@insforge/nextjs 0.8.13 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/dist/api/index.d.ts +2 -0
  2. package/dist/client-boundary/components.d.ts +2 -0
  3. package/dist/client-boundary/hooks.d.ts +1 -0
  4. package/dist/client-boundary/provider.d.ts +3 -0
  5. package/dist/esm/api/index.js +5 -0
  6. package/dist/esm/api/index.js.map +1 -0
  7. package/dist/{api.mjs → esm/api/route-handlers.js} +1 -4
  8. package/dist/esm/api/route-handlers.js.map +1 -0
  9. package/dist/esm/client-boundary/components.js +68 -0
  10. package/dist/esm/client-boundary/components.js.map +1 -0
  11. package/dist/esm/client-boundary/hooks.js +8 -0
  12. package/dist/esm/client-boundary/hooks.js.map +1 -0
  13. package/dist/esm/client-boundary/provider.js +7 -0
  14. package/dist/esm/client-boundary/provider.js.map +1 -0
  15. package/dist/esm/index.js +77 -0
  16. package/dist/esm/index.js.map +1 -0
  17. package/dist/esm/lib/utils.js +9 -0
  18. package/dist/esm/lib/utils.js.map +1 -0
  19. package/dist/{middleware.mjs → esm/middleware/InsforgeMiddleware.js} +1 -4
  20. package/dist/esm/middleware/InsforgeMiddleware.js.map +1 -0
  21. package/dist/esm/middleware/index.js +7 -0
  22. package/dist/esm/middleware/index.js.map +1 -0
  23. package/dist/esm/navigation/NextNavigationAdapter.js +25 -0
  24. package/dist/esm/navigation/NextNavigationAdapter.js.map +1 -0
  25. package/dist/esm/navigation/index.js +5 -0
  26. package/dist/esm/navigation/index.js.map +1 -0
  27. package/dist/{index.mjs → esm/provider/InsforgeProvider.js} +8 -22
  28. package/dist/esm/provider/InsforgeProvider.js.map +1 -0
  29. package/dist/index.d.ts +8 -20
  30. package/dist/lib/utils.d.ts +5 -0
  31. package/dist/middleware/index.d.ts +2 -0
  32. package/dist/navigation/NextNavigationAdapter.d.ts +5 -0
  33. package/dist/navigation/index.d.ts +2 -0
  34. package/dist/provider/InsforgeProvider.d.ts +7 -0
  35. package/package.json +13 -17
  36. package/dist/api.d.ts +0 -39
  37. package/dist/api.js +0 -268
  38. package/dist/api.js.map +0 -1
  39. package/dist/api.mjs.map +0 -1
  40. package/dist/index.d.mts +0 -20
  41. package/dist/index.js +0 -94
  42. package/dist/index.js.map +0 -1
  43. package/dist/index.mjs.map +0 -1
  44. package/dist/middleware.d.ts +0 -15
  45. package/dist/middleware.js +0 -98
  46. package/dist/middleware.js.map +0 -1
  47. package/dist/middleware.mjs.map +0 -1
  48. /package/dist/{api.d.mts → api/route-handlers.d.ts} +0 -0
  49. /package/dist/{middleware.d.mts → middleware/InsforgeMiddleware.d.ts} +0 -0
package/dist/api.js DELETED
@@ -1,268 +0,0 @@
1
- "use client";
2
- "use strict";
3
- var __defProp = Object.defineProperty;
4
- var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
- var __getOwnPropNames = Object.getOwnPropertyNames;
6
- var __hasOwnProp = Object.prototype.hasOwnProperty;
7
- var __export = (target, all) => {
8
- for (var name in all)
9
- __defProp(target, name, { get: all[name], enumerable: true });
10
- };
11
- var __copyProps = (to, from, except, desc) => {
12
- if (from && typeof from === "object" || typeof from === "function") {
13
- for (let key of __getOwnPropNames(from))
14
- if (!__hasOwnProp.call(to, key) && key !== except)
15
- __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
16
- }
17
- return to;
18
- };
19
- var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
20
-
21
- // src/api/index.ts
22
- var api_exports = {};
23
- __export(api_exports, {
24
- createAuthRouteHandlers: () => createAuthRouteHandlers
25
- });
26
- module.exports = __toCommonJS(api_exports);
27
-
28
- // src/api/route-handlers.ts
29
- var import_server = require("next/server");
30
- var import_sdk = require("@insforge/sdk");
31
- function createAuthRouteHandlers(config) {
32
- const {
33
- baseUrl,
34
- cookieName = "insforge_token",
35
- cookieMaxAge = 7 * 24 * 60 * 60
36
- // 7 days
37
- } = config;
38
- const insforge = (0, import_sdk.createClient)({ baseUrl });
39
- function setAuthCookie(response, token) {
40
- const isProduction = process.env.NODE_ENV === "production";
41
- const secure = config.secure ?? isProduction;
42
- response.cookies.set({
43
- name: cookieName,
44
- value: token,
45
- httpOnly: true,
46
- // Cannot be accessed by JavaScript
47
- secure,
48
- // Only sent over HTTPS in production
49
- sameSite: "lax",
50
- maxAge: cookieMaxAge,
51
- path: "/"
52
- });
53
- return response;
54
- }
55
- function clearAuthCookie(response) {
56
- response.cookies.set({
57
- name: cookieName,
58
- value: "",
59
- httpOnly: true,
60
- secure: config.secure ?? process.env.NODE_ENV === "production",
61
- sameSite: "lax",
62
- maxAge: 0,
63
- path: "/"
64
- });
65
- return response;
66
- }
67
- async function POST(request) {
68
- try {
69
- const body = await request.json();
70
- const { action, email, password } = body;
71
- if (!action) {
72
- return import_server.NextResponse.json(
73
- { error: "Action is required" },
74
- { status: 400 }
75
- );
76
- }
77
- switch (action) {
78
- case "sign-in": {
79
- if (!email || !password) {
80
- return import_server.NextResponse.json(
81
- { error: "Email and password are required" },
82
- { status: 400 }
83
- );
84
- }
85
- const result = await insforge.auth.signInWithPassword({
86
- email,
87
- password
88
- });
89
- if (result.error) {
90
- return import_server.NextResponse.json(
91
- { error: result.error.message },
92
- { status: 401 }
93
- );
94
- }
95
- if (!result.data || !result.data.user) {
96
- return import_server.NextResponse.json(
97
- { error: "Authentication failed" },
98
- { status: 401 }
99
- );
100
- }
101
- const response = import_server.NextResponse.json({
102
- user: result.data.user,
103
- session: {
104
- userId: result.data.user.id,
105
- expiresAt: "",
106
- createdAt: (/* @__PURE__ */ new Date()).toISOString()
107
- }
108
- });
109
- setAuthCookie(response, result.data.accessToken || "");
110
- return response;
111
- }
112
- case "sign-up": {
113
- if (!email || !password) {
114
- return import_server.NextResponse.json(
115
- { error: "Email and password are required" },
116
- { status: 400 }
117
- );
118
- }
119
- const result = await insforge.auth.signUp({ email, password });
120
- if (result.error) {
121
- return import_server.NextResponse.json(
122
- { error: result.error.message },
123
- { status: 400 }
124
- );
125
- }
126
- if (!result.data || !result.data.user) {
127
- return import_server.NextResponse.json(
128
- { error: "Sign up failed" },
129
- { status: 400 }
130
- );
131
- }
132
- const response = import_server.NextResponse.json({
133
- user: result.data.user,
134
- session: {
135
- userId: result.data.user.id,
136
- expiresAt: "",
137
- createdAt: (/* @__PURE__ */ new Date()).toISOString()
138
- }
139
- });
140
- setAuthCookie(response, result.data.accessToken || "");
141
- return response;
142
- }
143
- case "sync-token": {
144
- const { token } = body;
145
- if (!token) {
146
- return import_server.NextResponse.json(
147
- { error: "Token is required" },
148
- { status: 400 }
149
- );
150
- }
151
- try {
152
- const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {
153
- headers: {
154
- Authorization: `Bearer ${token}`,
155
- "Content-Type": "application/json"
156
- }
157
- });
158
- if (!response.ok) {
159
- const errorText = await response.text();
160
- console.error("[Auth API] Token validation failed:", errorText);
161
- return import_server.NextResponse.json(
162
- { error: "Invalid token", details: errorText },
163
- { status: 401 }
164
- );
165
- }
166
- const session = await response.json();
167
- const nextResponse = import_server.NextResponse.json({
168
- user: session.user,
169
- session: {
170
- userId: session.user.id,
171
- expiresAt: "",
172
- createdAt: (/* @__PURE__ */ new Date()).toISOString()
173
- }
174
- });
175
- setAuthCookie(nextResponse, token);
176
- return nextResponse;
177
- } catch (error) {
178
- console.error("[Auth API] Token validation error:", error);
179
- return import_server.NextResponse.json(
180
- { error: "Token validation failed", details: String(error) },
181
- { status: 401 }
182
- );
183
- }
184
- }
185
- default:
186
- return import_server.NextResponse.json(
187
- { error: "Invalid action" },
188
- { status: 400 }
189
- );
190
- }
191
- } catch (error) {
192
- console.error("[Auth API Error]:", error);
193
- return import_server.NextResponse.json(
194
- { error: "Internal server error" },
195
- { status: 500 }
196
- );
197
- }
198
- }
199
- async function GET(request) {
200
- try {
201
- const token = request.cookies.get(cookieName)?.value;
202
- if (!token) {
203
- return import_server.NextResponse.json({ user: null, session: null });
204
- }
205
- const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {
206
- headers: {
207
- Authorization: `Bearer ${token}`,
208
- "Content-Type": "application/json"
209
- }
210
- });
211
- if (!response.ok) {
212
- const nextResponse = import_server.NextResponse.json({ user: null, session: null });
213
- clearAuthCookie(nextResponse);
214
- return nextResponse;
215
- }
216
- const session = await response.json();
217
- return import_server.NextResponse.json({
218
- user: session.user,
219
- session: {
220
- userId: session.user.id,
221
- token,
222
- expiresAt: "",
223
- createdAt: (/* @__PURE__ */ new Date()).toISOString()
224
- }
225
- });
226
- } catch (error) {
227
- console.error("[Auth API Error]:", error);
228
- return import_server.NextResponse.json({ user: null, session: null });
229
- }
230
- }
231
- async function DELETE(request) {
232
- try {
233
- const token = request.cookies.get(cookieName)?.value;
234
- if (token) {
235
- try {
236
- await fetch(`${baseUrl}/auth/sessions/current`, {
237
- method: "DELETE",
238
- headers: {
239
- Authorization: `Bearer ${token}`,
240
- "Content-Type": "application/json"
241
- }
242
- });
243
- } catch (error) {
244
- console.error("[Auth API] Sign out error:", error);
245
- }
246
- }
247
- const response = import_server.NextResponse.json({ success: true });
248
- clearAuthCookie(response);
249
- return response;
250
- } catch (error) {
251
- console.error("[Auth API Error]:", error);
252
- return import_server.NextResponse.json(
253
- { error: "Internal server error" },
254
- { status: 500 }
255
- );
256
- }
257
- }
258
- return {
259
- POST,
260
- GET,
261
- DELETE
262
- };
263
- }
264
- // Annotate the CommonJS export names for ESM import in node:
265
- 0 && (module.exports = {
266
- createAuthRouteHandlers
267
- });
268
- //# sourceMappingURL=api.js.map
package/dist/api.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/api/index.ts","../src/api/route-handlers.ts"],"sourcesContent":["export { createAuthRouteHandlers } from './route-handlers';\r\nexport type { AuthRouteConfig } from './route-handlers';","import { NextRequest, NextResponse } from 'next/server';\nimport { createClient } from '@insforge/sdk';\n\nexport interface AuthRouteConfig {\n /**\n * Base URL of your Insforge backend\n */\n baseUrl: string;\n\n /**\n * Cookie name for the auth token\n * @default 'insforge_token'\n */\n cookieName?: string;\n\n /**\n * Cookie max age in seconds (default: 7 days)\n * @default 604800\n */\n cookieMaxAge?: number;\n\n /**\n * Whether to use secure cookies (HTTPS only)\n * Auto-detected based on environment\n */\n secure?: boolean;\n}\n\n/**\n * Creates authentication route handlers for Next.js App Router\n * These handlers set HTTP-only cookies that can be read by middleware\n *\n * @example\n * ```ts\n * // app/api/auth/[...auth]/route.ts\n * import { createAuthRouteHandlers } from '@insforge/nextjs/api';\n *\n * const handlers = createAuthRouteHandlers({\n * baseUrl: process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!,\n * });\n *\n * export const POST = handlers.POST;\n * export const GET = handlers.GET;\n * export const DELETE = handlers.DELETE;\n * ```\n */\nexport function createAuthRouteHandlers(config: AuthRouteConfig) {\n const {\n baseUrl,\n cookieName = 'insforge_token',\n cookieMaxAge = 7 * 24 * 60 * 60, // 7 days\n } = config;\n\n const insforge = createClient({ baseUrl });\n\n /**\n * Helper to set auth cookie\n */\n function setAuthCookie(response: NextResponse, token: string) {\n // NODE_ENV is automatically set by Next.js runtime ('development' | 'production' | 'test')\n // In production, cookies are sent over HTTPS only (secure flag)\n const isProduction = process.env.NODE_ENV === 'production';\n const secure = config.secure ?? isProduction;\n\n response.cookies.set({\n name: cookieName,\n value: token,\n httpOnly: true, // Cannot be accessed by JavaScript\n secure, // Only sent over HTTPS in production\n sameSite: 'lax',\n maxAge: cookieMaxAge,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * Helper to clear auth cookie\n */\n function clearAuthCookie(response: NextResponse) {\n response.cookies.set({\n name: cookieName,\n value: '',\n httpOnly: true,\n secure: config.secure ?? (process.env.NODE_ENV === 'production'),\n sameSite: 'lax',\n maxAge: 0,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * POST handler for authentication actions\n * Supports: sign-in, sign-up\n */\n async function POST(request: NextRequest) {\n try {\n const body = await request.json();\n const { action, email, password } = body;\n\n if (!action) {\n return NextResponse.json(\n { error: 'Action is required' },\n { status: 400 }\n );\n }\n\n switch (action) {\n case 'sign-in': {\n if (!email || !password) {\n return NextResponse.json(\n { error: 'Email and password are required' },\n { status: 400 }\n );\n }\n\n const result = await insforge.auth.signInWithPassword({\n email,\n password,\n });\n\n if (result.error) {\n return NextResponse.json(\n { error: result.error.message },\n { status: 401 }\n );\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json(\n { error: 'Authentication failed' },\n { status: 401 }\n );\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookie(response, result.data.accessToken || '');\n\n return response;\n }\n\n case 'sign-up': {\n if (!email || !password) {\n return NextResponse.json(\n { error: 'Email and password are required' },\n { status: 400 }\n );\n }\n\n const result = await insforge.auth.signUp({ email, password });\n\n if (result.error) {\n return NextResponse.json(\n { error: result.error.message },\n { status: 400 }\n );\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json(\n { error: 'Sign up failed' },\n { status: 400 }\n );\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookie(response, result.data.accessToken || '');\n\n return response;\n }\n\n case 'sync-token': {\n // Syncs a token from localStorage to HTTP-only cookie\n const { token } = body;\n\n if (!token) {\n return NextResponse.json(\n { error: 'Token is required' },\n { status: 400 }\n );\n }\n\n // Verify the token is valid by checking with backend\n try {\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const errorText = await response.text();\n console.error('[Auth API] Token validation failed:', errorText);\n return NextResponse.json(\n { error: 'Invalid token', details: errorText },\n { status: 401 }\n );\n }\n\n const session = await response.json();\n\n const nextResponse = NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookie(nextResponse, token);\n\n return nextResponse;\n } catch (error) {\n console.error('[Auth API] Token validation error:', error);\n return NextResponse.json(\n { error: 'Token validation failed', details: String(error) },\n { status: 401 }\n );\n }\n }\n\n default:\n return NextResponse.json(\n { error: 'Invalid action' },\n { status: 400 }\n );\n }\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json(\n { error: 'Internal server error' },\n { status: 500 }\n );\n }\n }\n\n /**\n * GET handler to check current session\n */\n async function GET(request: NextRequest) {\n try {\n const token = request.cookies.get(cookieName)?.value;\n\n if (!token) {\n return NextResponse.json({ user: null, session: null });\n }\n\n // Verify token with backend\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const nextResponse = NextResponse.json({ user: null, session: null });\n clearAuthCookie(nextResponse);\n return nextResponse;\n }\n\n const session = await response.json();\n\n return NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n token,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ user: null, session: null });\n }\n }\n\n /**\n * DELETE handler for sign out\n */\n async function DELETE(request: NextRequest) {\n try {\n const token = request.cookies.get(cookieName)?.value;\n\n if (token) {\n // Call backend sign out\n try {\n await fetch(`${baseUrl}/auth/sessions/current`, {\n method: 'DELETE',\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n } catch (error) {\n // Ignore backend errors during sign out\n console.error('[Auth API] Sign out error:', error);\n }\n }\n\n const response = NextResponse.json({ success: true });\n clearAuthCookie(response);\n\n return response;\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json(\n { error: 'Internal server error' },\n { status: 500 }\n );\n }\n }\n\n return {\n POST,\n GET,\n DELETE,\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA0C;AAC1C,iBAA6B;AA6CtB,SAAS,wBAAwB,QAAyB;AAC/D,QAAM;AAAA,IACJ;AAAA,IACA,aAAa;AAAA,IACb,eAAe,IAAI,KAAK,KAAK;AAAA;AAAA,EAC/B,IAAI;AAEJ,QAAM,eAAW,yBAAa,EAAE,QAAQ,CAAC;AAKzC,WAAS,cAAc,UAAwB,OAAe;AAG5D,UAAM,eAAe,QAAQ,IAAI,aAAa;AAC9C,UAAM,SAAS,OAAO,UAAU;AAEhC,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA;AAAA,MACV;AAAA;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAKA,WAAS,gBAAgB,UAAwB;AAC/C,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV,QAAQ,OAAO,UAAW,QAAQ,IAAI,aAAa;AAAA,MACnD,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAMA,iBAAe,KAAK,SAAsB;AACxC,QAAI;AACF,YAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,YAAM,EAAE,QAAQ,OAAO,SAAS,IAAI;AAEpC,UAAI,CAAC,QAAQ;AACX,eAAO,2BAAa;AAAA,UAClB,EAAE,OAAO,qBAAqB;AAAA,UAC9B,EAAE,QAAQ,IAAI;AAAA,QAChB;AAAA,MACF;AAEA,cAAQ,QAAQ;AAAA,QACd,KAAK,WAAW;AACd,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,kCAAkC;AAAA,cAC3C,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,mBAAmB;AAAA,YACpD;AAAA,YACA;AAAA,UACF,CAAC;AAED,cAAI,OAAO,OAAO;AAChB,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,OAAO,MAAM,QAAQ;AAAA,cAC9B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEF,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,wBAAwB;AAAA,cACjC,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,WAAW,2BAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAEC,wBAAc,UAAU,OAAO,KAAK,eAAe,EAAE;AAErD,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,WAAW;AACd,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,kCAAkC;AAAA,cAC3C,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,OAAO,EAAE,OAAO,SAAS,CAAC;AAE7D,cAAI,OAAO,OAAO;AAChB,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,OAAO,MAAM,QAAQ;AAAA,cAC9B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEF,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,iBAAiB;AAAA,cAC1B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,WAAW,2BAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAEC,wBAAc,UAAU,OAAO,KAAK,eAAe,EAAE;AAErD,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,cAAc;AAEjB,gBAAM,EAAE,MAAM,IAAI;AAElB,cAAI,CAAC,OAAO;AACV,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,oBAAoB;AAAA,cAC7B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAGA,cAAI;AACF,kBAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,cACnE,SAAS;AAAA,gBACP,eAAe,UAAU,KAAK;AAAA,gBAC9B,gBAAgB;AAAA,cAClB;AAAA,YACF,CAAC;AAED,gBAAI,CAAC,SAAS,IAAI;AAChB,oBAAM,YAAY,MAAM,SAAS,KAAK;AACtC,sBAAQ,MAAM,uCAAuC,SAAS;AAC9D,qBAAO,2BAAa;AAAA,gBAClB,EAAE,OAAO,iBAAiB,SAAS,UAAU;AAAA,gBAC7C,EAAE,QAAQ,IAAI;AAAA,cAChB;AAAA,YACF;AAEA,kBAAM,UAAU,MAAM,SAAS,KAAK;AAEpC,kBAAM,eAAe,2BAAa,KAAK;AAAA,cACrC,MAAM,QAAQ;AAAA,cACd,SAAS;AAAA,gBACP,QAAQ,QAAQ,KAAK;AAAA,gBACrB,WAAW;AAAA,gBACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,cACpC;AAAA,YACF,CAAC;AAED,0BAAc,cAAc,KAAK;AAEjC,mBAAO;AAAA,UACT,SAAS,OAAO;AACd,oBAAQ,MAAM,sCAAsC,KAAK;AACzD,mBAAO,2BAAa;AAAA,cAClB,EAAE,OAAO,2BAA2B,SAAS,OAAO,KAAK,EAAE;AAAA,cAC3D,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAAA,QACF;AAAA,QAEA;AACE,iBAAO,2BAAa;AAAA,YAClB,EAAE,OAAO,iBAAiB;AAAA,YAC1B,EAAE,QAAQ,IAAI;AAAA,UAChB;AAAA,MACJ;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,2BAAa;AAAA,QAClB,EAAE,OAAO,wBAAwB;AAAA,QACjC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAAA,EACF;AAKA,iBAAe,IAAI,SAAsB;AACvC,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,UAAI,CAAC,OAAO;AACV,eAAO,2BAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,MACxD;AAGA,YAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,QACnE,SAAS;AAAA,UACP,eAAe,UAAU,KAAK;AAAA,UAC9B,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,eAAe,2BAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AACpE,wBAAgB,YAAY;AAC5B,eAAO;AAAA,MACT;AAEA,YAAM,UAAU,MAAM,SAAS,KAAK;AAEpC,aAAO,2BAAa,KAAK;AAAA,QACvB,MAAM,QAAQ;AAAA,QACd,SAAS;AAAA,UACP,QAAQ,QAAQ,KAAK;AAAA,UACrB;AAAA,UACA,WAAW;AAAA,UACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,QACpC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,2BAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,IACxD;AAAA,EACF;AAKA,iBAAe,OAAO,SAAsB;AAC1C,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,UAAI,OAAO;AAET,YAAI;AACF,gBAAM,MAAM,GAAG,OAAO,0BAA0B;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACP,eAAe,UAAU,KAAK;AAAA,cAC9B,gBAAgB;AAAA,YAClB;AAAA,UACF,CAAC;AAAA,QACH,SAAS,OAAO;AAEd,kBAAQ,MAAM,8BAA8B,KAAK;AAAA,QACnD;AAAA,MACF;AAEA,YAAM,WAAW,2BAAa,KAAK,EAAE,SAAS,KAAK,CAAC;AACpD,sBAAgB,QAAQ;AAExB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,2BAAa;AAAA,QAClB,EAAE,OAAO,wBAAwB;AAAA,QACjC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;","names":[]}
package/dist/api.mjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/api/route-handlers.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport { createClient } from '@insforge/sdk';\n\nexport interface AuthRouteConfig {\n /**\n * Base URL of your Insforge backend\n */\n baseUrl: string;\n\n /**\n * Cookie name for the auth token\n * @default 'insforge_token'\n */\n cookieName?: string;\n\n /**\n * Cookie max age in seconds (default: 7 days)\n * @default 604800\n */\n cookieMaxAge?: number;\n\n /**\n * Whether to use secure cookies (HTTPS only)\n * Auto-detected based on environment\n */\n secure?: boolean;\n}\n\n/**\n * Creates authentication route handlers for Next.js App Router\n * These handlers set HTTP-only cookies that can be read by middleware\n *\n * @example\n * ```ts\n * // app/api/auth/[...auth]/route.ts\n * import { createAuthRouteHandlers } from '@insforge/nextjs/api';\n *\n * const handlers = createAuthRouteHandlers({\n * baseUrl: process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!,\n * });\n *\n * export const POST = handlers.POST;\n * export const GET = handlers.GET;\n * export const DELETE = handlers.DELETE;\n * ```\n */\nexport function createAuthRouteHandlers(config: AuthRouteConfig) {\n const {\n baseUrl,\n cookieName = 'insforge_token',\n cookieMaxAge = 7 * 24 * 60 * 60, // 7 days\n } = config;\n\n const insforge = createClient({ baseUrl });\n\n /**\n * Helper to set auth cookie\n */\n function setAuthCookie(response: NextResponse, token: string) {\n // NODE_ENV is automatically set by Next.js runtime ('development' | 'production' | 'test')\n // In production, cookies are sent over HTTPS only (secure flag)\n const isProduction = process.env.NODE_ENV === 'production';\n const secure = config.secure ?? isProduction;\n\n response.cookies.set({\n name: cookieName,\n value: token,\n httpOnly: true, // Cannot be accessed by JavaScript\n secure, // Only sent over HTTPS in production\n sameSite: 'lax',\n maxAge: cookieMaxAge,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * Helper to clear auth cookie\n */\n function clearAuthCookie(response: NextResponse) {\n response.cookies.set({\n name: cookieName,\n value: '',\n httpOnly: true,\n secure: config.secure ?? (process.env.NODE_ENV === 'production'),\n sameSite: 'lax',\n maxAge: 0,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * POST handler for authentication actions\n * Supports: sign-in, sign-up\n */\n async function POST(request: NextRequest) {\n try {\n const body = await request.json();\n const { action, email, password } = body;\n\n if (!action) {\n return NextResponse.json(\n { error: 'Action is required' },\n { status: 400 }\n );\n }\n\n switch (action) {\n case 'sign-in': {\n if (!email || !password) {\n return NextResponse.json(\n { error: 'Email and password are required' },\n { status: 400 }\n );\n }\n\n const result = await insforge.auth.signInWithPassword({\n email,\n password,\n });\n\n if (result.error) {\n return NextResponse.json(\n { error: result.error.message },\n { status: 401 }\n );\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json(\n { error: 'Authentication failed' },\n { status: 401 }\n );\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookie(response, result.data.accessToken || '');\n\n return response;\n }\n\n case 'sign-up': {\n if (!email || !password) {\n return NextResponse.json(\n { error: 'Email and password are required' },\n { status: 400 }\n );\n }\n\n const result = await insforge.auth.signUp({ email, password });\n\n if (result.error) {\n return NextResponse.json(\n { error: result.error.message },\n { status: 400 }\n );\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json(\n { error: 'Sign up failed' },\n { status: 400 }\n );\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookie(response, result.data.accessToken || '');\n\n return response;\n }\n\n case 'sync-token': {\n // Syncs a token from localStorage to HTTP-only cookie\n const { token } = body;\n\n if (!token) {\n return NextResponse.json(\n { error: 'Token is required' },\n { status: 400 }\n );\n }\n\n // Verify the token is valid by checking with backend\n try {\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const errorText = await response.text();\n console.error('[Auth API] Token validation failed:', errorText);\n return NextResponse.json(\n { error: 'Invalid token', details: errorText },\n { status: 401 }\n );\n }\n\n const session = await response.json();\n\n const nextResponse = NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookie(nextResponse, token);\n\n return nextResponse;\n } catch (error) {\n console.error('[Auth API] Token validation error:', error);\n return NextResponse.json(\n { error: 'Token validation failed', details: String(error) },\n { status: 401 }\n );\n }\n }\n\n default:\n return NextResponse.json(\n { error: 'Invalid action' },\n { status: 400 }\n );\n }\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json(\n { error: 'Internal server error' },\n { status: 500 }\n );\n }\n }\n\n /**\n * GET handler to check current session\n */\n async function GET(request: NextRequest) {\n try {\n const token = request.cookies.get(cookieName)?.value;\n\n if (!token) {\n return NextResponse.json({ user: null, session: null });\n }\n\n // Verify token with backend\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const nextResponse = NextResponse.json({ user: null, session: null });\n clearAuthCookie(nextResponse);\n return nextResponse;\n }\n\n const session = await response.json();\n\n return NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n token,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ user: null, session: null });\n }\n }\n\n /**\n * DELETE handler for sign out\n */\n async function DELETE(request: NextRequest) {\n try {\n const token = request.cookies.get(cookieName)?.value;\n\n if (token) {\n // Call backend sign out\n try {\n await fetch(`${baseUrl}/auth/sessions/current`, {\n method: 'DELETE',\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n } catch (error) {\n // Ignore backend errors during sign out\n console.error('[Auth API] Sign out error:', error);\n }\n }\n\n const response = NextResponse.json({ success: true });\n clearAuthCookie(response);\n\n return response;\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json(\n { error: 'Internal server error' },\n { status: 500 }\n );\n }\n }\n\n return {\n POST,\n GET,\n DELETE,\n };\n}\n"],"mappings":";;;AAAA,SAAsB,oBAAoB;AAC1C,SAAS,oBAAoB;AA6CtB,SAAS,wBAAwB,QAAyB;AAC/D,QAAM;AAAA,IACJ;AAAA,IACA,aAAa;AAAA,IACb,eAAe,IAAI,KAAK,KAAK;AAAA;AAAA,EAC/B,IAAI;AAEJ,QAAM,WAAW,aAAa,EAAE,QAAQ,CAAC;AAKzC,WAAS,cAAc,UAAwB,OAAe;AAG5D,UAAM,eAAe,QAAQ,IAAI,aAAa;AAC9C,UAAM,SAAS,OAAO,UAAU;AAEhC,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA;AAAA,MACV;AAAA;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAKA,WAAS,gBAAgB,UAAwB;AAC/C,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV,QAAQ,OAAO,UAAW,QAAQ,IAAI,aAAa;AAAA,MACnD,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAMA,iBAAe,KAAK,SAAsB;AACxC,QAAI;AACF,YAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,YAAM,EAAE,QAAQ,OAAO,SAAS,IAAI;AAEpC,UAAI,CAAC,QAAQ;AACX,eAAO,aAAa;AAAA,UAClB,EAAE,OAAO,qBAAqB;AAAA,UAC9B,EAAE,QAAQ,IAAI;AAAA,QAChB;AAAA,MACF;AAEA,cAAQ,QAAQ;AAAA,QACd,KAAK,WAAW;AACd,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,kCAAkC;AAAA,cAC3C,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,mBAAmB;AAAA,YACpD;AAAA,YACA;AAAA,UACF,CAAC;AAED,cAAI,OAAO,OAAO;AAChB,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,OAAO,MAAM,QAAQ;AAAA,cAC9B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEF,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,wBAAwB;AAAA,cACjC,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,WAAW,aAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAEC,wBAAc,UAAU,OAAO,KAAK,eAAe,EAAE;AAErD,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,WAAW;AACd,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,kCAAkC;AAAA,cAC3C,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,OAAO,EAAE,OAAO,SAAS,CAAC;AAE7D,cAAI,OAAO,OAAO;AAChB,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,OAAO,MAAM,QAAQ;AAAA,cAC9B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEF,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,iBAAiB;AAAA,cAC1B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAEA,gBAAM,WAAW,aAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAEC,wBAAc,UAAU,OAAO,KAAK,eAAe,EAAE;AAErD,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,cAAc;AAEjB,gBAAM,EAAE,MAAM,IAAI;AAElB,cAAI,CAAC,OAAO;AACV,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,oBAAoB;AAAA,cAC7B,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAGA,cAAI;AACF,kBAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,cACnE,SAAS;AAAA,gBACP,eAAe,UAAU,KAAK;AAAA,gBAC9B,gBAAgB;AAAA,cAClB;AAAA,YACF,CAAC;AAED,gBAAI,CAAC,SAAS,IAAI;AAChB,oBAAM,YAAY,MAAM,SAAS,KAAK;AACtC,sBAAQ,MAAM,uCAAuC,SAAS;AAC9D,qBAAO,aAAa;AAAA,gBAClB,EAAE,OAAO,iBAAiB,SAAS,UAAU;AAAA,gBAC7C,EAAE,QAAQ,IAAI;AAAA,cAChB;AAAA,YACF;AAEA,kBAAM,UAAU,MAAM,SAAS,KAAK;AAEpC,kBAAM,eAAe,aAAa,KAAK;AAAA,cACrC,MAAM,QAAQ;AAAA,cACd,SAAS;AAAA,gBACP,QAAQ,QAAQ,KAAK;AAAA,gBACrB,WAAW;AAAA,gBACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,cACpC;AAAA,YACF,CAAC;AAED,0BAAc,cAAc,KAAK;AAEjC,mBAAO;AAAA,UACT,SAAS,OAAO;AACd,oBAAQ,MAAM,sCAAsC,KAAK;AACzD,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,2BAA2B,SAAS,OAAO,KAAK,EAAE;AAAA,cAC3D,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAAA,QACF;AAAA,QAEA;AACE,iBAAO,aAAa;AAAA,YAClB,EAAE,OAAO,iBAAiB;AAAA,YAC1B,EAAE,QAAQ,IAAI;AAAA,UAChB;AAAA,MACJ;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,wBAAwB;AAAA,QACjC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAAA,EACF;AAKA,iBAAe,IAAI,SAAsB;AACvC,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,UAAI,CAAC,OAAO;AACV,eAAO,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,MACxD;AAGA,YAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,QACnE,SAAS;AAAA,UACP,eAAe,UAAU,KAAK;AAAA,UAC9B,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,eAAe,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AACpE,wBAAgB,YAAY;AAC5B,eAAO;AAAA,MACT;AAEA,YAAM,UAAU,MAAM,SAAS,KAAK;AAEpC,aAAO,aAAa,KAAK;AAAA,QACvB,MAAM,QAAQ;AAAA,QACd,SAAS;AAAA,UACP,QAAQ,QAAQ,KAAK;AAAA,UACrB;AAAA,UACA,WAAW;AAAA,UACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,QACpC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,IACxD;AAAA,EACF;AAKA,iBAAe,OAAO,SAAsB;AAC1C,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,UAAI,OAAO;AAET,YAAI;AACF,gBAAM,MAAM,GAAG,OAAO,0BAA0B;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACP,eAAe,UAAU,KAAK;AAAA,cAC9B,gBAAgB;AAAA,YAClB;AAAA,UACF,CAAC;AAAA,QACH,SAAS,OAAO;AAEd,kBAAQ,MAAM,8BAA8B,KAAK;AAAA,QACnD;AAAA,MACF;AAEA,YAAM,WAAW,aAAa,KAAK,EAAE,SAAS,KAAK,CAAC;AACpD,sBAAgB,QAAQ;AAExB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,wBAAwB;AAAA,QACjC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;","names":[]}
package/dist/index.d.mts DELETED
@@ -1,20 +0,0 @@
1
- export * from '@insforge/react/types';
2
- import * as react_jsx_runtime from 'react/jsx-runtime';
3
- import { ReactNode } from 'react';
4
- import { InsforgeUser, useInsforge as useInsforge$1 } from '@insforge/react';
5
- import { ClassValue } from 'clsx';
6
- export * from '@insforge/react/hooks';
7
- export * from '@insforge/react/components';
8
-
9
- interface InsforgeProviderProps {
10
- children: ReactNode;
11
- baseUrl: string;
12
- afterSignInUrl?: string;
13
- onAuthChange?: (user: InsforgeUser | null) => void;
14
- }
15
- declare function InsforgeProvider({ children, baseUrl, afterSignInUrl, onAuthChange, }: InsforgeProviderProps): react_jsx_runtime.JSX.Element;
16
- declare const useInsforge: typeof useInsforge$1;
17
-
18
- declare function cn(...inputs: ClassValue[]): string;
19
-
20
- export { InsforgeProvider, cn, useInsforge };
package/dist/index.js DELETED
@@ -1,94 +0,0 @@
1
- "use client";
2
- "use strict";
3
- var __defProp = Object.defineProperty;
4
- var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
- var __getOwnPropNames = Object.getOwnPropertyNames;
6
- var __hasOwnProp = Object.prototype.hasOwnProperty;
7
- var __export = (target, all) => {
8
- for (var name in all)
9
- __defProp(target, name, { get: all[name], enumerable: true });
10
- };
11
- var __copyProps = (to, from, except, desc) => {
12
- if (from && typeof from === "object" || typeof from === "function") {
13
- for (let key of __getOwnPropNames(from))
14
- if (!__hasOwnProp.call(to, key) && key !== except)
15
- __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
16
- }
17
- return to;
18
- };
19
- var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default"));
20
- var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
21
-
22
- // src/index.ts
23
- var src_exports = {};
24
- __export(src_exports, {
25
- InsforgeProvider: () => InsforgeProvider,
26
- cn: () => cn,
27
- useInsforge: () => useInsforge
28
- });
29
- module.exports = __toCommonJS(src_exports);
30
- __reExport(src_exports, require("@insforge/react/types"), module.exports);
31
-
32
- // src/provider/InsforgeProvider.tsx
33
- var import_react = require("@insforge/react");
34
- var import_jsx_runtime = require("react/jsx-runtime");
35
- async function handleSignIn(token) {
36
- try {
37
- await fetch("/api/auth", {
38
- method: "POST",
39
- headers: {
40
- "Content-Type": "application/json"
41
- },
42
- body: JSON.stringify({
43
- action: "sync-token",
44
- token
45
- })
46
- });
47
- } catch (error) {
48
- console.error("[InsforgeProvider] Failed to sync token to cookie:", error);
49
- }
50
- }
51
- async function handleSignOut() {
52
- try {
53
- await fetch("/api/auth", { method: "DELETE" });
54
- } catch (error) {
55
- }
56
- }
57
- function InsforgeProvider({
58
- children,
59
- baseUrl,
60
- afterSignInUrl = "/",
61
- onAuthChange
62
- }) {
63
- const providerProps = {
64
- children,
65
- baseUrl,
66
- afterSignInUrl,
67
- onAuthChange,
68
- onSignIn: handleSignIn,
69
- onSignOut: handleSignOut
70
- };
71
- return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_react.InsforgeProvider, { ...providerProps });
72
- }
73
- var useInsforge = import_react.useInsforge;
74
-
75
- // src/lib/utils.ts
76
- var import_clsx = require("clsx");
77
- var import_tailwind_merge = require("tailwind-merge");
78
- function cn(...inputs) {
79
- return (0, import_tailwind_merge.twMerge)((0, import_clsx.clsx)(inputs));
80
- }
81
-
82
- // src/index.ts
83
- __reExport(src_exports, require("@insforge/react/hooks"), module.exports);
84
- __reExport(src_exports, require("@insforge/react/components"), module.exports);
85
- // Annotate the CommonJS export names for ESM import in node:
86
- 0 && (module.exports = {
87
- InsforgeProvider,
88
- cn,
89
- useInsforge,
90
- ...require("@insforge/react/types"),
91
- ...require("@insforge/react/hooks"),
92
- ...require("@insforge/react/components")
93
- });
94
- //# sourceMappingURL=index.js.map
package/dist/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/index.ts","../src/provider/InsforgeProvider.tsx","../src/lib/utils.ts"],"sourcesContent":["export * from '@insforge/react/types';\n\n// Provider\nexport { InsforgeProvider, useInsforge } from './provider/InsforgeProvider';\nexport { cn } from './lib/utils';\n\n// Hooks\nexport * from '@insforge/react/hooks';\n\n// Components\nexport * from '@insforge/react/components';\n","'use client';\n\nimport type { ReactNode } from 'react';\nimport { \n InsforgeProvider as ReactInsforgeProvider, \n useInsforge as useReactInsforge,\n type InsforgeUser\n} from '@insforge/react';\n\nexport interface InsforgeProviderProps {\n children: ReactNode;\n baseUrl: string;\n /**\n * URL to redirect to after successful sign in (when token is detected in URL)\n * Note: Middleware handles token storage, but Provider handles the redirect\n * @default '/'\n */\n afterSignInUrl?: string;\n onAuthChange?: (user: InsforgeUser | null) => void;\n}\n\n// Extended interface for React provider that includes internal handlers\ninterface ExtendedProviderProps extends InsforgeProviderProps {\n afterSignInUrl?: string;\n onSignIn?: (authToken: string) => Promise<void>;\n onSignOut?: () => Promise<void>;\n}\n\n// Sync token to server-side cookie on sign in\nasync function handleSignIn(token: string): Promise<void> {\n try {\n await fetch('/api/auth', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n action: 'sync-token',\n token,\n }),\n });\n } catch (error) {\n console.error('[InsforgeProvider] Failed to sync token to cookie:', error);\n }\n}\n\n// Clear HTTP-only cookie on sign out\nasync function handleSignOut(): Promise<void> {\n try {\n await fetch('/api/auth', { method: 'DELETE' });\n } catch (error) {\n // API route doesn't exist - ignore\n }\n}\n\n/**\n * Insforge Provider for Next.js - wraps @insforge/react provider with Next.js-specific cookie sync\n * \n * Manages user authentication state and provides all necessary context to child components.\n * Automatically syncs authentication tokens to HTTP-only cookies for server-side middleware support.\n * \n * @example\n * ```tsx\n * import { InsforgeProvider } from '@insforge/nextjs';\n * \n * export default function RootLayout({ children }) {\n * return (\n * <InsforgeProvider \n * baseUrl={process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!}\n * afterSignInUrl=\"/dashboard\"\n * >\n * {children}\n * </InsforgeProvider>\n * );\n * }\n * ```\n */\nexport function InsforgeProvider({ \n children, \n baseUrl,\n afterSignInUrl = '/',\n onAuthChange,\n}: InsforgeProviderProps) {\n const providerProps: ExtendedProviderProps = {\n children,\n baseUrl,\n afterSignInUrl,\n onAuthChange,\n onSignIn: handleSignIn,\n onSignOut: handleSignOut,\n };\n\n return <ReactInsforgeProvider {...providerProps} />;\n}\n\n/**\n * Hook to access Insforge context\n * \n * Re-exports the hook from @insforge/react for convenience.\n * \n * @example\n * ```tsx\n * function MyComponent() {\n * const { user, isSignedIn, signOut } = useInsforge();\n * \n * if (!isSignedIn) return <SignIn />;\n * \n * return (\n * <div>\n * <p>Welcome {user.email}</p>\n * <button onClick={signOut}>Sign Out</button>\n * </div>\n * );\n * }\n * ```\n */\nexport const useInsforge = useReactInsforge;\n","import { type ClassValue, clsx } from 'clsx';\r\nimport { twMerge } from 'tailwind-merge';\r\n\r\n/**\r\n * Utility function to merge Tailwind CSS classes with clsx\r\n * Allows users to inject custom className overrides\r\n * \r\n * @example\r\n * ```tsx\r\n * cn(\"text-base\", isDark && \"text-white\", customClassName)\r\n * ```\r\n */\r\nexport function cn(...inputs: ClassValue[]) {\r\n return twMerge(clsx(inputs));\r\n}\r\n\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,wBAAc,kCAAd;;;ACGA,mBAIO;AAqFE;AA/DT,eAAe,aAAa,OAA8B;AACxD,MAAI;AACF,UAAM,MAAM,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,QAAQ;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,sDAAsD,KAAK;AAAA,EAC3E;AACF;AAGA,eAAe,gBAA+B;AAC5C,MAAI;AACF,UAAM,MAAM,aAAa,EAAE,QAAQ,SAAS,CAAC;AAAA,EAC/C,SAAS,OAAO;AAAA,EAEhB;AACF;AAwBO,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA,iBAAiB;AAAA,EACjB;AACF,GAA0B;AACxB,QAAM,gBAAuC;AAAA,IAC3C;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU;AAAA,IACV,WAAW;AAAA,EACb;AAEA,SAAO,4CAAC,aAAAA,kBAAA,EAAuB,GAAG,eAAe;AACnD;AAuBO,IAAM,cAAc,aAAAC;;;ACpH3B,kBAAsC;AACtC,4BAAwB;AAWjB,SAAS,MAAM,QAAsB;AAC1C,aAAO,mCAAQ,kBAAK,MAAM,CAAC;AAC7B;;;AFPA,wBAAc,kCAPd;AAUA,wBAAc,uCAVd;","names":["ReactInsforgeProvider","useReactInsforge"]}
package/dist/index.mjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/index.ts","../src/provider/InsforgeProvider.tsx","../src/lib/utils.ts"],"sourcesContent":["export * from '@insforge/react/types';\n\n// Provider\nexport { InsforgeProvider, useInsforge } from './provider/InsforgeProvider';\nexport { cn } from './lib/utils';\n\n// Hooks\nexport * from '@insforge/react/hooks';\n\n// Components\nexport * from '@insforge/react/components';\n","'use client';\n\nimport type { ReactNode } from 'react';\nimport { \n InsforgeProvider as ReactInsforgeProvider, \n useInsforge as useReactInsforge,\n type InsforgeUser\n} from '@insforge/react';\n\nexport interface InsforgeProviderProps {\n children: ReactNode;\n baseUrl: string;\n /**\n * URL to redirect to after successful sign in (when token is detected in URL)\n * Note: Middleware handles token storage, but Provider handles the redirect\n * @default '/'\n */\n afterSignInUrl?: string;\n onAuthChange?: (user: InsforgeUser | null) => void;\n}\n\n// Extended interface for React provider that includes internal handlers\ninterface ExtendedProviderProps extends InsforgeProviderProps {\n afterSignInUrl?: string;\n onSignIn?: (authToken: string) => Promise<void>;\n onSignOut?: () => Promise<void>;\n}\n\n// Sync token to server-side cookie on sign in\nasync function handleSignIn(token: string): Promise<void> {\n try {\n await fetch('/api/auth', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n action: 'sync-token',\n token,\n }),\n });\n } catch (error) {\n console.error('[InsforgeProvider] Failed to sync token to cookie:', error);\n }\n}\n\n// Clear HTTP-only cookie on sign out\nasync function handleSignOut(): Promise<void> {\n try {\n await fetch('/api/auth', { method: 'DELETE' });\n } catch (error) {\n // API route doesn't exist - ignore\n }\n}\n\n/**\n * Insforge Provider for Next.js - wraps @insforge/react provider with Next.js-specific cookie sync\n * \n * Manages user authentication state and provides all necessary context to child components.\n * Automatically syncs authentication tokens to HTTP-only cookies for server-side middleware support.\n * \n * @example\n * ```tsx\n * import { InsforgeProvider } from '@insforge/nextjs';\n * \n * export default function RootLayout({ children }) {\n * return (\n * <InsforgeProvider \n * baseUrl={process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!}\n * afterSignInUrl=\"/dashboard\"\n * >\n * {children}\n * </InsforgeProvider>\n * );\n * }\n * ```\n */\nexport function InsforgeProvider({ \n children, \n baseUrl,\n afterSignInUrl = '/',\n onAuthChange,\n}: InsforgeProviderProps) {\n const providerProps: ExtendedProviderProps = {\n children,\n baseUrl,\n afterSignInUrl,\n onAuthChange,\n onSignIn: handleSignIn,\n onSignOut: handleSignOut,\n };\n\n return <ReactInsforgeProvider {...providerProps} />;\n}\n\n/**\n * Hook to access Insforge context\n * \n * Re-exports the hook from @insforge/react for convenience.\n * \n * @example\n * ```tsx\n * function MyComponent() {\n * const { user, isSignedIn, signOut } = useInsforge();\n * \n * if (!isSignedIn) return <SignIn />;\n * \n * return (\n * <div>\n * <p>Welcome {user.email}</p>\n * <button onClick={signOut}>Sign Out</button>\n * </div>\n * );\n * }\n * ```\n */\nexport const useInsforge = useReactInsforge;\n","import { type ClassValue, clsx } from 'clsx';\r\nimport { twMerge } from 'tailwind-merge';\r\n\r\n/**\r\n * Utility function to merge Tailwind CSS classes with clsx\r\n * Allows users to inject custom className overrides\r\n * \r\n * @example\r\n * ```tsx\r\n * cn(\"text-base\", isDark && \"text-white\", customClassName)\r\n * ```\r\n */\r\nexport function cn(...inputs: ClassValue[]) {\r\n return twMerge(clsx(inputs));\r\n}\r\n\r\n"],"mappings":";;;AAAA,cAAc;;;ACGd;AAAA,EACE,oBAAoB;AAAA,EACpB,eAAe;AAAA,OAEV;AAqFE;AA/DT,eAAe,aAAa,OAA8B;AACxD,MAAI;AACF,UAAM,MAAM,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,QAAQ;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,sDAAsD,KAAK;AAAA,EAC3E;AACF;AAGA,eAAe,gBAA+B;AAC5C,MAAI;AACF,UAAM,MAAM,aAAa,EAAE,QAAQ,SAAS,CAAC;AAAA,EAC/C,SAAS,OAAO;AAAA,EAEhB;AACF;AAwBO,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA,iBAAiB;AAAA,EACjB;AACF,GAA0B;AACxB,QAAM,gBAAuC;AAAA,IAC3C;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU;AAAA,IACV,WAAW;AAAA,EACb;AAEA,SAAO,oBAAC,yBAAuB,GAAG,eAAe;AACnD;AAuBO,IAAM,cAAc;;;ACpH3B,SAA0B,YAAY;AACtC,SAAS,eAAe;AAWjB,SAAS,MAAM,QAAsB;AAC1C,SAAO,QAAQ,KAAK,MAAM,CAAC;AAC7B;;;AFPA,cAAc;AAGd,cAAc;","names":[]}
package/dist/middleware.d.ts DELETED
@@ -1,15 +0,0 @@
1
- import { NextRequest, NextResponse } from 'next/server';
2
-
3
- interface InsforgeMiddlewareConfig {
4
- baseUrl: string;
5
- publicRoutes?: string[];
6
- signInUrl?: string;
7
- signUpUrl?: string;
8
- forgotPasswordUrl?: string;
9
- afterSignInUrl?: string;
10
- cookieName?: string;
11
- useBuiltInAuth?: boolean;
12
- }
13
- declare function InsforgeMiddleware(config: InsforgeMiddlewareConfig): (request: NextRequest) => Promise<NextResponse<unknown>>;
14
-
15
- export { InsforgeMiddleware, type InsforgeMiddlewareConfig };
package/dist/middleware.js DELETED
@@ -1,98 +0,0 @@
1
- "use client";
2
- "use strict";
3
- var __defProp = Object.defineProperty;
4
- var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
- var __getOwnPropNames = Object.getOwnPropertyNames;
6
- var __hasOwnProp = Object.prototype.hasOwnProperty;
7
- var __export = (target, all) => {
8
- for (var name in all)
9
- __defProp(target, name, { get: all[name], enumerable: true });
10
- };
11
- var __copyProps = (to, from, except, desc) => {
12
- if (from && typeof from === "object" || typeof from === "function") {
13
- for (let key of __getOwnPropNames(from))
14
- if (!__hasOwnProp.call(to, key) && key !== except)
15
- __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
16
- }
17
- return to;
18
- };
19
- var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
20
-
21
- // src/middleware/index.ts
22
- var middleware_exports = {};
23
- __export(middleware_exports, {
24
- InsforgeMiddleware: () => InsforgeMiddleware
25
- });
26
- module.exports = __toCommonJS(middleware_exports);
27
-
28
- // src/middleware/InsforgeMiddleware.ts
29
- var import_server = require("next/server");
30
- function InsforgeMiddleware(config) {
31
- const {
32
- baseUrl,
33
- publicRoutes = ["/"],
34
- signInUrl = "/sign-in",
35
- signUpUrl = "/sign-up",
36
- forgotPasswordUrl = "/forgot-password",
37
- afterSignInUrl = "/",
38
- cookieName = "insforge_token",
39
- useBuiltInAuth = true
40
- } = config;
41
- return async function middleware(request) {
42
- const { pathname, searchParams } = request.nextUrl;
43
- const accessToken = searchParams.get("access_token");
44
- if (accessToken) {
45
- const response = import_server.NextResponse.redirect(new URL(pathname, request.url));
46
- response.cookies.set(cookieName, accessToken, {
47
- httpOnly: true,
48
- secure: process.env.NODE_ENV === "production",
49
- sameSite: "lax",
50
- path: "/",
51
- maxAge: 60 * 60 * 24 * 7
52
- // 7 days
53
- });
54
- return response;
55
- }
56
- if (useBuiltInAuth) {
57
- const authRouteMapping = {
58
- [signInUrl]: "/auth/sign-in",
59
- [signUpUrl]: "/auth/sign-up",
60
- [forgotPasswordUrl]: "/auth/forgot-password"
61
- };
62
- const backendAuthPath = authRouteMapping[pathname];
63
- if (backendAuthPath) {
64
- const redirectUrl = new URL(afterSignInUrl, request.url).toString();
65
- const backendAuthUrl = new URL(backendAuthPath, baseUrl);
66
- backendAuthUrl.searchParams.set("redirect", redirectUrl);
67
- return import_server.NextResponse.redirect(backendAuthUrl.toString());
68
- }
69
- }
70
- const isPublicRoute = publicRoutes.some((route) => {
71
- if (route.endsWith("*")) {
72
- return pathname.startsWith(route.slice(0, -1));
73
- }
74
- return pathname === route || pathname.startsWith(route + "/");
75
- });
76
- if (isPublicRoute) {
77
- return import_server.NextResponse.next();
78
- }
79
- const token = request.cookies.get(cookieName)?.value;
80
- if (!token) {
81
- if (useBuiltInAuth) {
82
- const backendSignInUrl = new URL("/auth/sign-in", baseUrl);
83
- backendSignInUrl.searchParams.set("redirect", request.url);
84
- return import_server.NextResponse.redirect(backendSignInUrl);
85
- } else {
86
- const localSignInUrl = new URL(signInUrl, request.url);
87
- localSignInUrl.searchParams.set("redirect", pathname);
88
- return import_server.NextResponse.redirect(localSignInUrl);
89
- }
90
- }
91
- return import_server.NextResponse.next();
92
- };
93
- }
94
- // Annotate the CommonJS export names for ESM import in node:
95
- 0 && (module.exports = {
96
- InsforgeMiddleware
97
- });
98
- //# sourceMappingURL=middleware.js.map
package/dist/middleware.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/middleware/index.ts","../src/middleware/InsforgeMiddleware.ts"],"sourcesContent":["// Middleware exports - NO 'use client' directive here!\r\n// Middleware runs in Edge Runtime, not in client browser\r\n\r\nexport {\r\n InsforgeMiddleware,\r\n} from './InsforgeMiddleware';\r\n\r\nexport type { InsforgeMiddlewareConfig } from './InsforgeMiddleware';\r\n\r\n","import { NextRequest, NextResponse } from 'next/server';\r\n\r\nexport interface InsforgeMiddlewareConfig {\r\n /**\r\n * Base URL of your Insforge backend\r\n * @example 'https://your-backend.com' or 'http://localhost:3001'\r\n */\r\n baseUrl: string;\r\n\r\n /**\r\n * Routes that are public and don't require authentication\r\n * @default ['/']\r\n * @example ['/sign-in', '/sign-up', '/', '/about']\r\n */\r\n publicRoutes?: string[];\r\n\r\n /**\r\n * Local route path for sign-in (can be customized to any path like '/login')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-in`\r\n * @default '/sign-in'\r\n */\r\n signInUrl?: string;\r\n\r\n /**\r\n * Local route path for sign-up (can be customized to any path like '/register')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-up`\r\n * @default '/sign-up'\r\n */\r\n signUpUrl?: string;\r\n\r\n /**\r\n * Local route path for forgot password\r\n * When using built-in auth, this will redirect to backend's `/auth/forgot-password`\r\n * @default '/forgot-password'\r\n */\r\n forgotPasswordUrl?: string;\r\n\r\n /**\r\n * URL to redirect to after successful authentication\r\n * When user completes sign-in/sign-up, they will be redirected to this URL with token in URL\r\n * @default '/'\r\n */\r\n afterSignInUrl?: string;\r\n\r\n /**\r\n * Cookie name for the auth token\r\n * @default 'insforge_token'\r\n */\r\n cookieName?: string;\r\n\r\n /**\r\n * Whether to use built-in authentication pages hosted on the backend\r\n * - When true: redirects to backend's `/auth/sign-in` and `/auth/sign-up` pages\r\n * - When false: redirects to local sign-in/sign-up pages (you provide your own components)\r\n * @default true\r\n */\r\n useBuiltInAuth?: boolean;\r\n}\r\n\r\n/**\r\n * Creates Next.js middleware for protecting routes with Insforge authentication.\r\n * \r\n * This middleware provides lightweight route protection by:\r\n * - Detecting and storing auth tokens from URL parameters (after backend redirect)\r\n * - Checking for auth token presence in cookies\r\n * - Redirecting unauthenticated users to sign-in page\r\n * - Allowing public routes to be accessed without authentication\r\n * - Mapping local auth routes to backend's fixed paths when using built-in auth\r\n * \r\n * **How Authentication Flow Works:**\r\n * 1. User visits protected route → Middleware checks for token\r\n * 2. No token → Redirects to sign-in (backend or local)\r\n * 3. User accesses auth page (e.g., /sign-in) → Redirects to backend with afterSignInUrl as redirect target\r\n * 4. After sign-in → Backend redirects to `yourapp.com/afterSignInUrl?access_token=xxx&user_id=xxx...`\r\n * 5. Middleware detects `access_token` in URL → Stores in HTTP-only cookie → Cleans URL → Allows access\r\n * 6. SDK also detects token from URL → Stores in localStorage → Updates auth state\r\n * \r\n * **Important Notes:**\r\n * - This middleware only checks if a token exists, it doesn't validate it\r\n * - Tokens from URL are automatically extracted and stored in cookies\r\n * - When `useBuiltInAuth: true`, local routes map to backend's fixed auth paths\r\n * - You can customize local route paths (e.g., `/login`) while backend paths remain fixed\r\n * - After successful auth, users are redirected to `afterSignInUrl` (default: `/`), not back to the auth page\r\n * \r\n * @param config - Middleware configuration\r\n * @returns Next.js middleware function\r\n *\r\n * @example\r\n * ```ts\r\n * // middleware.ts - Using built-in auth\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n *\r\n * export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/', '/about'],\r\n * afterSignInUrl: '/', // Redirect here after successful auth\r\n * useBuiltInAuth: true,\r\n * });\r\n *\r\n * export const config = {\r\n * matcher: ['/((?!_next|api|.*\\\\..*).*)'],\r\n * };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Custom local auth pages with custom paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n *\r\n * export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/login', '/register', '/', '/about'],\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * afterSignInUrl: '/dashboard',\r\n * useBuiltInAuth: false,\r\n * });\r\n *\r\n * export const config = {\r\n * matcher: ['/((?!_next|api|.*\\\\..*).*)'],\r\n * };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Built-in auth with custom auth route paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n *\r\n * export default InsforgeMiddleware({\r\n * baseUrl: 'https://your-backend.com',\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * forgotPasswordUrl: '/forgot',\r\n * afterSignInUrl: '/dashboard',\r\n * useBuiltInAuth: true,\r\n * });\r\n * ```\r\n */\r\nexport function InsforgeMiddleware(config: InsforgeMiddlewareConfig) {\r\n const {\r\n baseUrl,\r\n publicRoutes = [\"/\"],\r\n signInUrl = '/sign-in',\r\n signUpUrl = '/sign-up',\r\n forgotPasswordUrl = '/forgot-password',\r\n afterSignInUrl = '/',\r\n cookieName = 'insforge_token',\r\n useBuiltInAuth = true,\r\n } = config;\r\n\r\n return async function middleware(request: NextRequest) {\r\n const { pathname, searchParams } = request.nextUrl;\r\n\r\n // STEP 1: Check if URL contains access_token (from backend redirect after auth)\r\n const accessToken = searchParams.get('access_token');\r\n \r\n if (accessToken) {\r\n // Token detected in URL - store it in HTTP-only cookie and clean URL\r\n const response = NextResponse.redirect(new URL(pathname, request.url));\r\n \r\n // Set HTTP-only cookie with secure settings\r\n response.cookies.set(cookieName, accessToken, {\r\n httpOnly: true,\r\n secure: process.env.NODE_ENV === 'production',\r\n sameSite: 'lax',\r\n path: '/',\r\n maxAge: 60 * 60 * 24 * 7, // 7 days\r\n });\r\n \r\n return response;\r\n }\r\n\r\n // STEP 2: Handle built-in auth redirects for authentication pages\r\n // Map local auth routes to backend's fixed auth pages\r\n if (useBuiltInAuth) {\r\n const authRouteMapping: Record<string, string> = {\r\n [signInUrl]: '/auth/sign-in',\r\n [signUpUrl]: '/auth/sign-up',\r\n [forgotPasswordUrl]: '/auth/forgot-password',\r\n };\r\n\r\n const backendAuthPath = authRouteMapping[pathname];\r\n if (backendAuthPath) {\r\n // Redirect to afterSignInUrl after successful authentication\r\n const redirectUrl = new URL(afterSignInUrl, request.url).toString();\r\n const backendAuthUrl = new URL(backendAuthPath, baseUrl);\r\n backendAuthUrl.searchParams.set('redirect', redirectUrl);\r\n return NextResponse.redirect(backendAuthUrl.toString());\r\n }\r\n }\r\n\r\n // STEP 3: Check if route is public\r\n const isPublicRoute = publicRoutes.some((route) => {\r\n if (route.endsWith('*')) {\r\n // Wildcard route: /admin/* matches /admin/anything\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n // Exact match or starts with route path\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n if (isPublicRoute) {\r\n return NextResponse.next();\r\n }\r\n\r\n // STEP 4: Check for authentication token in cookies\r\n const token = request.cookies.get(cookieName)?.value;\r\n\r\n if (!token) {\r\n // No token found, redirect to sign-in\r\n if (useBuiltInAuth) {\r\n // Built-in auth: redirect to backend's /auth/sign-in page\r\n // Backend will redirect back to current URL with token\r\n const backendSignInUrl = new URL('/auth/sign-in', baseUrl);\r\n backendSignInUrl.searchParams.set('redirect', request.url);\r\n return NextResponse.redirect(backendSignInUrl);\r\n } else {\r\n // Custom auth: redirect to local sign-in page\r\n const localSignInUrl = new URL(signInUrl, request.url);\r\n localSignInUrl.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(localSignInUrl);\r\n }\r\n }\r\n\r\n // Token exists in cookie, allow request to continue\r\n return NextResponse.next();\r\n };\r\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA0C;AA0InC,SAAS,mBAAmB,QAAkC;AACnE,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,CAAC,GAAG;AAAA,IACnB,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,oBAAoB;AAAA,IACpB,iBAAiB;AAAA,IACjB,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB,IAAI;AAEJ,SAAO,eAAe,WAAW,SAAsB;AACrD,UAAM,EAAE,UAAU,aAAa,IAAI,QAAQ;AAG3C,UAAM,cAAc,aAAa,IAAI,cAAc;AAEnD,QAAI,aAAa;AAEf,YAAM,WAAW,2BAAa,SAAS,IAAI,IAAI,UAAU,QAAQ,GAAG,CAAC;AAGrE,eAAS,QAAQ,IAAI,YAAY,aAAa;AAAA,QAC5C,UAAU;AAAA,QACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,QACjC,UAAU;AAAA,QACV,MAAM;AAAA,QACN,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAED,aAAO;AAAA,IACT;AAIA,QAAI,gBAAgB;AAClB,YAAM,mBAA2C;AAAA,QAC/C,CAAC,SAAS,GAAG;AAAA,QACb,CAAC,SAAS,GAAG;AAAA,QACb,CAAC,iBAAiB,GAAG;AAAA,MACvB;AAEA,YAAM,kBAAkB,iBAAiB,QAAQ;AACjD,UAAI,iBAAiB;AAEnB,cAAM,cAAc,IAAI,IAAI,gBAAgB,QAAQ,GAAG,EAAE,SAAS;AAClE,cAAM,iBAAiB,IAAI,IAAI,iBAAiB,OAAO;AACvD,uBAAe,aAAa,IAAI,YAAY,WAAW;AACvD,eAAO,2BAAa,SAAS,eAAe,SAAS,CAAC;AAAA,MACxD;AAAA,IACF;AAGA,UAAM,gBAAgB,aAAa,KAAK,CAAC,UAAU;AACjD,UAAI,MAAM,SAAS,GAAG,GAAG;AAEvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AAEA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAED,QAAI,eAAe;AACjB,aAAO,2BAAa,KAAK;AAAA,IAC3B;AAGA,UAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,QAAI,CAAC,OAAO;AAEV,UAAI,gBAAgB;AAGlB,cAAM,mBAAmB,IAAI,IAAI,iBAAiB,OAAO;AACzD,yBAAiB,aAAa,IAAI,YAAY,QAAQ,GAAG;AACzD,eAAO,2BAAa,SAAS,gBAAgB;AAAA,MAC/C,OAAO;AAEL,cAAM,iBAAiB,IAAI,IAAI,WAAW,QAAQ,GAAG;AACrD,uBAAe,aAAa,IAAI,YAAY,QAAQ;AACpD,eAAO,2BAAa,SAAS,cAAc;AAAA,MAC7C;AAAA,IACF;AAGA,WAAO,2BAAa,KAAK;AAAA,EAC3B;AACF;","names":[]}
package/dist/middleware.mjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/middleware/InsforgeMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\r\n\r\nexport interface InsforgeMiddlewareConfig {\r\n /**\r\n * Base URL of your Insforge backend\r\n * @example 'https://your-backend.com' or 'http://localhost:3001'\r\n */\r\n baseUrl: string;\r\n\r\n /**\r\n * Routes that are public and don't require authentication\r\n * @default ['/']\r\n * @example ['/sign-in', '/sign-up', '/', '/about']\r\n */\r\n publicRoutes?: string[];\r\n\r\n /**\r\n * Local route path for sign-in (can be customized to any path like '/login')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-in`\r\n * @default '/sign-in'\r\n */\r\n signInUrl?: string;\r\n\r\n /**\r\n * Local route path for sign-up (can be customized to any path like '/register')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-up`\r\n * @default '/sign-up'\r\n */\r\n signUpUrl?: string;\r\n\r\n /**\r\n * Local route path for forgot password\r\n * When using built-in auth, this will redirect to backend's `/auth/forgot-password`\r\n * @default '/forgot-password'\r\n */\r\n forgotPasswordUrl?: string;\r\n\r\n /**\r\n * URL to redirect to after successful authentication\r\n * When user completes sign-in/sign-up, they will be redirected to this URL with token in URL\r\n * @default '/'\r\n */\r\n afterSignInUrl?: string;\r\n\r\n /**\r\n * Cookie name for the auth token\r\n * @default 'insforge_token'\r\n */\r\n cookieName?: string;\r\n\r\n /**\r\n * Whether to use built-in authentication pages hosted on the backend\r\n * - When true: redirects to backend's `/auth/sign-in` and `/auth/sign-up` pages\r\n * - When false: redirects to local sign-in/sign-up pages (you provide your own components)\r\n * @default true\r\n */\r\n useBuiltInAuth?: boolean;\r\n}\r\n\r\n/**\r\n * Creates Next.js middleware for protecting routes with Insforge authentication.\r\n * \r\n * This middleware provides lightweight route protection by:\r\n * - Detecting and storing auth tokens from URL parameters (after backend redirect)\r\n * - Checking for auth token presence in cookies\r\n * - Redirecting unauthenticated users to sign-in page\r\n * - Allowing public routes to be accessed without authentication\r\n * - Mapping local auth routes to backend's fixed paths when using built-in auth\r\n * \r\n * **How Authentication Flow Works:**\r\n * 1. User visits protected route → Middleware checks for token\r\n * 2. No token → Redirects to sign-in (backend or local)\r\n * 3. User accesses auth page (e.g., /sign-in) → Redirects to backend with afterSignInUrl as redirect target\r\n * 4. After sign-in → Backend redirects to `yourapp.com/afterSignInUrl?access_token=xxx&user_id=xxx...`\r\n * 5. Middleware detects `access_token` in URL → Stores in HTTP-only cookie → Cleans URL → Allows access\r\n * 6. SDK also detects token from URL → Stores in localStorage → Updates auth state\r\n * \r\n * **Important Notes:**\r\n * - This middleware only checks if a token exists, it doesn't validate it\r\n * - Tokens from URL are automatically extracted and stored in cookies\r\n * - When `useBuiltInAuth: true`, local routes map to backend's fixed auth paths\r\n * - You can customize local route paths (e.g., `/login`) while backend paths remain fixed\r\n * - After successful auth, users are redirected to `afterSignInUrl` (default: `/`), not back to the auth page\r\n * \r\n * @param config - Middleware configuration\r\n * @returns Next.js middleware function\r\n *\r\n * @example\r\n * ```ts\r\n * // middleware.ts - Using built-in auth\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n *\r\n * export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/', '/about'],\r\n * afterSignInUrl: '/', // Redirect here after successful auth\r\n * useBuiltInAuth: true,\r\n * });\r\n *\r\n * export const config = {\r\n * matcher: ['/((?!_next|api|.*\\\\..*).*)'],\r\n * };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Custom local auth pages with custom paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n *\r\n * export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/login', '/register', '/', '/about'],\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * afterSignInUrl: '/dashboard',\r\n * useBuiltInAuth: false,\r\n * });\r\n *\r\n * export const config = {\r\n * matcher: ['/((?!_next|api|.*\\\\..*).*)'],\r\n * };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Built-in auth with custom auth route paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n *\r\n * export default InsforgeMiddleware({\r\n * baseUrl: 'https://your-backend.com',\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * forgotPasswordUrl: '/forgot',\r\n * afterSignInUrl: '/dashboard',\r\n * useBuiltInAuth: true,\r\n * });\r\n * ```\r\n */\r\nexport function InsforgeMiddleware(config: InsforgeMiddlewareConfig) {\r\n const {\r\n baseUrl,\r\n publicRoutes = [\"/\"],\r\n signInUrl = '/sign-in',\r\n signUpUrl = '/sign-up',\r\n forgotPasswordUrl = '/forgot-password',\r\n afterSignInUrl = '/',\r\n cookieName = 'insforge_token',\r\n useBuiltInAuth = true,\r\n } = config;\r\n\r\n return async function middleware(request: NextRequest) {\r\n const { pathname, searchParams } = request.nextUrl;\r\n\r\n // STEP 1: Check if URL contains access_token (from backend redirect after auth)\r\n const accessToken = searchParams.get('access_token');\r\n \r\n if (accessToken) {\r\n // Token detected in URL - store it in HTTP-only cookie and clean URL\r\n const response = NextResponse.redirect(new URL(pathname, request.url));\r\n \r\n // Set HTTP-only cookie with secure settings\r\n response.cookies.set(cookieName, accessToken, {\r\n httpOnly: true,\r\n secure: process.env.NODE_ENV === 'production',\r\n sameSite: 'lax',\r\n path: '/',\r\n maxAge: 60 * 60 * 24 * 7, // 7 days\r\n });\r\n \r\n return response;\r\n }\r\n\r\n // STEP 2: Handle built-in auth redirects for authentication pages\r\n // Map local auth routes to backend's fixed auth pages\r\n if (useBuiltInAuth) {\r\n const authRouteMapping: Record<string, string> = {\r\n [signInUrl]: '/auth/sign-in',\r\n [signUpUrl]: '/auth/sign-up',\r\n [forgotPasswordUrl]: '/auth/forgot-password',\r\n };\r\n\r\n const backendAuthPath = authRouteMapping[pathname];\r\n if (backendAuthPath) {\r\n // Redirect to afterSignInUrl after successful authentication\r\n const redirectUrl = new URL(afterSignInUrl, request.url).toString();\r\n const backendAuthUrl = new URL(backendAuthPath, baseUrl);\r\n backendAuthUrl.searchParams.set('redirect', redirectUrl);\r\n return NextResponse.redirect(backendAuthUrl.toString());\r\n }\r\n }\r\n\r\n // STEP 3: Check if route is public\r\n const isPublicRoute = publicRoutes.some((route) => {\r\n if (route.endsWith('*')) {\r\n // Wildcard route: /admin/* matches /admin/anything\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n // Exact match or starts with route path\r\n return pathname === route || pathname.startsWith(route + '/');\r\n });\r\n\r\n if (isPublicRoute) {\r\n return NextResponse.next();\r\n }\r\n\r\n // STEP 4: Check for authentication token in cookies\r\n const token = request.cookies.get(cookieName)?.value;\r\n\r\n if (!token) {\r\n // No token found, redirect to sign-in\r\n if (useBuiltInAuth) {\r\n // Built-in auth: redirect to backend's /auth/sign-in page\r\n // Backend will redirect back to current URL with token\r\n const backendSignInUrl = new URL('/auth/sign-in', baseUrl);\r\n backendSignInUrl.searchParams.set('redirect', request.url);\r\n return NextResponse.redirect(backendSignInUrl);\r\n } else {\r\n // Custom auth: redirect to local sign-in page\r\n const localSignInUrl = new URL(signInUrl, request.url);\r\n localSignInUrl.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(localSignInUrl);\r\n }\r\n }\r\n\r\n // Token exists in cookie, allow request to continue\r\n return NextResponse.next();\r\n };\r\n}"],"mappings":";;;AAAA,SAAsB,oBAAoB;AA0InC,SAAS,mBAAmB,QAAkC;AACnE,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,CAAC,GAAG;AAAA,IACnB,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,oBAAoB;AAAA,IACpB,iBAAiB;AAAA,IACjB,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB,IAAI;AAEJ,SAAO,eAAe,WAAW,SAAsB;AACrD,UAAM,EAAE,UAAU,aAAa,IAAI,QAAQ;AAG3C,UAAM,cAAc,aAAa,IAAI,cAAc;AAEnD,QAAI,aAAa;AAEf,YAAM,WAAW,aAAa,SAAS,IAAI,IAAI,UAAU,QAAQ,GAAG,CAAC;AAGrE,eAAS,QAAQ,IAAI,YAAY,aAAa;AAAA,QAC5C,UAAU;AAAA,QACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,QACjC,UAAU;AAAA,QACV,MAAM;AAAA,QACN,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAED,aAAO;AAAA,IACT;AAIA,QAAI,gBAAgB;AAClB,YAAM,mBAA2C;AAAA,QAC/C,CAAC,SAAS,GAAG;AAAA,QACb,CAAC,SAAS,GAAG;AAAA,QACb,CAAC,iBAAiB,GAAG;AAAA,MACvB;AAEA,YAAM,kBAAkB,iBAAiB,QAAQ;AACjD,UAAI,iBAAiB;AAEnB,cAAM,cAAc,IAAI,IAAI,gBAAgB,QAAQ,GAAG,EAAE,SAAS;AAClE,cAAM,iBAAiB,IAAI,IAAI,iBAAiB,OAAO;AACvD,uBAAe,aAAa,IAAI,YAAY,WAAW;AACvD,eAAO,aAAa,SAAS,eAAe,SAAS,CAAC;AAAA,MACxD;AAAA,IACF;AAGA,UAAM,gBAAgB,aAAa,KAAK,CAAC,UAAU;AACjD,UAAI,MAAM,SAAS,GAAG,GAAG;AAEvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AAEA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAED,QAAI,eAAe;AACjB,aAAO,aAAa,KAAK;AAAA,IAC3B;AAGA,UAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,QAAI,CAAC,OAAO;AAEV,UAAI,gBAAgB;AAGlB,cAAM,mBAAmB,IAAI,IAAI,iBAAiB,OAAO;AACzD,yBAAiB,aAAa,IAAI,YAAY,QAAQ,GAAG;AACzD,eAAO,aAAa,SAAS,gBAAgB;AAAA,MAC/C,OAAO;AAEL,cAAM,iBAAiB,IAAI,IAAI,WAAW,QAAQ,GAAG;AACrD,uBAAe,aAAa,IAAI,YAAY,QAAQ;AACpD,eAAO,aAAa,SAAS,cAAc;AAAA,MAC7C;AAAA,IACF;AAGA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;","names":[]}
/package/dist/{api.d.mts → api/route-handlers.d.ts} RENAMED
File without changes