npm - @cimplify/cli - Versions diffs - 0.7.3 → 0.7.4 - Mend

@cimplify/cli 0.7.3 → 0.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/dist/dispatcher.mjs CHANGED Viewed

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
-import { TEMPLATES } from './chunk-HDIDSQS4.mjs';
-import { package_default } from './chunk-ZKMI5E23.mjs';
+import { TEMPLATES } from './chunk-QOPMMTVI.mjs';
+import { package_default } from './chunk-NTY7JESF.mjs';
 // src/dispatcher.ts
 var VERSION = package_default.version ?? "unknown";
@@ -138,16 +138,16 @@ var COMMANDS = {
   logs: () => import('./logs-YNN2PQ24.mjs'),
   status: () => import('./status-JSYXM5RT.mjs'),
   dev: () => import('./dev-ONW2S77K.mjs'),
-  introspect: () => import('./introspect-45RASBRH.mjs'),
+  introspect: () => import('./introspect-FFB7TA2E.mjs'),
   inspect: () => import('./inspect-CGYX4DDF.mjs'),
-  doctor: () => import('./doctor-DN6RLS6E.mjs'),
-  explain: () => import('./explain-J4JB5QGW.mjs'),
+  doctor: () => import('./doctor-ZVYWEE53.mjs'),
+  explain: () => import('./explain-S6S33HPN.mjs'),
   assets: () => import('./assets-74SK63TR.mjs'),
   repo: () => import('./repo-KNQMSPVV.mjs'),
-  list: () => import('./list-O47PO4UQ.mjs'),
-  add: () => import('./add-ZD5FOTC7.mjs'),
-  update: () => import('./update-CSUNW4RV.mjs'),
-  upgrade: () => import('./update-CSUNW4RV.mjs'),
+  list: () => import('./list-RLWFTEP4.mjs'),
+  add: () => import('./add-4PBCFGM3.mjs'),
+  update: () => import('./update-WH6NDWIM.mjs'),
+  upgrade: () => import('./update-WH6NDWIM.mjs'),
   "auth-step-up": () => import('./auth-step-up-BIUYQJP6.mjs')
 };
 var COMMAND_PREFIXES = {

package/dist/{doctor-DN6RLS6E.mjs → doctor-ZVYWEE53.mjs} RENAMED Viewed

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
-import { gatherIntrospection } from './chunk-YYG5WE4A.mjs';
+import { gatherIntrospection } from './chunk-LRTPNNQG.mjs';
 import './chunk-K5464A3L.mjs';
 import './chunk-DBZ3UOQ2.mjs';
-import './chunk-ZKMI5E23.mjs';
+import './chunk-NTY7JESF.mjs';
 import { parseArgs, flagBool } from './chunk-C4M3DXKC.mjs';
 import { ApiClient } from './chunk-MAOO6ZZ5.mjs';
 import { readAuthOrNull } from './chunk-UBAI443T.mjs';

package/dist/{explain-J4JB5QGW.mjs → explain-S6S33HPN.mjs} RENAMED Viewed

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { package_default } from './chunk-ZKMI5E23.mjs';
+import { package_default } from './chunk-NTY7JESF.mjs';
 import { parseArgs } from './chunk-C4M3DXKC.mjs';
 import { bold, dim, info, result, CliError, CLI_ERROR_CODE } from './chunk-E2T2SBP5.mjs';

package/dist/{introspect-45RASBRH.mjs → introspect-FFB7TA2E.mjs} RENAMED Viewed

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
-export { run as default, extractMockSeed, gatherIntrospection, renderIntrospection } from './chunk-YYG5WE4A.mjs';
+export { run as default, extractMockSeed, gatherIntrospection, renderIntrospection } from './chunk-LRTPNNQG.mjs';
 import './chunk-K5464A3L.mjs';
 import './chunk-DBZ3UOQ2.mjs';
-import './chunk-ZKMI5E23.mjs';
+import './chunk-NTY7JESF.mjs';
 import './chunk-C4M3DXKC.mjs';
 import './chunk-UBAI443T.mjs';
 import './chunk-E2T2SBP5.mjs';

package/dist/{list-O47PO4UQ.mjs → list-RLWFTEP4.mjs} RENAMED Viewed

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { REGISTRY_INDEX } from './chunk-HDIDSQS4.mjs';
+import { REGISTRY_INDEX } from './chunk-QOPMMTVI.mjs';
 import { parseArgs, flagBool } from './chunk-C4M3DXKC.mjs';
 import { CliError, CLI_ERROR_CODE, info, bold, dim, green, result } from './chunk-E2T2SBP5.mjs';

package/dist/{update-CSUNW4RV.mjs → update-WH6NDWIM.mjs} RENAMED Viewed

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { package_default } from './chunk-ZKMI5E23.mjs';
+import { package_default } from './chunk-NTY7JESF.mjs';
 import { promptYesNo } from './chunk-ITAFAORS.mjs';
 import { parseArgs, flagBool, flagString } from './chunk-C4M3DXKC.mjs';
 import { success, bold, info, dim, result, failure, CliError, CLI_ERROR_CODE, step, isJsonMode } from './chunk-E2T2SBP5.mjs';

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cimplify/cli",
-  "version": "0.7.3",
+  "version": "0.7.4",
   "description": "Cimplify CLI — deploy, manage env vars, link projects, and scaffold storefronts",
   "keywords": [
     "cimplify",
@@ -45,6 +45,6 @@
     "vitest": "^4.1.5"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.55.0"
+    "@cimplify/sdk": "^0.56.0"
   }
 }

package/templates/storefront-auto/app/auth/signout/route.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { buildSignoutCookie } from "@cimplify/sdk/server";
+import { buildSignoutCookies } from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 export async function POST(): Promise<Response> {
-  const cookie = buildSignoutCookie({ clientId: CLIENT_ID });
-  return new Response(JSON.stringify({ ok: true }), {
-    status: 200,
-    headers: { "Content-Type": "application/json", "Set-Cookie": cookie },
-  });
+  const headers = new Headers({ "Content-Type": "application/json" });
+  for (const cookie of buildSignoutCookies({ clientId: CLIENT_ID })) {
+    headers.append("Set-Cookie", cookie);
+  }
+  return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
 }

package/templates/storefront-auto/components/account-pill.tsx CHANGED Viewed

@@ -7,15 +7,8 @@ import { signInSilent } from "@cimplify/sdk";
 const CLIENT_ID = process.env.NEXT_PUBLIC_CIMPLIFY_CLIENT_ID ?? "";
-/**
- * Header sign-in / signed-in pill.
- *
- * - Tries cross-storefront SSO once on mount. If the shopper signed
- *   into any other Cimplify storefront recently, this resolves
- *   silently and the session lands without any UI flicker.
- * - When signed in, renders "Hi, {name}" linking to /account.
- * - When not signed in, renders the Cimplify Sign-In button.
- */
+// Attempts silent SSO on mount before showing the button so returning
+// shoppers don't see a flash of "Sign in" before landing as signed in.
 export function AccountPill() {
   const { session, loading, refresh } = useCimplifySession();
   const triedSilent = useRef(false);

package/templates/storefront-auto/lib/auth.ts CHANGED Viewed

@@ -1,16 +1,35 @@
 import { headers } from "next/headers";
-import { getSessionFromCookieHeader, type CimplifySession } from "@cimplify/sdk/server";
+import {
+  getAccessTokenFromCookieHeader,
+  getServerClient,
+  getSessionFromCookieHeader,
+  type CimplifyClient,
+  type CimplifySession,
+} from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 const AUTH_URL = process.env.CIMPLIFY_AUTH_URL;
+const oidcConfig = { clientId: CLIENT_ID, authUrl: AUTH_URL };
 export async function getSession(): Promise<CimplifySession | null> {
   if (!CLIENT_ID) return null;
   const cookieHeader = (await headers()).get("cookie");
-  return getSessionFromCookieHeader(
-    { clientId: CLIENT_ID, authUrl: AUTH_URL },
-    cookieHeader,
-  );
+  return getSessionFromCookieHeader(oidcConfig, cookieHeader);
+}
+// Returns a Cimplify server client with the signed-in customer's access
+// token attached (if any). Use this instead of getServerClient() on pages
+// that need personalized data: orders, subscriptions, price-list pricing.
+// Pages without `revalidate: 0` will share a cache across customers, so
+// only use this on routes that opt out of static caching.
+export async function getAuthenticatedServerClient(): Promise<CimplifyClient> {
+  const cookieHeader = (await headers()).get("cookie");
+  const accessToken =
+    CLIENT_ID && cookieHeader
+      ? getAccessTokenFromCookieHeader(oidcConfig, cookieHeader) ?? undefined
+      : undefined;
+  return getServerClient({ accessToken });
 }
 export type { CimplifySession } from "@cimplify/sdk/server";

package/templates/storefront-auto/package.json CHANGED Viewed

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.55.0",
+    "@cimplify/sdk": "^0.56.0",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-bakery/app/auth/signout/route.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { buildSignoutCookie } from "@cimplify/sdk/server";
+import { buildSignoutCookies } from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 export async function POST(): Promise<Response> {
-  const cookie = buildSignoutCookie({ clientId: CLIENT_ID });
-  return new Response(JSON.stringify({ ok: true }), {
-    status: 200,
-    headers: { "Content-Type": "application/json", "Set-Cookie": cookie },
-  });
+  const headers = new Headers({ "Content-Type": "application/json" });
+  for (const cookie of buildSignoutCookies({ clientId: CLIENT_ID })) {
+    headers.append("Set-Cookie", cookie);
+  }
+  return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
 }

package/templates/storefront-bakery/components/account-pill.tsx CHANGED Viewed

@@ -7,15 +7,8 @@ import { signInSilent } from "@cimplify/sdk";
 const CLIENT_ID = process.env.NEXT_PUBLIC_CIMPLIFY_CLIENT_ID ?? "";
-/**
- * Header sign-in / signed-in pill.
- *
- * - Tries cross-storefront SSO once on mount. If the shopper signed
- *   into any other Cimplify storefront recently, this resolves
- *   silently and the session lands without any UI flicker.
- * - When signed in, renders "Hi, {name}" linking to /account.
- * - When not signed in, renders the Cimplify Sign-In button.
- */
+// Attempts silent SSO on mount before showing the button so returning
+// shoppers don't see a flash of "Sign in" before landing as signed in.
 export function AccountPill() {
   const { session, loading, refresh } = useCimplifySession();
   const triedSilent = useRef(false);

package/templates/storefront-bakery/lib/auth.ts CHANGED Viewed

@@ -1,16 +1,35 @@
 import { headers } from "next/headers";
-import { getSessionFromCookieHeader, type CimplifySession } from "@cimplify/sdk/server";
+import {
+  getAccessTokenFromCookieHeader,
+  getServerClient,
+  getSessionFromCookieHeader,
+  type CimplifyClient,
+  type CimplifySession,
+} from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 const AUTH_URL = process.env.CIMPLIFY_AUTH_URL;
+const oidcConfig = { clientId: CLIENT_ID, authUrl: AUTH_URL };
 export async function getSession(): Promise<CimplifySession | null> {
   if (!CLIENT_ID) return null;
   const cookieHeader = (await headers()).get("cookie");
-  return getSessionFromCookieHeader(
-    { clientId: CLIENT_ID, authUrl: AUTH_URL },
-    cookieHeader,
-  );
+  return getSessionFromCookieHeader(oidcConfig, cookieHeader);
+}
+// Returns a Cimplify server client with the signed-in customer's access
+// token attached (if any). Use this instead of getServerClient() on pages
+// that need personalized data: orders, subscriptions, price-list pricing.
+// Pages without `revalidate: 0` will share a cache across customers, so
+// only use this on routes that opt out of static caching.
+export async function getAuthenticatedServerClient(): Promise<CimplifyClient> {
+  const cookieHeader = (await headers()).get("cookie");
+  const accessToken =
+    CLIENT_ID && cookieHeader
+      ? getAccessTokenFromCookieHeader(oidcConfig, cookieHeader) ?? undefined
+      : undefined;
+  return getServerClient({ accessToken });
 }
 export type { CimplifySession } from "@cimplify/sdk/server";

package/templates/storefront-bakery/package.json CHANGED Viewed

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.55.0",
+    "@cimplify/sdk": "^0.56.0",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-fashion/app/auth/signout/route.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { buildSignoutCookie } from "@cimplify/sdk/server";
+import { buildSignoutCookies } from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 export async function POST(): Promise<Response> {
-  const cookie = buildSignoutCookie({ clientId: CLIENT_ID });
-  return new Response(JSON.stringify({ ok: true }), {
-    status: 200,
-    headers: { "Content-Type": "application/json", "Set-Cookie": cookie },
-  });
+  const headers = new Headers({ "Content-Type": "application/json" });
+  for (const cookie of buildSignoutCookies({ clientId: CLIENT_ID })) {
+    headers.append("Set-Cookie", cookie);
+  }
+  return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
 }

package/templates/storefront-fashion/components/account-pill.tsx CHANGED Viewed

@@ -7,15 +7,8 @@ import { signInSilent } from "@cimplify/sdk";
 const CLIENT_ID = process.env.NEXT_PUBLIC_CIMPLIFY_CLIENT_ID ?? "";
-/**
- * Header sign-in / signed-in pill.
- *
- * - Tries cross-storefront SSO once on mount. If the shopper signed
- *   into any other Cimplify storefront recently, this resolves
- *   silently and the session lands without any UI flicker.
- * - When signed in, renders "Hi, {name}" linking to /account.
- * - When not signed in, renders the Cimplify Sign-In button.
- */
+// Attempts silent SSO on mount before showing the button so returning
+// shoppers don't see a flash of "Sign in" before landing as signed in.
 export function AccountPill() {
   const { session, loading, refresh } = useCimplifySession();
   const triedSilent = useRef(false);

package/templates/storefront-fashion/lib/auth.ts CHANGED Viewed

@@ -1,16 +1,35 @@
 import { headers } from "next/headers";
-import { getSessionFromCookieHeader, type CimplifySession } from "@cimplify/sdk/server";
+import {
+  getAccessTokenFromCookieHeader,
+  getServerClient,
+  getSessionFromCookieHeader,
+  type CimplifyClient,
+  type CimplifySession,
+} from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 const AUTH_URL = process.env.CIMPLIFY_AUTH_URL;
+const oidcConfig = { clientId: CLIENT_ID, authUrl: AUTH_URL };
 export async function getSession(): Promise<CimplifySession | null> {
   if (!CLIENT_ID) return null;
   const cookieHeader = (await headers()).get("cookie");
-  return getSessionFromCookieHeader(
-    { clientId: CLIENT_ID, authUrl: AUTH_URL },
-    cookieHeader,
-  );
+  return getSessionFromCookieHeader(oidcConfig, cookieHeader);
+}
+// Returns a Cimplify server client with the signed-in customer's access
+// token attached (if any). Use this instead of getServerClient() on pages
+// that need personalized data: orders, subscriptions, price-list pricing.
+// Pages without `revalidate: 0` will share a cache across customers, so
+// only use this on routes that opt out of static caching.
+export async function getAuthenticatedServerClient(): Promise<CimplifyClient> {
+  const cookieHeader = (await headers()).get("cookie");
+  const accessToken =
+    CLIENT_ID && cookieHeader
+      ? getAccessTokenFromCookieHeader(oidcConfig, cookieHeader) ?? undefined
+      : undefined;
+  return getServerClient({ accessToken });
 }
 export type { CimplifySession } from "@cimplify/sdk/server";

package/templates/storefront-fashion/package.json CHANGED Viewed

@@ -19,7 +19,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.55.0",
+    "@cimplify/sdk": "^0.56.0",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-grocery/app/auth/signout/route.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { buildSignoutCookie } from "@cimplify/sdk/server";
+import { buildSignoutCookies } from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 export async function POST(): Promise<Response> {
-  const cookie = buildSignoutCookie({ clientId: CLIENT_ID });
-  return new Response(JSON.stringify({ ok: true }), {
-    status: 200,
-    headers: { "Content-Type": "application/json", "Set-Cookie": cookie },
-  });
+  const headers = new Headers({ "Content-Type": "application/json" });
+  for (const cookie of buildSignoutCookies({ clientId: CLIENT_ID })) {
+    headers.append("Set-Cookie", cookie);
+  }
+  return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
 }

package/templates/storefront-grocery/components/account-pill.tsx CHANGED Viewed

@@ -7,15 +7,8 @@ import { signInSilent } from "@cimplify/sdk";
 const CLIENT_ID = process.env.NEXT_PUBLIC_CIMPLIFY_CLIENT_ID ?? "";
-/**
- * Header sign-in / signed-in pill.
- *
- * - Tries cross-storefront SSO once on mount. If the shopper signed
- *   into any other Cimplify storefront recently, this resolves
- *   silently and the session lands without any UI flicker.
- * - When signed in, renders "Hi, {name}" linking to /account.
- * - When not signed in, renders the Cimplify Sign-In button.
- */
+// Attempts silent SSO on mount before showing the button so returning
+// shoppers don't see a flash of "Sign in" before landing as signed in.
 export function AccountPill() {
   const { session, loading, refresh } = useCimplifySession();
   const triedSilent = useRef(false);

package/templates/storefront-grocery/lib/auth.ts CHANGED Viewed

@@ -1,16 +1,35 @@
 import { headers } from "next/headers";
-import { getSessionFromCookieHeader, type CimplifySession } from "@cimplify/sdk/server";
+import {
+  getAccessTokenFromCookieHeader,
+  getServerClient,
+  getSessionFromCookieHeader,
+  type CimplifyClient,
+  type CimplifySession,
+} from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 const AUTH_URL = process.env.CIMPLIFY_AUTH_URL;
+const oidcConfig = { clientId: CLIENT_ID, authUrl: AUTH_URL };
 export async function getSession(): Promise<CimplifySession | null> {
   if (!CLIENT_ID) return null;
   const cookieHeader = (await headers()).get("cookie");
-  return getSessionFromCookieHeader(
-    { clientId: CLIENT_ID, authUrl: AUTH_URL },
-    cookieHeader,
-  );
+  return getSessionFromCookieHeader(oidcConfig, cookieHeader);
+}
+// Returns a Cimplify server client with the signed-in customer's access
+// token attached (if any). Use this instead of getServerClient() on pages
+// that need personalized data: orders, subscriptions, price-list pricing.
+// Pages without `revalidate: 0` will share a cache across customers, so
+// only use this on routes that opt out of static caching.
+export async function getAuthenticatedServerClient(): Promise<CimplifyClient> {
+  const cookieHeader = (await headers()).get("cookie");
+  const accessToken =
+    CLIENT_ID && cookieHeader
+      ? getAccessTokenFromCookieHeader(oidcConfig, cookieHeader) ?? undefined
+      : undefined;
+  return getServerClient({ accessToken });
 }
 export type { CimplifySession } from "@cimplify/sdk/server";

package/templates/storefront-grocery/package.json CHANGED Viewed

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.55.0",
+    "@cimplify/sdk": "^0.56.0",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-pharmacy/app/auth/signout/route.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { buildSignoutCookie } from "@cimplify/sdk/server";
+import { buildSignoutCookies } from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 export async function POST(): Promise<Response> {
-  const cookie = buildSignoutCookie({ clientId: CLIENT_ID });
-  return new Response(JSON.stringify({ ok: true }), {
-    status: 200,
-    headers: { "Content-Type": "application/json", "Set-Cookie": cookie },
-  });
+  const headers = new Headers({ "Content-Type": "application/json" });
+  for (const cookie of buildSignoutCookies({ clientId: CLIENT_ID })) {
+    headers.append("Set-Cookie", cookie);
+  }
+  return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
 }

package/templates/storefront-pharmacy/components/account-pill.tsx CHANGED Viewed

@@ -7,15 +7,8 @@ import { signInSilent } from "@cimplify/sdk";
 const CLIENT_ID = process.env.NEXT_PUBLIC_CIMPLIFY_CLIENT_ID ?? "";
-/**
- * Header sign-in / signed-in pill.
- *
- * - Tries cross-storefront SSO once on mount. If the shopper signed
- *   into any other Cimplify storefront recently, this resolves
- *   silently and the session lands without any UI flicker.
- * - When signed in, renders "Hi, {name}" linking to /account.
- * - When not signed in, renders the Cimplify Sign-In button.
- */
+// Attempts silent SSO on mount before showing the button so returning
+// shoppers don't see a flash of "Sign in" before landing as signed in.
 export function AccountPill() {
   const { session, loading, refresh } = useCimplifySession();
   const triedSilent = useRef(false);

package/templates/storefront-pharmacy/lib/auth.ts CHANGED Viewed

@@ -1,16 +1,35 @@
 import { headers } from "next/headers";
-import { getSessionFromCookieHeader, type CimplifySession } from "@cimplify/sdk/server";
+import {
+  getAccessTokenFromCookieHeader,
+  getServerClient,
+  getSessionFromCookieHeader,
+  type CimplifyClient,
+  type CimplifySession,
+} from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 const AUTH_URL = process.env.CIMPLIFY_AUTH_URL;
+const oidcConfig = { clientId: CLIENT_ID, authUrl: AUTH_URL };
 export async function getSession(): Promise<CimplifySession | null> {
   if (!CLIENT_ID) return null;
   const cookieHeader = (await headers()).get("cookie");
-  return getSessionFromCookieHeader(
-    { clientId: CLIENT_ID, authUrl: AUTH_URL },
-    cookieHeader,
-  );
+  return getSessionFromCookieHeader(oidcConfig, cookieHeader);
+}
+// Returns a Cimplify server client with the signed-in customer's access
+// token attached (if any). Use this instead of getServerClient() on pages
+// that need personalized data: orders, subscriptions, price-list pricing.
+// Pages without `revalidate: 0` will share a cache across customers, so
+// only use this on routes that opt out of static caching.
+export async function getAuthenticatedServerClient(): Promise<CimplifyClient> {
+  const cookieHeader = (await headers()).get("cookie");
+  const accessToken =
+    CLIENT_ID && cookieHeader
+      ? getAccessTokenFromCookieHeader(oidcConfig, cookieHeader) ?? undefined
+      : undefined;
+  return getServerClient({ accessToken });
 }
 export type { CimplifySession } from "@cimplify/sdk/server";

package/templates/storefront-pharmacy/package.json CHANGED Viewed

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.55.0",
+    "@cimplify/sdk": "^0.56.0",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-restaurant/app/auth/signout/route.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { buildSignoutCookie } from "@cimplify/sdk/server";
+import { buildSignoutCookies } from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 export async function POST(): Promise<Response> {
-  const cookie = buildSignoutCookie({ clientId: CLIENT_ID });
-  return new Response(JSON.stringify({ ok: true }), {
-    status: 200,
-    headers: { "Content-Type": "application/json", "Set-Cookie": cookie },
-  });
+  const headers = new Headers({ "Content-Type": "application/json" });
+  for (const cookie of buildSignoutCookies({ clientId: CLIENT_ID })) {
+    headers.append("Set-Cookie", cookie);
+  }
+  return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
 }

package/templates/storefront-restaurant/components/account-pill.tsx CHANGED Viewed

@@ -7,15 +7,8 @@ import { signInSilent } from "@cimplify/sdk";
 const CLIENT_ID = process.env.NEXT_PUBLIC_CIMPLIFY_CLIENT_ID ?? "";
-/**
- * Header sign-in / signed-in pill.
- *
- * - Tries cross-storefront SSO once on mount. If the shopper signed
- *   into any other Cimplify storefront recently, this resolves
- *   silently and the session lands without any UI flicker.
- * - When signed in, renders "Hi, {name}" linking to /account.
- * - When not signed in, renders the Cimplify Sign-In button.
- */
+// Attempts silent SSO on mount before showing the button so returning
+// shoppers don't see a flash of "Sign in" before landing as signed in.
 export function AccountPill() {
   const { session, loading, refresh } = useCimplifySession();
   const triedSilent = useRef(false);

package/templates/storefront-restaurant/lib/auth.ts CHANGED Viewed

@@ -1,16 +1,35 @@
 import { headers } from "next/headers";
-import { getSessionFromCookieHeader, type CimplifySession } from "@cimplify/sdk/server";
+import {
+  getAccessTokenFromCookieHeader,
+  getServerClient,
+  getSessionFromCookieHeader,
+  type CimplifyClient,
+  type CimplifySession,
+} from "@cimplify/sdk/server";
 const CLIENT_ID = process.env.CIMPLIFY_CLIENT_ID ?? "";
 const AUTH_URL = process.env.CIMPLIFY_AUTH_URL;
+const oidcConfig = { clientId: CLIENT_ID, authUrl: AUTH_URL };
 export async function getSession(): Promise<CimplifySession | null> {
   if (!CLIENT_ID) return null;
   const cookieHeader = (await headers()).get("cookie");
-  return getSessionFromCookieHeader(
-    { clientId: CLIENT_ID, authUrl: AUTH_URL },
-    cookieHeader,
-  );
+  return getSessionFromCookieHeader(oidcConfig, cookieHeader);
+}
+// Returns a Cimplify server client with the signed-in customer's access
+// token attached (if any). Use this instead of getServerClient() on pages
+// that need personalized data: orders, subscriptions, price-list pricing.
+// Pages without `revalidate: 0` will share a cache across customers, so
+// only use this on routes that opt out of static caching.
+export async function getAuthenticatedServerClient(): Promise<CimplifyClient> {
+  const cookieHeader = (await headers()).get("cookie");
+  const accessToken =
+    CLIENT_ID && cookieHeader
+      ? getAccessTokenFromCookieHeader(oidcConfig, cookieHeader) ?? undefined
+      : undefined;
+  return getServerClient({ accessToken });
 }
 export type { CimplifySession } from "@cimplify/sdk/server";