,SAAyC,oBAAoB;AAE7D;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,0BAA6C;AACtD;AAAA,EACE;AAAA,EACA;AAAA,EAEA;AAAA,OACK;AAEP,SAAS,YAAY,iBAAiB;AACtC,SAAS,sBAAsB;AA0ExB,MAAM,yBAAyB;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AACF;AAMO,MAAM,yBAAyB,CAAC,uCAAuC;AAIvE,MAAM,qBAAqB,CAAC,aAAa,YAAY;AAU5D,MAAM,iBAAiC,IAAI,SAAoB;AAC7D,QAAM,CAAC,SAAS,CAAC,CAAC,IAAI;AAEtB,QAAM,iBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,YAAY,UAAU,OAAO,aAAa,YAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiB;AAAA,IACrB,QAAQ,iBAAiB;AAAA,EAC3B;AACA,QAAM,gBAAgB;AAAA,IACpB,wBAAwB,QAAQ,YAAY;AAAA,EAC9C;AAQA,SAAO,OAAO,MAAmB,QAAwB;AACvD,UAAM,MAAM,KAAK;AAEjB,UAAM,cAAc,IAAI,aAAa,IAAI,UAAU,YAAY,KAAK;AACpE,UAAM,SAAS,IAAI,aAAa,IAAI,UAAU,YAAY,MAAM;AAEhE,QAAI,eAAe,IAAI,KAAK,cAAc,IAAI,GAAG;AAC/C;AAAA,IACF;AACA,UAAM,cAAc;AAEpB,UAAM,gBAAgB,OAAO,QAAQ,cACnC,QAAQ,WAAW,aAAa,GAAG;AAErC,QAAI,kBAAkB,OAAO;AAC3B,aAAO;AAAA,QACL,aAAa,KAAK;AAAA,QAClB,UAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,WAAW,iBAAiB,WAAW,aAAa,GAAG;AACrD,aAAO;AAAA,QACL;AAAA,QACA,UAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF;AAsBA,QAAI,eAAe,QAAQ;AACzB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,aAAa,SAAS,IAAI,IAAI,QAAQ,KAAK,KAAK,GAAG,CAAC;AACrE,eAAS,QAAQ,IAAI,UAAU,QAAQ,QAAQ,WAAW;AAC1D,eAAS,QAAQ,IAAI,UAAU,QAAQ,MAAM,MAAM;AACnD,aAAO;AAAA,IACT;AASA,UAAM,SAAS,UAAU,IAAI;AAE7B,WAAO;AAAA,EACT;AACF;AAEA,MAAM,0BAA0B,CAC9B,iBACG;AACH,MAAI,OAAO,iBAAiB,YAAY;AACtC,WAAO;AAAA,EACT;AAEA,QAAM,SAAS,CAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,OAAO,OAAO;AAGzD,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AAGA,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AACA,SAAO;AACT;AAEA,MAAM,0BAA0B,CAAC,SAAiB;AAChD,SAAO,KAAK,QAAQ,OAAO,EAAE;AAC7B,SAAO,IAAI,OAAO,IAAI,IAAI,SAAS;AACrC;AAEA,MAAM,oCAAoC,CAAC,QAA8B;AACvE,QAAM,gBAAgB,IAAI,OAAO,YAAY;AAC7C,SAAO,CAAC,CAAC,OAAO,QAAQ,SAAS,EAAE,SAAS,aAAa;AAC3D;AAEA,MAAM,2BAA2B,CAAC,QAA8B;AAC9D,QAAM,qBAAqB,IAAI,QAAQ,IAAI,UAAU,QAAQ,WAAW;AACxE,SAAO,uBAAuB,UAAU,aAAa;AACvD;AAUA,MAAM,kBAAkB,CACtB,cACoC;AACpC,MAAI,WAAW;AACb,WAAO,mBAAmB,SAAS;AAAA,EACrC;AACA,QAAM,oBAAoB,mBAAmB,kBAAkB;AAC/D,SAAO,CAAC,QACN,kBAAkB,GAAG,KACrB,kCAAkC,GAAG,KACrC,yBAAyB,GAAG;AAChC;AAEO,MAAM,yBAAyB,CACpC,eACA,YACA,YAMG;AACH,SAAO,CAAC,MAAW,QAAqB;AACtC,QAAI,CAAC,KAAK,UAAU,CAAC,cAAc,GAAG,GAAG;AACvC,UAAI,WAAW,GAAG,GAAG;AACnB,eAAO,oCAAoC;AAAA,MAC7C;AACA,aAAO,eAAe;AAAA,QACpB;AAAA,QACA,WAAW,QAAQ;AAAA,QACnB,WAAW,QAAQ;AAAA,QACnB,gBAAgB,QAAQ;AAAA;AAAA;AAAA,QAGxB,SAAS;AAAA,MACX,CAAC,EAAE,iBAAiB,EAAE,eAAe,IAAI,QAAQ,KAAK,CAAC;AAAA,IACzD;AACA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;AAEA,MAAM,YAAY,CAAC,QAA0B;AAC3C,QAAM,cAAc,IAAI,QAAQ,IAAI,UAAU,QAAQ,MAAM;AAE5D,MAAI,CAAC,eAAe,IAAI,QAAQ,SAAS,oBAAoB;AAC3D,QAAI,oBAAoB;AACtB,aAAO,aAAa,SAAS,IAAI,IAAI,kBAAkB,CAAC;AAAA,IAC1D;AAEA,QAAI,aAAa;AACf,YAAM,SAAS,IAAI,gBAAgB;AAAA,QACjC,cAAc,4BAA4B;AAAA,MAC5C,CAAC;AACD,aAAO,aAAa;AAAA,QAClB,IAAI,IAAI,GAAG,WAAW,YAAY,OAAO,SAAS,CAAC,EAAE;AAAA,MACvD;AAAA,IACF;AACA,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO,aAAa,KAAK;AAC3B;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextFetchEvent, NextMiddleware, NextResponse } from 'next/server';\nimport { NextRequest } from 'next/server';\nimport {\n constants,\n CUSTOM_AFTER_SIGN_IN_URL,\n CUSTOM_SIGN_IN_URL,\n frontendApi,\n PUBLISHABLE_KEY,\n SECRET_KEY,\n} from '../constants';\nimport { createRouteMatcher, RouteMatcherParam } from './routeMatcher';\nimport {\n apiEndpointUnauthorizedNextResponse,\n assertKey,\n // decorateRequest,\n redirectAdapter,\n} from './utils';\nimport { NextMiddlewareReturn } from './type';\n// import { isRedirect, setHeader } from '../utils/response';\nimport { createRedirect } from './createRedirect';\n// import { serverRedirectWithAuth } from './serverRedirectWithAuth';\n\ntype BeforeAuthHandler = (\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn | false | Promise<false>;\n\ntype AfterAuthHandler = (\n auth: { isPublicRoute: boolean; isApiRoute: boolean },\n req: NextRequest,\n evt: NextFetchEvent\n) => NextMiddlewareReturn;\n\nexport type AuthenticateRequestOptions = {\n publishableKey?: string;\n secretKey?: string;\n domain?: string;\n isSatellite?: boolean;\n proxyUrl?: string;\n signInUrl?: string;\n signUpUrl?: string;\n afterSignInUrl?: string;\n afterSignUpUrl?: string;\n};\n\ntype AuthMiddlewareParams = AuthenticateRequestOptions & {\n /**\n * A function that is called before the authentication middleware is executed.\n * If a redirect response is returned, the middleware will respect it and redirect the user.\n * If false is returned, the auth middleware will not execute and the request will be handled as if the auth middleware was not present.\n */\n beforeAuth?: BeforeAuthHandler;\n /**\n * A function that is called after the authentication middleware is executed.\n * This function has access to the auth object and can be used to execute logic based on the auth state.\n */\n afterAuth?: AfterAuthHandler;\n /**\n * A list of routes that should be accessible without authentication.\n * You can use glob patterns to match multiple routes or a function to match against the request object.\n * Path patterns and regular expressions are supported, for example: `['/foo', '/bar(.*)'] or `[/^\\/foo\\/.*$/]`\n * The sign in and sign up URLs are included by default, unless a function is provided.\n * For more information, see: https://clerk.com/docs\n */\n publicRoutes?: RouteMatcherParam;\n /**\n * A list of routes that should be ignored by the middleware.\n * This list typically includes routes for static files or Next.js internals.\n * For improved performance, these routes should be skipped using the default config.matcher instead.\n */\n ignoredRoutes?: IgnoredRoutesParam;\n /**\n * A list of routes that should be treated as API endpoints.\n * When user is signed out, the middleware will return a 401 response for these routes, instead of redirecting the user.\n *\n * If omitted, the following heuristics will be used to determine an API endpoint:\n * - The route path is ['/api/(.*)', '/trpc/(.*)'],\n * - or the request has `Content-Type` set to `application/json`,\n * - or the request method is not one of: `GET`, `OPTIONS` ,` HEAD`\n *\n * @default undefined\n */\n apiRoutes?: ApiRoutesParam;\n};\n\nexport interface AuthMiddleware {\n (params?: AuthMiddlewareParams): NextMiddleware;\n}\n\n/**\n * The default ideal matcher that excludes the _next directory (internals) and all static files,\n * but it will match the root route (/) and any routes that start with /api or /trpc.\n */\nexport const DEFAULT_CONFIG_MATCHER = [\n '/((?!.+\\\\.[\\\\w]+$|_next).*)',\n '/',\n '/(api|trpc)(.*)',\n];\n\n/**\n * Any routes matching this path will be ignored by the middleware.\n * This is the inverted version of DEFAULT_CONFIG_MATCHER.\n */\nexport const DEFAULT_IGNORED_ROUTES = [`/((?!api|trpc))(_next.*|.+\\\\.[\\\\w]+$)`];\n/**\n * Any routes matching this path will be treated as API endpoints by the middleware.\n */\nexport const DEFAULT_API_ROUTES = ['/api/(.*)', '/trpc/(.*)'];\n\ntype IgnoredRoutesParam =\n | Array<RegExp | string>\n | RegExp\n | string\n | ((req: NextRequest) => boolean);\n\ntype ApiRoutesParam = IgnoredRoutesParam;\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]) => {\n const [params = {}] = args as [AuthMiddlewareParams?];\n\n const publishableKey = assertKey(\n params.publishableKey || PUBLISHABLE_KEY,\n () => {\n throw new Error('Publish Key is not exist');\n }\n );\n const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n throw new Error('Secret Key is not valid');\n });\n\n const signInUrl = params.signInUrl || CUSTOM_SIGN_IN_URL;\n const signUpUrl = params.signUpUrl || CUSTOM_SIGN_IN_URL;\n\n const options = {\n ...params,\n publishableKey,\n secretKey,\n signInUrl,\n signUpUrl,\n };\n\n const isIgnoredRoute = createRouteMatcher(\n options.ignoredRoutes || DEFAULT_IGNORED_ROUTES\n );\n const isPublicRoute = createRouteMatcher(\n withDefaultPublicRoutes(options.publicRoutes)\n );\n // const isApiRoute = createApiRoutes(options.apiRoutes);\n // const defaultAfterAuth = createDefaultAfterAuth(\n // isPublicRoute,\n // isApiRoute,\n // options\n // );\n\n return async (_req: NextRequest) => {\n const url = _req.nextUrl;\n\n const accessToken = url.searchParams.get(constants.QueryParams.Token);\n const userId = url.searchParams.get(constants.QueryParams.UserId);\n\n if (accessToken && userId) {\n const path = url.pathname;\n const response = NextResponse.redirect(new URL(path || '/', _req.url));\n response.cookies.set(constants.Cookies.Client, accessToken);\n response.cookies.set(constants.Cookies.User, userId);\n return response;\n }\n\n if (isIgnoredRoute(_req) || isPublicRoute(_req)) {\n return;\n }\n // const nextRequest = _req;\n\n // const beforeAuthRes = await (options.beforeAuth &&\n // options.beforeAuth(nextRequest, evt));\n\n // if (beforeAuthRes === false) {\n // return setHeader(\n // NextResponse.next(),\n // constants.Headers.AuthReason,\n // 'skip'\n // );\n // } else if (beforeAuthRes && isRedirect(beforeAuthRes)) {\n // return setHeader(\n // beforeAuthRes,\n // constants.Headers.AuthReason,\n // 'before-auth-redirect'\n // );\n // }\n\n // const requestState = {\n // token: accessToken,\n // userId,\n // };\n\n // const auth = {\n // ...requestState,\n // isPublicRoute: isPublicRoute(nextRequest),\n // isApiRoute: isApiRoute(nextRequest),\n // };\n\n // const afterAuthRes = await (options.afterAuth || defaultAfterAuth)(\n // auth,\n // nextRequest,\n // evt\n // );\n\n // const finalRes =\n // mergeResponses(beforeAuthRes, afterAuthRes) || NextResponse.next();\n\n // console.log(finalRes);\n\n // if (isRedirect(finalRes)) {\n // const res = serverRedirectWithAuth(finalRes);\n // return res;\n // }\n\n const result = checkAuth(_req);\n\n return result;\n };\n};\n\nconst withDefaultPublicRoutes = (\n publicRoutes: RouteMatcherParam | undefined\n) => {\n if (typeof publicRoutes === 'function') {\n return publicRoutes;\n }\n\n const routes = [publicRoutes || ''].flat().filter(Boolean);\n // TODO: refactor it to use common config file eg SIGN_IN_URL from ./clerkClient\n // we use process.env for now to support testing\n const signInUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_IN_URL || '';\n if (signInUrl) {\n routes.push(matchRoutesStartingWith(signInUrl));\n }\n // TODO: refactor it to use common config file eg SIGN_UP_URL from ./clerkClient\n // we use process.env for now to support testing\n const signUpUrl = process.env.NEXT_PUBLIC_CLERK_SIGN_UP_URL || '';\n if (signUpUrl) {\n routes.push(matchRoutesStartingWith(signUpUrl));\n }\n return routes;\n};\n\nconst matchRoutesStartingWith = (path: string) => {\n path = path.replace(/\\/$/, '');\n return new RegExp(`^${path}(/.*)?$`);\n};\n\nconst isRequestMethodIndicatingApiRoute = (req: NextRequest): boolean => {\n const requestMethod = req.method.toLowerCase();\n return !['get', 'head', 'options'].includes(requestMethod);\n};\n\nconst isRequestContentTypeJson = (req: NextRequest): boolean => {\n const requestContentType = req.headers.get(constants.Headers.ContentType);\n return requestContentType === constants.ContentTypes.Json;\n};\n\n// - Default behavior:\n// If the route path is `['/api/(.*)*', '*/trpc/(.*)']`\n// or Request has `Content-Type: application/json`\n// or Request method is not-GET,OPTIONS,HEAD,\n// then this is considered an API route.\n//\n// - If the user has provided a specific `apiRoutes` prop in `authMiddleware` then all the above are discarded,\n// and only routes that match the user’s provided paths are considered API routes.\nconst createApiRoutes = (\n apiRoutes: RouteMatcherParam | undefined\n): ((req: NextRequest) => boolean) => {\n if (apiRoutes) {\n return createRouteMatcher(apiRoutes);\n }\n const isDefaultApiRoute = createRouteMatcher(DEFAULT_API_ROUTES);\n return (req: NextRequest) =>\n isDefaultApiRoute(req) ||\n isRequestMethodIndicatingApiRoute(req) ||\n isRequestContentTypeJson(req);\n};\n\nexport const createDefaultAfterAuth = (\n isPublicRoute: ReturnType<typeof createRouteMatcher>,\n isApiRoute: ReturnType<typeof createApiRoutes>,\n options: {\n signInUrl: string;\n signUpUrl: string;\n publishableKey: string;\n secretKey: string;\n }\n) => {\n return (auth: any, req: NextRequest) => {\n if (!auth.userId && !isPublicRoute(req)) {\n if (isApiRoute(req)) {\n return apiEndpointUnauthorizedNextResponse();\n }\n return createRedirect({\n redirectAdapter,\n signInUrl: options.signInUrl,\n signUpUrl: options.signUpUrl,\n publishableKey: options.publishableKey,\n // We're setting baseUrl to '' here as we want to keep the legacy behavior of\n // the redirectToSignIn, redirectToSignUp helpers in the backend package.\n baseUrl: '',\n }).redirectToSignIn({ returnBackUrl: req.nextUrl.href });\n }\n return NextResponse.next();\n };\n};\n\nconst checkAuth = (req: NextRequest): any => {\n const accessToken = req.cookies.get(constants.Cookies.Client);\n\n if (!accessToken && req.nextUrl.href !== CUSTOM_SIGN_IN_URL) {\n if (CUSTOM_SIGN_IN_URL) {\n return NextResponse.redirect(new URL(CUSTOM_SIGN_IN_URL));\n }\n\n if (frontendApi) {\n const params = new URLSearchParams({\n redirect_url: CUSTOM_AFTER_SIGN_IN_URL || '/',\n });\n return NextResponse.redirect(\n new URL(`${frontendApi}/sign-in?${params.toString()}`)\n );\n }\n throw new Error(\n 'You are not authentication. Please provide CABIN ID PUBLISH KEY to redirect to authentication page'\n );\n }\n return NextResponse.next();\n};\n\nexport { authMiddleware };\n"],"mappings":"AAAA,SAAyC,oBAAoB;AAE7D;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,0BAA6C;AACtD;AAAA,EACE;AAAA,EACA;AAAA,EAEA;AAAA,OACK;AAGP,SAAS,sBAAsB;AA0ExB,MAAM,yBAAyB;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AACF;AAMO,MAAM,yBAAyB,CAAC,uCAAuC;AAIvE,MAAM,qBAAqB,CAAC,aAAa,YAAY;AAU5D,MAAM,iBAAiC,IAAI,SAAoB;AAC7D,QAAM,CAAC,SAAS,CAAC,CAAC,IAAI;AAEtB,QAAM,iBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,YAAY,UAAU,OAAO,aAAa,YAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiB;AAAA,IACrB,QAAQ,iBAAiB;AAAA,EAC3B;AACA,QAAM,gBAAgB;AAAA,IACpB,wBAAwB,QAAQ,YAAY;AAAA,EAC9C;AAQA,SAAO,OAAO,SAAsB;AAClC,UAAM,MAAM,KAAK;AAEjB,UAAM,cAAc,IAAI,aAAa,IAAI,UAAU,YAAY,KAAK;AACpE,UAAM,SAAS,IAAI,aAAa,IAAI,UAAU,YAAY,MAAM;AAEhE,QAAI,eAAe,QAAQ;AACzB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,aAAa,SAAS,IAAI,IAAI,QAAQ,KAAK,KAAK,GAAG,CAAC;AACrE,eAAS,QAAQ,IAAI,UAAU,QAAQ,QAAQ,WAAW;AAC1D,eAAS,QAAQ,IAAI,UAAU,QAAQ,MAAM,MAAM;AACnD,aAAO;AAAA,IACT;AAEA,QAAI,eAAe,IAAI,KAAK,cAAc,IAAI,GAAG;AAC/C;AAAA,IACF;AA+CA,UAAM,SAAS,UAAU,IAAI;AAE7B,WAAO;AAAA,EACT;AACF;AAEA,MAAM,0BAA0B,CAC9B,iBACG;AACH,MAAI,OAAO,iBAAiB,YAAY;AACtC,WAAO;AAAA,EACT;AAEA,QAAM,SAAS,CAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,OAAO,OAAO;AAGzD,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AAGA,QAAM,YAAY,QAAQ,IAAI,iCAAiC;AAC/D,MAAI,WAAW;AACb,WAAO,KAAK,wBAAwB,SAAS,CAAC;AAAA,EAChD;AACA,SAAO;AACT;AAEA,MAAM,0BAA0B,CAAC,SAAiB;AAChD,SAAO,KAAK,QAAQ,OAAO,EAAE;AAC7B,SAAO,IAAI,OAAO,IAAI,IAAI,SAAS;AACrC;AAEA,MAAM,oCAAoC,CAAC,QAA8B;AACvE,QAAM,gBAAgB,IAAI,OAAO,YAAY;AAC7C,SAAO,CAAC,CAAC,OAAO,QAAQ,SAAS,EAAE,SAAS,aAAa;AAC3D;AAEA,MAAM,2BAA2B,CAAC,QAA8B;AAC9D,QAAM,qBAAqB,IAAI,QAAQ,IAAI,UAAU,QAAQ,WAAW;AACxE,SAAO,uBAAuB,UAAU,aAAa;AACvD;AAUA,MAAM,kBAAkB,CACtB,cACoC;AACpC,MAAI,WAAW;AACb,WAAO,mBAAmB,SAAS;AAAA,EACrC;AACA,QAAM,oBAAoB,mBAAmB,kBAAkB;AAC/D,SAAO,CAAC,QACN,kBAAkB,GAAG,KACrB,kCAAkC,GAAG,KACrC,yBAAyB,GAAG;AAChC;AAEO,MAAM,yBAAyB,CACpC,eACA,YACA,YAMG;AACH,SAAO,CAAC,MAAW,QAAqB;AACtC,QAAI,CAAC,KAAK,UAAU,CAAC,cAAc,GAAG,GAAG;AACvC,UAAI,WAAW,GAAG,GAAG;AACnB,eAAO,oCAAoC;AAAA,MAC7C;AACA,aAAO,eAAe;AAAA,QACpB;AAAA,QACA,WAAW,QAAQ;AAAA,QACnB,WAAW,QAAQ;AAAA,QACnB,gBAAgB,QAAQ;AAAA;AAAA;AAAA,QAGxB,SAAS;AAAA,MACX,CAAC,EAAE,iBAAiB,EAAE,eAAe,IAAI,QAAQ,KAAK,CAAC;AAAA,IACzD;AACA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;AAEA,MAAM,YAAY,CAAC,QAA0B;AAC3C,QAAM,cAAc,IAAI,QAAQ,IAAI,UAAU,QAAQ,MAAM;AAE5D,MAAI,CAAC,eAAe,IAAI,QAAQ,SAAS,oBAAoB;AAC3D,QAAI,oBAAoB;AACtB,aAAO,aAAa,SAAS,IAAI,IAAI,kBAAkB,CAAC;AAAA,IAC1D;AAEA,QAAI,aAAa;AACf,YAAM,SAAS,IAAI,gBAAgB;AAAA,QACjC,cAAc,4BAA4B;AAAA,MAC5C,CAAC;AACD,aAAO,aAAa;AAAA,QAClB,IAAI,IAAI,GAAG,WAAW,YAAY,OAAO,SAAS,CAAC,EAAE;AAAA,MACvD;AAAA,IACF;AACA,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO,aAAa,KAAK;AAC3B;","names":[]}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cabin-id/nextjs",
|
|
3
3
|
"description": "NextJS SDK for CabinID",
|
|
4
|
-
"version": "0.1.
|
|
4
|
+
"version": "0.1.5",
|
|
5
5
|
"main": "./dist/index.js",
|
|
6
6
|
"module": "./dist/index.mjs",
|
|
7
7
|
"author": "CabinVN",
|
|
@@ -46,7 +46,8 @@
|
|
|
46
46
|
"next": "^14.1.1",
|
|
47
47
|
"path-to-regexp": "^6.2.2",
|
|
48
48
|
"react": "^18.2.0",
|
|
49
|
-
"snakecase-keys": "^8.0.0"
|
|
49
|
+
"snakecase-keys": "^8.0.0",
|
|
50
|
+
"swr": "^2.2.5"
|
|
50
51
|
},
|
|
51
52
|
"publishConfig": {
|
|
52
53
|
"access": "public"
|