@cabin-id/nextjs 0.2.5 → 1.0.1

package/dist/cjs/server/middleware.js

@@ -81,8 +81,18 @@ const authMiddleware = (...args) => {
       const response = import_server.NextResponse.redirect(
         new URL(path || "/", _request.url)
       );
-      response.cookies.set(import_constants.constants.Cookies.Client, accessToken);
-      response.cookies.set(import_constants.constants.Cookies.User, userId);
+      response.cookies.set(import_constants.constants.Cookies.Client, accessToken, {
+        maxAge: 60 * 60 * 24 * 30,
+        // 30 days
+        sameSite: "lax",
+        secure: true
+      });
+      response.cookies.set(import_constants.constants.Cookies.User, userId, {
+        maxAge: 60 * 60 * 24 * 30,
+        // 30 days
+        sameSite: "lax",
+        secure: true
+      });
       return response;
     }
     const cabinIdRequest = (0, import_cabinIdRequest.createCabinIdRequest)(_request);

package/dist/cjs/server/middleware.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextMiddleware, NextResponse } from 'next/server';\nimport {\n  constants,\n  PUBLISHABLE_KEY,\n  SECRET_KEY,\n  SIGN_IN_URL,\n  SIGN_UP_URL,\n} from '../constants';\nimport { assertKey, decorateRequest, redirectAdapter } from './utils';\nimport {\n  NextMiddlewareEvtParam,\n  NextMiddlewareRequestParam,\n  NextMiddlewareReturn,\n} from './type';\nimport { cabinIdClient } from './client';\nimport { CabinIdRequest, createCabinIdRequest } from '../tokens/cabinIdRequest';\nimport { AuthProtect, createProtect } from './protect';\nimport { createRedirect, RedirectFun } from './createRedirect';\nimport { isRedirect, setHeader } from '../utils/response';\nimport { RequestState } from '../tokens/authStatus';\nimport { AuthObject } from '../tokens/authObjects';\nimport { serverRedirectWithAuth } from './serverRedirectWithAuth';\nimport { AuthenticateRequestOptions } from '../api/factory';\n\nconst CONTROL_FLOW_ERROR = {\n  FORCE_NOT_FOUND: 'CABIN_ID_PROTECT_REWRITE',\n  REDIRECT_TO_URL: 'CABIN_ID_PROTECT_REDIRECT_TO_URL',\n  REDIRECT_TO_SIGN_IN: 'CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN',\n};\n\nexport type CabinIdMiddlewareAuthObject = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<Response>;\n};\n\nexport type CabinIdMiddlewareAuth = () => CabinIdMiddlewareAuthObject;\n\nexport interface AuthMiddleware {\n  /**\n   * @example\n   * export default clerkMiddleware((auth, request, event) => { ... }, options);\n   */\n  (\n    handler: CabinIdMiddlewareHandler,\n    options?: CabinIdMiddlewareOptions\n  ): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware(options);\n   */\n  (options?: CabinIdMiddlewareOptions): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware;\n   */\n  (\n    request: NextMiddlewareRequestParam,\n    event: NextMiddlewareEvtParam\n  ): NextMiddlewareReturn;\n}\n\ntype CabinIdMiddlewareHandler = (\n  auth: CabinIdMiddlewareAuth,\n  request: NextMiddlewareRequestParam,\n  event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type CabinIdMiddlewareOptions = AuthenticateRequestOptions;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n  return [\n    args[0] instanceof Request ? args[0] : undefined,\n    args[0] instanceof Request ? args[1] : undefined,\n  ] as [\n    NextMiddlewareRequestParam | undefined,\n    NextMiddlewareEvtParam | undefined,\n  ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n  return [\n    typeof args[0] === 'function' ? args[0] : undefined,\n    (args.length === 2\n      ? args[1]\n      : typeof args[0] === 'function'\n        ? {}\n        : args[0]) || {},\n  ] as [CabinIdMiddlewareHandler | undefined, CabinIdMiddlewareOptions];\n};\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]): any => {\n  const [request, event] = parseRequestAndEvent(args);\n  const [handler, params] = parseHandlerAndOptions(args);\n\n  const publishableKey = assertKey(\n    params.publishableKey || PUBLISHABLE_KEY,\n    () => {\n      throw new Error('Publish Key is not exist');\n    }\n  );\n  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n    throw new Error('Secret Key is not valid');\n  });\n\n  const signInUrl = params.signInUrl || SIGN_IN_URL;\n  const signUpUrl = params.signUpUrl || SIGN_UP_URL;\n\n  const options = {\n    ...params,\n    publishableKey,\n    secretKey,\n    signInUrl,\n    signUpUrl,\n  };\n\n  const nextMiddleware: NextMiddleware = async (_request, _event) => {\n    const accessToken = _request.nextUrl.searchParams.get(\n      constants.QueryParams.Token\n    );\n    const userId = _request.nextUrl.searchParams.get(\n      constants.QueryParams.UserId\n    );\n\n    if (accessToken && userId) {\n      const url = _request.nextUrl;\n      const path = url.pathname;\n      const response = NextResponse.redirect(\n        new URL(path || '/', _request.url)\n      );\n      response.cookies.set(constants.Cookies.Client, accessToken);\n      response.cookies.set(constants.Cookies.User, userId);\n      return response;\n    }\n\n    const cabinIdRequest = createCabinIdRequest(_request);\n\n    const requestState = await cabinIdClient.authenticateRequest(\n      cabinIdRequest,\n      options\n    );\n\n    const authObject = requestState.toAuth();\n\n    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);\n\n    const protect = createMiddlewareProtect(\n      cabinIdRequest,\n      authObject,\n      redirectToSignIn\n    );\n\n    const authObjWithMethods: CabinIdMiddlewareAuthObject = Object.assign(\n      authObject,\n      { protect, redirectToSignIn }\n    );\n\n    let handlerResult: Response = NextResponse.next();\n\n    try {\n      handlerResult =\n        (await handler?.(() => authObjWithMethods, _request, _event)) ||\n        handlerResult;\n    } catch (e: any) {\n      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);\n    }\n\n    if (isRedirect(handlerResult)) {\n      return serverRedirectWithAuth(cabinIdRequest, handlerResult);\n    }\n\n    decorateRequest(\n      cabinIdRequest,\n      handlerResult,\n      requestState,\n      options.secretKey\n    );\n\n    // TODO @nikos: we need to make this more generic\n    // and move the logic in clerk/backend\n    if (requestState.headers) {\n      requestState.headers.forEach((value, key) => {\n        handlerResult.headers.append(key, value);\n      });\n    }\n\n    return handlerResult;\n  };\n\n  // If we have a request and event, we're being called as a middleware directly\n  // eg, export default clerkMiddleware;\n  if (request && event) {\n    return nextMiddleware(request, event);\n  }\n\n  // Otherwise, return a middleware that can be called with a request and event\n  // eg, export default clerkMiddleware(auth => { ... });\n  return nextMiddleware;\n};\n\nexport { authMiddleware };\n\nconst createMiddlewareRedirectToSignIn = (\n  cabinIdRequest: CabinIdRequest\n): CabinIdMiddlewareAuthObject['redirectToSignIn'] => {\n  return (opts = {}) => {\n    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN) as any;\n    err.returnBackUrl =\n      opts.returnBackUrl === null\n        ? ''\n        : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();\n    throw err;\n  };\n};\n\nconst createMiddlewareProtect = (\n  cabinIdRequest: CabinIdRequest,\n  authObject: AuthObject,\n  redirectToSignIn: RedirectFun<Response>\n): CabinIdMiddlewareAuthObject['protect'] => {\n  return ((_: any, options: any) => {\n    const notFound = () => {\n      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND) as any;\n    };\n\n    const redirect = (url: string) => {\n      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL) as any;\n      err.redirectUrl = url;\n      throw err;\n    };\n\n    return createProtect({\n      request: cabinIdRequest,\n      redirect,\n      notFound,\n      authObject,\n      redirectToSignIn,\n    })(options);\n  }) as AuthProtect;\n};\n\n// Handle errors thrown by protect() and redirectToSignIn() calls,\n// as we want to align the APIs between middleware, pages and route handlers\n// Normally, middleware requires to explicitly return a response, but we want to\n// avoid discrepancies between the APIs as it's easy to miss the `return` statement\n// especially when copy-pasting code from one place to another.\n// This function handles the known errors thrown by the APIs described above,\n// and returns the appropriate response.\nconst handleControlFlowErrors = (\n  e: any,\n  cabinIdRequest: CabinIdRequest,\n  requestState: RequestState\n): Response => {\n  switch (e.message) {\n    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:\n      // Rewrite to a bogus URL to force not found error\n      return setHeader(\n        NextResponse.rewrite(\n          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`\n        ),\n        constants.Headers.AuthReason,\n        'protect-rewrite'\n      );\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:\n      return redirectAdapter(e.redirectUrl);\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:\n      return createRedirect({\n        redirectAdapter,\n        baseUrl: cabinIdRequest.cabinIdUrl,\n        signInUrl: requestState.signInUrl,\n        signUpUrl: requestState.signUpUrl,\n        publishableKey: requestState.publishableKey,\n      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });\n    default:\n      throw e;\n  }\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA6C;AAC7C,uBAMO;AACP,mBAA4D;AAM5D,oBAA8B;AAC9B,4BAAqD;AACrD,qBAA2C;AAC3C,4BAA4C;AAC5C,sBAAsC;AAGtC,oCAAuC;AAGvC,MAAM,qBAAqB;AAAA,EACzB,iBAAiB;AAAA,EACjB,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAyCA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AACF;AAEA,MAAM,iBAAiC,IAAI,SAAyB;AAClE,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,qBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,gBAAY,wBAAU,OAAO,aAAa,6BAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiC,OAAO,UAAU,WAAW;AACjE,UAAM,cAAc,SAAS,QAAQ,aAAa;AAAA,MAChD,2BAAU,YAAY;AAAA,IACxB;AACA,UAAM,SAAS,SAAS,QAAQ,aAAa;AAAA,MAC3C,2BAAU,YAAY;AAAA,IACxB;AAEA,QAAI,eAAe,QAAQ;AACzB,YAAM,MAAM,SAAS;AACrB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,2BAAa;AAAA,QAC5B,IAAI,IAAI,QAAQ,KAAK,SAAS,GAAG;AAAA,MACnC;AACA,eAAS,QAAQ,IAAI,2BAAU,QAAQ,QAAQ,WAAW;AAC1D,eAAS,QAAQ,IAAI,2BAAU,QAAQ,MAAM,MAAM;AACnD,aAAO;AAAA,IACT;AAEA,UAAM,qBAAiB,4CAAqB,QAAQ;AAEpD,UAAM,eAAe,MAAM,4BAAc;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAEA,UAAM,aAAa,aAAa,OAAO;AAEvC,UAAM,mBAAmB,iCAAiC,cAAc;AAExE,UAAM,UAAU;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,UAAM,qBAAkD,OAAO;AAAA,MAC7D;AAAA,MACA,EAAE,SAAS,iBAAiB;AAAA,IAC9B;AAEA,QAAI,gBAA0B,2BAAa,KAAK;AAEhD,QAAI;AACF,sBACG,OAAM,mCAAU,MAAM,oBAAoB,UAAU,YACrD;AAAA,IACJ,SAAS,GAAQ;AACf,sBAAgB,wBAAwB,GAAG,gBAAgB,YAAY;AAAA,IACzE;AAEA,YAAI,4BAAW,aAAa,GAAG;AAC7B,iBAAO,sDAAuB,gBAAgB,aAAa;AAAA,IAC7D;AAEA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACV;AAIA,QAAI,aAAa,SAAS;AACxB,mBAAa,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC3C,sBAAc,QAAQ,OAAO,KAAK,KAAK;AAAA,MACzC,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,OAAO;AACpB,WAAO,eAAe,SAAS,KAAK;AAAA,EACtC;AAIA,SAAO;AACT;AAIA,MAAM,mCAAmC,CACvC,mBACoD;AACpD,SAAO,CAAC,OAAO,CAAC,MAAM;AACpB,UAAM,MAAM,IAAI,MAAM,mBAAmB,mBAAmB;AAC5D,QAAI,gBACF,KAAK,kBAAkB,OACnB,KACA,KAAK,iBAAiB,eAAe,WAAW,SAAS;AAC/D,UAAM;AAAA,EACR;AACF;AAEA,MAAM,0BAA0B,CAC9B,gBACA,YACA,qBAC2C;AAC3C,SAAQ,CAAC,GAAQ,YAAiB;AAChC,UAAM,WAAW,MAAM;AACrB,YAAM,IAAI,MAAM,mBAAmB,eAAe;AAAA,IACpD;AAEA,UAAM,WAAW,CAAC,QAAgB;AAChC,YAAM,MAAM,IAAI,MAAM,mBAAmB,eAAe;AACxD,UAAI,cAAc;AAClB,YAAM;AAAA,IACR;AAEA,eAAO,8BAAc;AAAA,MACnB,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC,EAAE,OAAO;AAAA,EACZ;AACF;AASA,MAAM,0BAA0B,CAC9B,GACA,gBACA,iBACa;AACb,UAAQ,EAAE,SAAS;AAAA,IACjB,KAAK,mBAAmB;AAEtB,iBAAO;AAAA,QACL,2BAAa;AAAA,UACX,GAAG,eAAe,WAAW,MAAM,UAAU,KAAK,IAAI,CAAC;AAAA,QACzD;AAAA,QACA,2BAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,KAAK,mBAAmB;AACtB,iBAAO,8BAAgB,EAAE,WAAW;AAAA,IACtC,KAAK,mBAAmB;AACtB,iBAAO,sCAAe;AAAA,QACpB;AAAA,QACA,SAAS,eAAe;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,gBAAgB,aAAa;AAAA,MAC/B,CAAC,EAAE,iBAAiB,EAAE,eAAe,EAAE,cAAc,CAAC;AAAA,IACxD;AACE,YAAM;AAAA,EACV;AACF;","names":[]}
+{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextMiddleware, NextResponse } from \"next/server\";\nimport {\n  constants,\n  PUBLISHABLE_KEY,\n  SECRET_KEY,\n  SIGN_IN_URL,\n  SIGN_UP_URL,\n} from \"../constants\";\nimport { assertKey, decorateRequest, redirectAdapter } from \"./utils\";\nimport {\n  NextMiddlewareEvtParam,\n  NextMiddlewareRequestParam,\n  NextMiddlewareReturn,\n} from \"./type\";\nimport { cabinIdClient } from \"./client\";\nimport { CabinIdRequest, createCabinIdRequest } from \"../tokens/cabinIdRequest\";\nimport { AuthProtect, createProtect } from \"./protect\";\nimport { createRedirect, RedirectFun } from \"./createRedirect\";\nimport { isRedirect, setHeader } from \"../utils/response\";\nimport { RequestState } from \"../tokens/authStatus\";\nimport { AuthObject } from \"../tokens/authObjects\";\nimport { serverRedirectWithAuth } from \"./serverRedirectWithAuth\";\nimport { AuthenticateRequestOptions } from \"../api/factory\";\n\nconst CONTROL_FLOW_ERROR = {\n  FORCE_NOT_FOUND: \"CABIN_ID_PROTECT_REWRITE\",\n  REDIRECT_TO_URL: \"CABIN_ID_PROTECT_REDIRECT_TO_URL\",\n  REDIRECT_TO_SIGN_IN: \"CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN\",\n};\n\nexport type CabinIdMiddlewareAuthObject = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<Response>;\n};\n\nexport type CabinIdMiddlewareAuth = () => CabinIdMiddlewareAuthObject;\n\nexport interface AuthMiddleware {\n  /**\n   * @example\n   * export default clerkMiddleware((auth, request, event) => { ... }, options);\n   */\n  (\n    handler: CabinIdMiddlewareHandler,\n    options?: CabinIdMiddlewareOptions\n  ): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware(options);\n   */\n  (options?: CabinIdMiddlewareOptions): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware;\n   */\n  (\n    request: NextMiddlewareRequestParam,\n    event: NextMiddlewareEvtParam\n  ): NextMiddlewareReturn;\n}\n\ntype CabinIdMiddlewareHandler = (\n  auth: CabinIdMiddlewareAuth,\n  request: NextMiddlewareRequestParam,\n  event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type CabinIdMiddlewareOptions = AuthenticateRequestOptions;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n  return [\n    args[0] instanceof Request ? args[0] : undefined,\n    args[0] instanceof Request ? args[1] : undefined,\n  ] as [\n    NextMiddlewareRequestParam | undefined,\n    NextMiddlewareEvtParam | undefined,\n  ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n  return [\n    typeof args[0] === \"function\" ? args[0] : undefined,\n    (args.length === 2\n      ? args[1]\n      : typeof args[0] === \"function\"\n        ? {}\n        : args[0]) || {},\n  ] as [CabinIdMiddlewareHandler | undefined, CabinIdMiddlewareOptions];\n};\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]): any => {\n  const [request, event] = parseRequestAndEvent(args);\n  const [handler, params] = parseHandlerAndOptions(args);\n\n  const publishableKey = assertKey(\n    params.publishableKey || PUBLISHABLE_KEY,\n    () => {\n      throw new Error(\"Publish Key is not exist\");\n    }\n  );\n  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n    throw new Error(\"Secret Key is not valid\");\n  });\n\n  const signInUrl = params.signInUrl || SIGN_IN_URL;\n  const signUpUrl = params.signUpUrl || SIGN_UP_URL;\n\n  const options = {\n    ...params,\n    publishableKey,\n    secretKey,\n    signInUrl,\n    signUpUrl,\n  };\n\n  const nextMiddleware: NextMiddleware = async (_request, _event) => {\n    const accessToken = _request.nextUrl.searchParams.get(\n      constants.QueryParams.Token\n    );\n    const userId = _request.nextUrl.searchParams.get(\n      constants.QueryParams.UserId\n    );\n\n    if (accessToken && userId) {\n      const url = _request.nextUrl;\n      const path = url.pathname;\n      const response = NextResponse.redirect(\n        new URL(path || \"/\", _request.url)\n      );\n      response.cookies.set(constants.Cookies.Client, accessToken, {\n        maxAge: 60 * 60 * 24 * 30, // 30 days\n        sameSite: \"lax\",\n        secure: true,\n      });\n      response.cookies.set(constants.Cookies.User, userId, {\n        maxAge: 60 * 60 * 24 * 30, // 30 days\n        sameSite: \"lax\",\n        secure: true,\n      });\n      return response;\n    }\n\n    const cabinIdRequest = createCabinIdRequest(_request);\n\n    const requestState = await cabinIdClient.authenticateRequest(\n      cabinIdRequest,\n      options\n    );\n\n    const authObject = requestState.toAuth();\n\n    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);\n\n    const protect = createMiddlewareProtect(\n      cabinIdRequest,\n      authObject,\n      redirectToSignIn\n    );\n\n    const authObjWithMethods: CabinIdMiddlewareAuthObject = Object.assign(\n      authObject,\n      { protect, redirectToSignIn }\n    );\n\n    let handlerResult: Response = NextResponse.next();\n\n    try {\n      handlerResult =\n        (await handler?.(() => authObjWithMethods, _request, _event)) ||\n        handlerResult;\n    } catch (e: any) {\n      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);\n    }\n\n    if (isRedirect(handlerResult)) {\n      return serverRedirectWithAuth(cabinIdRequest, handlerResult);\n    }\n\n    decorateRequest(\n      cabinIdRequest,\n      handlerResult,\n      requestState,\n      options.secretKey\n    );\n\n    // TODO @nikos: we need to make this more generic\n    // and move the logic in clerk/backend\n    if (requestState.headers) {\n      requestState.headers.forEach((value, key) => {\n        handlerResult.headers.append(key, value);\n      });\n    }\n\n    return handlerResult;\n  };\n\n  // If we have a request and event, we're being called as a middleware directly\n  // eg, export default clerkMiddleware;\n  if (request && event) {\n    return nextMiddleware(request, event);\n  }\n\n  // Otherwise, return a middleware that can be called with a request and event\n  // eg, export default clerkMiddleware(auth => { ... });\n  return nextMiddleware;\n};\n\nexport { authMiddleware };\n\nconst createMiddlewareRedirectToSignIn = (\n  cabinIdRequest: CabinIdRequest\n): CabinIdMiddlewareAuthObject[\"redirectToSignIn\"] => {\n  return (opts = {}) => {\n    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN) as any;\n    err.returnBackUrl =\n      opts.returnBackUrl === null\n        ? \"\"\n        : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();\n    throw err;\n  };\n};\n\nconst createMiddlewareProtect = (\n  cabinIdRequest: CabinIdRequest,\n  authObject: AuthObject,\n  redirectToSignIn: RedirectFun<Response>\n): CabinIdMiddlewareAuthObject[\"protect\"] => {\n  return ((_: any, options: any) => {\n    const notFound = () => {\n      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND) as any;\n    };\n\n    const redirect = (url: string) => {\n      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL) as any;\n      err.redirectUrl = url;\n      throw err;\n    };\n\n    return createProtect({\n      request: cabinIdRequest,\n      redirect,\n      notFound,\n      authObject,\n      redirectToSignIn,\n    })(options);\n  }) as AuthProtect;\n};\n\n// Handle errors thrown by protect() and redirectToSignIn() calls,\n// as we want to align the APIs between middleware, pages and route handlers\n// Normally, middleware requires to explicitly return a response, but we want to\n// avoid discrepancies between the APIs as it's easy to miss the `return` statement\n// especially when copy-pasting code from one place to another.\n// This function handles the known errors thrown by the APIs described above,\n// and returns the appropriate response.\nconst handleControlFlowErrors = (\n  e: any,\n  cabinIdRequest: CabinIdRequest,\n  requestState: RequestState\n): Response => {\n  switch (e.message) {\n    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:\n      // Rewrite to a bogus URL to force not found error\n      return setHeader(\n        NextResponse.rewrite(\n          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`\n        ),\n        constants.Headers.AuthReason,\n        \"protect-rewrite\"\n      );\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:\n      return redirectAdapter(e.redirectUrl);\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:\n      return createRedirect({\n        redirectAdapter,\n        baseUrl: cabinIdRequest.cabinIdUrl,\n        signInUrl: requestState.signInUrl,\n        signUpUrl: requestState.signUpUrl,\n        publishableKey: requestState.publishableKey,\n      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });\n    default:\n      throw e;\n  }\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA6C;AAC7C,uBAMO;AACP,mBAA4D;AAM5D,oBAA8B;AAC9B,4BAAqD;AACrD,qBAA2C;AAC3C,4BAA4C;AAC5C,sBAAsC;AAGtC,oCAAuC;AAGvC,MAAM,qBAAqB;AAAA,EACzB,iBAAiB;AAAA,EACjB,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAyCA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AACF;AAEA,MAAM,iBAAiC,IAAI,SAAyB;AAClE,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,qBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,gBAAY,wBAAU,OAAO,aAAa,6BAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiC,OAAO,UAAU,WAAW;AACjE,UAAM,cAAc,SAAS,QAAQ,aAAa;AAAA,MAChD,2BAAU,YAAY;AAAA,IACxB;AACA,UAAM,SAAS,SAAS,QAAQ,aAAa;AAAA,MAC3C,2BAAU,YAAY;AAAA,IACxB;AAEA,QAAI,eAAe,QAAQ;AACzB,YAAM,MAAM,SAAS;AACrB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,2BAAa;AAAA,QAC5B,IAAI,IAAI,QAAQ,KAAK,SAAS,GAAG;AAAA,MACnC;AACA,eAAS,QAAQ,IAAI,2BAAU,QAAQ,QAAQ,aAAa;AAAA,QAC1D,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,QACvB,UAAU;AAAA,QACV,QAAQ;AAAA,MACV,CAAC;AACD,eAAS,QAAQ,IAAI,2BAAU,QAAQ,MAAM,QAAQ;AAAA,QACnD,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,QACvB,UAAU;AAAA,QACV,QAAQ;AAAA,MACV,CAAC;AACD,aAAO;AAAA,IACT;AAEA,UAAM,qBAAiB,4CAAqB,QAAQ;AAEpD,UAAM,eAAe,MAAM,4BAAc;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAEA,UAAM,aAAa,aAAa,OAAO;AAEvC,UAAM,mBAAmB,iCAAiC,cAAc;AAExE,UAAM,UAAU;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,UAAM,qBAAkD,OAAO;AAAA,MAC7D;AAAA,MACA,EAAE,SAAS,iBAAiB;AAAA,IAC9B;AAEA,QAAI,gBAA0B,2BAAa,KAAK;AAEhD,QAAI;AACF,sBACG,OAAM,mCAAU,MAAM,oBAAoB,UAAU,YACrD;AAAA,IACJ,SAAS,GAAQ;AACf,sBAAgB,wBAAwB,GAAG,gBAAgB,YAAY;AAAA,IACzE;AAEA,YAAI,4BAAW,aAAa,GAAG;AAC7B,iBAAO,sDAAuB,gBAAgB,aAAa;AAAA,IAC7D;AAEA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACV;AAIA,QAAI,aAAa,SAAS;AACxB,mBAAa,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC3C,sBAAc,QAAQ,OAAO,KAAK,KAAK;AAAA,MACzC,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,OAAO;AACpB,WAAO,eAAe,SAAS,KAAK;AAAA,EACtC;AAIA,SAAO;AACT;AAIA,MAAM,mCAAmC,CACvC,mBACoD;AACpD,SAAO,CAAC,OAAO,CAAC,MAAM;AACpB,UAAM,MAAM,IAAI,MAAM,mBAAmB,mBAAmB;AAC5D,QAAI,gBACF,KAAK,kBAAkB,OACnB,KACA,KAAK,iBAAiB,eAAe,WAAW,SAAS;AAC/D,UAAM;AAAA,EACR;AACF;AAEA,MAAM,0BAA0B,CAC9B,gBACA,YACA,qBAC2C;AAC3C,SAAQ,CAAC,GAAQ,YAAiB;AAChC,UAAM,WAAW,MAAM;AACrB,YAAM,IAAI,MAAM,mBAAmB,eAAe;AAAA,IACpD;AAEA,UAAM,WAAW,CAAC,QAAgB;AAChC,YAAM,MAAM,IAAI,MAAM,mBAAmB,eAAe;AACxD,UAAI,cAAc;AAClB,YAAM;AAAA,IACR;AAEA,eAAO,8BAAc;AAAA,MACnB,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC,EAAE,OAAO;AAAA,EACZ;AACF;AASA,MAAM,0BAA0B,CAC9B,GACA,gBACA,iBACa;AACb,UAAQ,EAAE,SAAS;AAAA,IACjB,KAAK,mBAAmB;AAEtB,iBAAO;AAAA,QACL,2BAAa;AAAA,UACX,GAAG,eAAe,WAAW,MAAM,UAAU,KAAK,IAAI,CAAC;AAAA,QACzD;AAAA,QACA,2BAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,KAAK,mBAAmB;AACtB,iBAAO,8BAAgB,EAAE,WAAW;AAAA,IACtC,KAAK,mBAAmB;AACtB,iBAAO,sCAAe;AAAA,QACpB;AAAA,QACA,SAAS,eAAe;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,gBAAgB,aAAa;AAAA,MAC/B,CAAC,EAAE,iBAAiB,EAAE,eAAe,EAAE,cAAc,CAAC;AAAA,IACxD;AACE,YAAM;AAAA,EACV;AACF;","names":[]}

package/dist/esm/server/middleware.js

@@ -64,8 +64,18 @@ const authMiddleware = (...args) => {
       const response = NextResponse.redirect(
         new URL(path || "/", _request.url)
       );
-      response.cookies.set(constants.Cookies.Client, accessToken);
-      response.cookies.set(constants.Cookies.User, userId);
+      response.cookies.set(constants.Cookies.Client, accessToken, {
+        maxAge: 60 * 60 * 24 * 30,
+        // 30 days
+        sameSite: "lax",
+        secure: true
+      });
+      response.cookies.set(constants.Cookies.User, userId, {
+        maxAge: 60 * 60 * 24 * 30,
+        // 30 days
+        sameSite: "lax",
+        secure: true
+      });
       return response;
     }
     const cabinIdRequest = createCabinIdRequest(_request);

package/dist/esm/server/middleware.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextMiddleware, NextResponse } from 'next/server';\nimport {\n  constants,\n  PUBLISHABLE_KEY,\n  SECRET_KEY,\n  SIGN_IN_URL,\n  SIGN_UP_URL,\n} from '../constants';\nimport { assertKey, decorateRequest, redirectAdapter } from './utils';\nimport {\n  NextMiddlewareEvtParam,\n  NextMiddlewareRequestParam,\n  NextMiddlewareReturn,\n} from './type';\nimport { cabinIdClient } from './client';\nimport { CabinIdRequest, createCabinIdRequest } from '../tokens/cabinIdRequest';\nimport { AuthProtect, createProtect } from './protect';\nimport { createRedirect, RedirectFun } from './createRedirect';\nimport { isRedirect, setHeader } from '../utils/response';\nimport { RequestState } from '../tokens/authStatus';\nimport { AuthObject } from '../tokens/authObjects';\nimport { serverRedirectWithAuth } from './serverRedirectWithAuth';\nimport { AuthenticateRequestOptions } from '../api/factory';\n\nconst CONTROL_FLOW_ERROR = {\n  FORCE_NOT_FOUND: 'CABIN_ID_PROTECT_REWRITE',\n  REDIRECT_TO_URL: 'CABIN_ID_PROTECT_REDIRECT_TO_URL',\n  REDIRECT_TO_SIGN_IN: 'CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN',\n};\n\nexport type CabinIdMiddlewareAuthObject = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<Response>;\n};\n\nexport type CabinIdMiddlewareAuth = () => CabinIdMiddlewareAuthObject;\n\nexport interface AuthMiddleware {\n  /**\n   * @example\n   * export default clerkMiddleware((auth, request, event) => { ... }, options);\n   */\n  (\n    handler: CabinIdMiddlewareHandler,\n    options?: CabinIdMiddlewareOptions\n  ): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware(options);\n   */\n  (options?: CabinIdMiddlewareOptions): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware;\n   */\n  (\n    request: NextMiddlewareRequestParam,\n    event: NextMiddlewareEvtParam\n  ): NextMiddlewareReturn;\n}\n\ntype CabinIdMiddlewareHandler = (\n  auth: CabinIdMiddlewareAuth,\n  request: NextMiddlewareRequestParam,\n  event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type CabinIdMiddlewareOptions = AuthenticateRequestOptions;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n  return [\n    args[0] instanceof Request ? args[0] : undefined,\n    args[0] instanceof Request ? args[1] : undefined,\n  ] as [\n    NextMiddlewareRequestParam | undefined,\n    NextMiddlewareEvtParam | undefined,\n  ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n  return [\n    typeof args[0] === 'function' ? args[0] : undefined,\n    (args.length === 2\n      ? args[1]\n      : typeof args[0] === 'function'\n        ? {}\n        : args[0]) || {},\n  ] as [CabinIdMiddlewareHandler | undefined, CabinIdMiddlewareOptions];\n};\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]): any => {\n  const [request, event] = parseRequestAndEvent(args);\n  const [handler, params] = parseHandlerAndOptions(args);\n\n  const publishableKey = assertKey(\n    params.publishableKey || PUBLISHABLE_KEY,\n    () => {\n      throw new Error('Publish Key is not exist');\n    }\n  );\n  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n    throw new Error('Secret Key is not valid');\n  });\n\n  const signInUrl = params.signInUrl || SIGN_IN_URL;\n  const signUpUrl = params.signUpUrl || SIGN_UP_URL;\n\n  const options = {\n    ...params,\n    publishableKey,\n    secretKey,\n    signInUrl,\n    signUpUrl,\n  };\n\n  const nextMiddleware: NextMiddleware = async (_request, _event) => {\n    const accessToken = _request.nextUrl.searchParams.get(\n      constants.QueryParams.Token\n    );\n    const userId = _request.nextUrl.searchParams.get(\n      constants.QueryParams.UserId\n    );\n\n    if (accessToken && userId) {\n      const url = _request.nextUrl;\n      const path = url.pathname;\n      const response = NextResponse.redirect(\n        new URL(path || '/', _request.url)\n      );\n      response.cookies.set(constants.Cookies.Client, accessToken);\n      response.cookies.set(constants.Cookies.User, userId);\n      return response;\n    }\n\n    const cabinIdRequest = createCabinIdRequest(_request);\n\n    const requestState = await cabinIdClient.authenticateRequest(\n      cabinIdRequest,\n      options\n    );\n\n    const authObject = requestState.toAuth();\n\n    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);\n\n    const protect = createMiddlewareProtect(\n      cabinIdRequest,\n      authObject,\n      redirectToSignIn\n    );\n\n    const authObjWithMethods: CabinIdMiddlewareAuthObject = Object.assign(\n      authObject,\n      { protect, redirectToSignIn }\n    );\n\n    let handlerResult: Response = NextResponse.next();\n\n    try {\n      handlerResult =\n        (await handler?.(() => authObjWithMethods, _request, _event)) ||\n        handlerResult;\n    } catch (e: any) {\n      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);\n    }\n\n    if (isRedirect(handlerResult)) {\n      return serverRedirectWithAuth(cabinIdRequest, handlerResult);\n    }\n\n    decorateRequest(\n      cabinIdRequest,\n      handlerResult,\n      requestState,\n      options.secretKey\n    );\n\n    // TODO @nikos: we need to make this more generic\n    // and move the logic in clerk/backend\n    if (requestState.headers) {\n      requestState.headers.forEach((value, key) => {\n        handlerResult.headers.append(key, value);\n      });\n    }\n\n    return handlerResult;\n  };\n\n  // If we have a request and event, we're being called as a middleware directly\n  // eg, export default clerkMiddleware;\n  if (request && event) {\n    return nextMiddleware(request, event);\n  }\n\n  // Otherwise, return a middleware that can be called with a request and event\n  // eg, export default clerkMiddleware(auth => { ... });\n  return nextMiddleware;\n};\n\nexport { authMiddleware };\n\nconst createMiddlewareRedirectToSignIn = (\n  cabinIdRequest: CabinIdRequest\n): CabinIdMiddlewareAuthObject['redirectToSignIn'] => {\n  return (opts = {}) => {\n    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN) as any;\n    err.returnBackUrl =\n      opts.returnBackUrl === null\n        ? ''\n        : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();\n    throw err;\n  };\n};\n\nconst createMiddlewareProtect = (\n  cabinIdRequest: CabinIdRequest,\n  authObject: AuthObject,\n  redirectToSignIn: RedirectFun<Response>\n): CabinIdMiddlewareAuthObject['protect'] => {\n  return ((_: any, options: any) => {\n    const notFound = () => {\n      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND) as any;\n    };\n\n    const redirect = (url: string) => {\n      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL) as any;\n      err.redirectUrl = url;\n      throw err;\n    };\n\n    return createProtect({\n      request: cabinIdRequest,\n      redirect,\n      notFound,\n      authObject,\n      redirectToSignIn,\n    })(options);\n  }) as AuthProtect;\n};\n\n// Handle errors thrown by protect() and redirectToSignIn() calls,\n// as we want to align the APIs between middleware, pages and route handlers\n// Normally, middleware requires to explicitly return a response, but we want to\n// avoid discrepancies between the APIs as it's easy to miss the `return` statement\n// especially when copy-pasting code from one place to another.\n// This function handles the known errors thrown by the APIs described above,\n// and returns the appropriate response.\nconst handleControlFlowErrors = (\n  e: any,\n  cabinIdRequest: CabinIdRequest,\n  requestState: RequestState\n): Response => {\n  switch (e.message) {\n    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:\n      // Rewrite to a bogus URL to force not found error\n      return setHeader(\n        NextResponse.rewrite(\n          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`\n        ),\n        constants.Headers.AuthReason,\n        'protect-rewrite'\n      );\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:\n      return redirectAdapter(e.redirectUrl);\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:\n      return createRedirect({\n        redirectAdapter,\n        baseUrl: cabinIdRequest.cabinIdUrl,\n        signInUrl: requestState.signInUrl,\n        signUpUrl: requestState.signUpUrl,\n        publishableKey: requestState.publishableKey,\n      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });\n    default:\n      throw e;\n  }\n};\n"],"mappings":"AAAA,SAAyB,oBAAoB;AAC7C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,WAAW,iBAAiB,uBAAuB;AAM5D,SAAS,qBAAqB;AAC9B,SAAyB,4BAA4B;AACrD,SAAsB,qBAAqB;AAC3C,SAAS,sBAAmC;AAC5C,SAAS,YAAY,iBAAiB;AAGtC,SAAS,8BAA8B;AAGvC,MAAM,qBAAqB;AAAA,EACzB,iBAAiB;AAAA,EACjB,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAyCA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AACF;AAEA,MAAM,iBAAiC,IAAI,SAAyB;AAClE,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,iBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,YAAY,UAAU,OAAO,aAAa,YAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiC,OAAO,UAAU,WAAW;AACjE,UAAM,cAAc,SAAS,QAAQ,aAAa;AAAA,MAChD,UAAU,YAAY;AAAA,IACxB;AACA,UAAM,SAAS,SAAS,QAAQ,aAAa;AAAA,MAC3C,UAAU,YAAY;AAAA,IACxB;AAEA,QAAI,eAAe,QAAQ;AACzB,YAAM,MAAM,SAAS;AACrB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,aAAa;AAAA,QAC5B,IAAI,IAAI,QAAQ,KAAK,SAAS,GAAG;AAAA,MACnC;AACA,eAAS,QAAQ,IAAI,UAAU,QAAQ,QAAQ,WAAW;AAC1D,eAAS,QAAQ,IAAI,UAAU,QAAQ,MAAM,MAAM;AACnD,aAAO;AAAA,IACT;AAEA,UAAM,iBAAiB,qBAAqB,QAAQ;AAEpD,UAAM,eAAe,MAAM,cAAc;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAEA,UAAM,aAAa,aAAa,OAAO;AAEvC,UAAM,mBAAmB,iCAAiC,cAAc;AAExE,UAAM,UAAU;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,UAAM,qBAAkD,OAAO;AAAA,MAC7D;AAAA,MACA,EAAE,SAAS,iBAAiB;AAAA,IAC9B;AAEA,QAAI,gBAA0B,aAAa,KAAK;AAEhD,QAAI;AACF,sBACG,OAAM,mCAAU,MAAM,oBAAoB,UAAU,YACrD;AAAA,IACJ,SAAS,GAAQ;AACf,sBAAgB,wBAAwB,GAAG,gBAAgB,YAAY;AAAA,IACzE;AAEA,QAAI,WAAW,aAAa,GAAG;AAC7B,aAAO,uBAAuB,gBAAgB,aAAa;AAAA,IAC7D;AAEA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACV;AAIA,QAAI,aAAa,SAAS;AACxB,mBAAa,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC3C,sBAAc,QAAQ,OAAO,KAAK,KAAK;AAAA,MACzC,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,OAAO;AACpB,WAAO,eAAe,SAAS,KAAK;AAAA,EACtC;AAIA,SAAO;AACT;AAIA,MAAM,mCAAmC,CACvC,mBACoD;AACpD,SAAO,CAAC,OAAO,CAAC,MAAM;AACpB,UAAM,MAAM,IAAI,MAAM,mBAAmB,mBAAmB;AAC5D,QAAI,gBACF,KAAK,kBAAkB,OACnB,KACA,KAAK,iBAAiB,eAAe,WAAW,SAAS;AAC/D,UAAM;AAAA,EACR;AACF;AAEA,MAAM,0BAA0B,CAC9B,gBACA,YACA,qBAC2C;AAC3C,SAAQ,CAAC,GAAQ,YAAiB;AAChC,UAAM,WAAW,MAAM;AACrB,YAAM,IAAI,MAAM,mBAAmB,eAAe;AAAA,IACpD;AAEA,UAAM,WAAW,CAAC,QAAgB;AAChC,YAAM,MAAM,IAAI,MAAM,mBAAmB,eAAe;AACxD,UAAI,cAAc;AAClB,YAAM;AAAA,IACR;AAEA,WAAO,cAAc;AAAA,MACnB,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC,EAAE,OAAO;AAAA,EACZ;AACF;AASA,MAAM,0BAA0B,CAC9B,GACA,gBACA,iBACa;AACb,UAAQ,EAAE,SAAS;AAAA,IACjB,KAAK,mBAAmB;AAEtB,aAAO;AAAA,QACL,aAAa;AAAA,UACX,GAAG,eAAe,WAAW,MAAM,UAAU,KAAK,IAAI,CAAC;AAAA,QACzD;AAAA,QACA,UAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,KAAK,mBAAmB;AACtB,aAAO,gBAAgB,EAAE,WAAW;AAAA,IACtC,KAAK,mBAAmB;AACtB,aAAO,eAAe;AAAA,QACpB;AAAA,QACA,SAAS,eAAe;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,gBAAgB,aAAa;AAAA,MAC/B,CAAC,EAAE,iBAAiB,EAAE,eAAe,EAAE,cAAc,CAAC;AAAA,IACxD;AACE,YAAM;AAAA,EACV;AACF;","names":[]}
+{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextMiddleware, NextResponse } from \"next/server\";\nimport {\n  constants,\n  PUBLISHABLE_KEY,\n  SECRET_KEY,\n  SIGN_IN_URL,\n  SIGN_UP_URL,\n} from \"../constants\";\nimport { assertKey, decorateRequest, redirectAdapter } from \"./utils\";\nimport {\n  NextMiddlewareEvtParam,\n  NextMiddlewareRequestParam,\n  NextMiddlewareReturn,\n} from \"./type\";\nimport { cabinIdClient } from \"./client\";\nimport { CabinIdRequest, createCabinIdRequest } from \"../tokens/cabinIdRequest\";\nimport { AuthProtect, createProtect } from \"./protect\";\nimport { createRedirect, RedirectFun } from \"./createRedirect\";\nimport { isRedirect, setHeader } from \"../utils/response\";\nimport { RequestState } from \"../tokens/authStatus\";\nimport { AuthObject } from \"../tokens/authObjects\";\nimport { serverRedirectWithAuth } from \"./serverRedirectWithAuth\";\nimport { AuthenticateRequestOptions } from \"../api/factory\";\n\nconst CONTROL_FLOW_ERROR = {\n  FORCE_NOT_FOUND: \"CABIN_ID_PROTECT_REWRITE\",\n  REDIRECT_TO_URL: \"CABIN_ID_PROTECT_REDIRECT_TO_URL\",\n  REDIRECT_TO_SIGN_IN: \"CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN\",\n};\n\nexport type CabinIdMiddlewareAuthObject = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<Response>;\n};\n\nexport type CabinIdMiddlewareAuth = () => CabinIdMiddlewareAuthObject;\n\nexport interface AuthMiddleware {\n  /**\n   * @example\n   * export default clerkMiddleware((auth, request, event) => { ... }, options);\n   */\n  (\n    handler: CabinIdMiddlewareHandler,\n    options?: CabinIdMiddlewareOptions\n  ): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware(options);\n   */\n  (options?: CabinIdMiddlewareOptions): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware;\n   */\n  (\n    request: NextMiddlewareRequestParam,\n    event: NextMiddlewareEvtParam\n  ): NextMiddlewareReturn;\n}\n\ntype CabinIdMiddlewareHandler = (\n  auth: CabinIdMiddlewareAuth,\n  request: NextMiddlewareRequestParam,\n  event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type CabinIdMiddlewareOptions = AuthenticateRequestOptions;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n  return [\n    args[0] instanceof Request ? args[0] : undefined,\n    args[0] instanceof Request ? args[1] : undefined,\n  ] as [\n    NextMiddlewareRequestParam | undefined,\n    NextMiddlewareEvtParam | undefined,\n  ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n  return [\n    typeof args[0] === \"function\" ? args[0] : undefined,\n    (args.length === 2\n      ? args[1]\n      : typeof args[0] === \"function\"\n        ? {}\n        : args[0]) || {},\n  ] as [CabinIdMiddlewareHandler | undefined, CabinIdMiddlewareOptions];\n};\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]): any => {\n  const [request, event] = parseRequestAndEvent(args);\n  const [handler, params] = parseHandlerAndOptions(args);\n\n  const publishableKey = assertKey(\n    params.publishableKey || PUBLISHABLE_KEY,\n    () => {\n      throw new Error(\"Publish Key is not exist\");\n    }\n  );\n  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n    throw new Error(\"Secret Key is not valid\");\n  });\n\n  const signInUrl = params.signInUrl || SIGN_IN_URL;\n  const signUpUrl = params.signUpUrl || SIGN_UP_URL;\n\n  const options = {\n    ...params,\n    publishableKey,\n    secretKey,\n    signInUrl,\n    signUpUrl,\n  };\n\n  const nextMiddleware: NextMiddleware = async (_request, _event) => {\n    const accessToken = _request.nextUrl.searchParams.get(\n      constants.QueryParams.Token\n    );\n    const userId = _request.nextUrl.searchParams.get(\n      constants.QueryParams.UserId\n    );\n\n    if (accessToken && userId) {\n      const url = _request.nextUrl;\n      const path = url.pathname;\n      const response = NextResponse.redirect(\n        new URL(path || \"/\", _request.url)\n      );\n      response.cookies.set(constants.Cookies.Client, accessToken, {\n        maxAge: 60 * 60 * 24 * 30, // 30 days\n        sameSite: \"lax\",\n        secure: true,\n      });\n      response.cookies.set(constants.Cookies.User, userId, {\n        maxAge: 60 * 60 * 24 * 30, // 30 days\n        sameSite: \"lax\",\n        secure: true,\n      });\n      return response;\n    }\n\n    const cabinIdRequest = createCabinIdRequest(_request);\n\n    const requestState = await cabinIdClient.authenticateRequest(\n      cabinIdRequest,\n      options\n    );\n\n    const authObject = requestState.toAuth();\n\n    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);\n\n    const protect = createMiddlewareProtect(\n      cabinIdRequest,\n      authObject,\n      redirectToSignIn\n    );\n\n    const authObjWithMethods: CabinIdMiddlewareAuthObject = Object.assign(\n      authObject,\n      { protect, redirectToSignIn }\n    );\n\n    let handlerResult: Response = NextResponse.next();\n\n    try {\n      handlerResult =\n        (await handler?.(() => authObjWithMethods, _request, _event)) ||\n        handlerResult;\n    } catch (e: any) {\n      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);\n    }\n\n    if (isRedirect(handlerResult)) {\n      return serverRedirectWithAuth(cabinIdRequest, handlerResult);\n    }\n\n    decorateRequest(\n      cabinIdRequest,\n      handlerResult,\n      requestState,\n      options.secretKey\n    );\n\n    // TODO @nikos: we need to make this more generic\n    // and move the logic in clerk/backend\n    if (requestState.headers) {\n      requestState.headers.forEach((value, key) => {\n        handlerResult.headers.append(key, value);\n      });\n    }\n\n    return handlerResult;\n  };\n\n  // If we have a request and event, we're being called as a middleware directly\n  // eg, export default clerkMiddleware;\n  if (request && event) {\n    return nextMiddleware(request, event);\n  }\n\n  // Otherwise, return a middleware that can be called with a request and event\n  // eg, export default clerkMiddleware(auth => { ... });\n  return nextMiddleware;\n};\n\nexport { authMiddleware };\n\nconst createMiddlewareRedirectToSignIn = (\n  cabinIdRequest: CabinIdRequest\n): CabinIdMiddlewareAuthObject[\"redirectToSignIn\"] => {\n  return (opts = {}) => {\n    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN) as any;\n    err.returnBackUrl =\n      opts.returnBackUrl === null\n        ? \"\"\n        : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();\n    throw err;\n  };\n};\n\nconst createMiddlewareProtect = (\n  cabinIdRequest: CabinIdRequest,\n  authObject: AuthObject,\n  redirectToSignIn: RedirectFun<Response>\n): CabinIdMiddlewareAuthObject[\"protect\"] => {\n  return ((_: any, options: any) => {\n    const notFound = () => {\n      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND) as any;\n    };\n\n    const redirect = (url: string) => {\n      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL) as any;\n      err.redirectUrl = url;\n      throw err;\n    };\n\n    return createProtect({\n      request: cabinIdRequest,\n      redirect,\n      notFound,\n      authObject,\n      redirectToSignIn,\n    })(options);\n  }) as AuthProtect;\n};\n\n// Handle errors thrown by protect() and redirectToSignIn() calls,\n// as we want to align the APIs between middleware, pages and route handlers\n// Normally, middleware requires to explicitly return a response, but we want to\n// avoid discrepancies between the APIs as it's easy to miss the `return` statement\n// especially when copy-pasting code from one place to another.\n// This function handles the known errors thrown by the APIs described above,\n// and returns the appropriate response.\nconst handleControlFlowErrors = (\n  e: any,\n  cabinIdRequest: CabinIdRequest,\n  requestState: RequestState\n): Response => {\n  switch (e.message) {\n    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:\n      // Rewrite to a bogus URL to force not found error\n      return setHeader(\n        NextResponse.rewrite(\n          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`\n        ),\n        constants.Headers.AuthReason,\n        \"protect-rewrite\"\n      );\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:\n      return redirectAdapter(e.redirectUrl);\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:\n      return createRedirect({\n        redirectAdapter,\n        baseUrl: cabinIdRequest.cabinIdUrl,\n        signInUrl: requestState.signInUrl,\n        signUpUrl: requestState.signUpUrl,\n        publishableKey: requestState.publishableKey,\n      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });\n    default:\n      throw e;\n  }\n};\n"],"mappings":"AAAA,SAAyB,oBAAoB;AAC7C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,WAAW,iBAAiB,uBAAuB;AAM5D,SAAS,qBAAqB;AAC9B,SAAyB,4BAA4B;AACrD,SAAsB,qBAAqB;AAC3C,SAAS,sBAAmC;AAC5C,SAAS,YAAY,iBAAiB;AAGtC,SAAS,8BAA8B;AAGvC,MAAM,qBAAqB;AAAA,EACzB,iBAAiB;AAAA,EACjB,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAyCA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AACF;AAEA,MAAM,iBAAiC,IAAI,SAAyB;AAClE,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,iBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,YAAY,UAAU,OAAO,aAAa,YAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiC,OAAO,UAAU,WAAW;AACjE,UAAM,cAAc,SAAS,QAAQ,aAAa;AAAA,MAChD,UAAU,YAAY;AAAA,IACxB;AACA,UAAM,SAAS,SAAS,QAAQ,aAAa;AAAA,MAC3C,UAAU,YAAY;AAAA,IACxB;AAEA,QAAI,eAAe,QAAQ;AACzB,YAAM,MAAM,SAAS;AACrB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,aAAa;AAAA,QAC5B,IAAI,IAAI,QAAQ,KAAK,SAAS,GAAG;AAAA,MACnC;AACA,eAAS,QAAQ,IAAI,UAAU,QAAQ,QAAQ,aAAa;AAAA,QAC1D,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,QACvB,UAAU;AAAA,QACV,QAAQ;AAAA,MACV,CAAC;AACD,eAAS,QAAQ,IAAI,UAAU,QAAQ,MAAM,QAAQ;AAAA,QACnD,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,QACvB,UAAU;AAAA,QACV,QAAQ;AAAA,MACV,CAAC;AACD,aAAO;AAAA,IACT;AAEA,UAAM,iBAAiB,qBAAqB,QAAQ;AAEpD,UAAM,eAAe,MAAM,cAAc;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAEA,UAAM,aAAa,aAAa,OAAO;AAEvC,UAAM,mBAAmB,iCAAiC,cAAc;AAExE,UAAM,UAAU;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,UAAM,qBAAkD,OAAO;AAAA,MAC7D;AAAA,MACA,EAAE,SAAS,iBAAiB;AAAA,IAC9B;AAEA,QAAI,gBAA0B,aAAa,KAAK;AAEhD,QAAI;AACF,sBACG,OAAM,mCAAU,MAAM,oBAAoB,UAAU,YACrD;AAAA,IACJ,SAAS,GAAQ;AACf,sBAAgB,wBAAwB,GAAG,gBAAgB,YAAY;AAAA,IACzE;AAEA,QAAI,WAAW,aAAa,GAAG;AAC7B,aAAO,uBAAuB,gBAAgB,aAAa;AAAA,IAC7D;AAEA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACV;AAIA,QAAI,aAAa,SAAS;AACxB,mBAAa,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC3C,sBAAc,QAAQ,OAAO,KAAK,KAAK;AAAA,MACzC,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,OAAO;AACpB,WAAO,eAAe,SAAS,KAAK;AAAA,EACtC;AAIA,SAAO;AACT;AAIA,MAAM,mCAAmC,CACvC,mBACoD;AACpD,SAAO,CAAC,OAAO,CAAC,MAAM;AACpB,UAAM,MAAM,IAAI,MAAM,mBAAmB,mBAAmB;AAC5D,QAAI,gBACF,KAAK,kBAAkB,OACnB,KACA,KAAK,iBAAiB,eAAe,WAAW,SAAS;AAC/D,UAAM;AAAA,EACR;AACF;AAEA,MAAM,0BAA0B,CAC9B,gBACA,YACA,qBAC2C;AAC3C,SAAQ,CAAC,GAAQ,YAAiB;AAChC,UAAM,WAAW,MAAM;AACrB,YAAM,IAAI,MAAM,mBAAmB,eAAe;AAAA,IACpD;AAEA,UAAM,WAAW,CAAC,QAAgB;AAChC,YAAM,MAAM,IAAI,MAAM,mBAAmB,eAAe;AACxD,UAAI,cAAc;AAClB,YAAM;AAAA,IACR;AAEA,WAAO,cAAc;AAAA,MACnB,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC,EAAE,OAAO;AAAA,EACZ;AACF;AASA,MAAM,0BAA0B,CAC9B,GACA,gBACA,iBACa;AACb,UAAQ,EAAE,SAAS;AAAA,IACjB,KAAK,mBAAmB;AAEtB,aAAO;AAAA,QACL,aAAa;AAAA,UACX,GAAG,eAAe,WAAW,MAAM,UAAU,KAAK,IAAI,CAAC;AAAA,QACzD;AAAA,QACA,UAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,KAAK,mBAAmB;AACtB,aAAO,gBAAgB,EAAE,WAAW;AAAA,IACtC,KAAK,mBAAmB;AACtB,aAAO,eAAe;AAAA,QACpB;AAAA,QACA,SAAS,eAAe;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,gBAAgB,aAAa;AAAA,MAC/B,CAAC,EAAE,iBAAiB,EAAE,eAAe,EAAE,cAAc,CAAC;AAAA,IACxD;AACE,YAAM;AAAA,EACV;AACF;","names":[]}

package/dist/types/server/middleware.d.ts

@@ -1,9 +1,9 @@
-import { NextMiddleware } from 'next/server';
-import { NextMiddlewareEvtParam, NextMiddlewareRequestParam, NextMiddlewareReturn } from './type';
-import { AuthProtect } from './protect';
-import { RedirectFun } from './createRedirect';
-import { AuthObject } from '../tokens/authObjects';
-import { AuthenticateRequestOptions } from '../api/factory';
+import { NextMiddleware } from "next/server";
+import { NextMiddlewareEvtParam, NextMiddlewareRequestParam, NextMiddlewareReturn } from "./type";
+import { AuthProtect } from "./protect";
+import { RedirectFun } from "./createRedirect";
+import { AuthObject } from "../tokens/authObjects";
+import { AuthenticateRequestOptions } from "../api/factory";
 export type CabinIdMiddlewareAuthObject = AuthObject & {
     protect: AuthProtect;
     redirectToSignIn: RedirectFun<Response>;

package/dist/types/server/middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../../src/server/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAgB,MAAM,aAAa,CAAC;AAS3D,OAAO,EACL,sBAAsB,EACtB,0BAA0B,EAC1B,oBAAoB,EACrB,MAAM,QAAQ,CAAC;AAGhB,OAAO,EAAE,WAAW,EAAiB,MAAM,WAAW,CAAC;AACvD,OAAO,EAAkB,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAG/D,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAQ5D,MAAM,MAAM,2BAA2B,GAAG,UAAU,GAAG;IACrD,OAAO,EAAE,WAAW,CAAC;IACrB,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;CACzC,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,MAAM,2BAA2B,CAAC;AAEtE,MAAM,WAAW,cAAc;IAC7B;;;OAGG;IACH,CACE,OAAO,EAAE,wBAAwB,EACjC,OAAO,CAAC,EAAE,wBAAwB,GACjC,cAAc,CAAC;IAClB;;;OAGG;IACH,CAAC,OAAO,CAAC,EAAE,wBAAwB,GAAG,cAAc,CAAC;IACrD;;;OAGG;IACH,CACE,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,GAC5B,oBAAoB,CAAC;CACzB;AAED,KAAK,wBAAwB,GAAG,CAC9B,IAAI,EAAE,qBAAqB,EAC3B,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,KAC1B,oBAAoB,CAAC;AAE1B,MAAM,MAAM,wBAAwB,GAAG,0BAA0B,CAAC;AAuBlE,QAAA,MAAM,cAAc,EAAE,cA2GrB,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,CAAC"}
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../../src/server/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAgB,MAAM,aAAa,CAAC;AAS3D,OAAO,EACL,sBAAsB,EACtB,0BAA0B,EAC1B,oBAAoB,EACrB,MAAM,QAAQ,CAAC;AAGhB,OAAO,EAAE,WAAW,EAAiB,MAAM,WAAW,CAAC;AACvD,OAAO,EAAkB,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAG/D,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAQ5D,MAAM,MAAM,2BAA2B,GAAG,UAAU,GAAG;IACrD,OAAO,EAAE,WAAW,CAAC;IACrB,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;CACzC,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,MAAM,2BAA2B,CAAC;AAEtE,MAAM,WAAW,cAAc;IAC7B;;;OAGG;IACH,CACE,OAAO,EAAE,wBAAwB,EACjC,OAAO,CAAC,EAAE,wBAAwB,GACjC,cAAc,CAAC;IAClB;;;OAGG;IACH,CAAC,OAAO,CAAC,EAAE,wBAAwB,GAAG,cAAc,CAAC;IACrD;;;OAGG;IACH,CACE,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,GAC5B,oBAAoB,CAAC;CACzB;AAED,KAAK,wBAAwB,GAAG,CAC9B,IAAI,EAAE,qBAAqB,EAC3B,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,KAC1B,oBAAoB,CAAC;AAE1B,MAAM,MAAM,wBAAwB,GAAG,0BAA0B,CAAC;AAuBlE,QAAA,MAAM,cAAc,EAAE,cAmHrB,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,CAAC"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@cabin-id/nextjs",
   "description": "NextJS SDK for CabinID",
-  "version": "0.2.5",
+  "version": "1.0.1",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
   "author": "CabinVN",