@insforge/nextjs 1.0.1 → 1.0.2-dev.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/client/hooks.d.ts
CHANGED
|
@@ -5,7 +5,9 @@ import * as _insforge_shared_schemas from '@insforge/shared-schemas';
|
|
|
5
5
|
* Next.js specific hooks - implemented locally to avoid Context duplication
|
|
6
6
|
*/
|
|
7
7
|
declare function useAuth(): {
|
|
8
|
-
signIn: (email: string, password: string) => Promise<_insforge_shared_schemas.CreateSessionResponse
|
|
8
|
+
signIn: (email: string, password: string) => Promise<(_insforge_shared_schemas.CreateSessionResponse & {
|
|
9
|
+
csrfToken?: string;
|
|
10
|
+
}) | {
|
|
9
11
|
error: string;
|
|
10
12
|
statusCode?: number;
|
|
11
13
|
errorCode?: string;
|
|
@@ -5,6 +5,7 @@ interface ExtendedProviderProps extends InsforgeProviderProps {
|
|
|
5
5
|
afterSignInUrl?: string;
|
|
6
6
|
onSignIn?: (authToken: string) => Promise<void>;
|
|
7
7
|
onSignOut?: () => Promise<void>;
|
|
8
|
+
onRefresh?: (authToken: string) => Promise<void>;
|
|
8
9
|
/**
|
|
9
10
|
* Initial auth state from server (for SSR hydration)
|
|
10
11
|
* @internal
|
|
@@ -127,9 +127,11 @@ function createAuthRouteHandlers(config) {
|
|
|
127
127
|
return response;
|
|
128
128
|
}
|
|
129
129
|
case "sync-token": {
|
|
130
|
-
const
|
|
130
|
+
const authHeader = request.headers.get("Authorization");
|
|
131
|
+
const tokenFromHeader = authHeader?.startsWith("Bearer ") ? authHeader.slice(7) : null;
|
|
132
|
+
const token = tokenFromHeader;
|
|
131
133
|
if (!token) {
|
|
132
|
-
console.error("[Auth Route] No token provided");
|
|
134
|
+
console.error("[Auth Route] No token provided in header");
|
|
133
135
|
return NextResponse.json({ error: "Token is required" }, { status: 400 });
|
|
134
136
|
}
|
|
135
137
|
try {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/api/route-handlers.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport { createClient } from '@insforge/sdk';\n\ninterface SignInRequestBody {\n action: 'sign-in';\n email: string;\n password: string;\n}\n\ninterface SignUpRequestBody {\n action: 'sign-up';\n email: string;\n password: string;\n}\n\ninterface SyncTokenRequestBody {\n action: 'sync-token';\n token: string;\n}\n\ntype AuthRequestBody = SignInRequestBody | SignUpRequestBody | SyncTokenRequestBody;\n\ninterface UserWithOptionalName {\n id: string;\n email: string;\n name?: string;\n [key: string]: unknown;\n}\n\ninterface SessionResponse {\n user: UserWithOptionalName;\n [key: string]: unknown;\n}\n\nexport interface AuthRouteConfig {\n /**\n * Base URL of your Insforge backend\n */\n baseUrl: string;\n\n /**\n * Cookie max age in seconds (default: 7 days)\n * @default 604800\n */\n cookieMaxAge?: number;\n\n /**\n * Whether to use secure cookies (HTTPS only)\n * Auto-detected based on environment\n */\n secure?: boolean;\n}\n\n/**\n * Creates authentication route handlers for Next.js App Router\n * These handlers set HTTP-only cookies that can be read by middleware\n *\n * @example\n * ```ts\n * // app/api/auth/[...auth]/route.ts\n * import { createAuthRouteHandlers } from '@insforge/nextjs/api';\n *\n * const handlers = createAuthRouteHandlers({\n * baseUrl: process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!,\n * });\n *\n * export const POST = handlers.POST;\n * export const GET = handlers.GET;\n * export const DELETE = handlers.DELETE;\n * ```\n */\nexport function createAuthRouteHandlers(config: AuthRouteConfig) {\n const {\n baseUrl,\n cookieMaxAge = 7 * 24 * 60 * 60, // 7 days\n } = config;\n\n // Fixed cookie names - not configurable\n const sessionCookieName = 'insforge-session';\n const userCookieName = 'insforge-user';\n\n const insforge = createClient({ baseUrl });\n\n /**\n * Helper to set auth cookies (session token + user identity)\n */\n function setAuthCookies(\n response: NextResponse,\n token: string,\n user: { id: string; email: string; name?: string }\n ) {\n // NODE_ENV is automatically set by Next.js runtime ('development' | 'production' | 'test')\n // In production, cookies are sent over HTTPS only (secure flag)\n const isProduction = process.env.NODE_ENV === 'production';\n const secure = config.secure ?? isProduction;\n\n // Set session cookie (access token)\n response.cookies.set({\n name: sessionCookieName,\n value: token,\n httpOnly: true, // Cannot be accessed by JavaScript\n secure, // Only sent over HTTPS in production\n sameSite: 'lax',\n maxAge: cookieMaxAge,\n path: '/',\n });\n\n // Set user identity cookie (basic info for SSR)\n const userInfo = JSON.stringify({\n id: user.id,\n email: user.email,\n name: user.name || '',\n });\n\n response.cookies.set({\n name: userCookieName,\n value: userInfo,\n httpOnly: true,\n secure,\n sameSite: 'lax',\n maxAge: cookieMaxAge,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * Helper to clear auth cookies\n */\n function clearAuthCookies(response: NextResponse) {\n const secure = config.secure ?? process.env.NODE_ENV === 'production';\n\n // Clear session cookie\n response.cookies.set({\n name: sessionCookieName,\n value: '',\n httpOnly: true,\n secure,\n sameSite: 'lax',\n maxAge: 0,\n path: '/',\n });\n\n // Clear user cookie\n response.cookies.set({\n name: userCookieName,\n value: '',\n httpOnly: true,\n secure,\n sameSite: 'lax',\n maxAge: 0,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * POST handler for authentication actions\n * Supports: sign-in, sign-up\n */\n async function POST(request: NextRequest) {\n try {\n const body = (await request.json()) as AuthRequestBody;\n const { action } = body;\n\n if (!action) {\n return NextResponse.json({ error: 'Action is required' }, { status: 400 });\n }\n\n switch (action) {\n case 'sign-in': {\n const { email, password } = body;\n if (!email || !password) {\n return NextResponse.json({ error: 'Email and password are required' }, { status: 400 });\n }\n\n const result = await insforge.auth.signInWithPassword({\n email,\n password,\n });\n\n if (result.error) {\n return NextResponse.json({ error: result.error.message }, { status: 401 });\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json({ error: 'Authentication failed' }, { status: 401 });\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookies(response, result.data.accessToken || '', {\n id: result.data.user.id,\n email: result.data.user.email,\n name: result.data.user.name,\n });\n\n return response;\n }\n\n case 'sign-up': {\n const { email, password } = body;\n if (!email || !password) {\n return NextResponse.json({ error: 'Email and password are required' }, { status: 400 });\n }\n\n const result = await insforge.auth.signUp({ email, password });\n\n if (result.error) {\n return NextResponse.json({ error: result.error.message }, { status: 400 });\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json({ error: 'Sign up failed' }, { status: 400 });\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookies(response, result.data.accessToken || '', {\n id: result.data.user.id,\n email: result.data.user.email,\n name: result.data.user.name,\n });\n\n return response;\n }\n\n case 'sync-token': {\n // Syncs a token from localStorage to HTTP-only cookie\n const { token } = body;\n\n if (!token) {\n console.error('[Auth Route] No token provided');\n return NextResponse.json({ error: 'Token is required' }, { status: 400 });\n }\n\n // Verify the token is valid by checking with backend\n try {\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const errorText = await response.text();\n console.error('[Auth API] Token validation failed:', errorText);\n return NextResponse.json(\n { error: 'Invalid token', details: errorText },\n { status: 401 }\n );\n }\n\n const session = (await response.json()) as SessionResponse;\n\n const nextResponse = NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookies(nextResponse, token, {\n id: session.user.id,\n email: session.user.email,\n name: session.user.name,\n });\n\n return nextResponse;\n } catch (error) {\n console.error('[Auth API] Token validation error:', error);\n return NextResponse.json(\n { error: 'Token validation failed', details: String(error) },\n { status: 401 }\n );\n }\n }\n\n default:\n return NextResponse.json({ error: 'Invalid action' }, { status: 400 });\n }\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ error: 'Internal server error' }, { status: 500 });\n }\n }\n\n /**\n * GET handler to check current session\n */\n async function GET(request: NextRequest) {\n try {\n const token = request.cookies.get(sessionCookieName)?.value;\n\n if (!token) {\n return NextResponse.json({ user: null, session: null });\n }\n\n // Verify token with backend\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const nextResponse = NextResponse.json({ user: null, session: null });\n clearAuthCookies(nextResponse);\n return nextResponse;\n }\n\n const session = (await response.json()) as SessionResponse;\n\n return NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n token,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ user: null, session: null });\n }\n }\n\n /**\n * DELETE handler for sign out\n */\n async function DELETE(request: NextRequest) {\n try {\n const token = request.cookies.get(sessionCookieName)?.value;\n\n if (token) {\n // Call backend sign out\n try {\n await fetch(`${baseUrl}/auth/sessions/current`, {\n method: 'DELETE',\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n } catch (error) {\n // Ignore backend errors during sign out\n console.error('[Auth API] Sign out error:', error);\n }\n }\n\n const response = NextResponse.json({ success: true });\n clearAuthCookies(response);\n\n return response;\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ error: 'Internal server error' }, { status: 500 });\n }\n }\n\n return {\n POST,\n GET,\n DELETE,\n };\n}\n"],"mappings":"AAAA,SAAsB,oBAAoB;AAC1C,SAAS,oBAAoB;AAsEtB,SAAS,wBAAwB,QAAyB;AAC/D,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,IAAI,KAAK,KAAK;AAAA;AAAA,EAC/B,IAAI;AAGJ,QAAM,oBAAoB;AAC1B,QAAM,iBAAiB;AAEvB,QAAM,WAAW,aAAa,EAAE,QAAQ,CAAC;AAKzC,WAAS,eACP,UACA,OACA,MACA;AAGA,UAAM,eAAe,QAAQ,IAAI,aAAa;AAC9C,UAAM,SAAS,OAAO,UAAU;AAGhC,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA;AAAA,MACV;AAAA;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAGD,UAAM,WAAW,KAAK,UAAU;AAAA,MAC9B,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,MAAM,KAAK,QAAQ;AAAA,IACrB,CAAC;AAED,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAKA,WAAS,iBAAiB,UAAwB;AAChD,UAAM,SAAS,OAAO,UAAU,QAAQ,IAAI,aAAa;AAGzD,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAGD,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAMA,iBAAe,KAAK,SAAsB;AACxC,QAAI;AACF,YAAM,OAAQ,MAAM,QAAQ,KAAK;AACjC,YAAM,EAAE,OAAO,IAAI;AAEnB,UAAI,CAAC,QAAQ;AACX,eAAO,aAAa,KAAK,EAAE,OAAO,qBAAqB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3E;AAEA,cAAQ,QAAQ;AAAA,QACd,KAAK,WAAW;AACd,gBAAM,EAAE,OAAO,SAAS,IAAI;AAC5B,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,aAAa,KAAK,EAAE,OAAO,kCAAkC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UACxF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,mBAAmB;AAAA,YACpD;AAAA,YACA;AAAA,UACF,CAAC;AAED,cAAI,OAAO,OAAO;AAChB,mBAAO,aAAa,KAAK,EAAE,OAAO,OAAO,MAAM,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC3E;AAEA,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC9E;AAEA,gBAAM,WAAW,aAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAED,yBAAe,UAAU,OAAO,KAAK,eAAe,IAAI;AAAA,YACtD,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,MAAM,OAAO,KAAK,KAAK;AAAA,UACzB,CAAC;AAED,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,WAAW;AACd,gBAAM,EAAE,OAAO,SAAS,IAAI;AAC5B,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,aAAa,KAAK,EAAE,OAAO,kCAAkC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UACxF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,OAAO,EAAE,OAAO,SAAS,CAAC;AAE7D,cAAI,OAAO,OAAO;AAChB,mBAAO,aAAa,KAAK,EAAE,OAAO,OAAO,MAAM,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC3E;AAEA,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UACvE;AAEA,gBAAM,WAAW,aAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAED,yBAAe,UAAU,OAAO,KAAK,eAAe,IAAI;AAAA,YACtD,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,MAAM,OAAO,KAAK,KAAK;AAAA,UACzB,CAAC;AAED,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,cAAc;AAEjB,gBAAM,EAAE,MAAM,IAAI;AAElB,cAAI,CAAC,OAAO;AACV,oBAAQ,MAAM,gCAAgC;AAC9C,mBAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC1E;AAGA,cAAI;AACF,kBAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,cACnE,SAAS;AAAA,gBACP,eAAe,UAAU,KAAK;AAAA,gBAC9B,gBAAgB;AAAA,cAClB;AAAA,YACF,CAAC;AAED,gBAAI,CAAC,SAAS,IAAI;AAChB,oBAAM,YAAY,MAAM,SAAS,KAAK;AACtC,sBAAQ,MAAM,uCAAuC,SAAS;AAC9D,qBAAO,aAAa;AAAA,gBAClB,EAAE,OAAO,iBAAiB,SAAS,UAAU;AAAA,gBAC7C,EAAE,QAAQ,IAAI;AAAA,cAChB;AAAA,YACF;AAEA,kBAAM,UAAW,MAAM,SAAS,KAAK;AAErC,kBAAM,eAAe,aAAa,KAAK;AAAA,cACrC,MAAM,QAAQ;AAAA,cACd,SAAS;AAAA,gBACP,QAAQ,QAAQ,KAAK;AAAA,gBACrB,WAAW;AAAA,gBACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,cACpC;AAAA,YACF,CAAC;AAED,2BAAe,cAAc,OAAO;AAAA,cAClC,IAAI,QAAQ,KAAK;AAAA,cACjB,OAAO,QAAQ,KAAK;AAAA,cACpB,MAAM,QAAQ,KAAK;AAAA,YACrB,CAAC;AAED,mBAAO;AAAA,UACT,SAAS,OAAO;AACd,oBAAQ,MAAM,sCAAsC,KAAK;AACzD,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,2BAA2B,SAAS,OAAO,KAAK,EAAE;AAAA,cAC3D,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAAA,QACF;AAAA,QAEA;AACE,iBAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MACzE;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC9E;AAAA,EACF;AAKA,iBAAe,IAAI,SAAsB;AACvC,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,iBAAiB,GAAG;AAEtD,UAAI,CAAC,OAAO;AACV,eAAO,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,MACxD;AAGA,YAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,QACnE,SAAS;AAAA,UACP,eAAe,UAAU,KAAK;AAAA,UAC9B,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,eAAe,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AACpE,yBAAiB,YAAY;AAC7B,eAAO;AAAA,MACT;AAEA,YAAM,UAAW,MAAM,SAAS,KAAK;AAErC,aAAO,aAAa,KAAK;AAAA,QACvB,MAAM,QAAQ;AAAA,QACd,SAAS;AAAA,UACP,QAAQ,QAAQ,KAAK;AAAA,UACrB;AAAA,UACA,WAAW;AAAA,UACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,QACpC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,IACxD;AAAA,EACF;AAKA,iBAAe,OAAO,SAAsB;AAC1C,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,iBAAiB,GAAG;AAEtD,UAAI,OAAO;AAET,YAAI;AACF,gBAAM,MAAM,GAAG,OAAO,0BAA0B;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACP,eAAe,UAAU,KAAK;AAAA,cAC9B,gBAAgB;AAAA,YAClB;AAAA,UACF,CAAC;AAAA,QACH,SAAS,OAAO;AAEd,kBAAQ,MAAM,8BAA8B,KAAK;AAAA,QACnD;AAAA,MACF;AAEA,YAAM,WAAW,aAAa,KAAK,EAAE,SAAS,KAAK,CAAC;AACpD,uBAAiB,QAAQ;AAEzB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC9E;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../src/api/route-handlers.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport { createClient } from '@insforge/sdk';\n\ninterface SignInRequestBody {\n action: 'sign-in';\n email: string;\n password: string;\n}\n\ninterface SignUpRequestBody {\n action: 'sign-up';\n email: string;\n password: string;\n}\n\ninterface SyncTokenRequestBody {\n action: 'sync-token';\n}\n\ntype AuthRequestBody = SignInRequestBody | SignUpRequestBody | SyncTokenRequestBody;\n\ninterface UserWithOptionalName {\n id: string;\n email: string;\n name?: string;\n [key: string]: unknown;\n}\n\ninterface SessionResponse {\n user: UserWithOptionalName;\n [key: string]: unknown;\n}\n\nexport interface AuthRouteConfig {\n /**\n * Base URL of your Insforge backend\n */\n baseUrl: string;\n\n /**\n * Cookie max age in seconds (default: 7 days)\n * @default 604800\n */\n cookieMaxAge?: number;\n\n /**\n * Whether to use secure cookies (HTTPS only)\n * Auto-detected based on environment\n */\n secure?: boolean;\n}\n\n/**\n * Creates authentication route handlers for Next.js App Router\n * These handlers set HTTP-only cookies that can be read by middleware\n *\n * @example\n * ```ts\n * // app/api/auth/[...auth]/route.ts\n * import { createAuthRouteHandlers } from '@insforge/nextjs/api';\n *\n * const handlers = createAuthRouteHandlers({\n * baseUrl: process.env.NEXT_PUBLIC_INSFORGE_BASE_URL!,\n * });\n *\n * export const POST = handlers.POST;\n * export const GET = handlers.GET;\n * export const DELETE = handlers.DELETE;\n * ```\n */\nexport function createAuthRouteHandlers(config: AuthRouteConfig) {\n const {\n baseUrl,\n cookieMaxAge = 7 * 24 * 60 * 60, // 7 days\n } = config;\n\n // Fixed cookie names - not configurable\n const sessionCookieName = 'insforge-session';\n const userCookieName = 'insforge-user';\n\n const insforge = createClient({ baseUrl });\n\n /**\n * Helper to set auth cookies (session token + user identity)\n */\n function setAuthCookies(\n response: NextResponse,\n token: string,\n user: { id: string; email: string; name?: string }\n ) {\n // NODE_ENV is automatically set by Next.js runtime ('development' | 'production' | 'test')\n // In production, cookies are sent over HTTPS only (secure flag)\n const isProduction = process.env.NODE_ENV === 'production';\n const secure = config.secure ?? isProduction;\n\n // Set session cookie (access token)\n response.cookies.set({\n name: sessionCookieName,\n value: token,\n httpOnly: true, // Cannot be accessed by JavaScript\n secure, // Only sent over HTTPS in production\n sameSite: 'lax',\n maxAge: cookieMaxAge,\n path: '/',\n });\n\n // Set user identity cookie (basic info for SSR)\n const userInfo = JSON.stringify({\n id: user.id,\n email: user.email,\n name: user.name || '',\n });\n\n response.cookies.set({\n name: userCookieName,\n value: userInfo,\n httpOnly: true,\n secure,\n sameSite: 'lax',\n maxAge: cookieMaxAge,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * Helper to clear auth cookies\n */\n function clearAuthCookies(response: NextResponse) {\n const secure = config.secure ?? process.env.NODE_ENV === 'production';\n\n // Clear session cookie\n response.cookies.set({\n name: sessionCookieName,\n value: '',\n httpOnly: true,\n secure,\n sameSite: 'lax',\n maxAge: 0,\n path: '/',\n });\n\n // Clear user cookie\n response.cookies.set({\n name: userCookieName,\n value: '',\n httpOnly: true,\n secure,\n sameSite: 'lax',\n maxAge: 0,\n path: '/',\n });\n\n return response;\n }\n\n /**\n * POST handler for authentication actions\n * Supports: sign-in, sign-up\n */\n async function POST(request: NextRequest) {\n try {\n const body = (await request.json()) as AuthRequestBody;\n const { action } = body;\n\n if (!action) {\n return NextResponse.json({ error: 'Action is required' }, { status: 400 });\n }\n\n switch (action) {\n case 'sign-in': {\n const { email, password } = body;\n if (!email || !password) {\n return NextResponse.json({ error: 'Email and password are required' }, { status: 400 });\n }\n\n const result = await insforge.auth.signInWithPassword({\n email,\n password,\n });\n\n if (result.error) {\n return NextResponse.json({ error: result.error.message }, { status: 401 });\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json({ error: 'Authentication failed' }, { status: 401 });\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookies(response, result.data.accessToken || '', {\n id: result.data.user.id,\n email: result.data.user.email,\n name: result.data.user.name,\n });\n\n return response;\n }\n\n case 'sign-up': {\n const { email, password } = body;\n if (!email || !password) {\n return NextResponse.json({ error: 'Email and password are required' }, { status: 400 });\n }\n\n const result = await insforge.auth.signUp({ email, password });\n\n if (result.error) {\n return NextResponse.json({ error: result.error.message }, { status: 400 });\n }\n\n if (!result.data || !result.data.user) {\n return NextResponse.json({ error: 'Sign up failed' }, { status: 400 });\n }\n\n const response = NextResponse.json({\n user: result.data.user,\n session: {\n userId: result.data.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookies(response, result.data.accessToken || '', {\n id: result.data.user.id,\n email: result.data.user.email,\n name: result.data.user.name,\n });\n\n return response;\n }\n\n case 'sync-token': {\n // Syncs access token to HTTP-only cookie for server-side usage\n // Token is passed via Authorization header (preferred)\n const authHeader = request.headers.get('Authorization');\n const tokenFromHeader = authHeader?.startsWith('Bearer ')\n ? authHeader.slice(7)\n : null;\n const token = tokenFromHeader;\n\n if (!token) {\n console.error('[Auth Route] No token provided in header');\n return NextResponse.json({ error: 'Token is required' }, { status: 400 });\n }\n\n // Verify the token is valid by checking with backend\n try {\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const errorText = await response.text();\n console.error('[Auth API] Token validation failed:', errorText);\n return NextResponse.json(\n { error: 'Invalid token', details: errorText },\n { status: 401 }\n );\n }\n\n const session = (await response.json()) as SessionResponse;\n\n const nextResponse = NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n\n setAuthCookies(nextResponse, token, {\n id: session.user.id,\n email: session.user.email,\n name: session.user.name,\n });\n\n return nextResponse;\n } catch (error) {\n console.error('[Auth API] Token validation error:', error);\n return NextResponse.json(\n { error: 'Token validation failed', details: String(error) },\n { status: 401 }\n );\n }\n }\n\n default:\n return NextResponse.json({ error: 'Invalid action' }, { status: 400 });\n }\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ error: 'Internal server error' }, { status: 500 });\n }\n }\n\n /**\n * GET handler to check current session\n */\n async function GET(request: NextRequest) {\n try {\n const token = request.cookies.get(sessionCookieName)?.value;\n\n if (!token) {\n return NextResponse.json({ user: null, session: null });\n }\n\n // Verify token with backend\n const response = await fetch(`${baseUrl}/api/auth/sessions/current`, {\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n\n if (!response.ok) {\n const nextResponse = NextResponse.json({ user: null, session: null });\n clearAuthCookies(nextResponse);\n return nextResponse;\n }\n\n const session = (await response.json()) as SessionResponse;\n\n return NextResponse.json({\n user: session.user,\n session: {\n userId: session.user.id,\n token,\n expiresAt: '',\n createdAt: new Date().toISOString(),\n },\n });\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ user: null, session: null });\n }\n }\n\n /**\n * DELETE handler for sign out\n */\n async function DELETE(request: NextRequest) {\n try {\n const token = request.cookies.get(sessionCookieName)?.value;\n\n if (token) {\n // Call backend sign out\n try {\n await fetch(`${baseUrl}/auth/sessions/current`, {\n method: 'DELETE',\n headers: {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n });\n } catch (error) {\n // Ignore backend errors during sign out\n console.error('[Auth API] Sign out error:', error);\n }\n }\n\n const response = NextResponse.json({ success: true });\n clearAuthCookies(response);\n\n return response;\n } catch (error) {\n console.error('[Auth API Error]:', error);\n return NextResponse.json({ error: 'Internal server error' }, { status: 500 });\n }\n }\n\n return {\n POST,\n GET,\n DELETE,\n };\n}\n"],"mappings":"AAAA,SAAsB,oBAAoB;AAC1C,SAAS,oBAAoB;AAqEtB,SAAS,wBAAwB,QAAyB;AAC/D,QAAM;AAAA,IACJ;AAAA,IACA,eAAe,IAAI,KAAK,KAAK;AAAA;AAAA,EAC/B,IAAI;AAGJ,QAAM,oBAAoB;AAC1B,QAAM,iBAAiB;AAEvB,QAAM,WAAW,aAAa,EAAE,QAAQ,CAAC;AAKzC,WAAS,eACP,UACA,OACA,MACA;AAGA,UAAM,eAAe,QAAQ,IAAI,aAAa;AAC9C,UAAM,SAAS,OAAO,UAAU;AAGhC,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA;AAAA,MACV;AAAA;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAGD,UAAM,WAAW,KAAK,UAAU;AAAA,MAC9B,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,MAAM,KAAK,QAAQ;AAAA,IACrB,CAAC;AAED,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAKA,WAAS,iBAAiB,UAAwB;AAChD,UAAM,SAAS,OAAO,UAAU,QAAQ,IAAI,aAAa;AAGzD,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAGD,aAAS,QAAQ,IAAI;AAAA,MACnB,MAAM;AAAA,MACN,OAAO;AAAA,MACP,UAAU;AAAA,MACV;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,CAAC;AAED,WAAO;AAAA,EACT;AAMA,iBAAe,KAAK,SAAsB;AACxC,QAAI;AACF,YAAM,OAAQ,MAAM,QAAQ,KAAK;AACjC,YAAM,EAAE,OAAO,IAAI;AAEnB,UAAI,CAAC,QAAQ;AACX,eAAO,aAAa,KAAK,EAAE,OAAO,qBAAqB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3E;AAEA,cAAQ,QAAQ;AAAA,QACd,KAAK,WAAW;AACd,gBAAM,EAAE,OAAO,SAAS,IAAI;AAC5B,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,aAAa,KAAK,EAAE,OAAO,kCAAkC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UACxF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,mBAAmB;AAAA,YACpD;AAAA,YACA;AAAA,UACF,CAAC;AAED,cAAI,OAAO,OAAO;AAChB,mBAAO,aAAa,KAAK,EAAE,OAAO,OAAO,MAAM,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC3E;AAEA,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC9E;AAEA,gBAAM,WAAW,aAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAED,yBAAe,UAAU,OAAO,KAAK,eAAe,IAAI;AAAA,YACtD,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,MAAM,OAAO,KAAK,KAAK;AAAA,UACzB,CAAC;AAED,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,WAAW;AACd,gBAAM,EAAE,OAAO,SAAS,IAAI;AAC5B,cAAI,CAAC,SAAS,CAAC,UAAU;AACvB,mBAAO,aAAa,KAAK,EAAE,OAAO,kCAAkC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UACxF;AAEA,gBAAM,SAAS,MAAM,SAAS,KAAK,OAAO,EAAE,OAAO,SAAS,CAAC;AAE7D,cAAI,OAAO,OAAO;AAChB,mBAAO,aAAa,KAAK,EAAE,OAAO,OAAO,MAAM,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC3E;AAEA,cAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,KAAK,MAAM;AACrC,mBAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UACvE;AAEA,gBAAM,WAAW,aAAa,KAAK;AAAA,YACjC,MAAM,OAAO,KAAK;AAAA,YAClB,SAAS;AAAA,cACP,QAAQ,OAAO,KAAK,KAAK;AAAA,cACzB,WAAW;AAAA,cACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,YACpC;AAAA,UACF,CAAC;AAED,yBAAe,UAAU,OAAO,KAAK,eAAe,IAAI;AAAA,YACtD,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,MAAM,OAAO,KAAK,KAAK;AAAA,UACzB,CAAC;AAED,iBAAO;AAAA,QACT;AAAA,QAEA,KAAK,cAAc;AAGjB,gBAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AACtD,gBAAM,kBAAkB,YAAY,WAAW,SAAS,IACpD,WAAW,MAAM,CAAC,IAClB;AACJ,gBAAM,QAAQ;AAEd,cAAI,CAAC,OAAO;AACV,oBAAQ,MAAM,0CAA0C;AACxD,mBAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,UAC1E;AAGA,cAAI;AACF,kBAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,cACnE,SAAS;AAAA,gBACP,eAAe,UAAU,KAAK;AAAA,gBAC9B,gBAAgB;AAAA,cAClB;AAAA,YACF,CAAC;AAED,gBAAI,CAAC,SAAS,IAAI;AAChB,oBAAM,YAAY,MAAM,SAAS,KAAK;AACtC,sBAAQ,MAAM,uCAAuC,SAAS;AAC9D,qBAAO,aAAa;AAAA,gBAClB,EAAE,OAAO,iBAAiB,SAAS,UAAU;AAAA,gBAC7C,EAAE,QAAQ,IAAI;AAAA,cAChB;AAAA,YACF;AAEA,kBAAM,UAAW,MAAM,SAAS,KAAK;AAErC,kBAAM,eAAe,aAAa,KAAK;AAAA,cACrC,MAAM,QAAQ;AAAA,cACd,SAAS;AAAA,gBACP,QAAQ,QAAQ,KAAK;AAAA,gBACrB,WAAW;AAAA,gBACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,cACpC;AAAA,YACF,CAAC;AAED,2BAAe,cAAc,OAAO;AAAA,cAClC,IAAI,QAAQ,KAAK;AAAA,cACjB,OAAO,QAAQ,KAAK;AAAA,cACpB,MAAM,QAAQ,KAAK;AAAA,YACrB,CAAC;AAED,mBAAO;AAAA,UACT,SAAS,OAAO;AACd,oBAAQ,MAAM,sCAAsC,KAAK;AACzD,mBAAO,aAAa;AAAA,cAClB,EAAE,OAAO,2BAA2B,SAAS,OAAO,KAAK,EAAE;AAAA,cAC3D,EAAE,QAAQ,IAAI;AAAA,YAChB;AAAA,UACF;AAAA,QACF;AAAA,QAEA;AACE,iBAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MACzE;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC9E;AAAA,EACF;AAKA,iBAAe,IAAI,SAAsB;AACvC,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,iBAAiB,GAAG;AAEtD,UAAI,CAAC,OAAO;AACV,eAAO,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,MACxD;AAGA,YAAM,WAAW,MAAM,MAAM,GAAG,OAAO,8BAA8B;AAAA,QACnE,SAAS;AAAA,UACP,eAAe,UAAU,KAAK;AAAA,UAC9B,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,eAAe,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AACpE,yBAAiB,YAAY;AAC7B,eAAO;AAAA,MACT;AAEA,YAAM,UAAW,MAAM,SAAS,KAAK;AAErC,aAAO,aAAa,KAAK;AAAA,QACvB,MAAM,QAAQ;AAAA,QACd,SAAS;AAAA,UACP,QAAQ,QAAQ,KAAK;AAAA,UACrB;AAAA,UACA,WAAW;AAAA,UACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,QACpC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa,KAAK,EAAE,MAAM,MAAM,SAAS,KAAK,CAAC;AAAA,IACxD;AAAA,EACF;AAKA,iBAAe,OAAO,SAAsB;AAC1C,QAAI;AACF,YAAM,QAAQ,QAAQ,QAAQ,IAAI,iBAAiB,GAAG;AAEtD,UAAI,OAAO;AAET,YAAI;AACF,gBAAM,MAAM,GAAG,OAAO,0BAA0B;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACP,eAAe,UAAU,KAAK;AAAA,cAC9B,gBAAgB;AAAA,YAClB;AAAA,UACF,CAAC;AAAA,QACH,SAAS,OAAO;AAEd,kBAAQ,MAAM,8BAA8B,KAAK;AAAA,QACnD;AAAA,MACF;AAEA,YAAM,WAAW,aAAa,KAAK,EAAE,SAAS,KAAK,CAAC;AACpD,uBAAiB,QAAQ;AAEzB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,KAAK;AACxC,aAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC9E;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;","names":[]}
|
|
@@ -7,16 +7,16 @@ import {
|
|
|
7
7
|
StyleProvider
|
|
8
8
|
} from "@insforge/react";
|
|
9
9
|
import { NavigationAdapter } from "../navigation";
|
|
10
|
-
async function
|
|
10
|
+
async function syncTokenToCookie(token) {
|
|
11
11
|
try {
|
|
12
12
|
const response = await fetch("/api/auth", {
|
|
13
13
|
method: "POST",
|
|
14
14
|
headers: {
|
|
15
|
+
"Authorization": `Bearer ${token}`,
|
|
15
16
|
"Content-Type": "application/json"
|
|
16
17
|
},
|
|
17
18
|
body: JSON.stringify({
|
|
18
|
-
action: "sync-token"
|
|
19
|
-
token
|
|
19
|
+
action: "sync-token"
|
|
20
20
|
})
|
|
21
21
|
});
|
|
22
22
|
if (!response.ok) {
|
|
@@ -27,6 +27,12 @@ async function handleSignIn(token) {
|
|
|
27
27
|
console.error("[Insforge Client Provider] Failed to sync token to cookie:", err);
|
|
28
28
|
}
|
|
29
29
|
}
|
|
30
|
+
async function handleSignIn(token) {
|
|
31
|
+
await syncTokenToCookie(token);
|
|
32
|
+
}
|
|
33
|
+
async function handleRefresh(token) {
|
|
34
|
+
await syncTokenToCookie(token);
|
|
35
|
+
}
|
|
30
36
|
async function handleSignOut() {
|
|
31
37
|
try {
|
|
32
38
|
await fetch("/api/auth", { method: "DELETE" });
|
|
@@ -47,6 +53,7 @@ function ClientInsforgeProvider({
|
|
|
47
53
|
onAuthChange,
|
|
48
54
|
onSignIn: handleSignIn,
|
|
49
55
|
onSignOut: handleSignOut,
|
|
56
|
+
onRefresh: handleRefresh,
|
|
50
57
|
initialState
|
|
51
58
|
};
|
|
52
59
|
return /* @__PURE__ */ jsx(StyleProvider, { children: /* @__PURE__ */ jsx(NavigationProvider, { adapter: NavigationAdapter, children: /* @__PURE__ */ jsx(InsforgeProviderCore, { ...providerProps, children }) }) });
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/client/provider.tsx"],"sourcesContent":["'use client';\n\nimport {\n InsforgeProviderCore,\n type InsforgeProviderProps,\n type InitialAuthState,\n useInsforge as useReactInsforge,\n NavigationProvider,\n StyleProvider,\n} from '@insforge/react';\nimport { NavigationAdapter } from '../navigation';\n\n// Extended interface for Next.js provider\ninterface ExtendedProviderProps extends InsforgeProviderProps {\n afterSignInUrl?: string;\n onSignIn?: (authToken: string) => Promise<void>;\n onSignOut?: () => Promise<void>;\n /**\n * Initial auth state from server (for SSR hydration)\n * @internal\n */\n initialState?: InitialAuthState;\n}\n\n// Sync token to server-side cookie
|
|
1
|
+
{"version":3,"sources":["../../../src/client/provider.tsx"],"sourcesContent":["'use client';\n\nimport {\n InsforgeProviderCore,\n type InsforgeProviderProps,\n type InitialAuthState,\n useInsforge as useReactInsforge,\n NavigationProvider,\n StyleProvider,\n} from '@insforge/react';\nimport { NavigationAdapter } from '../navigation';\n\n// Extended interface for Next.js provider\ninterface ExtendedProviderProps extends InsforgeProviderProps {\n afterSignInUrl?: string;\n onSignIn?: (authToken: string) => Promise<void>;\n onSignOut?: () => Promise<void>;\n onRefresh?: (authToken: string) => Promise<void>;\n /**\n * Initial auth state from server (for SSR hydration)\n * @internal\n */\n initialState?: InitialAuthState;\n}\n\n// Sync token to server-side cookie using Authorization header\nasync function syncTokenToCookie(token: string): Promise<void> {\n try {\n const response = await fetch('/api/auth', {\n method: 'POST',\n headers: {\n 'Authorization': `Bearer ${token}`,\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n action: 'sync-token',\n }),\n });\n\n if (!response.ok) {\n const errorText = await response.text();\n console.error('[Insforge Client Provider] sync-token failed:', errorText);\n }\n } catch (err) {\n console.error('[Insforge Client Provider] Failed to sync token to cookie:', err);\n }\n}\n\n// Sync token to server-side cookie on sign in\nasync function handleSignIn(token: string): Promise<void> {\n await syncTokenToCookie(token);\n}\n\n// Sync token to server-side cookie on refresh (page load/refresh)\nasync function handleRefresh(token: string): Promise<void> {\n await syncTokenToCookie(token);\n}\n\n// Clear HTTP-only cookie on sign out\nasync function handleSignOut(): Promise<void> {\n try {\n await fetch('/api/auth', { method: 'DELETE' });\n } catch {\n // API route doesn't exist - ignore\n }\n}\n\n/**\n * Client Insforge Provider for Next.js\n *\n * This is a Client Component ('use client') that:\n * 1. Receives initialState from Server Provider\n * 2. Manages authentication state on the client\n * 3. Syncs tokens to HTTP-only cookies via /api/auth\n *\n * @internal - Not intended for direct use. Use the Server Provider instead.\n */\nexport function ClientInsforgeProvider({\n children,\n baseUrl,\n afterSignInUrl = '/',\n onAuthChange,\n initialState,\n}: ExtendedProviderProps) {\n const providerProps: ExtendedProviderProps = {\n children,\n baseUrl,\n afterSignInUrl,\n onAuthChange,\n onSignIn: handleSignIn,\n onSignOut: handleSignOut,\n onRefresh: handleRefresh,\n initialState,\n };\n\n return (\n <StyleProvider>\n <NavigationProvider adapter={NavigationAdapter}>\n <InsforgeProviderCore {...providerProps}>{children}</InsforgeProviderCore>\n </NavigationProvider>\n </StyleProvider>\n );\n}\n\n/**\n * Hook to access Insforge context\n *\n * Re-exports the hook from @insforge/react for convenience.\n *\n * @example\n * ```tsx\n * function MyComponent() {\n * const { user, isSignedIn, signOut } = useInsforge();\n *\n * if (!isSignedIn) return <SignIn />;\n *\n * return (\n * <div>\n * <p>Welcome {user.email}</p>\n * <button onClick={signOut}>Sign Out</button>\n * </div>\n * );\n * }\n * ```\n */\nexport const useInsforge = useReactInsforge;\n"],"mappings":";AAkGQ;AAhGR;AAAA,EACE;AAAA,EAGA,eAAe;AAAA,EACf;AAAA,EACA;AAAA,OACK;AACP,SAAS,yBAAyB;AAgBlC,eAAe,kBAAkB,OAA8B;AAC7D,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,aAAa;AAAA,MACxC,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,iBAAiB,UAAU,KAAK;AAAA,QAChC,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,QAAQ;AAAA,MACV,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,YAAY,MAAM,SAAS,KAAK;AACtC,cAAQ,MAAM,iDAAiD,SAAS;AAAA,IAC1E;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,MAAM,8DAA8D,GAAG;AAAA,EACjF;AACF;AAGA,eAAe,aAAa,OAA8B;AACxD,QAAM,kBAAkB,KAAK;AAC/B;AAGA,eAAe,cAAc,OAA8B;AACzD,QAAM,kBAAkB,KAAK;AAC/B;AAGA,eAAe,gBAA+B;AAC5C,MAAI;AACF,UAAM,MAAM,aAAa,EAAE,QAAQ,SAAS,CAAC;AAAA,EAC/C,QAAQ;AAAA,EAER;AACF;AAYO,SAAS,uBAAuB;AAAA,EACrC;AAAA,EACA;AAAA,EACA,iBAAiB;AAAA,EACjB;AAAA,EACA;AACF,GAA0B;AACxB,QAAM,gBAAuC;AAAA,IAC3C;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU;AAAA,IACV,WAAW;AAAA,IACX,WAAW;AAAA,IACX;AAAA,EACF;AAEA,SACE,oBAAC,iBACC,8BAAC,sBAAmB,SAAS,mBAC3B,8BAAC,wBAAsB,GAAG,eAAgB,UAAS,GACrD,GACF;AAEJ;AAuBO,MAAM,cAAc;","names":[]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@insforge/nextjs",
|
|
3
|
-
"version": "1.0.1",
|
|
3
|
+
"version": "1.0.2-dev.1",
|
|
4
4
|
"description": "Pre-built authentication UI components for Next.js with Insforge backend - zero configuration required",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"types": "./dist/index.d.ts",
|
|
@@ -45,9 +45,9 @@
|
|
|
45
45
|
"author": "Insforge",
|
|
46
46
|
"license": "MIT",
|
|
47
47
|
"dependencies": {
|
|
48
|
-
"@insforge/react": "^1.0.
|
|
49
|
-
"@insforge/sdk": "
|
|
50
|
-
"@insforge/shared": "^1.0.
|
|
48
|
+
"@insforge/react": "^1.0.2-dev.19",
|
|
49
|
+
"@insforge/sdk": "1.0.1-refresh.17",
|
|
50
|
+
"@insforge/shared": "^1.0.1-dev.1",
|
|
51
51
|
"@insforge/shared-schemas": "^1.1.23"
|
|
52
52
|
},
|
|
53
53
|
"devDependencies": {
|