npm - @insforge/nextjs - Versions diffs - 0.8.8 → 0.8.9 - Mend

@insforge/nextjs 0.8.8 → 0.8.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md CHANGED Viewed

@@ -68,22 +68,7 @@ export const DELETE = handlers.DELETE;
 - `GET /api/auth` - Retrieves user data server-side
 - `DELETE /api/auth` - Clears auth cookie on sign out
-### 3. Create Callback Page
-Handle OAuth redirects with the `<InsforgeCallback>` component:
-```tsx
-// app/auth/callback/page.tsx
-'use client';
-import { InsforgeCallback } from '@insforge/nextjs';
-export default function CallbackPage() {
-  return <InsforgeCallback />;
-}
-```
-### 4. Setup Middleware
+### 3. Setup Middleware
 Protect routes with middleware:
@@ -107,7 +92,7 @@ export const config = {
 - Verifies tokens server-side
 - Allows public routes without auth
-### 5. Use Hooks & Components
+### 4. Use Hooks & Components
 ```tsx
 // app/page.tsx
@@ -153,13 +138,12 @@ function Component() {
    ↓
 2. User signs in on backend (https://your-project.insforge.app/auth/sign-in)
    ↓
-3. Backend redirects: yourapp.com/auth/callback?access_token=xxx&user_id=xxx...
+3. Backend redirects: yourapp.com?access_token=xxx&user_id=xxx...
    ↓
-4. <InsforgeCallback> component:
-   - SDK auto-detects and stores token
-   - Reloads auth state in provider
-   - Syncs token to HTTP-only cookie
-   - Redirects to destination
+4. SDK auto-detects URL parameters:
+   - Stores token in localStorage
+   - Provider automatically reloads auth state
+   - Token syncs to HTTP-only cookie (via API route)
    ↓
 5. User sees dashboard with authenticated state
 ```
@@ -421,24 +405,6 @@ import { Protect } from '@insforge/nextjs';
 </Protect>
 ```
-### InsforgeCallback Options
-```tsx
-<InsforgeCallback
-  redirectTo="/dashboard"
-  onSuccess={() => console.log('Authentication successful!')}
-  onError={(error) => console.error('Authentication failed:', error)}
-  loadingComponent={
-    <div className="flex items-center justify-center min-h-screen">
-      <div className="text-center">
-        <h2 className="text-2xl font-semibold mb-4">Signing you in...</h2>
-        <div className="animate-spin rounded-full h-12 w-12 border-b-2 border-blue-600 mx-auto"></div>
-      </div>
-    </div>
-  }
-/>
-```
 ### Auth Change Callback
 Track authentication events:

package/dist/index.d.mts CHANGED Viewed

@@ -1,7 +1,7 @@
 export * from '@insforge/react/types';
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import { ReactNode } from 'react';
-import { useInsforge as useInsforge$1 } from '@insforge/react';
+import { InsforgeUser, useInsforge as useInsforge$1 } from '@insforge/react';
 import { ClassValue } from 'clsx';
 export * from '@insforge/react/hooks';
 export * from '@insforge/react/components';
@@ -9,7 +9,7 @@ export * from '@insforge/react/components';
 interface InsforgeProviderProps {
     children: ReactNode;
     baseUrl: string;
-    onAuthChange?: (user: any) => void;
+    onAuthChange?: (user: InsforgeUser | null) => void;
 }
 declare function InsforgeProvider({ children, baseUrl, onAuthChange, }: InsforgeProviderProps): react_jsx_runtime.JSX.Element;
 declare const useInsforge: typeof useInsforge$1;

package/dist/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 export * from '@insforge/react/types';
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import { ReactNode } from 'react';
-import { useInsforge as useInsforge$1 } from '@insforge/react';
+import { InsforgeUser, useInsforge as useInsforge$1 } from '@insforge/react';
 import { ClassValue } from 'clsx';
 export * from '@insforge/react/hooks';
 export * from '@insforge/react/components';
@@ -9,7 +9,7 @@ export * from '@insforge/react/components';
 interface InsforgeProviderProps {
     children: ReactNode;
     baseUrl: string;
-    onAuthChange?: (user: any) => void;
+    onAuthChange?: (user: InsforgeUser | null) => void;
 }
 declare function InsforgeProvider({ children, baseUrl, onAuthChange, }: InsforgeProviderProps): react_jsx_runtime.JSX.Element;
 declare const useInsforge: typeof useInsforge$1;

package/dist/index.js CHANGED Viewed

@@ -32,9 +32,9 @@ __reExport(src_exports, require("@insforge/react/types"), module.exports);
 // src/provider/InsforgeProvider.tsx
 var import_react = require("@insforge/react");
 var import_jsx_runtime = require("react/jsx-runtime");
-async function syncTokenToCookie(token) {
+async function handleSignIn(token) {
   try {
-    const response = await fetch("/api/auth", {
+    await fetch("/api/auth", {
       method: "POST",
       headers: {
         "Content-Type": "application/json"
@@ -44,15 +44,11 @@ async function syncTokenToCookie(token) {
         token
       })
     });
-    if (!response.ok) {
-      return false;
-    }
-    return true;
   } catch (error) {
-    return false;
+    console.error("[InsforgeProvider] Failed to sync token to cookie:", error);
   }
 }
-async function clearCookie() {
+async function handleSignOut() {
   try {
     await fetch("/api/auth", { method: "DELETE" });
   } catch (error) {
@@ -63,16 +59,14 @@ function InsforgeProvider({
   baseUrl,
   onAuthChange
 }) {
-  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
-    import_react.InsforgeProvider,
-    {
-      baseUrl,
-      onAuthChange,
-      syncTokenToCookie,
-      clearCookie,
-      children
-    }
-  );
+  const providerProps = {
+    children,
+    baseUrl,
+    onAuthChange,
+    onSignIn: handleSignIn,
+    onSignOut: handleSignOut
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_react.InsforgeProvider, { ...providerProps });
 }
 var useInsforge = import_react.useInsforge;

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts","../src/provider/InsforgeProvider.tsx","../src/lib/utils.ts"],"sourcesContent":["export * from '@insforge/react/types';\n\n// Provider\nexport { InsforgeProvider, useInsforge } from './provider/InsforgeProvider';\nexport { cn } from './lib/utils';\n\n// Hooks\nexport * from '@insforge/react/hooks';\n\n// Components\nexport * from '@insforge/react/components';\n","'use client';\n\nimport type { ReactNode } from 'react';\nimport { InsforgeProvider as ReactInsforgeProvider, useInsforge as useReactInsforge } from '@insforge/react';\n\nexport interface InsforgeProviderProps {\n children: ReactNode;\n baseUrl: string;\n onAuthChange?: (user: ~~any~~) => void;\n}\n\n// Sync token ~~from localStorage~~ to server-side cookie ~~via~~ ~~API~~\nasync function ~~syncTokenToCookie~~(token: string): Promise<~~boolean~~> {\n try {\n ~~const response =~~ await fetch('/api/auth', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n action: 'sync-token',\n token,\n }),\n });\n~~\n if (!response.ok) {\n return false;\n }\n\n return true;\n~~ } catch (error) {\n ~~return~~ ~~false~~;\n }\n}\n\n// Clear HTTP-only cookie ~~via~~ ~~API~~\nasync function ~~clearCookie~~(): Promise<void> {\n try {\n await fetch('/api/auth', { method: 'DELETE' });\n } catch (error) {\n // API route doesn't exist - ignore\n }\n}\n\n/*\n Insforge Provider for Next.js - wraps @insforge/react provider with Next.js-specific cookie sync\n * \n * Manages user authentication state and provides all necessary context to child components.\n * Automatically syncs authentication tokens to HTTP-only cookies for server-side middleware support.\n * \n * @example\n * ```tsx\n * import { InsforgeProvider } from '@insforge/nextjs';\n * \n * export default function RootLayout({ children }) {\n * return (\n * <InsforgeProvider baseUrl={process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!}>\n * {children}\n * </InsforgeProvider>\n * );\n * }\n * ```\n /\nexport function InsforgeProvider({ \n children, \n baseUrl,\n onAuthChange,\n}: InsforgeProviderProps) {\n ~~return~~ (\n ~~<ReactInsforgeProvider\~~n baseUrl~~={baseUrl}\~~n onAuthChange~~={onAuthChange}\~~n ~~syncTokenToCookie={syncTokenToCookie}\~~n ~~clearCookie={clearCookie}\n~~ >\n ~~{children~~}\n </ReactInsforgeProvider>\n ~~);\n~~}\n\n/\n Hook to access Insforge context\n * \n * Re-exports the hook from @insforge/react for convenience.\n * \n * @example\n * ```tsx\n * function MyComponent() {\n * const { user, isSignedIn, signOut } = useInsforge();\n * \n * if (!isSignedIn) return <SignIn />;\n * \n * return (\n * <div>\n * <p>Welcome {user.email}</p>\n * <button onClick={signOut}>Sign Out</button>\n * </div>\n * );\n * }\n * ```\n /\nexport const useInsforge = useReactInsforge;\n","import { type ClassValue, clsx } from 'clsx';\r\nimport { twMerge } from 'tailwind-merge';\r\n\r\n/\r\n Utility function to merge Tailwind CSS classes with clsx\r\n * Allows users to inject custom className overrides\r\n * \r\n * @example\r\n * ```tsx\r\n * cn(\"text-base\", isDark && \"text-white\", customClassName)\r\n * ```\r\n */\r\nexport function cn(...inputs: ClassValue[]) {\r\n return twMerge(clsx(inputs));\r\n}\r\n\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,wBAAc,kCAAd;;;ACGA,~~mBAA2F~~;~~AAkEvF~~;~~AAzDJ~~,eAAe,~~kBAAkB~~,~~OAAiC~~;~~AAChE~~,MAAI;AACF,UAAM,~~WAAW,~~MAAM,~~MAAM,~~aAAa;AAAA,~~MACxC~~,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,QAAQ;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IACH,CAAC;~~AAED~~,~~QAAI~~,~~CAAC,~~SAAS,~~IAAI~~;~~AAChB~~,~~aAAO;AAAA~~,~~IACT;AAEA~~,~~WAAO;AAAA~~,~~EACT,SAAS,OAAO~~;~~AACd,WAAO;~~AAAA,~~EACT~~;AACF;AAGA,eAAe,~~cAA6B~~;~~AAC1C~~,MAAI;AACF,UAAM,MAAM,aAAa,EAAE,QAAQ,SAAS,CAAC;AAAA,EAC/C,SAAS,OAAO;AAAA,EAEhB;AACF;AAqBO,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AACF,GAA0B;AACxB,~~SACE;AAAA~~,~~IAAC,aAAAA~~;AAAA,~~IAAA~~;AAAA,~~MACC~~;AAAA,~~MACA~~;AAAA,~~MACA~~;AAAA,~~MACA~~;AAAA,~~MAEC~~;~~AAAA;AAAA~~,~~EACH~~;~~AAEJ~~;AAuBO,IAAM,cAAc,aAAAC;;;~~ACrG3B~~,kBAAsC;AACtC,4BAAwB;AAWjB,SAAS,MAAM,QAAsB;AAC1C,aAAO,mCAAQ,kBAAK,MAAM,CAAC;AAC7B;;;AFPA,wBAAc,kCAPd;AAUA,wBAAc,uCAVd;","names":["ReactInsforgeProvider","useReactInsforge"]}
1	+ {"version":3,"sources":["../src/index.ts","../src/provider/InsforgeProvider.tsx","../src/lib/utils.ts"],"sourcesContent":["export * from '@insforge/react/types';\n\n// Provider\nexport { InsforgeProvider, useInsforge } from './provider/InsforgeProvider';\nexport { cn } from './lib/utils';\n\n// Hooks\nexport * from '@insforge/react/hooks';\n\n// Components\nexport * from '@insforge/react/components';\n","'use client';\n\nimport type { ReactNode } from 'react';\nimport { \n InsforgeProvider as ReactInsforgeProvider, \n useInsforge as useReactInsforge,\n type InsforgeUser\n} from '@insforge/react';\n\nexport interface InsforgeProviderProps {\n children: ReactNode;\n baseUrl: string;\n onAuthChange?: (user: InsforgeUser \| null) => void;\n}\n\n// Extended interface for React provider that includes internal handlers\ninterface ExtendedProviderProps extends InsforgeProviderProps {\n onSignIn?: (authToken: string) => Promise<void>;\n onSignOut?: () => Promise<void>;\n}\n\n// Sync token to server-side cookie on sign in\nasync function handleSignIn(token: string): Promise<void> {\n try {\n await fetch('/api/auth', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n action: 'sync-token',\n token,\n }),\n });\n } catch (error) {\n console.error('[InsforgeProvider] Failed to sync token to cookie:', error);\n }\n}\n\n// Clear HTTP-only cookie on sign out\nasync function handleSignOut(): Promise<void> {\n try {\n await fetch('/api/auth', { method: 'DELETE' });\n } catch (error) {\n // API route doesn't exist - ignore\n }\n}\n\n/*\n Insforge Provider for Next.js - wraps @insforge/react provider with Next.js-specific cookie sync\n * \n * Manages user authentication state and provides all necessary context to child components.\n * Automatically syncs authentication tokens to HTTP-only cookies for server-side middleware support.\n * \n * @example\n * ```tsx\n * import { InsforgeProvider } from '@insforge/nextjs';\n * \n * export default function RootLayout({ children }) {\n * return (\n * <InsforgeProvider baseUrl={process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!}>\n * {children}\n * </InsforgeProvider>\n * );\n * }\n * ```\n /\nexport function InsforgeProvider({ \n children, \n baseUrl,\n onAuthChange,\n}: InsforgeProviderProps) {\n const providerProps: ExtendedProviderProps = {\n children,\n baseUrl,\n onAuthChange,\n onSignIn: handleSignIn,\n onSignOut: handleSignOut,\n };\n\n return <ReactInsforgeProvider {...providerProps} />;\n}\n\n/\n Hook to access Insforge context\n * \n * Re-exports the hook from @insforge/react for convenience.\n * \n * @example\n * ```tsx\n * function MyComponent() {\n * const { user, isSignedIn, signOut } = useInsforge();\n * \n * if (!isSignedIn) return <SignIn />;\n * \n * return (\n * <div>\n * <p>Welcome {user.email}</p>\n * <button onClick={signOut}>Sign Out</button>\n * </div>\n * );\n * }\n * ```\n /\nexport const useInsforge = useReactInsforge;\n","import { type ClassValue, clsx } from 'clsx';\r\nimport { twMerge } from 'tailwind-merge';\r\n\r\n/\r\n Utility function to merge Tailwind CSS classes with clsx\r\n * Allows users to inject custom className overrides\r\n * \r\n * @example\r\n * ```tsx\r\n * cn(\"text-base\", isDark && \"text-white\", customClassName)\r\n * ```\r\n */\r\nexport function cn(...inputs: ClassValue[]) {\r\n return twMerge(clsx(inputs));\r\n}\r\n\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,wBAAc,kCAAd;;;ACGA,mBAIO;AAyEE;AA1DT,eAAe,aAAa,OAA8B;AACxD,MAAI;AACF,UAAM,MAAM,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,QAAQ;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,sDAAsD,KAAK;AAAA,EAC3E;AACF;AAGA,eAAe,gBAA+B;AAC5C,MAAI;AACF,UAAM,MAAM,aAAa,EAAE,QAAQ,SAAS,CAAC;AAAA,EAC/C,SAAS,OAAO;AAAA,EAEhB;AACF;AAqBO,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AACF,GAA0B;AACxB,QAAM,gBAAuC;AAAA,IAC3C;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU;AAAA,IACV,WAAW;AAAA,EACb;AAEA,SAAO,4CAAC,aAAAA,kBAAA,EAAuB,GAAG,eAAe;AACnD;AAuBO,IAAM,cAAc,aAAAC;;;ACxG3B,kBAAsC;AACtC,4BAAwB;AAWjB,SAAS,MAAM,QAAsB;AAC1C,aAAO,mCAAQ,kBAAK,MAAM,CAAC;AAC7B;;;AFPA,wBAAc,kCAPd;AAUA,wBAAc,uCAVd;","names":["ReactInsforgeProvider","useReactInsforge"]}

package/dist/index.mjs CHANGED Viewed

@@ -4,11 +4,14 @@
 export * from "@insforge/react/types";
 // src/provider/InsforgeProvider.tsx
-import { InsforgeProvider as ReactInsforgeProvider, useInsforge as useReactInsforge } from "@insforge/react";
+import {
+  InsforgeProvider as ReactInsforgeProvider,
+  useInsforge as useReactInsforge
+} from "@insforge/react";
 import { jsx } from "react/jsx-runtime";
-async function syncTokenToCookie(token) {
+async function handleSignIn(token) {
   try {
-    const response = await fetch("/api/auth", {
+    await fetch("/api/auth", {
       method: "POST",
       headers: {
         "Content-Type": "application/json"
@@ -18,15 +21,11 @@ async function syncTokenToCookie(token) {
         token
       })
     });
-    if (!response.ok) {
-      return false;
-    }
-    return true;
   } catch (error) {
-    return false;
+    console.error("[InsforgeProvider] Failed to sync token to cookie:", error);
   }
 }
-async function clearCookie() {
+async function handleSignOut() {
   try {
     await fetch("/api/auth", { method: "DELETE" });
   } catch (error) {
@@ -37,16 +36,14 @@ function InsforgeProvider({
   baseUrl,
   onAuthChange
 }) {
-  return /* @__PURE__ */ jsx(
-    ReactInsforgeProvider,
-    {
-      baseUrl,
-      onAuthChange,
-      syncTokenToCookie,
-      clearCookie,
-      children
-    }
-  );
+  const providerProps = {
+    children,
+    baseUrl,
+    onAuthChange,
+    onSignIn: handleSignIn,
+    onSignOut: handleSignOut
+  };
+  return /* @__PURE__ */ jsx(ReactInsforgeProvider, { ...providerProps });
 }
 var useInsforge = useReactInsforge;

package/dist/index.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts","../src/provider/InsforgeProvider.tsx","../src/lib/utils.ts"],"sourcesContent":["export * from '@insforge/react/types';\n\n// Provider\nexport { InsforgeProvider, useInsforge } from './provider/InsforgeProvider';\nexport { cn } from './lib/utils';\n\n// Hooks\nexport * from '@insforge/react/hooks';\n\n// Components\nexport * from '@insforge/react/components';\n","'use client';\n\nimport type { ReactNode } from 'react';\nimport { InsforgeProvider as ReactInsforgeProvider, useInsforge as useReactInsforge } from '@insforge/react';\n\nexport interface InsforgeProviderProps {\n children: ReactNode;\n baseUrl: string;\n onAuthChange?: (user: ~~any~~) => void;\n}\n\n// Sync token ~~from localStorage~~ to server-side cookie ~~via~~ ~~API~~\nasync function ~~syncTokenToCookie~~(token: string): Promise<~~boolean~~> {\n try {\n ~~const response =~~ await fetch('/api/auth', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n action: 'sync-token',\n token,\n }),\n });\n~~\n if (!response.ok) {\n return false;\n }\n\n return true;\n~~ } catch (error) {\n ~~return~~ ~~false~~;\n }\n}\n\n// Clear HTTP-only cookie ~~via~~ ~~API~~\nasync function ~~clearCookie~~(): Promise<void> {\n try {\n await fetch('/api/auth', { method: 'DELETE' });\n } catch (error) {\n // API route doesn't exist - ignore\n }\n}\n\n/*\n Insforge Provider for Next.js - wraps @insforge/react provider with Next.js-specific cookie sync\n * \n * Manages user authentication state and provides all necessary context to child components.\n * Automatically syncs authentication tokens to HTTP-only cookies for server-side middleware support.\n * \n * @example\n * ```tsx\n * import { InsforgeProvider } from '@insforge/nextjs';\n * \n * export default function RootLayout({ children }) {\n * return (\n * <InsforgeProvider baseUrl={process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!}>\n * {children}\n * </InsforgeProvider>\n * );\n * }\n * ```\n /\nexport function InsforgeProvider({ \n children, \n baseUrl,\n onAuthChange,\n}: InsforgeProviderProps) {\n ~~return~~ (\n ~~<ReactInsforgeProvider\~~n baseUrl~~={baseUrl}\~~n onAuthChange~~={onAuthChange}\~~n ~~syncTokenToCookie={syncTokenToCookie}\~~n ~~clearCookie={clearCookie}\n~~ >\n ~~{children~~}\n </ReactInsforgeProvider>\n ~~);\n~~}\n\n/\n Hook to access Insforge context\n * \n * Re-exports the hook from @insforge/react for convenience.\n * \n * @example\n * ```tsx\n * function MyComponent() {\n * const { user, isSignedIn, signOut } = useInsforge();\n * \n * if (!isSignedIn) return <SignIn />;\n * \n * return (\n * <div>\n * <p>Welcome {user.email}</p>\n * <button onClick={signOut}>Sign Out</button>\n * </div>\n * );\n * }\n * ```\n /\nexport const useInsforge = useReactInsforge;\n","import { type ClassValue, clsx } from 'clsx';\r\nimport { twMerge } from 'tailwind-merge';\r\n\r\n/\r\n Utility function to merge Tailwind CSS classes with clsx\r\n * Allows users to inject custom className overrides\r\n * \r\n * @example\r\n * ```tsx\r\n * cn(\"text-base\", isDark && \"text-white\", customClassName)\r\n * ```\r\n */\r\nexport function cn(...inputs: ClassValue[]) {\r\n return twMerge(clsx(inputs));\r\n}\r\n\r\n"],"mappings":";;;AAAA,cAAc;;;ACGd,~~SAAS~~,oBAAoB,~~uBAAuB~~,eAAe,~~wBAAwB~~;~~AAkEvF~~;~~AAzDJ~~,eAAe,~~kBAAkB~~,~~OAAiC~~;~~AAChE~~,MAAI;AACF,UAAM,~~WAAW,~~MAAM,~~MAAM,~~aAAa;AAAA,~~MACxC~~,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,QAAQ;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IACH,CAAC;~~AAED~~,~~QAAI~~,~~CAAC,~~SAAS,~~IAAI~~;~~AAChB~~,~~aAAO;AAAA~~,~~IACT;AAEA~~,~~WAAO;AAAA~~,~~EACT,SAAS,OAAO~~;~~AACd,WAAO;~~AAAA,~~EACT~~;AACF;AAGA,eAAe,~~cAA6B~~;~~AAC1C~~,MAAI;AACF,UAAM,MAAM,aAAa,EAAE,QAAQ,SAAS,CAAC;AAAA,EAC/C,SAAS,OAAO;AAAA,EAEhB;AACF;AAqBO,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AACF,GAA0B;AACxB,~~SACE~~;AAAA,~~IAAC~~;AAAA~~;AAAA~~,~~MACC~~;AAAA,~~MACA~~;AAAA,~~MACA~~;AAAA,~~MACA~~;AAAA,~~MAEC~~;~~AAAA;AAAA~~,~~EACH~~;~~AAEJ~~;AAuBO,IAAM,cAAc;;;~~ACrG3B~~,SAA0B,YAAY;AACtC,SAAS,eAAe;AAWjB,SAAS,MAAM,QAAsB;AAC1C,SAAO,QAAQ,KAAK,MAAM,CAAC;AAC7B;;;AFPA,cAAc;AAGd,cAAc;","names":[]}
1	+ {"version":3,"sources":["../src/index.ts","../src/provider/InsforgeProvider.tsx","../src/lib/utils.ts"],"sourcesContent":["export * from '@insforge/react/types';\n\n// Provider\nexport { InsforgeProvider, useInsforge } from './provider/InsforgeProvider';\nexport { cn } from './lib/utils';\n\n// Hooks\nexport * from '@insforge/react/hooks';\n\n// Components\nexport * from '@insforge/react/components';\n","'use client';\n\nimport type { ReactNode } from 'react';\nimport { \n InsforgeProvider as ReactInsforgeProvider, \n useInsforge as useReactInsforge,\n type InsforgeUser\n} from '@insforge/react';\n\nexport interface InsforgeProviderProps {\n children: ReactNode;\n baseUrl: string;\n onAuthChange?: (user: InsforgeUser \| null) => void;\n}\n\n// Extended interface for React provider that includes internal handlers\ninterface ExtendedProviderProps extends InsforgeProviderProps {\n onSignIn?: (authToken: string) => Promise<void>;\n onSignOut?: () => Promise<void>;\n}\n\n// Sync token to server-side cookie on sign in\nasync function handleSignIn(token: string): Promise<void> {\n try {\n await fetch('/api/auth', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n action: 'sync-token',\n token,\n }),\n });\n } catch (error) {\n console.error('[InsforgeProvider] Failed to sync token to cookie:', error);\n }\n}\n\n// Clear HTTP-only cookie on sign out\nasync function handleSignOut(): Promise<void> {\n try {\n await fetch('/api/auth', { method: 'DELETE' });\n } catch (error) {\n // API route doesn't exist - ignore\n }\n}\n\n/*\n Insforge Provider for Next.js - wraps @insforge/react provider with Next.js-specific cookie sync\n * \n * Manages user authentication state and provides all necessary context to child components.\n * Automatically syncs authentication tokens to HTTP-only cookies for server-side middleware support.\n * \n * @example\n * ```tsx\n * import { InsforgeProvider } from '@insforge/nextjs';\n * \n * export default function RootLayout({ children }) {\n * return (\n * <InsforgeProvider baseUrl={process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!}>\n * {children}\n * </InsforgeProvider>\n * );\n * }\n * ```\n /\nexport function InsforgeProvider({ \n children, \n baseUrl,\n onAuthChange,\n}: InsforgeProviderProps) {\n const providerProps: ExtendedProviderProps = {\n children,\n baseUrl,\n onAuthChange,\n onSignIn: handleSignIn,\n onSignOut: handleSignOut,\n };\n\n return <ReactInsforgeProvider {...providerProps} />;\n}\n\n/\n Hook to access Insforge context\n * \n * Re-exports the hook from @insforge/react for convenience.\n * \n * @example\n * ```tsx\n * function MyComponent() {\n * const { user, isSignedIn, signOut } = useInsforge();\n * \n * if (!isSignedIn) return <SignIn />;\n * \n * return (\n * <div>\n * <p>Welcome {user.email}</p>\n * <button onClick={signOut}>Sign Out</button>\n * </div>\n * );\n * }\n * ```\n /\nexport const useInsforge = useReactInsforge;\n","import { type ClassValue, clsx } from 'clsx';\r\nimport { twMerge } from 'tailwind-merge';\r\n\r\n/\r\n Utility function to merge Tailwind CSS classes with clsx\r\n * Allows users to inject custom className overrides\r\n * \r\n * @example\r\n * ```tsx\r\n * cn(\"text-base\", isDark && \"text-white\", customClassName)\r\n * ```\r\n */\r\nexport function cn(...inputs: ClassValue[]) {\r\n return twMerge(clsx(inputs));\r\n}\r\n\r\n"],"mappings":";;;AAAA,cAAc;;;ACGd;AAAA,EACE,oBAAoB;AAAA,EACpB,eAAe;AAAA,OAEV;AAyEE;AA1DT,eAAe,aAAa,OAA8B;AACxD,MAAI;AACF,UAAM,MAAM,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,QAAQ;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,sDAAsD,KAAK;AAAA,EAC3E;AACF;AAGA,eAAe,gBAA+B;AAC5C,MAAI;AACF,UAAM,MAAM,aAAa,EAAE,QAAQ,SAAS,CAAC;AAAA,EAC/C,SAAS,OAAO;AAAA,EAEhB;AACF;AAqBO,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AACF,GAA0B;AACxB,QAAM,gBAAuC;AAAA,IAC3C;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU;AAAA,IACV,WAAW;AAAA,EACb;AAEA,SAAO,oBAAC,yBAAuB,GAAG,eAAe;AACnD;AAuBO,IAAM,cAAc;;;ACxG3B,SAA0B,YAAY;AACtC,SAAS,eAAe;AAWjB,SAAS,MAAM,QAAsB;AAC1C,SAAO,QAAQ,KAAK,MAAM,CAAC;AAC7B;;;AFPA,cAAc;AAGd,cAAc;","names":[]}

package/dist/middleware.js CHANGED Viewed

@@ -30,23 +30,33 @@ var import_server = require("next/server");
 function InsforgeMiddleware(config) {
   const {
     baseUrl,
-    publicRoutes = ["/auth/callback", "/"],
+    publicRoutes = ["/"],
     signInUrl = "/sign-in",
     signUpUrl = "/sign-up",
     cookieName = "insforge_token",
     useBuiltInAuth = true
   } = config;
   return async function middleware(request) {
-    const { pathname } = request.nextUrl;
-    if (pathname === "/auth/callback") {
-      return import_server.NextResponse.next();
+    const { pathname, searchParams } = request.nextUrl;
+    const accessToken = searchParams.get("access_token");
+    if (accessToken) {
+      const response = import_server.NextResponse.redirect(new URL(pathname, request.url));
+      response.cookies.set(cookieName, accessToken, {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === "production",
+        sameSite: "lax",
+        path: "/",
+        maxAge: 60 * 60 * 24 * 7
+        // 7 days
+      });
+      return response;
     }
     if (useBuiltInAuth && (pathname === signInUrl || pathname === signUpUrl)) {
-      const callbackUrl = new URL("/auth/callback", request.url);
+      const currentUrl = request.url;
       const backendAuthPath = pathname === signInUrl ? "/auth/sign-in" : "/auth/sign-up";
-      const ossAuthUrl = new URL(backendAuthPath, baseUrl);
-      ossAuthUrl.searchParams.set("redirect", callbackUrl.toString());
-      return import_server.NextResponse.redirect(ossAuthUrl.toString());
+      const backendAuthUrl = new URL(backendAuthPath, baseUrl);
+      backendAuthUrl.searchParams.set("redirect", currentUrl);
+      return import_server.NextResponse.redirect(backendAuthUrl.toString());
     }
     const isPublicRoute = publicRoutes.some((route) => {
       if (route.endsWith("*")) {
@@ -60,9 +70,8 @@ function InsforgeMiddleware(config) {
     const token = request.cookies.get(cookieName)?.value;
     if (!token) {
       if (useBuiltInAuth) {
-        const callbackUrl = new URL("/auth/callback", request.url);
         const backendSignInUrl = new URL("/auth/sign-in", baseUrl);
-        backendSignInUrl.searchParams.set("redirect", callbackUrl.toString());
+        backendSignInUrl.searchParams.set("redirect", request.url);
         return import_server.NextResponse.redirect(backendSignInUrl);
       } else {
         const localSignInUrl = new URL(signInUrl, request.url);

package/dist/middleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/middleware/index.ts","../src/middleware/InsforgeMiddleware.ts"],"sourcesContent":["// Middleware exports - NO 'use client' directive here!\r\n// Middleware runs in Edge Runtime, not in client browser\r\n\r\nexport {\r\n InsforgeMiddleware,\r\n} from './InsforgeMiddleware';\r\n\r\nexport type { InsforgeMiddlewareConfig } from './InsforgeMiddleware';\r\n\r\n","import { NextRequest, NextResponse } from 'next/server';\r\n\r\nexport interface InsforgeMiddlewareConfig {\r\n /*\r\n Base URL of your Insforge backend\r\n * @example 'https://your-backend.com' or 'http://localhost:3001'\r\n /\r\n baseUrl: string;\r\n\r\n /\r\n Routes that are public and don't require authentication\r\n * Note: `/auth/callback` is automatically treated as public\r\n * @default ['/~~auth/callback~~'~~, '/'~~]\r\n * @example ['/sign-in', '/sign-up', '/', '/about']\r\n /\r\n publicRoutes?: string[];\r\n\r\n /\r\n Local route path for sign-in (can be customized to any path like '/login')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-in`\r\n * @default '/sign-in'\r\n /\r\n signInUrl?: string;\r\n\r\n /\r\n Local route path for sign-up (can be customized to any path like '/register')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-up`\r\n * @default '/sign-up'\r\n /\r\n signUpUrl?: string;\r\n\r\n /\r\n Cookie name for the auth token\r\n * @default 'insforge_token'\r\n /\r\n cookieName?: string;\r\n\r\n /\r\n Whether to use built-in authentication pages hosted on the backend\r\n * - When true: redirects to backend's `/auth/sign-in` and `/auth/sign-up` pages\r\n * - When false: redirects to local sign-in/sign-up pages (you provide your own components)\r\n * @default true\r\n /\r\n useBuiltInAuth?: boolean;\r\n}\r\n\r\n/\r\n Creates Next.js middleware for protecting routes with Insforge authentication.\r\n * \r\n * This middleware provides lightweight route protection by:\r\n * - Checking for auth token presence in cookies\r\n * - Redirecting unauthenticated users to sign-in page\r\n * - Allowing public routes to be accessed without authentication\r\n * - ~~Always~~ ~~allowing~~ `/auth~~/callback`~~ ~~through~~ (for token ~~extraction~~)\r\n * - ~~Mapping~~ ~~local~~ ~~auth~~ ~~routes~~ to ~~backend's~~ ~~fixed~~ ~~paths~~ ~~when~~ ~~using~~ ~~built~~-in auth\r\n * \r\n * Important Notes:\r\n * - This middleware only checks if a token exists, it doesn't validate it\r\n * - ~~`/auth/callback`~~ is ~~automatically~~ ~~treated~~ as ~~public~~ ~~(handles~~ ~~query~~ ~~param~~ ~~tokens)~~\r\n * - When `useBuiltInAuth: true`, local routes map to backend's `/auth/sign-in` and `/auth/sign-up`\r\n * - You can customize local route paths (e.g., `/login`) while backend paths remain fixed\r\n * \r\n * @param config - Middleware configuration\r\n * @returns Next.js middleware function\r\n \r\n @example\r\n * ```ts\r\n * // middleware.ts - Using built-in auth ~~with separate frontend/backend URLs~~\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL~~!, // Backend: http://localhost:3001\~~r\n * frontendUrl: process.env.INSFORGE_FRONTEND_URL!, // Frontend: http://localhost:3000\r\n * publicRoutes: ['/', '/about']~~, // /auth/callback is auto-included\~~r\n * useBuiltInAuth: true~~, // Use backend's auth pages\~~r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Custom local auth pages with custom paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/login', '/register', '/', '/about'],\r\n * signInUrl: '/login'~~, // Custom local path\~~r\n * signUpUrl: '/register'~~, // Custom local path\~~r\n * useBuiltInAuth: false~~, // Use your own SignIn/SignUp components\~~r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Built-in auth with custom local route names\r\n * // Local '/login' and '/register' routes redirect to backend's '/auth/sign-in' and '/auth/sign-up'\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: 'https://your-backend.com',\r\n * signInUrl: '/login'~~, // Local path (redirects to backend /auth/sign-in)\~~r\n * signUpUrl: '/register'~~, // Local path (redirects to backend /auth/sign-up)\~~r\n * useBuiltInAuth: true,\r\n * });\r\n * ```\r\n /\r\nexport function InsforgeMiddleware(config: InsforgeMiddlewareConfig) {\r\n const {\r\n baseUrl,\r\n publicRoutes = [\"~~/auth/callback\", \"~~/\"],\r\n signInUrl = '/sign-in',\r\n signUpUrl = '/sign-up',\r\n cookieName = 'insforge_token',\r\n useBuiltInAuth = true,\r\n } = config;\r\n\r\n return async function middleware(request: NextRequest) {\r\n const { pathname } = request.nextUrl;\r\n\r\n // STEP 1: ~~Always~~ ~~allow~~ /auth~~/callback~~ ~~through~~\r\n // ~~This~~ ~~route~~ ~~must~~ be ~~public~~ ~~because~~ it ~~receives~~ ~~the~~ ~~token~~ as a ~~query~~ ~~parameter~~\r\n // ~~and~~ ~~the~~ ~~InsforgeProvider~~ ~~processes~~ it on ~~the~~ ~~client side~~\r\n if ~~(pathname~~ === '/~~auth/callback~~') {\r\n return ~~NextResponse.next()~~;\r\n }\r\n\r\n // STEP 2: Handle built-in auth redirects\r\n // Map local sign-in/sign-up routes to backend's fixed auth pages\r\n ~~// Example: local '/login' → backend '/auth/sign-in'\r\n~~ if (useBuiltInAuth && (pathname === signInUrl \|\| pathname === signUpUrl)) {\r\n ~~const~~ ~~callbackUrl~~ = ~~new~~ ~~URL('/auth/callback',~~ ~~request.url);\r\n //~~ ~~Backend~~ ~~auth~~ ~~routes~~ ~~are~~ ~~FIXED: /auth/sign-~~in ~~and~~ ~~/auth/sign-up~~ ~~(with~~ ~~hyphen)\~~r\n const backendAuthPath = pathname === signInUrl ? '/auth/sign-in' : '/auth/sign-up';\r\n const ~~ossAuthUrl~~ = new URL(backendAuthPath, baseUrl);\r\n ~~ossAuthUrl~~.searchParams.set('redirect', ~~callbackUrl.toString(~~));\r\n return NextResponse.redirect(~~ossAuthUrl~~.toString());\r\n }\r\n\r\n // STEP 3: Check if route is public\r\n const isPublicRoute = publicRoutes.some((route) => {\r\n if (route.endsWith('')) {\r\n // Wildcard route: /admin/* matches /admin/anything\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n // Exact match or starts with route path\r\n return pathname === route \|\| pathname.startsWith(route + '/');\r\n });\r\n\r\n if (isPublicRoute) {\r\n return NextResponse.next();\r\n }\r\n\r\n // STEP 4: Check for authentication token in cookies\r\n ~~// Note: We only check if token exists, we don't validate it here\r\n~~ const token = request.cookies.get(cookieName)?.value;\r\n\r\n if (!token) {\r\n // No token found, redirect to sign-in\r\n if (useBuiltInAuth) {\r\n // Built-in auth: redirect to backend's /auth/sign-in page\r\n ~~const~~ ~~callbackUrl~~ = ~~new~~ URL~~('/auth/callback',~~ ~~request.url);\~~r\n const backendSignInUrl = new URL('/auth/sign-in', baseUrl);\r\n backendSignInUrl.searchParams.set('redirect', ~~callbackUrl~~.~~toString(~~));\r\n return NextResponse.redirect(backendSignInUrl);\r\n } else {\r\n // Custom auth: redirect to local sign-in page\r\n const localSignInUrl = new URL(signInUrl, request.url);\r\n localSignInUrl.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(localSignInUrl);\r\n }\r\n }\r\n\r\n // Token exists, allow request to continue\r\n return NextResponse.next();\r\n };\r\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA0C;~~AAkHnC~~,SAAS,mBAAmB,QAAkC;AACnE,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,CAAC,~~kBAAkB,~~GAAG;AAAA,~~IACrC~~,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB,IAAI;AAEJ,SAAO,eAAe,WAAW,SAAsB;AACrD,UAAM,EAAE,~~SAAS~~,IAAI,QAAQ;~~AAK7B~~,~~QAAI~~,aAAa,~~kBAAkB~~;~~AACjC~~,~~aAAO~~,2BAAa,KAAK;AAAA,~~IAC3B~~;~~AAKA~~,QAAI,mBAAmB,aAAa,aAAa,aAAa,YAAY;~~AACxE~~,YAAM,~~cAAc~~,~~IAAI,IAAI,kBAAkB,~~QAAQ~~,GAAG~~;~~AAEzD~~,YAAM,kBAAkB,aAAa,YAAY,kBAAkB;AACnE,YAAM,~~aAAa~~,IAAI,IAAI,iBAAiB,OAAO;~~AACnD~~,~~iBAAW~~,aAAa,IAAI,YAAY,~~YAAY,SAAS,CAAC~~;~~AAC9D~~,aAAO,2BAAa,SAAS,~~WAAW~~,SAAS,CAAC;AAAA,~~IACpD~~;AAGA,UAAM,gBAAgB,aAAa,KAAK,CAAC,UAAU;AACjD,UAAI,MAAM,SAAS,GAAG,GAAG;AAEvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AAEA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAED,QAAI,eAAe;AACjB,aAAO,2BAAa,KAAK;AAAA,IAC3B;~~AAIA~~,UAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,QAAI,CAAC,OAAO;AAEV,UAAI,gBAAgB;~~AAElB~~,cAAM,~~cAAc,IAAI,IAAI,kBAAkB,QAAQ,GAAG;AACzD,cAAM,~~mBAAmB,IAAI,IAAI,iBAAiB,OAAO;AACzD,yBAAiB,aAAa,IAAI,YAAY,~~YAAY~~,~~SAAS,CAAC~~;~~AACpE~~,eAAO,2BAAa,SAAS,gBAAgB;AAAA,MAC/C,OAAO;AAEL,cAAM,iBAAiB,IAAI,IAAI,WAAW,QAAQ,GAAG;AACrD,uBAAe,aAAa,IAAI,YAAY,QAAQ;AACpD,eAAO,2BAAa,SAAS,cAAc;AAAA,MAC7C;AAAA,IACF;AAGA,WAAO,2BAAa,KAAK;AAAA,EAC3B;AACF;","names":[]}
1	+ {"version":3,"sources":["../src/middleware/index.ts","../src/middleware/InsforgeMiddleware.ts"],"sourcesContent":["// Middleware exports - NO 'use client' directive here!\r\n// Middleware runs in Edge Runtime, not in client browser\r\n\r\nexport {\r\n InsforgeMiddleware,\r\n} from './InsforgeMiddleware';\r\n\r\nexport type { InsforgeMiddlewareConfig } from './InsforgeMiddleware';\r\n\r\n","import { NextRequest, NextResponse } from 'next/server';\r\n\r\nexport interface InsforgeMiddlewareConfig {\r\n /*\r\n Base URL of your Insforge backend\r\n * @example 'https://your-backend.com' or 'http://localhost:3001'\r\n /\r\n baseUrl: string;\r\n\r\n /\r\n Routes that are public and don't require authentication\r\n * @default ['/']\r\n * @example ['/sign-in', '/sign-up', '/', '/about']\r\n /\r\n publicRoutes?: string[];\r\n\r\n /\r\n Local route path for sign-in (can be customized to any path like '/login')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-in`\r\n * @default '/sign-in'\r\n /\r\n signInUrl?: string;\r\n\r\n /\r\n Local route path for sign-up (can be customized to any path like '/register')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-up`\r\n * @default '/sign-up'\r\n /\r\n signUpUrl?: string;\r\n\r\n /\r\n Cookie name for the auth token\r\n * @default 'insforge_token'\r\n /\r\n cookieName?: string;\r\n\r\n /\r\n Whether to use built-in authentication pages hosted on the backend\r\n * - When true: redirects to backend's `/auth/sign-in` and `/auth/sign-up` pages\r\n * - When false: redirects to local sign-in/sign-up pages (you provide your own components)\r\n * @default true\r\n /\r\n useBuiltInAuth?: boolean;\r\n}\r\n\r\n/\r\n Creates Next.js middleware for protecting routes with Insforge authentication.\r\n * \r\n * This middleware provides lightweight route protection by:\r\n * - Detecting and storing auth tokens from URL parameters (after backend redirect)\r\n * - Checking for auth token presence in cookies\r\n * - Redirecting unauthenticated users to sign-in page\r\n * - Allowing public routes to be accessed without authentication\r\n * - Mapping local auth routes to backend's fixed paths when using built-in auth\r\n * \r\n * How Authentication Flow Works:\r\n * 1. User visits protected route → Middleware checks for token\r\n * 2. No token → Redirects to sign-in (backend or local)\r\n * 3. After sign-in → Backend redirects to `yourapp.com/destination?access_token=xxx&user_id=xxx...`\r\n * 4. Middleware detects `access_token` in URL → Stores in HTTP-only cookie → Cleans URL → Allows access\r\n * 5. SDK also detects token from URL → Stores in localStorage → Updates auth state\r\n * \r\n * Important Notes:\r\n * - This middleware only checks if a token exists, it doesn't validate it\r\n * - Tokens from URL are automatically extracted and stored in cookies\r\n * - When `useBuiltInAuth: true`, local routes map to backend's `/auth/sign-in` and `/auth/sign-up`\r\n * - You can customize local route paths (e.g., `/login`) while backend paths remain fixed\r\n * \r\n * @param config - Middleware configuration\r\n * @returns Next.js middleware function\r\n \r\n @example\r\n * ```ts\r\n * // middleware.ts - Using built-in auth\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/', '/about'],\r\n * useBuiltInAuth: true,\r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Custom local auth pages with custom paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/login', '/register', '/', '/about'],\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * useBuiltInAuth: false,\r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Built-in auth with custom local route names\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: 'https://your-backend.com',\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * useBuiltInAuth: true,\r\n * });\r\n * ```\r\n /\r\nexport function InsforgeMiddleware(config: InsforgeMiddlewareConfig) {\r\n const {\r\n baseUrl,\r\n publicRoutes = [\"/\"],\r\n signInUrl = '/sign-in',\r\n signUpUrl = '/sign-up',\r\n cookieName = 'insforge_token',\r\n useBuiltInAuth = true,\r\n } = config;\r\n\r\n return async function middleware(request: NextRequest) {\r\n const { pathname, searchParams } = request.nextUrl;\r\n\r\n // STEP 1: Check if URL contains access_token (from backend redirect after auth)\r\n const accessToken = searchParams.get('access_token');\r\n \r\n if (accessToken) {\r\n // Token detected in URL - store it in HTTP-only cookie and clean URL\r\n const response = NextResponse.redirect(new URL(pathname, request.url));\r\n \r\n // Set HTTP-only cookie with secure settings\r\n response.cookies.set(cookieName, accessToken, {\r\n httpOnly: true,\r\n secure: process.env.NODE_ENV === 'production',\r\n sameSite: 'lax',\r\n path: '/',\r\n maxAge: 60 60 * 24 * 7, // 7 days\r\n });\r\n \r\n return response;\r\n }\r\n\r\n // STEP 2: Handle built-in auth redirects for sign-in/sign-up pages\r\n // Map local sign-in/sign-up routes to backend's fixed auth pages\r\n if (useBuiltInAuth && (pathname === signInUrl \|\| pathname === signUpUrl)) {\r\n // Backend redirects directly to the current page with token in URL\r\n const currentUrl = request.url;\r\n const backendAuthPath = pathname === signInUrl ? '/auth/sign-in' : '/auth/sign-up';\r\n const backendAuthUrl = new URL(backendAuthPath, baseUrl);\r\n backendAuthUrl.searchParams.set('redirect', currentUrl);\r\n return NextResponse.redirect(backendAuthUrl.toString());\r\n }\r\n\r\n // STEP 3: Check if route is public\r\n const isPublicRoute = publicRoutes.some((route) => {\r\n if (route.endsWith('')) {\r\n // Wildcard route: /admin/ matches /admin/anything\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n // Exact match or starts with route path\r\n return pathname === route \|\| pathname.startsWith(route + '/');\r\n });\r\n\r\n if (isPublicRoute) {\r\n return NextResponse.next();\r\n }\r\n\r\n // STEP 4: Check for authentication token in cookies\r\n const token = request.cookies.get(cookieName)?.value;\r\n\r\n if (!token) {\r\n // No token found, redirect to sign-in\r\n if (useBuiltInAuth) {\r\n // Built-in auth: redirect to backend's /auth/sign-in page\r\n // Backend will redirect back to current URL with token\r\n const backendSignInUrl = new URL('/auth/sign-in', baseUrl);\r\n backendSignInUrl.searchParams.set('redirect', request.url);\r\n return NextResponse.redirect(backendSignInUrl);\r\n } else {\r\n // Custom auth: redirect to local sign-in page\r\n const localSignInUrl = new URL(signInUrl, request.url);\r\n localSignInUrl.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(localSignInUrl);\r\n }\r\n }\r\n\r\n // Token exists in cookie, allow request to continue\r\n return NextResponse.next();\r\n };\r\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA0C;AAsHnC,SAAS,mBAAmB,QAAkC;AACnE,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,CAAC,GAAG;AAAA,IACnB,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB,IAAI;AAEJ,SAAO,eAAe,WAAW,SAAsB;AACrD,UAAM,EAAE,UAAU,aAAa,IAAI,QAAQ;AAG3C,UAAM,cAAc,aAAa,IAAI,cAAc;AAEnD,QAAI,aAAa;AAEf,YAAM,WAAW,2BAAa,SAAS,IAAI,IAAI,UAAU,QAAQ,GAAG,CAAC;AAGrE,eAAS,QAAQ,IAAI,YAAY,aAAa;AAAA,QAC5C,UAAU;AAAA,QACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,QACjC,UAAU;AAAA,QACV,MAAM;AAAA,QACN,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAED,aAAO;AAAA,IACT;AAIA,QAAI,mBAAmB,aAAa,aAAa,aAAa,YAAY;AAExE,YAAM,aAAa,QAAQ;AAC3B,YAAM,kBAAkB,aAAa,YAAY,kBAAkB;AACnE,YAAM,iBAAiB,IAAI,IAAI,iBAAiB,OAAO;AACvD,qBAAe,aAAa,IAAI,YAAY,UAAU;AACtD,aAAO,2BAAa,SAAS,eAAe,SAAS,CAAC;AAAA,IACxD;AAGA,UAAM,gBAAgB,aAAa,KAAK,CAAC,UAAU;AACjD,UAAI,MAAM,SAAS,GAAG,GAAG;AAEvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AAEA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAED,QAAI,eAAe;AACjB,aAAO,2BAAa,KAAK;AAAA,IAC3B;AAGA,UAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,QAAI,CAAC,OAAO;AAEV,UAAI,gBAAgB;AAGlB,cAAM,mBAAmB,IAAI,IAAI,iBAAiB,OAAO;AACzD,yBAAiB,aAAa,IAAI,YAAY,QAAQ,GAAG;AACzD,eAAO,2BAAa,SAAS,gBAAgB;AAAA,MAC/C,OAAO;AAEL,cAAM,iBAAiB,IAAI,IAAI,WAAW,QAAQ,GAAG;AACrD,uBAAe,aAAa,IAAI,YAAY,QAAQ;AACpD,eAAO,2BAAa,SAAS,cAAc;AAAA,MAC7C;AAAA,IACF;AAGA,WAAO,2BAAa,KAAK;AAAA,EAC3B;AACF;","names":[]}

package/dist/middleware.mjs CHANGED Viewed

@@ -5,23 +5,33 @@ import { NextResponse } from "next/server";
 function InsforgeMiddleware(config) {
   const {
     baseUrl,
-    publicRoutes = ["/auth/callback", "/"],
+    publicRoutes = ["/"],
     signInUrl = "/sign-in",
     signUpUrl = "/sign-up",
     cookieName = "insforge_token",
     useBuiltInAuth = true
   } = config;
   return async function middleware(request) {
-    const { pathname } = request.nextUrl;
-    if (pathname === "/auth/callback") {
-      return NextResponse.next();
+    const { pathname, searchParams } = request.nextUrl;
+    const accessToken = searchParams.get("access_token");
+    if (accessToken) {
+      const response = NextResponse.redirect(new URL(pathname, request.url));
+      response.cookies.set(cookieName, accessToken, {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === "production",
+        sameSite: "lax",
+        path: "/",
+        maxAge: 60 * 60 * 24 * 7
+        // 7 days
+      });
+      return response;
     }
     if (useBuiltInAuth && (pathname === signInUrl || pathname === signUpUrl)) {
-      const callbackUrl = new URL("/auth/callback", request.url);
+      const currentUrl = request.url;
       const backendAuthPath = pathname === signInUrl ? "/auth/sign-in" : "/auth/sign-up";
-      const ossAuthUrl = new URL(backendAuthPath, baseUrl);
-      ossAuthUrl.searchParams.set("redirect", callbackUrl.toString());
-      return NextResponse.redirect(ossAuthUrl.toString());
+      const backendAuthUrl = new URL(backendAuthPath, baseUrl);
+      backendAuthUrl.searchParams.set("redirect", currentUrl);
+      return NextResponse.redirect(backendAuthUrl.toString());
     }
     const isPublicRoute = publicRoutes.some((route) => {
       if (route.endsWith("*")) {
@@ -35,9 +45,8 @@ function InsforgeMiddleware(config) {
     const token = request.cookies.get(cookieName)?.value;
     if (!token) {
       if (useBuiltInAuth) {
-        const callbackUrl = new URL("/auth/callback", request.url);
         const backendSignInUrl = new URL("/auth/sign-in", baseUrl);
-        backendSignInUrl.searchParams.set("redirect", callbackUrl.toString());
+        backendSignInUrl.searchParams.set("redirect", request.url);
         return NextResponse.redirect(backendSignInUrl);
       } else {
         const localSignInUrl = new URL(signInUrl, request.url);

package/dist/middleware.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/middleware/InsforgeMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\r\n\r\nexport interface InsforgeMiddlewareConfig {\r\n /*\r\n Base URL of your Insforge backend\r\n * @example 'https://your-backend.com' or 'http://localhost:3001'\r\n /\r\n baseUrl: string;\r\n\r\n /\r\n Routes that are public and don't require authentication\r\n * Note: `/auth/callback` is automatically treated as public\r\n * @default ['/~~auth/callback~~'~~, '/'~~]\r\n * @example ['/sign-in', '/sign-up', '/', '/about']\r\n /\r\n publicRoutes?: string[];\r\n\r\n /\r\n Local route path for sign-in (can be customized to any path like '/login')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-in`\r\n * @default '/sign-in'\r\n /\r\n signInUrl?: string;\r\n\r\n /\r\n Local route path for sign-up (can be customized to any path like '/register')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-up`\r\n * @default '/sign-up'\r\n /\r\n signUpUrl?: string;\r\n\r\n /\r\n Cookie name for the auth token\r\n * @default 'insforge_token'\r\n /\r\n cookieName?: string;\r\n\r\n /\r\n Whether to use built-in authentication pages hosted on the backend\r\n * - When true: redirects to backend's `/auth/sign-in` and `/auth/sign-up` pages\r\n * - When false: redirects to local sign-in/sign-up pages (you provide your own components)\r\n * @default true\r\n /\r\n useBuiltInAuth?: boolean;\r\n}\r\n\r\n/\r\n Creates Next.js middleware for protecting routes with Insforge authentication.\r\n * \r\n * This middleware provides lightweight route protection by:\r\n * - Checking for auth token presence in cookies\r\n * - Redirecting unauthenticated users to sign-in page\r\n * - Allowing public routes to be accessed without authentication\r\n * - ~~Always~~ ~~allowing~~ `/auth~~/callback`~~ ~~through~~ (for token ~~extraction~~)\r\n * - ~~Mapping~~ ~~local~~ ~~auth~~ ~~routes~~ to ~~backend's~~ ~~fixed~~ ~~paths~~ ~~when~~ ~~using~~ ~~built~~-in auth\r\n * \r\n * Important Notes:\r\n * - This middleware only checks if a token exists, it doesn't validate it\r\n * - ~~`/auth/callback`~~ is ~~automatically~~ ~~treated~~ as ~~public~~ ~~(handles~~ ~~query~~ ~~param~~ ~~tokens)~~\r\n * - When `useBuiltInAuth: true`, local routes map to backend's `/auth/sign-in` and `/auth/sign-up`\r\n * - You can customize local route paths (e.g., `/login`) while backend paths remain fixed\r\n * \r\n * @param config - Middleware configuration\r\n * @returns Next.js middleware function\r\n \r\n @example\r\n * ```ts\r\n * // middleware.ts - Using built-in auth ~~with separate frontend/backend URLs~~\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL~~!, // Backend: http://localhost:3001\~~r\n * frontendUrl: process.env.INSFORGE_FRONTEND_URL!, // Frontend: http://localhost:3000\r\n * publicRoutes: ['/', '/about']~~, // /auth/callback is auto-included\~~r\n * useBuiltInAuth: true~~, // Use backend's auth pages\~~r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Custom local auth pages with custom paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/login', '/register', '/', '/about'],\r\n * signInUrl: '/login'~~, // Custom local path\~~r\n * signUpUrl: '/register'~~, // Custom local path\~~r\n * useBuiltInAuth: false~~, // Use your own SignIn/SignUp components\~~r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Built-in auth with custom local route names\r\n * // Local '/login' and '/register' routes redirect to backend's '/auth/sign-in' and '/auth/sign-up'\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: 'https://your-backend.com',\r\n * signInUrl: '/login'~~, // Local path (redirects to backend /auth/sign-in)\~~r\n * signUpUrl: '/register'~~, // Local path (redirects to backend /auth/sign-up)\~~r\n * useBuiltInAuth: true,\r\n * });\r\n * ```\r\n /\r\nexport function InsforgeMiddleware(config: InsforgeMiddlewareConfig) {\r\n const {\r\n baseUrl,\r\n publicRoutes = [\"~~/auth/callback\", \"~~/\"],\r\n signInUrl = '/sign-in',\r\n signUpUrl = '/sign-up',\r\n cookieName = 'insforge_token',\r\n useBuiltInAuth = true,\r\n } = config;\r\n\r\n return async function middleware(request: NextRequest) {\r\n const { pathname } = request.nextUrl;\r\n\r\n // STEP 1: ~~Always~~ ~~allow~~ /auth~~/callback~~ ~~through~~\r\n // ~~This~~ ~~route~~ ~~must~~ be ~~public~~ ~~because~~ it ~~receives~~ ~~the~~ ~~token~~ as a ~~query~~ ~~parameter~~\r\n // ~~and~~ ~~the~~ ~~InsforgeProvider~~ ~~processes~~ it on ~~the~~ ~~client side~~\r\n if ~~(pathname~~ === '/~~auth/callback~~') {\r\n return ~~NextResponse.next()~~;\r\n }\r\n\r\n // STEP 2: Handle built-in auth redirects\r\n // Map local sign-in/sign-up routes to backend's fixed auth pages\r\n ~~// Example: local '/login' → backend '/auth/sign-in'\r\n~~ if (useBuiltInAuth && (pathname === signInUrl \|\| pathname === signUpUrl)) {\r\n ~~const~~ ~~callbackUrl~~ = ~~new~~ ~~URL('/auth/callback',~~ ~~request.url);\r\n //~~ ~~Backend~~ ~~auth~~ ~~routes~~ ~~are~~ ~~FIXED: /auth/sign-~~in ~~and~~ ~~/auth/sign-up~~ ~~(with~~ ~~hyphen)\~~r\n const backendAuthPath = pathname === signInUrl ? '/auth/sign-in' : '/auth/sign-up';\r\n const ~~ossAuthUrl~~ = new URL(backendAuthPath, baseUrl);\r\n ~~ossAuthUrl~~.searchParams.set('redirect', ~~callbackUrl.toString(~~));\r\n return NextResponse.redirect(~~ossAuthUrl~~.toString());\r\n }\r\n\r\n // STEP 3: Check if route is public\r\n const isPublicRoute = publicRoutes.some((route) => {\r\n if (route.endsWith('')) {\r\n // Wildcard route: /admin/* matches /admin/anything\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n // Exact match or starts with route path\r\n return pathname === route \|\| pathname.startsWith(route + '/');\r\n });\r\n\r\n if (isPublicRoute) {\r\n return NextResponse.next();\r\n }\r\n\r\n // STEP 4: Check for authentication token in cookies\r\n ~~// Note: We only check if token exists, we don't validate it here\r\n~~ const token = request.cookies.get(cookieName)?.value;\r\n\r\n if (!token) {\r\n // No token found, redirect to sign-in\r\n if (useBuiltInAuth) {\r\n // Built-in auth: redirect to backend's /auth/sign-in page\r\n ~~const~~ ~~callbackUrl~~ = ~~new~~ URL~~('/auth/callback',~~ ~~request.url);\~~r\n const backendSignInUrl = new URL('/auth/sign-in', baseUrl);\r\n backendSignInUrl.searchParams.set('redirect', ~~callbackUrl~~.~~toString(~~));\r\n return NextResponse.redirect(backendSignInUrl);\r\n } else {\r\n // Custom auth: redirect to local sign-in page\r\n const localSignInUrl = new URL(signInUrl, request.url);\r\n localSignInUrl.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(localSignInUrl);\r\n }\r\n }\r\n\r\n // Token exists, allow request to continue\r\n return NextResponse.next();\r\n };\r\n}"],"mappings":";;;AAAA,SAAsB,oBAAoB;~~AAkHnC~~,SAAS,mBAAmB,QAAkC;AACnE,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,CAAC,~~kBAAkB,~~GAAG;AAAA,~~IACrC~~,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB,IAAI;AAEJ,SAAO,eAAe,WAAW,SAAsB;AACrD,UAAM,EAAE,~~SAAS~~,IAAI,QAAQ;~~AAK7B~~,QAAI,aAAa,~~kBAAkB~~;~~AACjC~~,~~aAAO~~,aAAa,KAAK;AAAA,~~IAC3B~~;~~AAKA~~,QAAI,mBAAmB,aAAa,aAAa,aAAa,YAAY;~~AACxE~~,YAAM,~~cAAc~~,~~IAAI,IAAI,kBAAkB,~~QAAQ~~,GAAG~~;~~AAEzD~~,YAAM,kBAAkB,aAAa,YAAY,kBAAkB;AACnE,YAAM,~~aAAa~~,IAAI,IAAI,iBAAiB,OAAO;~~AACnD~~,~~iBAAW~~,aAAa,IAAI,YAAY,~~YAAY,SAAS,CAAC~~;~~AAC9D~~,aAAO,aAAa,SAAS,~~WAAW~~,SAAS,CAAC;AAAA,~~IACpD~~;AAGA,UAAM,gBAAgB,aAAa,KAAK,CAAC,UAAU;AACjD,UAAI,MAAM,SAAS,GAAG,GAAG;AAEvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AAEA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAED,QAAI,eAAe;AACjB,aAAO,aAAa,KAAK;AAAA,IAC3B;~~AAIA~~,UAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,QAAI,CAAC,OAAO;AAEV,UAAI,gBAAgB;~~AAElB~~,cAAM,~~cAAc,IAAI,IAAI,kBAAkB,QAAQ,GAAG;AACzD,cAAM,~~mBAAmB,IAAI,IAAI,iBAAiB,OAAO;AACzD,yBAAiB,aAAa,IAAI,YAAY,~~YAAY~~,~~SAAS,CAAC~~;~~AACpE~~,eAAO,aAAa,SAAS,gBAAgB;AAAA,MAC/C,OAAO;AAEL,cAAM,iBAAiB,IAAI,IAAI,WAAW,QAAQ,GAAG;AACrD,uBAAe,aAAa,IAAI,YAAY,QAAQ;AACpD,eAAO,aAAa,SAAS,cAAc;AAAA,MAC7C;AAAA,IACF;AAGA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;","names":[]}
1	+ {"version":3,"sources":["../src/middleware/InsforgeMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\r\n\r\nexport interface InsforgeMiddlewareConfig {\r\n /*\r\n Base URL of your Insforge backend\r\n * @example 'https://your-backend.com' or 'http://localhost:3001'\r\n /\r\n baseUrl: string;\r\n\r\n /\r\n Routes that are public and don't require authentication\r\n * @default ['/']\r\n * @example ['/sign-in', '/sign-up', '/', '/about']\r\n /\r\n publicRoutes?: string[];\r\n\r\n /\r\n Local route path for sign-in (can be customized to any path like '/login')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-in`\r\n * @default '/sign-in'\r\n /\r\n signInUrl?: string;\r\n\r\n /\r\n Local route path for sign-up (can be customized to any path like '/register')\r\n * When using built-in auth, this will redirect to backend's `/auth/sign-up`\r\n * @default '/sign-up'\r\n /\r\n signUpUrl?: string;\r\n\r\n /\r\n Cookie name for the auth token\r\n * @default 'insforge_token'\r\n /\r\n cookieName?: string;\r\n\r\n /\r\n Whether to use built-in authentication pages hosted on the backend\r\n * - When true: redirects to backend's `/auth/sign-in` and `/auth/sign-up` pages\r\n * - When false: redirects to local sign-in/sign-up pages (you provide your own components)\r\n * @default true\r\n /\r\n useBuiltInAuth?: boolean;\r\n}\r\n\r\n/\r\n Creates Next.js middleware for protecting routes with Insforge authentication.\r\n * \r\n * This middleware provides lightweight route protection by:\r\n * - Detecting and storing auth tokens from URL parameters (after backend redirect)\r\n * - Checking for auth token presence in cookies\r\n * - Redirecting unauthenticated users to sign-in page\r\n * - Allowing public routes to be accessed without authentication\r\n * - Mapping local auth routes to backend's fixed paths when using built-in auth\r\n * \r\n * How Authentication Flow Works:\r\n * 1. User visits protected route → Middleware checks for token\r\n * 2. No token → Redirects to sign-in (backend or local)\r\n * 3. After sign-in → Backend redirects to `yourapp.com/destination?access_token=xxx&user_id=xxx...`\r\n * 4. Middleware detects `access_token` in URL → Stores in HTTP-only cookie → Cleans URL → Allows access\r\n * 5. SDK also detects token from URL → Stores in localStorage → Updates auth state\r\n * \r\n * Important Notes:\r\n * - This middleware only checks if a token exists, it doesn't validate it\r\n * - Tokens from URL are automatically extracted and stored in cookies\r\n * - When `useBuiltInAuth: true`, local routes map to backend's `/auth/sign-in` and `/auth/sign-up`\r\n * - You can customize local route paths (e.g., `/login`) while backend paths remain fixed\r\n * \r\n * @param config - Middleware configuration\r\n * @returns Next.js middleware function\r\n \r\n @example\r\n * ```ts\r\n * // middleware.ts - Using built-in auth\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/', '/about'],\r\n * useBuiltInAuth: true,\r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Custom local auth pages with custom paths\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: process.env.INSFORGE_BASE_URL!,\r\n * publicRoutes: ['/login', '/register', '/', '/about'],\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * useBuiltInAuth: false,\r\n * });\r\n \r\n export const config = {\r\n * matcher: ['/((?!_next\|api\|.\\\\..).)'],\r\n };\r\n * ```\r\n * \r\n * @example\r\n * ```ts\r\n * // middleware.ts - Built-in auth with custom local route names\r\n * import { InsforgeMiddleware } from '@insforge/nextjs/middleware';\r\n \r\n export default InsforgeMiddleware({\r\n * baseUrl: 'https://your-backend.com',\r\n * signInUrl: '/login',\r\n * signUpUrl: '/register',\r\n * useBuiltInAuth: true,\r\n * });\r\n * ```\r\n /\r\nexport function InsforgeMiddleware(config: InsforgeMiddlewareConfig) {\r\n const {\r\n baseUrl,\r\n publicRoutes = [\"/\"],\r\n signInUrl = '/sign-in',\r\n signUpUrl = '/sign-up',\r\n cookieName = 'insforge_token',\r\n useBuiltInAuth = true,\r\n } = config;\r\n\r\n return async function middleware(request: NextRequest) {\r\n const { pathname, searchParams } = request.nextUrl;\r\n\r\n // STEP 1: Check if URL contains access_token (from backend redirect after auth)\r\n const accessToken = searchParams.get('access_token');\r\n \r\n if (accessToken) {\r\n // Token detected in URL - store it in HTTP-only cookie and clean URL\r\n const response = NextResponse.redirect(new URL(pathname, request.url));\r\n \r\n // Set HTTP-only cookie with secure settings\r\n response.cookies.set(cookieName, accessToken, {\r\n httpOnly: true,\r\n secure: process.env.NODE_ENV === 'production',\r\n sameSite: 'lax',\r\n path: '/',\r\n maxAge: 60 60 * 24 * 7, // 7 days\r\n });\r\n \r\n return response;\r\n }\r\n\r\n // STEP 2: Handle built-in auth redirects for sign-in/sign-up pages\r\n // Map local sign-in/sign-up routes to backend's fixed auth pages\r\n if (useBuiltInAuth && (pathname === signInUrl \|\| pathname === signUpUrl)) {\r\n // Backend redirects directly to the current page with token in URL\r\n const currentUrl = request.url;\r\n const backendAuthPath = pathname === signInUrl ? '/auth/sign-in' : '/auth/sign-up';\r\n const backendAuthUrl = new URL(backendAuthPath, baseUrl);\r\n backendAuthUrl.searchParams.set('redirect', currentUrl);\r\n return NextResponse.redirect(backendAuthUrl.toString());\r\n }\r\n\r\n // STEP 3: Check if route is public\r\n const isPublicRoute = publicRoutes.some((route) => {\r\n if (route.endsWith('')) {\r\n // Wildcard route: /admin/ matches /admin/anything\r\n return pathname.startsWith(route.slice(0, -1));\r\n }\r\n // Exact match or starts with route path\r\n return pathname === route \|\| pathname.startsWith(route + '/');\r\n });\r\n\r\n if (isPublicRoute) {\r\n return NextResponse.next();\r\n }\r\n\r\n // STEP 4: Check for authentication token in cookies\r\n const token = request.cookies.get(cookieName)?.value;\r\n\r\n if (!token) {\r\n // No token found, redirect to sign-in\r\n if (useBuiltInAuth) {\r\n // Built-in auth: redirect to backend's /auth/sign-in page\r\n // Backend will redirect back to current URL with token\r\n const backendSignInUrl = new URL('/auth/sign-in', baseUrl);\r\n backendSignInUrl.searchParams.set('redirect', request.url);\r\n return NextResponse.redirect(backendSignInUrl);\r\n } else {\r\n // Custom auth: redirect to local sign-in page\r\n const localSignInUrl = new URL(signInUrl, request.url);\r\n localSignInUrl.searchParams.set('redirect', pathname);\r\n return NextResponse.redirect(localSignInUrl);\r\n }\r\n }\r\n\r\n // Token exists in cookie, allow request to continue\r\n return NextResponse.next();\r\n };\r\n}"],"mappings":";;;AAAA,SAAsB,oBAAoB;AAsHnC,SAAS,mBAAmB,QAAkC;AACnE,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,CAAC,GAAG;AAAA,IACnB,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB,IAAI;AAEJ,SAAO,eAAe,WAAW,SAAsB;AACrD,UAAM,EAAE,UAAU,aAAa,IAAI,QAAQ;AAG3C,UAAM,cAAc,aAAa,IAAI,cAAc;AAEnD,QAAI,aAAa;AAEf,YAAM,WAAW,aAAa,SAAS,IAAI,IAAI,UAAU,QAAQ,GAAG,CAAC;AAGrE,eAAS,QAAQ,IAAI,YAAY,aAAa;AAAA,QAC5C,UAAU;AAAA,QACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,QACjC,UAAU;AAAA,QACV,MAAM;AAAA,QACN,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAED,aAAO;AAAA,IACT;AAIA,QAAI,mBAAmB,aAAa,aAAa,aAAa,YAAY;AAExE,YAAM,aAAa,QAAQ;AAC3B,YAAM,kBAAkB,aAAa,YAAY,kBAAkB;AACnE,YAAM,iBAAiB,IAAI,IAAI,iBAAiB,OAAO;AACvD,qBAAe,aAAa,IAAI,YAAY,UAAU;AACtD,aAAO,aAAa,SAAS,eAAe,SAAS,CAAC;AAAA,IACxD;AAGA,UAAM,gBAAgB,aAAa,KAAK,CAAC,UAAU;AACjD,UAAI,MAAM,SAAS,GAAG,GAAG;AAEvB,eAAO,SAAS,WAAW,MAAM,MAAM,GAAG,EAAE,CAAC;AAAA,MAC/C;AAEA,aAAO,aAAa,SAAS,SAAS,WAAW,QAAQ,GAAG;AAAA,IAC9D,CAAC;AAED,QAAI,eAAe;AACjB,aAAO,aAAa,KAAK;AAAA,IAC3B;AAGA,UAAM,QAAQ,QAAQ,QAAQ,IAAI,UAAU,GAAG;AAE/C,QAAI,CAAC,OAAO;AAEV,UAAI,gBAAgB;AAGlB,cAAM,mBAAmB,IAAI,IAAI,iBAAiB,OAAO;AACzD,yBAAiB,aAAa,IAAI,YAAY,QAAQ,GAAG;AACzD,eAAO,aAAa,SAAS,gBAAgB;AAAA,MAC/C,OAAO;AAEL,cAAM,iBAAiB,IAAI,IAAI,WAAW,QAAQ,GAAG;AACrD,uBAAe,aAAa,IAAI,YAAY,QAAQ;AACpD,eAAO,aAAa,SAAS,cAAc;AAAA,MAC7C;AAAA,IACF;AAGA,WAAO,aAAa,KAAK;AAAA,EAC3B;AACF;","names":[]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@insforge/nextjs",
-  "version": "0.8.8",
+  "version": "0.8.9",
   "description": "Pre-built authentication UI components for Next.js with Insforge backend - zero configuration required",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -50,7 +50,7 @@
     "react-dom": "^19.0.0"
   },
   "dependencies": {
-    "@insforge/react": "^0.3.2",
+    "@insforge/react": "^0.4.5",
     "@insforge/sdk": "0.0.58-dev.13",
     "@insforge/shared-schemas": "^1.1.17",
     "clsx": "^2.1.1",