@cabin-id/nextjs 1.0.0 → 1.0.1

package/dist/esm/package.json

@@ -0,0 +1,9 @@
+{
+  "sideEffects": false,
+  "imports": {
+    "#components": {
+      "react-server": "./components.server.js",
+      "default": "./components.client.js"
+    }
+  }
+}

package/dist/esm/provider/context.js

@@ -0,0 +1,24 @@
+import React from "react";
+import { createContextAndHook } from "../hooks/createContextAndHook";
+const [CabinIdInstanceContext, useCabinIDInstanceContext] = createContextAndHook("CabinIdInstanceContext");
+const [UserContext, useUserContext] = createContextAndHook("UserContext");
+function useAssertWrappedByCabinIdProvider(displayNameOrFn) {
+  const ctx = React.useContext(CabinIdInstanceContext);
+  if (!ctx) {
+    if (typeof displayNameOrFn === "function") {
+      displayNameOrFn();
+      return;
+    }
+    throw new Error(
+      `${displayNameOrFn} can only be used within the <CabinIDProvider /> component.`
+    );
+  }
+}
+export {
+  CabinIdInstanceContext,
+  UserContext,
+  useAssertWrappedByCabinIdProvider,
+  useCabinIDInstanceContext,
+  useUserContext
+};
+//# sourceMappingURL=context.js.map

package/dist/esm/provider/context.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/provider/context.tsx"],"sourcesContent":["import React from 'react';\nimport { createContextAndHook } from '../hooks/createContextAndHook';\nimport { User } from '../types';\n\nexport type LoadedCabinId = {\n  user: User | null;\n  userId: string | null;\n};\n\nconst [CabinIdInstanceContext, useCabinIDInstanceContext] =\n  createContextAndHook<LoadedCabinId>('CabinIdInstanceContext');\nconst [UserContext, useUserContext] = createContextAndHook<\n  User | null | undefined\n>('UserContext');\n\nfunction useAssertWrappedByCabinIdProvider(\n  displayNameOrFn: string | (() => void)\n): void {\n  const ctx = React.useContext(CabinIdInstanceContext);\n\n  if (!ctx) {\n    if (typeof displayNameOrFn === 'function') {\n      displayNameOrFn();\n      return;\n    }\n\n    throw new Error(\n      `${displayNameOrFn} can only be used within the <CabinIDProvider /> component.`\n    );\n  }\n}\n\nexport {\n  CabinIdInstanceContext,\n  UserContext,\n  useCabinIDInstanceContext,\n  useUserContext,\n  useAssertWrappedByCabinIdProvider,\n};\n"],"mappings":"AAAA,OAAO,WAAW;AAClB,SAAS,4BAA4B;AAQrC,MAAM,CAAC,wBAAwB,yBAAyB,IACtD,qBAAoC,wBAAwB;AAC9D,MAAM,CAAC,aAAa,cAAc,IAAI,qBAEpC,aAAa;AAEf,SAAS,kCACP,iBACM;AACN,QAAM,MAAM,MAAM,WAAW,sBAAsB;AAEnD,MAAI,CAAC,KAAK;AACR,QAAI,OAAO,oBAAoB,YAAY;AACzC,sBAAgB;AAChB;AAAA,IACF;AAEA,UAAM,IAAI;AAAA,MACR,GAAG,eAAe;AAAA,IACpB;AAAA,EACF;AACF;","names":[]}

package/dist/esm/provider/core.provider.js

@@ -0,0 +1,15 @@
+"use client";
+import React from "react";
+import { CabinIdInstanceContext, UserContext } from "./context";
+const CabinIDCoreProvider = ({
+  children,
+  ...rest
+}) => {
+  const { user } = rest;
+  const userCtx = React.useMemo(() => ({ value: user }), [user]);
+  return /* @__PURE__ */ React.createElement(CabinIdInstanceContext.Provider, { value: { value: rest } }, /* @__PURE__ */ React.createElement(UserContext.Provider, { value: userCtx }, children));
+};
+export {
+  CabinIDCoreProvider
+};
+//# sourceMappingURL=core.provider.js.map

package/dist/esm/provider/core.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/provider/core.provider.tsx"],"sourcesContent":["'use client';\n\nimport React from 'react';\nimport type { PropsWithChildren } from 'react';\nimport { CabinIdInstanceContext, LoadedCabinId, UserContext } from './context';\n\nconst CabinIDCoreProvider = ({\n  children,\n  ...rest\n}: PropsWithChildren<LoadedCabinId>) => {\n  const { user } = rest;\n\n  const userCtx = React.useMemo(() => ({ value: user }), [user]);\n\n  return (\n    <CabinIdInstanceContext.Provider value={{ value: rest }}>\n      <UserContext.Provider value={userCtx}>{children}</UserContext.Provider>\n    </CabinIdInstanceContext.Provider>\n  );\n};\n\nexport { CabinIDCoreProvider };\n"],"mappings":";AAEA,OAAO,WAAW;AAElB,SAAS,wBAAuC,mBAAmB;AAEnE,MAAM,sBAAsB,CAAC;AAAA,EAC3B;AAAA,EACA,GAAG;AACL,MAAwC;AACtC,QAAM,EAAE,KAAK,IAAI;AAEjB,QAAM,UAAU,MAAM,QAAQ,OAAO,EAAE,OAAO,KAAK,IAAI,CAAC,IAAI,CAAC;AAE7D,SACE,oCAAC,uBAAuB,UAAvB,EAAgC,OAAO,EAAE,OAAO,KAAK,KACpD,oCAAC,YAAY,UAAZ,EAAqB,OAAO,WAAU,QAAS,CAClD;AAEJ;","names":[]}

package/dist/esm/provider/main.provider.js

@@ -0,0 +1,11 @@
+import React from "react";
+import { CabinIDCoreProvider } from "./core.provider";
+import { initialState } from "../utils/initial";
+const CabinIDProvider = async ({ children }) => {
+  const state = await initialState();
+  return /* @__PURE__ */ React.createElement(CabinIDCoreProvider, { ...state }, children);
+};
+export {
+  CabinIDProvider
+};
+//# sourceMappingURL=main.provider.js.map

package/dist/esm/provider/main.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/provider/main.provider.tsx"],"sourcesContent":["import React from 'react';\nimport type { PropsWithChildren } from 'react';\nimport { CabinIDCoreProvider } from './core.provider';\nimport { initialState } from '../utils/initial';\n\nconst CabinIDProvider = async ({ children }: PropsWithChildren<any>) => {\n  const state = await initialState();\n  return <CabinIDCoreProvider {...state}>{children}</CabinIDCoreProvider>;\n};\n\nexport { CabinIDProvider };\n"],"mappings":"AAAA,OAAO,WAAW;AAElB,SAAS,2BAA2B;AACpC,SAAS,oBAAoB;AAE7B,MAAM,kBAAkB,OAAO,EAAE,SAAS,MAA8B;AACtE,QAAM,QAAQ,MAAM,aAAa;AACjC,SAAO,oCAAC,uBAAqB,GAAG,SAAQ,QAAS;AACnD;","names":[]}

package/dist/esm/server/auth.js

@@ -0,0 +1,37 @@
+import { notFound, redirect } from "next/navigation";
+import { createRedirect } from "./createRedirect";
+import { createProtect } from "./protect";
+import { buildRequestLike, getAuthKeyFromRequest } from "./utils";
+import { PUBLISHABLE_KEY, SIGN_IN_URL, SIGN_UP_URL } from "../constants";
+import { createCabinIdRequest } from "../tokens/cabinIdRequest";
+import { createGetAuth } from "./createGetAuth";
+const auth = () => {
+  const request = buildRequestLike();
+  const authObject = createGetAuth()(request);
+  const cabinIdUrl = getAuthKeyFromRequest(request, "CabinIdUrl");
+  const redirectToSignIn = (opts = {}) => {
+    return createRedirect({
+      redirectAdapter: redirect,
+      baseUrl: createCabinIdRequest(request).cabinIdUrl.toString(),
+      // TODO: Support runtime-value configuration of these options
+      // via setting and reading headers from clerkMiddleware
+      publishableKey: PUBLISHABLE_KEY,
+      signInUrl: SIGN_IN_URL,
+      signUpUrl: SIGN_UP_URL
+    }).redirectToSignIn({
+      returnBackUrl: opts.returnBackUrl === null ? "" : opts.returnBackUrl || (cabinIdUrl == null ? void 0 : cabinIdUrl.toString())
+    });
+  };
+  const protect = createProtect({
+    request,
+    authObject,
+    redirectToSignIn,
+    notFound,
+    redirect
+  });
+  return Object.assign(authObject, { protect, redirectToSignIn });
+};
+export {
+  auth
+};
+//# sourceMappingURL=auth.js.map

package/dist/esm/server/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/auth.ts"],"sourcesContent":["import { notFound, redirect } from 'next/navigation';\nimport { AuthObject } from '../tokens/authObjects';\nimport { createRedirect, RedirectFun } from './createRedirect';\nimport { AuthProtect, createProtect } from './protect';\nimport { buildRequestLike, getAuthKeyFromRequest } from './utils';\nimport { PUBLISHABLE_KEY, SIGN_IN_URL, SIGN_UP_URL } from '../constants';\nimport { createCabinIdRequest } from '../tokens/cabinIdRequest';\nimport { createGetAuth } from './createGetAuth';\n\ntype Auth = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<ReturnType<typeof redirect>>;\n};\n\nexport const auth = (): Auth => {\n  const request = buildRequestLike();\n  const authObject = createGetAuth()(request);\n\n  const cabinIdUrl = getAuthKeyFromRequest(request, 'CabinIdUrl');\n\n  const redirectToSignIn: RedirectFun<never> = (opts = {}) => {\n    return createRedirect({\n      redirectAdapter: redirect,\n      baseUrl: createCabinIdRequest(request).cabinIdUrl.toString(),\n      // TODO: Support runtime-value configuration of these options\n      // via setting and reading headers from clerkMiddleware\n      publishableKey: PUBLISHABLE_KEY,\n      signInUrl: SIGN_IN_URL,\n      signUpUrl: SIGN_UP_URL,\n    }).redirectToSignIn({\n      returnBackUrl:\n        opts.returnBackUrl === null\n          ? ''\n          : opts.returnBackUrl || cabinIdUrl?.toString(),\n    });\n  };\n\n  const protect = createProtect({\n    request,\n    authObject,\n    redirectToSignIn,\n    notFound,\n    redirect,\n  });\n\n  return Object.assign(authObject, { protect, redirectToSignIn });\n};\n"],"mappings":"AAAA,SAAS,UAAU,gBAAgB;AAEnC,SAAS,sBAAmC;AAC5C,SAAsB,qBAAqB;AAC3C,SAAS,kBAAkB,6BAA6B;AACxD,SAAS,iBAAiB,aAAa,mBAAmB;AAC1D,SAAS,4BAA4B;AACrC,SAAS,qBAAqB;AAOvB,MAAM,OAAO,MAAY;AAC9B,QAAM,UAAU,iBAAiB;AACjC,QAAM,aAAa,cAAc,EAAE,OAAO;AAE1C,QAAM,aAAa,sBAAsB,SAAS,YAAY;AAE9D,QAAM,mBAAuC,CAAC,OAAO,CAAC,MAAM;AAC1D,WAAO,eAAe;AAAA,MACpB,iBAAiB;AAAA,MACjB,SAAS,qBAAqB,OAAO,EAAE,WAAW,SAAS;AAAA;AAAA;AAAA,MAG3D,gBAAgB;AAAA,MAChB,WAAW;AAAA,MACX,WAAW;AAAA,IACb,CAAC,EAAE,iBAAiB;AAAA,MAClB,eACE,KAAK,kBAAkB,OACnB,KACA,KAAK,kBAAiB,yCAAY;AAAA,IAC1C,CAAC;AAAA,EACH;AAEA,QAAM,UAAU,cAAc;AAAA,IAC5B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,SAAO,OAAO,OAAO,YAAY,EAAE,SAAS,iBAAiB,CAAC;AAChE;","names":[]}

package/dist/esm/server/client.js

@@ -0,0 +1,11 @@
+import { API_URL, API_VERSION, SECRET_KEY } from "../constants";
+import { createCabinIdClient } from "../utils/createCabinIdClient";
+const cabinIdClient = createCabinIdClient({
+  apiUrl: API_URL,
+  apiVersion: API_VERSION,
+  secretKey: SECRET_KEY
+});
+export {
+  cabinIdClient
+};
+//# sourceMappingURL=client.js.map

package/dist/esm/server/client.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/client.ts"],"sourcesContent":["import { API_URL, API_VERSION, SECRET_KEY } from '../constants';\nimport { createCabinIdClient } from '../utils/createCabinIdClient';\n\nconst cabinIdClient = createCabinIdClient({\n  apiUrl: API_URL,\n  apiVersion: API_VERSION,\n  secretKey: SECRET_KEY,\n});\n\nexport { cabinIdClient };\n"],"mappings":"AAAA,SAAS,SAAS,aAAa,kBAAkB;AACjD,SAAS,2BAA2B;AAEpC,MAAM,gBAAgB,oBAAoB;AAAA,EACxC,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AACb,CAAC;","names":[]}

package/dist/esm/server/createGetAuth.js

@@ -0,0 +1,23 @@
+import {
+  signedInAuthObject,
+  signedOutAuthObject
+} from "../tokens/authObjects";
+import { constants } from "../constants";
+import { getCookie } from "./utils";
+const createGetAuth = () => (req) => {
+  const authToken = getCookie(req, constants.Cookies.Client);
+  const userId = getCookie(req, constants.Cookies.User);
+  if (authToken && userId) {
+    return signedInAuthObject({
+      sessionToken: authToken || "",
+      userId: userId || ""
+    });
+  }
+  return signedOutAuthObject();
+};
+const getAuth = createGetAuth();
+export {
+  createGetAuth,
+  getAuth
+};
+//# sourceMappingURL=createGetAuth.js.map

package/dist/esm/server/createGetAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/createGetAuth.ts"],"sourcesContent":["import {\n  AuthObject,\n  signedInAuthObject,\n  signedOutAuthObject,\n} from '../tokens/authObjects';\nimport { constants } from '../constants';\nimport { getCookie } from './utils';\nimport { RequestLike } from './type';\n\nexport const createGetAuth =\n  () =>\n  (req: RequestLike): AuthObject => {\n    const authToken = getCookie(req, constants.Cookies.Client);\n    const userId = getCookie(req, constants.Cookies.User);\n    if (authToken && userId) {\n      return signedInAuthObject({\n        sessionToken: authToken || '',\n        userId: userId || '',\n      });\n    }\n\n    return signedOutAuthObject();\n  };\n\nexport const getAuth = createGetAuth();\n"],"mappings":"AAAA;AAAA,EAEE;AAAA,EACA;AAAA,OACK;AACP,SAAS,iBAAiB;AAC1B,SAAS,iBAAiB;AAGnB,MAAM,gBACX,MACA,CAAC,QAAiC;AAChC,QAAM,YAAY,UAAU,KAAK,UAAU,QAAQ,MAAM;AACzD,QAAM,SAAS,UAAU,KAAK,UAAU,QAAQ,IAAI;AACpD,MAAI,aAAa,QAAQ;AACvB,WAAO,mBAAmB;AAAA,MACxB,cAAc,aAAa;AAAA,MAC3B,QAAQ,UAAU;AAAA,IACpB,CAAC;AAAA,EACH;AAEA,SAAO,oBAAoB;AAC7B;AAEK,MAAM,UAAU,cAAc;","names":[]}

package/dist/esm/server/createRedirect.js

@@ -0,0 +1,66 @@
+import { parsePublishableKey } from "../utils/key";
+const buildUrl = (_baseUrl, _targetUrl, _returnBackUrl) => {
+  if (!!_baseUrl) {
+    const baseUrl = new URL(_baseUrl);
+    const returnBackUrl = _returnBackUrl ? new URL(_returnBackUrl, baseUrl) : void 0;
+    const res = new URL(_targetUrl, baseUrl);
+    if (returnBackUrl) {
+      res.searchParams.set("redirect_url", returnBackUrl.toString());
+    }
+    return res.toString();
+  } else {
+    const returnBackUrl = _returnBackUrl ? new URL(_returnBackUrl) : void 0;
+    const res = new URL(_targetUrl);
+    if (returnBackUrl) {
+      res.searchParams.set("redirect_url", returnBackUrl.toString());
+    }
+    return res.toString();
+  }
+};
+const buildAccountsBaseUrl = (frontendApi) => {
+  if (!frontendApi) {
+    return "";
+  }
+  const accountsBaseUrl = frontendApi;
+  return `https://${accountsBaseUrl}`;
+};
+const createRedirect = (params) => {
+  const { publishableKey, redirectAdapter, signInUrl, signUpUrl, baseUrl } = params;
+  const frontendApi = parsePublishableKey(publishableKey);
+  const accountsBaseUrl = buildAccountsBaseUrl(frontendApi);
+  const redirectToSignUp = ({ returnBackUrl } = {}) => {
+    if (!signUpUrl && !accountsBaseUrl) {
+      throw new Error("Publish Key is not exist");
+    }
+    const accountsSignUpUrl = `${accountsBaseUrl}/sign-up`;
+    let redirect = null;
+    if (signUpUrl) {
+      redirect = redirectAdapter(buildUrl(baseUrl, signUpUrl));
+    } else {
+      redirect = redirectAdapter(
+        buildUrl(null, accountsSignUpUrl, returnBackUrl)
+      );
+    }
+    return redirect;
+  };
+  const redirectToSignIn = ({ returnBackUrl } = {}) => {
+    if (!signInUrl && !accountsBaseUrl) {
+      throw new Error("Publish Key is not exist");
+    }
+    const accountsSignInUrl = `${accountsBaseUrl}/sign-in`;
+    let redirect = null;
+    if (signInUrl) {
+      redirect = redirectAdapter(buildUrl(baseUrl, signInUrl));
+    } else {
+      redirect = redirectAdapter(
+        buildUrl(null, accountsSignInUrl, returnBackUrl)
+      );
+    }
+    return redirect;
+  };
+  return { redirectToSignUp, redirectToSignIn };
+};
+export {
+  createRedirect
+};
+//# sourceMappingURL=createRedirect.js.map

package/dist/esm/server/createRedirect.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/createRedirect.ts"],"sourcesContent":["import { parsePublishableKey } from '../utils/key';\n\ntype RedirectAdapter<RedirectReturn> = (url: string) => RedirectReturn;\ntype RedirectToParams = { returnBackUrl?: string | URL | null };\nexport type RedirectFun<ReturnType> = (params?: RedirectToParams) => ReturnType;\n\nconst buildUrl = (\n  _baseUrl: string | URL | null,\n  _targetUrl: string | URL,\n  _returnBackUrl?: string | URL | null\n) => {\n  if (!!_baseUrl) {\n    const baseUrl = new URL(_baseUrl);\n    const returnBackUrl = _returnBackUrl\n      ? new URL(_returnBackUrl, baseUrl)\n      : undefined;\n    const res = new URL(_targetUrl, baseUrl);\n\n    if (returnBackUrl) {\n      res.searchParams.set('redirect_url', returnBackUrl.toString());\n    }\n    return res.toString();\n  } else {\n    const returnBackUrl = _returnBackUrl ? new URL(_returnBackUrl) : undefined;\n    const res = new URL(_targetUrl);\n\n    if (returnBackUrl) {\n      res.searchParams.set('redirect_url', returnBackUrl.toString());\n    }\n    return res.toString();\n  }\n};\n\nconst buildAccountsBaseUrl = (frontendApi: string | null) => {\n  if (!frontendApi) {\n    return '';\n  }\n\n  // convert url from FAPI to accounts for Kima and legacy (prod & dev) instances\n  const accountsBaseUrl = frontendApi;\n  return `https://${accountsBaseUrl}`;\n};\n\n/**\n * @internal\n */\ntype CreateRedirect = <ReturnType>(params: {\n  publishableKey: string;\n  redirectAdapter: RedirectAdapter<ReturnType>;\n  baseUrl: URL | string;\n  signInUrl?: URL | string;\n  signUpUrl?: URL | string;\n}) => {\n  redirectToSignIn: RedirectFun<ReturnType>;\n  redirectToSignUp: RedirectFun<ReturnType>;\n};\n\nexport const createRedirect: CreateRedirect = (params) => {\n  const { publishableKey, redirectAdapter, signInUrl, signUpUrl, baseUrl } =\n    params;\n  const frontendApi = parsePublishableKey(publishableKey);\n  const accountsBaseUrl = buildAccountsBaseUrl(frontendApi);\n\n  const redirectToSignUp = ({ returnBackUrl }: RedirectToParams = {}) => {\n    if (!signUpUrl && !accountsBaseUrl) {\n      throw new Error('Publish Key is not exist');\n    }\n    const accountsSignUpUrl = `${accountsBaseUrl}/sign-up`;\n    let redirect = null;\n\n    if (signUpUrl) {\n      redirect = redirectAdapter(buildUrl(baseUrl, signUpUrl));\n    } else {\n      redirect = redirectAdapter(\n        buildUrl(null, accountsSignUpUrl, returnBackUrl)\n      );\n    }\n    return redirect;\n  };\n\n  const redirectToSignIn = ({ returnBackUrl }: RedirectToParams = {}) => {\n    if (!signInUrl && !accountsBaseUrl) {\n      throw new Error('Publish Key is not exist');\n    }\n    const accountsSignInUrl = `${accountsBaseUrl}/sign-in`;\n\n    let redirect = null;\n    if (signInUrl) {\n      redirect = redirectAdapter(buildUrl(baseUrl, signInUrl));\n    } else {\n      redirect = redirectAdapter(\n        buildUrl(null, accountsSignInUrl, returnBackUrl)\n      );\n    }\n\n    return redirect;\n  };\n\n  return { redirectToSignUp, redirectToSignIn };\n};\n"],"mappings":"AAAA,SAAS,2BAA2B;AAMpC,MAAM,WAAW,CACf,UACA,YACA,mBACG;AACH,MAAI,CAAC,CAAC,UAAU;AACd,UAAM,UAAU,IAAI,IAAI,QAAQ;AAChC,UAAM,gBAAgB,iBAClB,IAAI,IAAI,gBAAgB,OAAO,IAC/B;AACJ,UAAM,MAAM,IAAI,IAAI,YAAY,OAAO;AAEvC,QAAI,eAAe;AACjB,UAAI,aAAa,IAAI,gBAAgB,cAAc,SAAS,CAAC;AAAA,IAC/D;AACA,WAAO,IAAI,SAAS;AAAA,EACtB,OAAO;AACL,UAAM,gBAAgB,iBAAiB,IAAI,IAAI,cAAc,IAAI;AACjE,UAAM,MAAM,IAAI,IAAI,UAAU;AAE9B,QAAI,eAAe;AACjB,UAAI,aAAa,IAAI,gBAAgB,cAAc,SAAS,CAAC;AAAA,IAC/D;AACA,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;AAEA,MAAM,uBAAuB,CAAC,gBAA+B;AAC3D,MAAI,CAAC,aAAa;AAChB,WAAO;AAAA,EACT;AAGA,QAAM,kBAAkB;AACxB,SAAO,WAAW,eAAe;AACnC;AAgBO,MAAM,iBAAiC,CAAC,WAAW;AACxD,QAAM,EAAE,gBAAgB,iBAAiB,WAAW,WAAW,QAAQ,IACrE;AACF,QAAM,cAAc,oBAAoB,cAAc;AACtD,QAAM,kBAAkB,qBAAqB,WAAW;AAExD,QAAM,mBAAmB,CAAC,EAAE,cAAc,IAAsB,CAAC,MAAM;AACrE,QAAI,CAAC,aAAa,CAAC,iBAAiB;AAClC,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,UAAM,oBAAoB,GAAG,eAAe;AAC5C,QAAI,WAAW;AAEf,QAAI,WAAW;AACb,iBAAW,gBAAgB,SAAS,SAAS,SAAS,CAAC;AAAA,IACzD,OAAO;AACL,iBAAW;AAAA,QACT,SAAS,MAAM,mBAAmB,aAAa;AAAA,MACjD;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAEA,QAAM,mBAAmB,CAAC,EAAE,cAAc,IAAsB,CAAC,MAAM;AACrE,QAAI,CAAC,aAAa,CAAC,iBAAiB;AAClC,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,UAAM,oBAAoB,GAAG,eAAe;AAE5C,QAAI,WAAW;AACf,QAAI,WAAW;AACb,iBAAW,gBAAgB,SAAS,SAAS,SAAS,CAAC;AAAA,IACzD,OAAO;AACL,iBAAW;AAAA,QACT,SAAS,MAAM,mBAAmB,aAAa;AAAA,MACjD;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAEA,SAAO,EAAE,kBAAkB,iBAAiB;AAC9C;","names":[]}

package/dist/esm/server/errors.js

@@ -0,0 +1,78 @@
+const missingDomainAndProxy = `
+Missing domain and proxyUrl. A satellite application needs to specify a domain or a proxyUrl.
+
+1) With middleware
+   e.g. export default clerkMiddleware({domain:'YOUR_DOMAIN',isSatellite:true}); // or the deprecated authMiddleware()
+2) With environment variables e.g.
+   NEXT_PUBLIC_CLERK_DOMAIN='YOUR_DOMAIN'
+   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'
+   `;
+const missingSignInUrlInDev = `
+Invalid signInUrl. A satellite application requires a signInUrl for development instances.
+Check if signInUrl is missing from your configuration or if it is not an absolute URL
+
+1) With middleware
+   e.g. export default clerkMiddleware({signInUrl:'SOME_URL', isSatellite:true}); // or the deprecated authMiddleware()
+2) With environment variables e.g.
+   NEXT_PUBLIC_CLERK_SIGN_IN_URL='SOME_URL'
+   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'`;
+const receivedRequestForIgnoredRoute = (url, matcher) => `Clerk: The middleware was skipped for this request URL: ${url}. For performance reasons, it's recommended to your middleware matcher to:
+export const config = {
+  matcher: ${matcher},
+};
+
+Alternatively, you can set your own ignoredRoutes. See https://clerk.com/docs/nextjs/middleware
+(This log only appears in development mode)
+`;
+const getAuthAuthHeaderMissing = () => authAuthHeaderMissing("getAuth");
+const authAuthHeaderMissing = (helperName = "auth") => `CabinID: ${helperName}() was called but CabinID can't detect usage of authMiddleware(). Please ensure the following:
+-  clerkMiddleware() authMiddleware is used in your Next.js Middleware.
+- Your Middleware matcher is configured to match this route or page.
+- If you are using the src directory, make sure the Middleware file is inside of it.
+`;
+const clockSkewDetected = (verifyMessage) => `Clerk: Clock skew detected. This usually means that your system clock is inaccurate. Clerk will continuously try to issue new tokens, as the existing ones will be treated as "expired" due to clock skew.
+
+To resolve this issue, make sure your system's clock is set to the correct time (e.g. turn off and on automatic time synchronization).
+
+---
+
+${verifyMessage}`;
+const infiniteRedirectLoopDetected = () => `Clerk: Infinite redirect loop detected. That usually means that we were not able to determine the auth state for this request. A list of common causes and solutions follows.
+
+Reason 1:
+Your Clerk instance keys are incorrect, or you recently changed keys (Publishable Key, Secret Key).
+How to resolve:
+-> Make sure you're using the correct keys from the Clerk Dashboard. If you changed keys recently, make sure to clear your browser application data and cookies.
+
+Reason 2:
+A bug that may have already been fixed in the latest version of Clerk NextJS package.
+How to resolve:
+-> Make sure you are using the latest version of '@clerk/nextjs' and 'next'.
+`;
+const informAboutProtectedRouteInfo = (path, hasPublicRoutes, hasIgnoredRoutes, isApiRoute, defaultIgnoredRoutes) => {
+  const infoText = isApiRoute ? `INFO: Clerk: The request to ${path} is being protected (401) because there is no signed-in user, and the path is included in \`apiRoutes\`. To prevent this behavior, choose one of:` : `INFO: Clerk: The request to ${path} is being redirected because there is no signed-in user, and the path is not included in \`ignoredRoutes\` or \`publicRoutes\`. To prevent this behavior, choose one of:`;
+  const apiRoutesText = isApiRoute ? `To prevent Clerk authentication from protecting (401) the api route, remove the rule matching "${path}" from the \`apiRoutes\` array passed to authMiddleware` : void 0;
+  const publicRoutesText = hasPublicRoutes ? `To make the route accessible to both signed in and signed out users, add "${path}" to the \`publicRoutes\` array passed to authMiddleware` : `To make the route accessible to both signed in and signed out users, pass \`publicRoutes: ["${path}"]\` to authMiddleware`;
+  const ignoredRoutes = [...defaultIgnoredRoutes, path].map((r) => `"${r}"`).join(", ");
+  const ignoredRoutesText = hasIgnoredRoutes ? `To prevent Clerk authentication from running at all, add "${path}" to the \`ignoredRoutes\` array passed to authMiddleware` : `To prevent Clerk authentication from running at all, pass \`ignoredRoutes: [${ignoredRoutes}]\` to authMiddleware`;
+  const afterAuthText = "Pass a custom `afterAuth` to authMiddleware, and replace Clerk's default behavior of redirecting unless a route is included in publicRoutes";
+  return `${infoText}
+
+${[apiRoutesText, publicRoutesText, ignoredRoutesText, afterAuthText].filter(Boolean).map((text, index) => `${index + 1}. ${text}`).join("\n")}
+
+For additional information about middleware, please visit https://clerk.com/docs/nextjs/middleware
+(This log only appears in development mode, or if \`debug: true\` is passed to authMiddleware)`;
+};
+const authSignatureInvalid = `Clerk: Unable to verify request, this usually means the Clerk middleware did not run. Ensure Clerk's middleware is properly integrated and matches the current route. For more information, see: https://clerk.com/docs/nextjs/middleware. (code=auth_signature_invalid)`;
+export {
+  authAuthHeaderMissing,
+  authSignatureInvalid,
+  clockSkewDetected,
+  getAuthAuthHeaderMissing,
+  infiniteRedirectLoopDetected,
+  informAboutProtectedRouteInfo,
+  missingDomainAndProxy,
+  missingSignInUrlInDev,
+  receivedRequestForIgnoredRoute
+};
+//# sourceMappingURL=errors.js.map

package/dist/esm/server/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/errors.ts"],"sourcesContent":["export const missingDomainAndProxy = `\nMissing domain and proxyUrl. A satellite application needs to specify a domain or a proxyUrl.\n\n1) With middleware\n   e.g. export default clerkMiddleware({domain:'YOUR_DOMAIN',isSatellite:true}); // or the deprecated authMiddleware()\n2) With environment variables e.g.\n   NEXT_PUBLIC_CLERK_DOMAIN='YOUR_DOMAIN'\n   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'\n   `;\n\nexport const missingSignInUrlInDev = `\nInvalid signInUrl. A satellite application requires a signInUrl for development instances.\nCheck if signInUrl is missing from your configuration or if it is not an absolute URL\n\n1) With middleware\n   e.g. export default clerkMiddleware({signInUrl:'SOME_URL', isSatellite:true}); // or the deprecated authMiddleware()\n2) With environment variables e.g.\n   NEXT_PUBLIC_CLERK_SIGN_IN_URL='SOME_URL'\n   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'`;\n\nexport const receivedRequestForIgnoredRoute = (url: string, matcher: string) =>\n  `Clerk: The middleware was skipped for this request URL: ${url}. For performance reasons, it's recommended to your middleware matcher to:\nexport const config = {\n  matcher: ${matcher},\n};\n\nAlternatively, you can set your own ignoredRoutes. See https://clerk.com/docs/nextjs/middleware\n(This log only appears in development mode)\n`;\n\nexport const getAuthAuthHeaderMissing = () => authAuthHeaderMissing('getAuth');\n\nexport const authAuthHeaderMissing = (helperName = 'auth') =>\n  `CabinID: ${helperName}() was called but CabinID can't detect usage of authMiddleware(). Please ensure the following:\n-  clerkMiddleware() authMiddleware is used in your Next.js Middleware.\n- Your Middleware matcher is configured to match this route or page.\n- If you are using the src directory, make sure the Middleware file is inside of it.\n`;\n\nexport const clockSkewDetected = (verifyMessage: string) =>\n  `Clerk: Clock skew detected. This usually means that your system clock is inaccurate. Clerk will continuously try to issue new tokens, as the existing ones will be treated as \"expired\" due to clock skew.\n\nTo resolve this issue, make sure your system's clock is set to the correct time (e.g. turn off and on automatic time synchronization).\n\n---\n\n${verifyMessage}`;\n\nexport const infiniteRedirectLoopDetected = () =>\n  `Clerk: Infinite redirect loop detected. That usually means that we were not able to determine the auth state for this request. A list of common causes and solutions follows.\n\nReason 1:\nYour Clerk instance keys are incorrect, or you recently changed keys (Publishable Key, Secret Key).\nHow to resolve:\n-> Make sure you're using the correct keys from the Clerk Dashboard. If you changed keys recently, make sure to clear your browser application data and cookies.\n\nReason 2:\nA bug that may have already been fixed in the latest version of Clerk NextJS package.\nHow to resolve:\n-> Make sure you are using the latest version of '@clerk/nextjs' and 'next'.\n`;\n\nexport const informAboutProtectedRouteInfo = (\n  path: string,\n  hasPublicRoutes: boolean,\n  hasIgnoredRoutes: boolean,\n  isApiRoute: boolean,\n  defaultIgnoredRoutes: string[]\n) => {\n  const infoText = isApiRoute\n    ? `INFO: Clerk: The request to ${path} is being protected (401) because there is no signed-in user, and the path is included in \\`apiRoutes\\`. To prevent this behavior, choose one of:`\n    : `INFO: Clerk: The request to ${path} is being redirected because there is no signed-in user, and the path is not included in \\`ignoredRoutes\\` or \\`publicRoutes\\`. To prevent this behavior, choose one of:`;\n  const apiRoutesText = isApiRoute\n    ? `To prevent Clerk authentication from protecting (401) the api route, remove the rule matching \"${path}\" from the \\`apiRoutes\\` array passed to authMiddleware`\n    : undefined;\n  const publicRoutesText = hasPublicRoutes\n    ? `To make the route accessible to both signed in and signed out users, add \"${path}\" to the \\`publicRoutes\\` array passed to authMiddleware`\n    : `To make the route accessible to both signed in and signed out users, pass \\`publicRoutes: [\"${path}\"]\\` to authMiddleware`;\n  const ignoredRoutes = [...defaultIgnoredRoutes, path]\n    .map((r) => `\"${r}\"`)\n    .join(', ');\n  const ignoredRoutesText = hasIgnoredRoutes\n    ? `To prevent Clerk authentication from running at all, add \"${path}\" to the \\`ignoredRoutes\\` array passed to authMiddleware`\n    : `To prevent Clerk authentication from running at all, pass \\`ignoredRoutes: [${ignoredRoutes}]\\` to authMiddleware`;\n  const afterAuthText =\n    \"Pass a custom `afterAuth` to authMiddleware, and replace Clerk's default behavior of redirecting unless a route is included in publicRoutes\";\n\n  return `${infoText}\n\n${[apiRoutesText, publicRoutesText, ignoredRoutesText, afterAuthText]\n  .filter(Boolean)\n  .map((text, index) => `${index + 1}. ${text}`)\n  .join('\\n')}\n\nFor additional information about middleware, please visit https://clerk.com/docs/nextjs/middleware\n(This log only appears in development mode, or if \\`debug: true\\` is passed to authMiddleware)`;\n};\n\nexport const authSignatureInvalid = `Clerk: Unable to verify request, this usually means the Clerk middleware did not run. Ensure Clerk's middleware is properly integrated and matches the current route. For more information, see: https://clerk.com/docs/nextjs/middleware. (code=auth_signature_invalid)`;\n"],"mappings":"AAAO,MAAM,wBAAwB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAU9B,MAAM,wBAAwB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAU9B,MAAM,iCAAiC,CAAC,KAAa,YAC1D,2DAA2D,GAAG;AAAA;AAAA,aAEnD,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAOb,MAAM,2BAA2B,MAAM,sBAAsB,SAAS;AAEtE,MAAM,wBAAwB,CAAC,aAAa,WACjD,YAAY,UAAU;AAAA;AAAA;AAAA;AAAA;AAMjB,MAAM,oBAAoB,CAAC,kBAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,aAAa;AAER,MAAM,+BAA+B,MAC1C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAaK,MAAM,gCAAgC,CAC3C,MACA,iBACA,kBACA,YACA,yBACG;AACH,QAAM,WAAW,aACb,+BAA+B,IAAI,sJACnC,+BAA+B,IAAI;AACvC,QAAM,gBAAgB,aAClB,kGAAkG,IAAI,4DACtG;AACJ,QAAM,mBAAmB,kBACrB,6EAA6E,IAAI,6DACjF,+FAA+F,IAAI;AACvG,QAAM,gBAAgB,CAAC,GAAG,sBAAsB,IAAI,EACjD,IAAI,CAAC,MAAM,IAAI,CAAC,GAAG,EACnB,KAAK,IAAI;AACZ,QAAM,oBAAoB,mBACtB,6DAA6D,IAAI,8DACjE,+EAA+E,aAAa;AAChG,QAAM,gBACJ;AAEF,SAAO,GAAG,QAAQ;AAAA;AAAA,EAElB,CAAC,eAAe,kBAAkB,mBAAmB,aAAa,EACjE,OAAO,OAAO,EACd,IAAI,CAAC,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,IAAI,EAAE,EAC5C,KAAK,IAAI,CAAC;AAAA;AAAA;AAAA;AAIb;AAEO,MAAM,uBAAuB;","names":[]}

package/dist/esm/server/getCurrentUser.js

@@ -0,0 +1,12 @@
+import { auth } from "./auth";
+import { client } from "../utils/http";
+async function currentUser() {
+  const { userId } = auth();
+  if (!userId)
+    return null;
+  return client.users.getUser(userId);
+}
+export {
+  currentUser
+};
+//# sourceMappingURL=getCurrentUser.js.map

package/dist/esm/server/getCurrentUser.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/getCurrentUser.ts"],"sourcesContent":["import { User } from '../types';\nimport { auth } from './auth';\nimport { client } from '../utils/http';\n\nexport async function currentUser(): Promise<User | null> {\n  const { userId } = auth();\n  if (!userId) return null;\n  return client.users.getUser(userId);\n}\n"],"mappings":"AACA,SAAS,YAAY;AACrB,SAAS,cAAc;AAEvB,eAAsB,cAAoC;AACxD,QAAM,EAAE,OAAO,IAAI,KAAK;AACxB,MAAI,CAAC;AAAQ,WAAO;AACpB,SAAO,OAAO,MAAM,QAAQ,MAAM;AACpC;","names":[]}

package/dist/esm/server/index.js

@@ -0,0 +1,7 @@
+import { auth } from "./auth";
+import { createRouteMatcher } from "./routeMatcher";
+export {
+  auth,
+  createRouteMatcher
+};
+//# sourceMappingURL=index.js.map

package/dist/esm/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/index.ts"],"sourcesContent":["export { auth } from './auth';\nexport { createRouteMatcher } from './routeMatcher';\n"],"mappings":"AAAA,SAAS,YAAY;AACrB,SAAS,0BAA0B;","names":[]}

package/dist/esm/server/middleware.js

@@ -0,0 +1,177 @@
+import { NextResponse } from "next/server";
+import {
+  constants,
+  PUBLISHABLE_KEY,
+  SECRET_KEY,
+  SIGN_IN_URL,
+  SIGN_UP_URL
+} from "../constants";
+import { assertKey, decorateRequest, redirectAdapter } from "./utils";
+import { cabinIdClient } from "./client";
+import { createCabinIdRequest } from "../tokens/cabinIdRequest";
+import { createProtect } from "./protect";
+import { createRedirect } from "./createRedirect";
+import { isRedirect, setHeader } from "../utils/response";
+import { serverRedirectWithAuth } from "./serverRedirectWithAuth";
+const CONTROL_FLOW_ERROR = {
+  FORCE_NOT_FOUND: "CABIN_ID_PROTECT_REWRITE",
+  REDIRECT_TO_URL: "CABIN_ID_PROTECT_REDIRECT_TO_URL",
+  REDIRECT_TO_SIGN_IN: "CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN"
+};
+const parseRequestAndEvent = (args) => {
+  return [
+    args[0] instanceof Request ? args[0] : void 0,
+    args[0] instanceof Request ? args[1] : void 0
+  ];
+};
+const parseHandlerAndOptions = (args) => {
+  return [
+    typeof args[0] === "function" ? args[0] : void 0,
+    (args.length === 2 ? args[1] : typeof args[0] === "function" ? {} : args[0]) || {}
+  ];
+};
+const authMiddleware = (...args) => {
+  const [request, event] = parseRequestAndEvent(args);
+  const [handler, params] = parseHandlerAndOptions(args);
+  const publishableKey = assertKey(
+    params.publishableKey || PUBLISHABLE_KEY,
+    () => {
+      throw new Error("Publish Key is not exist");
+    }
+  );
+  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {
+    throw new Error("Secret Key is not valid");
+  });
+  const signInUrl = params.signInUrl || SIGN_IN_URL;
+  const signUpUrl = params.signUpUrl || SIGN_UP_URL;
+  const options = {
+    ...params,
+    publishableKey,
+    secretKey,
+    signInUrl,
+    signUpUrl
+  };
+  const nextMiddleware = async (_request, _event) => {
+    const accessToken = _request.nextUrl.searchParams.get(
+      constants.QueryParams.Token
+    );
+    const userId = _request.nextUrl.searchParams.get(
+      constants.QueryParams.UserId
+    );
+    if (accessToken && userId) {
+      const url = _request.nextUrl;
+      const path = url.pathname;
+      const response = NextResponse.redirect(
+        new URL(path || "/", _request.url)
+      );
+      response.cookies.set(constants.Cookies.Client, accessToken, {
+        maxAge: 60 * 60 * 24 * 30,
+        // 30 days
+        sameSite: "lax",
+        secure: true
+      });
+      response.cookies.set(constants.Cookies.User, userId, {
+        maxAge: 60 * 60 * 24 * 30,
+        // 30 days
+        sameSite: "lax",
+        secure: true
+      });
+      return response;
+    }
+    const cabinIdRequest = createCabinIdRequest(_request);
+    const requestState = await cabinIdClient.authenticateRequest(
+      cabinIdRequest,
+      options
+    );
+    const authObject = requestState.toAuth();
+    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);
+    const protect = createMiddlewareProtect(
+      cabinIdRequest,
+      authObject,
+      redirectToSignIn
+    );
+    const authObjWithMethods = Object.assign(
+      authObject,
+      { protect, redirectToSignIn }
+    );
+    let handlerResult = NextResponse.next();
+    try {
+      handlerResult = await (handler == null ? void 0 : handler(() => authObjWithMethods, _request, _event)) || handlerResult;
+    } catch (e) {
+      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);
+    }
+    if (isRedirect(handlerResult)) {
+      return serverRedirectWithAuth(cabinIdRequest, handlerResult);
+    }
+    decorateRequest(
+      cabinIdRequest,
+      handlerResult,
+      requestState,
+      options.secretKey
+    );
+    if (requestState.headers) {
+      requestState.headers.forEach((value, key) => {
+        handlerResult.headers.append(key, value);
+      });
+    }
+    return handlerResult;
+  };
+  if (request && event) {
+    return nextMiddleware(request, event);
+  }
+  return nextMiddleware;
+};
+const createMiddlewareRedirectToSignIn = (cabinIdRequest) => {
+  return (opts = {}) => {
+    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN);
+    err.returnBackUrl = opts.returnBackUrl === null ? "" : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();
+    throw err;
+  };
+};
+const createMiddlewareProtect = (cabinIdRequest, authObject, redirectToSignIn) => {
+  return (_, options) => {
+    const notFound = () => {
+      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND);
+    };
+    const redirect = (url) => {
+      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL);
+      err.redirectUrl = url;
+      throw err;
+    };
+    return createProtect({
+      request: cabinIdRequest,
+      redirect,
+      notFound,
+      authObject,
+      redirectToSignIn
+    })(options);
+  };
+};
+const handleControlFlowErrors = (e, cabinIdRequest, requestState) => {
+  switch (e.message) {
+    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:
+      return setHeader(
+        NextResponse.rewrite(
+          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`
+        ),
+        constants.Headers.AuthReason,
+        "protect-rewrite"
+      );
+    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:
+      return redirectAdapter(e.redirectUrl);
+    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:
+      return createRedirect({
+        redirectAdapter,
+        baseUrl: cabinIdRequest.cabinIdUrl,
+        signInUrl: requestState.signInUrl,
+        signUpUrl: requestState.signUpUrl,
+        publishableKey: requestState.publishableKey
+      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });
+    default:
+      throw e;
+  }
+};
+export {
+  authMiddleware
+};
+//# sourceMappingURL=middleware.js.map

package/dist/esm/server/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextMiddleware, NextResponse } from \"next/server\";\nimport {\n  constants,\n  PUBLISHABLE_KEY,\n  SECRET_KEY,\n  SIGN_IN_URL,\n  SIGN_UP_URL,\n} from \"../constants\";\nimport { assertKey, decorateRequest, redirectAdapter } from \"./utils\";\nimport {\n  NextMiddlewareEvtParam,\n  NextMiddlewareRequestParam,\n  NextMiddlewareReturn,\n} from \"./type\";\nimport { cabinIdClient } from \"./client\";\nimport { CabinIdRequest, createCabinIdRequest } from \"../tokens/cabinIdRequest\";\nimport { AuthProtect, createProtect } from \"./protect\";\nimport { createRedirect, RedirectFun } from \"./createRedirect\";\nimport { isRedirect, setHeader } from \"../utils/response\";\nimport { RequestState } from \"../tokens/authStatus\";\nimport { AuthObject } from \"../tokens/authObjects\";\nimport { serverRedirectWithAuth } from \"./serverRedirectWithAuth\";\nimport { AuthenticateRequestOptions } from \"../api/factory\";\n\nconst CONTROL_FLOW_ERROR = {\n  FORCE_NOT_FOUND: \"CABIN_ID_PROTECT_REWRITE\",\n  REDIRECT_TO_URL: \"CABIN_ID_PROTECT_REDIRECT_TO_URL\",\n  REDIRECT_TO_SIGN_IN: \"CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN\",\n};\n\nexport type CabinIdMiddlewareAuthObject = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<Response>;\n};\n\nexport type CabinIdMiddlewareAuth = () => CabinIdMiddlewareAuthObject;\n\nexport interface AuthMiddleware {\n  /**\n   * @example\n   * export default clerkMiddleware((auth, request, event) => { ... }, options);\n   */\n  (\n    handler: CabinIdMiddlewareHandler,\n    options?: CabinIdMiddlewareOptions\n  ): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware(options);\n   */\n  (options?: CabinIdMiddlewareOptions): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware;\n   */\n  (\n    request: NextMiddlewareRequestParam,\n    event: NextMiddlewareEvtParam\n  ): NextMiddlewareReturn;\n}\n\ntype CabinIdMiddlewareHandler = (\n  auth: CabinIdMiddlewareAuth,\n  request: NextMiddlewareRequestParam,\n  event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type CabinIdMiddlewareOptions = AuthenticateRequestOptions;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n  return [\n    args[0] instanceof Request ? args[0] : undefined,\n    args[0] instanceof Request ? args[1] : undefined,\n  ] as [\n    NextMiddlewareRequestParam | undefined,\n    NextMiddlewareEvtParam | undefined,\n  ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n  return [\n    typeof args[0] === \"function\" ? args[0] : undefined,\n    (args.length === 2\n      ? args[1]\n      : typeof args[0] === \"function\"\n        ? {}\n        : args[0]) || {},\n  ] as [CabinIdMiddlewareHandler | undefined, CabinIdMiddlewareOptions];\n};\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]): any => {\n  const [request, event] = parseRequestAndEvent(args);\n  const [handler, params] = parseHandlerAndOptions(args);\n\n  const publishableKey = assertKey(\n    params.publishableKey || PUBLISHABLE_KEY,\n    () => {\n      throw new Error(\"Publish Key is not exist\");\n    }\n  );\n  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n    throw new Error(\"Secret Key is not valid\");\n  });\n\n  const signInUrl = params.signInUrl || SIGN_IN_URL;\n  const signUpUrl = params.signUpUrl || SIGN_UP_URL;\n\n  const options = {\n    ...params,\n    publishableKey,\n    secretKey,\n    signInUrl,\n    signUpUrl,\n  };\n\n  const nextMiddleware: NextMiddleware = async (_request, _event) => {\n    const accessToken = _request.nextUrl.searchParams.get(\n      constants.QueryParams.Token\n    );\n    const userId = _request.nextUrl.searchParams.get(\n      constants.QueryParams.UserId\n    );\n\n    if (accessToken && userId) {\n      const url = _request.nextUrl;\n      const path = url.pathname;\n      const response = NextResponse.redirect(\n        new URL(path || \"/\", _request.url)\n      );\n      response.cookies.set(constants.Cookies.Client, accessToken, {\n        maxAge: 60 * 60 * 24 * 30, // 30 days\n        sameSite: \"lax\",\n        secure: true,\n      });\n      response.cookies.set(constants.Cookies.User, userId, {\n        maxAge: 60 * 60 * 24 * 30, // 30 days\n        sameSite: \"lax\",\n        secure: true,\n      });\n      return response;\n    }\n\n    const cabinIdRequest = createCabinIdRequest(_request);\n\n    const requestState = await cabinIdClient.authenticateRequest(\n      cabinIdRequest,\n      options\n    );\n\n    const authObject = requestState.toAuth();\n\n    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);\n\n    const protect = createMiddlewareProtect(\n      cabinIdRequest,\n      authObject,\n      redirectToSignIn\n    );\n\n    const authObjWithMethods: CabinIdMiddlewareAuthObject = Object.assign(\n      authObject,\n      { protect, redirectToSignIn }\n    );\n\n    let handlerResult: Response = NextResponse.next();\n\n    try {\n      handlerResult =\n        (await handler?.(() => authObjWithMethods, _request, _event)) ||\n        handlerResult;\n    } catch (e: any) {\n      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);\n    }\n\n    if (isRedirect(handlerResult)) {\n      return serverRedirectWithAuth(cabinIdRequest, handlerResult);\n    }\n\n    decorateRequest(\n      cabinIdRequest,\n      handlerResult,\n      requestState,\n      options.secretKey\n    );\n\n    // TODO @nikos: we need to make this more generic\n    // and move the logic in clerk/backend\n    if (requestState.headers) {\n      requestState.headers.forEach((value, key) => {\n        handlerResult.headers.append(key, value);\n      });\n    }\n\n    return handlerResult;\n  };\n\n  // If we have a request and event, we're being called as a middleware directly\n  // eg, export default clerkMiddleware;\n  if (request && event) {\n    return nextMiddleware(request, event);\n  }\n\n  // Otherwise, return a middleware that can be called with a request and event\n  // eg, export default clerkMiddleware(auth => { ... });\n  return nextMiddleware;\n};\n\nexport { authMiddleware };\n\nconst createMiddlewareRedirectToSignIn = (\n  cabinIdRequest: CabinIdRequest\n): CabinIdMiddlewareAuthObject[\"redirectToSignIn\"] => {\n  return (opts = {}) => {\n    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN) as any;\n    err.returnBackUrl =\n      opts.returnBackUrl === null\n        ? \"\"\n        : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();\n    throw err;\n  };\n};\n\nconst createMiddlewareProtect = (\n  cabinIdRequest: CabinIdRequest,\n  authObject: AuthObject,\n  redirectToSignIn: RedirectFun<Response>\n): CabinIdMiddlewareAuthObject[\"protect\"] => {\n  return ((_: any, options: any) => {\n    const notFound = () => {\n      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND) as any;\n    };\n\n    const redirect = (url: string) => {\n      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL) as any;\n      err.redirectUrl = url;\n      throw err;\n    };\n\n    return createProtect({\n      request: cabinIdRequest,\n      redirect,\n      notFound,\n      authObject,\n      redirectToSignIn,\n    })(options);\n  }) as AuthProtect;\n};\n\n// Handle errors thrown by protect() and redirectToSignIn() calls,\n// as we want to align the APIs between middleware, pages and route handlers\n// Normally, middleware requires to explicitly return a response, but we want to\n// avoid discrepancies between the APIs as it's easy to miss the `return` statement\n// especially when copy-pasting code from one place to another.\n// This function handles the known errors thrown by the APIs described above,\n// and returns the appropriate response.\nconst handleControlFlowErrors = (\n  e: any,\n  cabinIdRequest: CabinIdRequest,\n  requestState: RequestState\n): Response => {\n  switch (e.message) {\n    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:\n      // Rewrite to a bogus URL to force not found error\n      return setHeader(\n        NextResponse.rewrite(\n          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`\n        ),\n        constants.Headers.AuthReason,\n        \"protect-rewrite\"\n      );\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:\n      return redirectAdapter(e.redirectUrl);\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:\n      return createRedirect({\n        redirectAdapter,\n        baseUrl: cabinIdRequest.cabinIdUrl,\n        signInUrl: requestState.signInUrl,\n        signUpUrl: requestState.signUpUrl,\n        publishableKey: requestState.publishableKey,\n      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });\n    default:\n      throw e;\n  }\n};\n"],"mappings":"AAAA,SAAyB,oBAAoB;AAC7C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,WAAW,iBAAiB,uBAAuB;AAM5D,SAAS,qBAAqB;AAC9B,SAAyB,4BAA4B;AACrD,SAAsB,qBAAqB;AAC3C,SAAS,sBAAmC;AAC5C,SAAS,YAAY,iBAAiB;AAGtC,SAAS,8BAA8B;AAGvC,MAAM,qBAAqB;AAAA,EACzB,iBAAiB;AAAA,EACjB,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAyCA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AACF;AAEA,MAAM,iBAAiC,IAAI,SAAyB;AAClE,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,iBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,YAAY,UAAU,OAAO,aAAa,YAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiC,OAAO,UAAU,WAAW;AACjE,UAAM,cAAc,SAAS,QAAQ,aAAa;AAAA,MAChD,UAAU,YAAY;AAAA,IACxB;AACA,UAAM,SAAS,SAAS,QAAQ,aAAa;AAAA,MAC3C,UAAU,YAAY;AAAA,IACxB;AAEA,QAAI,eAAe,QAAQ;AACzB,YAAM,MAAM,SAAS;AACrB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,aAAa;AAAA,QAC5B,IAAI,IAAI,QAAQ,KAAK,SAAS,GAAG;AAAA,MACnC;AACA,eAAS,QAAQ,IAAI,UAAU,QAAQ,QAAQ,aAAa;AAAA,QAC1D,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,QACvB,UAAU;AAAA,QACV,QAAQ;AAAA,MACV,CAAC;AACD,eAAS,QAAQ,IAAI,UAAU,QAAQ,MAAM,QAAQ;AAAA,QACnD,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,QACvB,UAAU;AAAA,QACV,QAAQ;AAAA,MACV,CAAC;AACD,aAAO;AAAA,IACT;AAEA,UAAM,iBAAiB,qBAAqB,QAAQ;AAEpD,UAAM,eAAe,MAAM,cAAc;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAEA,UAAM,aAAa,aAAa,OAAO;AAEvC,UAAM,mBAAmB,iCAAiC,cAAc;AAExE,UAAM,UAAU;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,UAAM,qBAAkD,OAAO;AAAA,MAC7D;AAAA,MACA,EAAE,SAAS,iBAAiB;AAAA,IAC9B;AAEA,QAAI,gBAA0B,aAAa,KAAK;AAEhD,QAAI;AACF,sBACG,OAAM,mCAAU,MAAM,oBAAoB,UAAU,YACrD;AAAA,IACJ,SAAS,GAAQ;AACf,sBAAgB,wBAAwB,GAAG,gBAAgB,YAAY;AAAA,IACzE;AAEA,QAAI,WAAW,aAAa,GAAG;AAC7B,aAAO,uBAAuB,gBAAgB,aAAa;AAAA,IAC7D;AAEA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACV;AAIA,QAAI,aAAa,SAAS;AACxB,mBAAa,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC3C,sBAAc,QAAQ,OAAO,KAAK,KAAK;AAAA,MACzC,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,OAAO;AACpB,WAAO,eAAe,SAAS,KAAK;AAAA,EACtC;AAIA,SAAO;AACT;AAIA,MAAM,mCAAmC,CACvC,mBACoD;AACpD,SAAO,CAAC,OAAO,CAAC,MAAM;AACpB,UAAM,MAAM,IAAI,MAAM,mBAAmB,mBAAmB;AAC5D,QAAI,gBACF,KAAK,kBAAkB,OACnB,KACA,KAAK,iBAAiB,eAAe,WAAW,SAAS;AAC/D,UAAM;AAAA,EACR;AACF;AAEA,MAAM,0BAA0B,CAC9B,gBACA,YACA,qBAC2C;AAC3C,SAAQ,CAAC,GAAQ,YAAiB;AAChC,UAAM,WAAW,MAAM;AACrB,YAAM,IAAI,MAAM,mBAAmB,eAAe;AAAA,IACpD;AAEA,UAAM,WAAW,CAAC,QAAgB;AAChC,YAAM,MAAM,IAAI,MAAM,mBAAmB,eAAe;AACxD,UAAI,cAAc;AAClB,YAAM;AAAA,IACR;AAEA,WAAO,cAAc;AAAA,MACnB,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC,EAAE,OAAO;AAAA,EACZ;AACF;AASA,MAAM,0BAA0B,CAC9B,GACA,gBACA,iBACa;AACb,UAAQ,EAAE,SAAS;AAAA,IACjB,KAAK,mBAAmB;AAEtB,aAAO;AAAA,QACL,aAAa;AAAA,UACX,GAAG,eAAe,WAAW,MAAM,UAAU,KAAK,IAAI,CAAC;AAAA,QACzD;AAAA,QACA,UAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,KAAK,mBAAmB;AACtB,aAAO,gBAAgB,EAAE,WAAW;AAAA,IACtC,KAAK,mBAAmB;AACtB,aAAO,eAAe;AAAA,QACpB;AAAA,QACA,SAAS,eAAe;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,gBAAgB,aAAa;AAAA,MAC/B,CAAC,EAAE,iBAAiB,EAAE,eAAe,EAAE,cAAc,CAAC;AAAA,IACxD;AACE,YAAM;AAAA,EACV;AACF;","names":[]}

package/dist/esm/server/protect.js

@@ -0,0 +1,45 @@
+import { constants } from "../constants";
+const createProtect = (opts) => {
+  const { redirectToSignIn, authObject, redirect, notFound, request } = opts;
+  return (...args) => {
+    var _a, _b, _c, _d, _e, _f;
+    const optionValuesAsParam = ((_a = args[0]) == null ? void 0 : _a.unauthenticatedUrl) || ((_b = args[0]) == null ? void 0 : _b.unauthorizedUrl);
+    const paramsOrFunction = optionValuesAsParam ? void 0 : args[0];
+    const unauthenticatedUrl = ((_c = args[0]) == null ? void 0 : _c.unauthenticatedUrl) || ((_d = args[1]) == null ? void 0 : _d.unauthenticatedUrl);
+    const unauthorizedUrl = ((_e = args[0]) == null ? void 0 : _e.unauthorizedUrl) || ((_f = args[1]) == null ? void 0 : _f.unauthorizedUrl);
+    const handleUnauthenticated = () => {
+      if (unauthenticatedUrl) {
+        return redirect(unauthenticatedUrl);
+      }
+      if (isPageRequest(request)) {
+        return redirectToSignIn();
+      }
+      return notFound();
+    };
+    const handleUnauthorized = () => {
+      if (unauthorizedUrl) {
+        return redirect(unauthorizedUrl);
+      }
+      return notFound();
+    };
+    if (!authObject.userId) {
+      return handleUnauthenticated();
+    }
+    if (!paramsOrFunction) {
+      return authObject;
+    }
+    return handleUnauthorized();
+  };
+};
+const isServerActionRequest = (req) => {
+  var _a, _b;
+  return !!req.headers.get(constants.NextHeaders.NextUrl) && (((_a = req.headers.get(constants.Headers.Accept)) == null ? void 0 : _a.includes("text/x-component")) || ((_b = req.headers.get(constants.Headers.ContentType)) == null ? void 0 : _b.includes("multipart/form-data")) || !!req.headers.get(constants.NextHeaders.NextAction));
+};
+const isPageRequest = (req) => {
+  var _a;
+  return req.headers.get(constants.Headers.SecFetchDest) === "document" || ((_a = req.headers.get(constants.Headers.Accept)) == null ? void 0 : _a.includes("text/html")) || !!req.headers.get(constants.NextHeaders.NextUrl) && !isServerActionRequest(req) || !!req.headers.get(constants.NextHeaders.NextjsData);
+};
+export {
+  createProtect
+};
+//# sourceMappingURL=protect.js.map