@lifelens/auth 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 LifeLens
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/bridge.d.ts

@@ -0,0 +1,4 @@
+import { NextResponse } from "next/server";
+import type { NextRequest } from "next/server";
+export declare function createBridgeHandler(hubUrl: string): (request: NextRequest) => Promise<NextResponse>;
+//# sourceMappingURL=bridge.d.ts.map

package/dist/bridge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bridge.d.ts","sourceRoot":"","sources":["../src/bridge.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAgB/C,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,IACrB,SAAS,WAAW,KAAG,OAAO,CAAC,YAAY,CAAC,CAyDxE"}

package/dist/bridge.js

@@ -0,0 +1,54 @@
+import { createServerClient } from "@supabase/ssr";
+import { cookies } from "next/headers";
+import { NextResponse } from "next/server";
+const COOKIE_OPTIONS = process.env.COOKIE_DOMAIN
+    ? { domain: process.env.COOKIE_DOMAIN }
+    : undefined;
+function getSafeRedirectPath(value) {
+    return value && value.startsWith("/") && !value.startsWith("//")
+        ? value
+        : "/";
+}
+function getStringValue(value) {
+    return typeof value === "string" ? value : null;
+}
+export function createBridgeHandler(hubUrl) {
+    return async function POST(request) {
+        const requestUrl = new URL(request.url);
+        const formData = await request.formData();
+        const accessToken = getStringValue(formData.get("access_token"));
+        const refreshToken = getStringValue(formData.get("refresh_token"));
+        const redirectPath = getSafeRedirectPath(getStringValue(formData.get("redirect")));
+        if (!accessToken || !refreshToken) {
+            const loginUrl = new URL(`${hubUrl}/login`);
+            loginUrl.searchParams.set("redirect", new URL(redirectPath, requestUrl.origin).toString());
+            return NextResponse.redirect(loginUrl, 303);
+        }
+        const cookieStore = await cookies();
+        const response = NextResponse.redirect(new URL(redirectPath, requestUrl.origin), 303);
+        const supabase = createServerClient(process.env.NEXT_PUBLIC_SUPABASE_URL, process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY, {
+            cookieOptions: COOKIE_OPTIONS,
+            cookies: {
+                getAll() {
+                    return cookieStore.getAll();
+                },
+                setAll(cookiesToSet) {
+                    cookiesToSet.forEach(({ name, value, options }) => {
+                        response.cookies.set(name, value, options);
+                    });
+                },
+            },
+        });
+        const { error } = await supabase.auth.setSession({
+            access_token: accessToken,
+            refresh_token: refreshToken,
+        });
+        if (error) {
+            const loginUrl = new URL(`${hubUrl}/login`);
+            loginUrl.searchParams.set("redirect", new URL(redirectPath, requestUrl.origin).toString());
+            return NextResponse.redirect(loginUrl, 303);
+        }
+        return response;
+    };
+}
+//# sourceMappingURL=bridge.js.map

package/dist/bridge.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bridge.js","sourceRoot":"","sources":["../src/bridge.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa;IAC9C,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,aAAuB,EAAE;IACjD,CAAC,CAAC,SAAS,CAAC;AAEd,SAAS,mBAAmB,CAAC,KAAoB;IAC/C,OAAO,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;QAC9D,CAAC,CAAC,KAAK;QACP,CAAC,CAAC,GAAG,CAAC;AACV,CAAC;AAED,SAAS,cAAc,CAAC,KAAc;IACpC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,OAAO,KAAK,UAAU,IAAI,CAAC,OAAoB;QAC7C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,CAAC;QAC1C,MAAM,WAAW,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC;QACjE,MAAM,YAAY,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC;QACnE,MAAM,YAAY,GAAG,mBAAmB,CACtC,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CACzC,CAAC;QAEF,IAAI,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC;YAClC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,QAAQ,CAAC,CAAC;YAC5C,QAAQ,CAAC,YAAY,CAAC,GAAG,CACvB,UAAU,EACV,IAAI,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CACpD,CAAC;YACF,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CACpC,IAAI,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,MAAM,CAAC,EACxC,GAAG,CACJ,CAAC;QACF,MAAM,QAAQ,GAAG,kBAAkB,CACjC,OAAO,CAAC,GAAG,CAAC,wBAAyB,EACrC,OAAO,CAAC,GAAG,CAAC,6BAA8B,EAC1C;YACE,aAAa,EAAE,cAAc;YAC7B,OAAO,EAAE;gBACP,MAAM;oBACJ,OAAO,WAAW,CAAC,MAAM,EAAE,CAAC;gBAC9B,CAAC;gBACD,MAAM,CAAC,YAAY;oBACjB,YAAY,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE;wBAChD,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;oBAC7C,CAAC,CAAC,CAAC;gBACL,CAAC;aACF;SACF,CACF,CAAC;QAEF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC;YAC/C,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY;SAC5B,CAAC,CAAC;QAEH,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,QAAQ,CAAC,CAAC;YAC5C,QAAQ,CAAC,YAAY,CAAC,GAAG,CACvB,UAAU,EACV,IAAI,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CACpD,CAAC;YACF,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC"}

package/dist/callback.d.ts

@@ -0,0 +1,10 @@
+import { NextResponse } from "next/server";
+import type { NextRequest } from "next/server";
+export interface CallbackHandlerOptions {
+    isHub?: boolean;
+    hubUrl?: string;
+    name?: string;
+    logging?: boolean;
+}
+export declare function createCallbackHandler({ isHub, hubUrl, name, logging, }?: CallbackHandlerOptions): (request: NextRequest) => Promise<NextResponse>;
+//# sourceMappingURL=callback.d.ts.map

package/dist/callback.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../src/callback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAoB/C,MAAM,WAAW,sBAAsB;IACrC,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,wBAAgB,qBAAqB,CAAC,EACpC,KAAa,EACb,MAAM,EACN,IAAa,EACb,OAAe,GAChB,GAAE,sBAA2B,IAGF,SAAS,WAAW,KAAG,OAAO,CAAC,YAAY,CAAC,CA8EvE"}

package/dist/callback.js

@@ -0,0 +1,83 @@
+import { NextResponse } from "next/server";
+import { createServerClient } from "@supabase/ssr";
+import { cookies } from "next/headers";
+const COOKIE_OPTIONS = process.env.COOKIE_DOMAIN
+    ? { domain: process.env.COOKIE_DOMAIN }
+    : undefined;
+function getSafeRedirectPath(value) {
+    return value && value.startsWith("/") && !value.startsWith("//")
+        ? value
+        : "/";
+}
+function createLogger(name) {
+    return {
+        log: (...args) => console.log(`[${name}]`, ...args),
+        error: (...args) => console.error(`[${name}]`, ...args),
+        warn: (...args) => console.warn(`[${name}]`, ...args),
+    };
+}
+export function createCallbackHandler({ isHub = false, hubUrl, name = "auth", logging = false, } = {}) {
+    const log = logging ? createLogger(name) : null;
+    return async function GET(request) {
+        const requestUrl = new URL(request.url);
+        const code = requestUrl.searchParams.get("code");
+        const origin = requestUrl.origin;
+        if (log)
+            log.log("Auth callback started", { hasCode: !!code, origin });
+        if (code) {
+            const cookieStore = await cookies();
+            const next = getSafeRedirectPath(requestUrl.searchParams.get("next") ?? "/");
+            const redirectPath = isHub && next === "/auth/callback" ? "/" : next;
+            const response = NextResponse.redirect(`${origin}${redirectPath}`);
+            const supabase = createServerClient(process.env.NEXT_PUBLIC_SUPABASE_URL, process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY, {
+                cookieOptions: COOKIE_OPTIONS,
+                cookies: {
+                    getAll() {
+                        return cookieStore.getAll();
+                    },
+                    setAll(cookiesToSet) {
+                        if (log) {
+                            log.log("Setting cookies:", cookiesToSet.map((c) => ({
+                                name: c.name,
+                                valueLength: c.value?.length,
+                            })));
+                        }
+                        cookiesToSet.forEach(({ name, value, options }) => {
+                            response.cookies.set(name, value, options);
+                        });
+                    },
+                },
+            });
+            if (log)
+                log.log("Exchanging code for session...");
+            const { data, error } = await supabase.auth.exchangeCodeForSession(code);
+            if (error) {
+                if (log)
+                    log.error("Auth callback error:", error);
+                if (isHub) {
+                    return NextResponse.redirect(`${origin}/login?error=${error.message}`);
+                }
+                const loginUrl = new URL(`${hubUrl}/login`);
+                loginUrl.searchParams.set("redirect", `${origin}${redirectPath}`);
+                return NextResponse.redirect(loginUrl);
+            }
+            if (log) {
+                log.log("Auth session established", {
+                    userId: data?.user?.id,
+                    email: data?.user?.email,
+                    hasSession: !!data?.session,
+                });
+            }
+            return response;
+        }
+        if (log)
+            log.log("No code provided");
+        if (isHub) {
+            return NextResponse.redirect(`${origin}/login`);
+        }
+        const loginUrl = new URL(`${hubUrl}/login`);
+        loginUrl.searchParams.set("redirect", origin);
+        return NextResponse.redirect(loginUrl);
+    };
+}
+//# sourceMappingURL=callback.js.map

package/dist/callback.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"callback.js","sourceRoot":"","sources":["../src/callback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAGvC,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa;IAC9C,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,aAAuB,EAAE;IACjD,CAAC,CAAC,SAAS,CAAC;AAEd,SAAS,mBAAmB,CAAC,KAAoB;IAC/C,OAAO,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;QAC9D,CAAC,CAAC,KAAK;QACP,CAAC,CAAC,GAAG,CAAC;AACV,CAAC;AAED,SAAS,YAAY,CAAC,IAAY;IAChC,OAAO;QACL,GAAG,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,EAAE,GAAG,IAAI,CAAC;QAC9D,KAAK,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,IAAI,GAAG,EAAE,GAAG,IAAI,CAAC;QAClE,IAAI,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,EAAE,GAAG,IAAI,CAAC;KACjE,CAAC;AACJ,CAAC;AASD,MAAM,UAAU,qBAAqB,CAAC,EACpC,KAAK,GAAG,KAAK,EACb,MAAM,EACN,IAAI,GAAG,MAAM,EACb,OAAO,GAAG,KAAK,MACW,EAAE;IAC5B,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAEhD,OAAO,KAAK,UAAU,GAAG,CAAC,OAAoB;QAC5C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,IAAI,GAAG,UAAU,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAEjC,IAAI,GAAG;YAAE,GAAG,CAAC,GAAG,CAAC,uBAAuB,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QAEvE,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;YACpC,MAAM,IAAI,GAAG,mBAAmB,CAC9B,UAAU,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAC3C,CAAC;YACF,MAAM,YAAY,GAChB,KAAK,IAAI,IAAI,KAAK,gBAAgB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;YAElD,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,GAAG,MAAM,GAAG,YAAY,EAAE,CAAC,CAAC;YAEnE,MAAM,QAAQ,GAAG,kBAAkB,CACjC,OAAO,CAAC,GAAG,CAAC,wBAAyB,EACrC,OAAO,CAAC,GAAG,CAAC,6BAA8B,EAC1C;gBACE,aAAa,EAAE,cAAc;gBAC7B,OAAO,EAAE;oBACP,MAAM;wBACJ,OAAO,WAAW,CAAC,MAAM,EAAE,CAAC;oBAC9B,CAAC;oBACD,MAAM,CAAC,YAAY;wBACjB,IAAI,GAAG,EAAE,CAAC;4BACR,GAAG,CAAC,GAAG,CACL,kBAAkB,EAClB,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gCACvB,IAAI,EAAE,CAAC,CAAC,IAAI;gCACZ,WAAW,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM;6BAC7B,CAAC,CAAC,CACJ,CAAC;wBACJ,CAAC;wBACD,YAAY,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE;4BAChD,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;wBAC7C,CAAC,CAAC,CAAC;oBACL,CAAC;iBACF;aACF,CACF,CAAC;YAEF,IAAI,GAAG;gBAAE,GAAG,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;YACnD,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;YAEzE,IAAI,KAAK,EAAE,CAAC;gBACV,IAAI,GAAG;oBAAE,GAAG,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;gBAClD,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,YAAY,CAAC,QAAQ,CAC1B,GAAG,MAAM,gBAAgB,KAAK,CAAC,OAAO,EAAE,CACzC,CAAC;gBACJ,CAAC;gBACD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,QAAQ,CAAC,CAAC;gBAC5C,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,MAAM,GAAG,YAAY,EAAE,CAAC,CAAC;gBAClE,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACzC,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,GAAG,CAAC,GAAG,CAAC,0BAA0B,EAAE;oBAClC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;oBACtB,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK;oBACxB,UAAU,EAAE,CAAC,CAAC,IAAI,EAAE,OAAO;iBAC5B,CAAC,CAAC;YACL,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,IAAI,GAAG;YAAE,GAAG,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,MAAM,QAAQ,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,QAAQ,CAAC,CAAC;QAC5C,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAC9C,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC,CAAC;AACJ,CAAC"}

package/dist/client.d.ts

@@ -0,0 +1,3 @@
+import type { SupabaseClient } from "@supabase/supabase-js";
+export declare function getSupabaseBrowserClient(): SupabaseClient;
+//# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAI5D,wBAAgB,wBAAwB,IAAI,cAAc,CAQzD"}

package/dist/client.js

@@ -0,0 +1,9 @@
+import { createBrowserClient } from "@supabase/ssr";
+let supabaseClient = null;
+export function getSupabaseBrowserClient() {
+    if (!supabaseClient) {
+        supabaseClient = createBrowserClient(process.env.NEXT_PUBLIC_SUPABASE_URL, process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY);
+    }
+    return supabaseClient;
+}
+//# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAGpD,IAAI,cAAc,GAA0B,IAAI,CAAC;AAEjD,MAAM,UAAU,wBAAwB;IACtC,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,cAAc,GAAG,mBAAmB,CAClC,OAAO,CAAC,GAAG,CAAC,wBAAyB,EACrC,OAAO,CAAC,GAAG,CAAC,6BAA8B,CAC3C,CAAC;IACJ,CAAC;IACD,OAAO,cAAc,CAAC;AACxB,CAAC"}

package/dist/context.d.ts

@@ -0,0 +1,31 @@
+import { type ReactNode } from "react";
+import type { User } from "@supabase/supabase-js";
+export interface AuthContextValue {
+    user: User | null;
+    loading: boolean;
+    signInWithGoogle: (options?: {
+        redirectTo?: string;
+    }) => Promise<{
+        provider: string;
+        url: string | null;
+    } | null>;
+    signInWithEmail: (email: string, password: string) => Promise<{
+        user: User;
+        session: unknown;
+    } | null>;
+    signUpWithEmail: (email: string, password: string, fullName: string, options?: {
+        emailRedirectTo?: string;
+    }) => Promise<{
+        user: User | null;
+        session: unknown;
+    } | null>;
+    resetPassword: (email: string) => Promise<void>;
+    signOut: () => Promise<void>;
+}
+interface AuthProviderProps {
+    children: ReactNode;
+}
+export declare const useAuth: () => AuthContextValue;
+export declare function AuthProvider({ children }: AuthProviderProps): import("react").JSX.Element;
+export {};
+//# sourceMappingURL=context.d.ts.map

package/dist/context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.tsx"],"names":[],"mappings":"AAEA,OAAO,EAOL,KAAK,SAAS,EACf,MAAM,OAAO,CAAC;AAEf,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAIlD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,gBAAgB,EAAE,CAAC,OAAO,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC,CAAC;IAClH,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,IAAI,EAAE,IAAI,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,GAAG,IAAI,CAAC,CAAC;IACvG,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,eAAe,CAAC,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC;QAAE,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,GAAG,IAAI,CAAC,CAAC;IACxK,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,UAAU,iBAAiB;IACzB,QAAQ,EAAE,SAAS,CAAC;CACrB;AAMD,eAAO,MAAM,OAAO,QAAO,gBAM1B,CAAC;AAmBF,wBAAgB,YAAY,CAAC,EAAE,QAAQ,EAAE,EAAE,iBAAiB,+BAqH3D"}

package/dist/context.js

@@ -0,0 +1,113 @@
+"use client";
+import { jsx as _jsx } from "react/jsx-runtime";
+import { createContext, useContext, useEffect, useState, useMemo, useCallback, } from "react";
+import { getSupabaseBrowserClient } from "./client";
+// ─── Context ───────────────────────────────────────────
+const AuthContext = createContext(null);
+export const useAuth = () => {
+    const context = useContext(AuthContext);
+    if (!context) {
+        throw new Error("useAuth must be used within AuthProvider");
+    }
+    return context;
+};
+// ─── Sentry helper (safe fallback) ─────────────────────
+async function updateSentryUser(user) {
+    try {
+        const Sentry = await import("@sentry/nextjs");
+        if (user) {
+            Sentry.setUser({ id: user.id, email: user.email ?? undefined });
+        }
+        else {
+            Sentry.setUser(null);
+        }
+    }
+    catch {
+        // @sentry/nextjs is not installed — silently skip
+    }
+}
+// ─── Provider ──────────────────────────────────────────
+export function AuthProvider({ children }) {
+    const [user, setUser] = useState(null);
+    const [loading, setLoading] = useState(true);
+    const supabase = getSupabaseBrowserClient();
+    useEffect(() => {
+        supabase.auth.getSession().then(({ data: { session } }) => {
+            setUser(session?.user ?? null);
+            setLoading(false);
+        });
+        const { data: { subscription }, } = supabase.auth.onAuthStateChange((event, session) => {
+            if (event === "PASSWORD_RECOVERY")
+                return;
+            const currentUser = session?.user ?? null;
+            setUser(currentUser);
+            setLoading(false);
+            updateSentryUser(currentUser);
+        });
+        return () => subscription.unsubscribe();
+    }, [supabase]);
+    const signInWithGoogle = useCallback(async ({ redirectTo } = {}) => {
+        const { data, error } = await supabase.auth.signInWithOAuth({
+            provider: "google",
+            options: {
+                redirectTo: redirectTo || `${globalThis.location.origin}/auth/callback`,
+            },
+        });
+        if (error)
+            throw error;
+        return data;
+    }, [supabase]);
+    const signInWithEmail = useCallback(async (email, password) => {
+        const { data, error } = await supabase.auth.signInWithPassword({
+            email,
+            password,
+        });
+        if (error)
+            throw error;
+        return data;
+    }, [supabase]);
+    const signUpWithEmail = useCallback(async (email, password, fullName, { emailRedirectTo } = {}) => {
+        const { data, error } = await supabase.auth.signUp({
+            email,
+            password,
+            options: {
+                data: { full_name: fullName },
+                emailRedirectTo: emailRedirectTo || `${globalThis.location.origin}/auth/callback`,
+            },
+        });
+        if (error)
+            throw error;
+        return data;
+    }, [supabase]);
+    const resetPassword = useCallback(async (email) => {
+        const { error } = await supabase.auth.resetPasswordForEmail(email, {
+            redirectTo: `${globalThis.location.origin}/auth/reset-password`,
+        });
+        if (error)
+            throw error;
+    }, [supabase]);
+    const signOut = useCallback(async () => {
+        const { error } = await supabase.auth.signOut();
+        if (error)
+            throw error;
+    }, [supabase]);
+    const value = useMemo(() => ({
+        user,
+        loading,
+        signInWithGoogle,
+        signInWithEmail,
+        signUpWithEmail,
+        resetPassword,
+        signOut,
+    }), [
+        user,
+        loading,
+        signInWithGoogle,
+        signInWithEmail,
+        signUpWithEmail,
+        resetPassword,
+        signOut,
+    ]);
+    return _jsx(AuthContext.Provider, { value: value, children: children });
+}
+//# sourceMappingURL=context.js.map

package/dist/context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,EACL,aAAa,EACb,UAAU,EACV,SAAS,EACT,QAAQ,EACR,OAAO,EACP,WAAW,GAEZ,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AAmBpD,0DAA0D;AAE1D,MAAM,WAAW,GAAG,aAAa,CAA0B,IAAI,CAAC,CAAC;AAEjE,MAAM,CAAC,MAAM,OAAO,GAAG,GAAqB,EAAE;IAC5C,MAAM,OAAO,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;IACxC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,0DAA0D;AAE1D,KAAK,UAAU,gBAAgB,CAAC,IAAiB;IAC/C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAC9C,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,SAAS,EAAE,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,kDAAkD;IACpD,CAAC;AACH,CAAC;AAED,0DAA0D;AAE1D,MAAM,UAAU,YAAY,CAAC,EAAE,QAAQ,EAAqB;IAC1D,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAc,IAAI,CAAC,CAAC;IACpD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,wBAAwB,EAAE,CAAC;IAE5C,SAAS,CAAC,GAAG,EAAE;QACb,QAAQ,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,EAAE;YACxD,OAAO,CAAC,OAAO,EAAE,IAAI,IAAI,IAAI,CAAC,CAAC;YAC/B,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC,CAAC,CAAC;QAEH,MAAM,EACJ,IAAI,EAAE,EAAE,YAAY,EAAE,GACvB,GAAG,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;YACrD,IAAI,KAAK,KAAK,mBAAmB;gBAAE,OAAO;YAE1C,MAAM,WAAW,GAAG,OAAO,EAAE,IAAI,IAAI,IAAI,CAAC;YAC1C,OAAO,CAAC,WAAW,CAAC,CAAC;YACrB,UAAU,CAAC,KAAK,CAAC,CAAC;YAElB,gBAAgB,CAAC,WAAW,CAAC,CAAC;QAChC,CAAC,CAAC,CAAC;QAEH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEf,MAAM,gBAAgB,GAAG,WAAW,CAClC,KAAK,EACH,EAAE,UAAU,KAA8B,EAAE,EACc,EAAE;QAC5D,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC;YAC1D,QAAQ,EAAE,QAAQ;YAClB,OAAO,EAAE;gBACP,UAAU,EACR,UAAU,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,MAAM,gBAAgB;aAC9D;SACF,CAAC,CAAC;QACH,IAAI,KAAK;YAAE,MAAM,KAAK,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC,EACD,CAAC,QAAQ,CAAC,CACX,CAAC;IAEF,MAAM,eAAe,GAAG,WAAW,CACjC,KAAK,EACH,KAAa,EACb,QAAgB,EACkC,EAAE;QACpD,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,kBAAkB,CAAC;YAC7D,KAAK;YACL,QAAQ;SACT,CAAC,CAAC;QACH,IAAI,KAAK;YAAE,MAAM,KAAK,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC,EACD,CAAC,QAAQ,CAAC,CACX,CAAC;IAEF,MAAM,eAAe,GAAG,WAAW,CACjC,KAAK,EACH,KAAa,EACb,QAAgB,EAChB,QAAgB,EAChB,EAAE,eAAe,KAAmC,EAAE,EACG,EAAE;QAC3D,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC;YACjD,KAAK;YACL,QAAQ;YACR,OAAO,EAAE;gBACP,IAAI,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE;gBAC7B,eAAe,EACb,eAAe,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,MAAM,gBAAgB;aACnE;SACF,CAAC,CAAC;QACH,IAAI,KAAK;YAAE,MAAM,KAAK,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC,EACD,CAAC,QAAQ,CAAC,CACX,CAAC;IAEF,MAAM,aAAa,GAAG,WAAW,CAC/B,KAAK,EAAE,KAAa,EAAiB,EAAE;QACrC,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,KAAK,EAAE;YACjE,UAAU,EAAE,GAAG,UAAU,CAAC,QAAQ,CAAC,MAAM,sBAAsB;SAChE,CAAC,CAAC;QACH,IAAI,KAAK;YAAE,MAAM,KAAK,CAAC;IACzB,CAAC,EACD,CAAC,QAAQ,CAAC,CACX,CAAC;IAEF,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACpD,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAChD,IAAI,KAAK;YAAE,MAAM,KAAK,CAAC;IACzB,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEf,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC;QACL,IAAI;QACJ,OAAO;QACP,gBAAgB;QAChB,eAAe;QACf,eAAe;QACf,aAAa;QACb,OAAO;KACR,CAAC,EACF;QACE,IAAI;QACJ,OAAO;QACP,gBAAgB;QAChB,eAAe;QACf,eAAe;QACf,aAAa;QACb,OAAO;KACR,CACF,CAAC;IAEF,OAAO,KAAC,WAAW,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAAwB,CAAC;AAC/E,CAAC"}

package/dist/guard.d.ts

@@ -0,0 +1,10 @@
+import { NextResponse } from "next/server";
+import type { NextRequest } from "next/server";
+export declare const COMPREHENSIVE_MATCHER: string[];
+export interface AuthGuardOptions {
+    publicPaths?: string[];
+    isHub?: boolean;
+    hubUrl?: string;
+}
+export declare function createAuthGuard({ publicPaths, isHub, hubUrl, }?: AuthGuardOptions): (request: NextRequest) => Promise<NextResponse>;
+//# sourceMappingURL=guard.d.ts.map

package/dist/guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.d.ts","sourceRoot":"","sources":["../src/guard.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/C,eAAO,MAAM,qBAAqB,UAEjC,CAAC;AAEF,MAAM,WAAW,gBAAgB;IAC/B,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,eAAe,CAAC,EAC9B,WAAgB,EAChB,KAAa,EACb,MAAM,GACP,GAAE,gBAAqB,IAOM,SAAS,WAAW,KAAG,OAAO,CAAC,YAAY,CAAC,CAuEzE"}

package/dist/guard.js

@@ -0,0 +1,60 @@
+import { createServerClient } from "@supabase/ssr";
+import { NextResponse } from "next/server";
+export const COMPREHENSIVE_MATCHER = [
+    "/((?!_next/static|_next/image|favicon\\.ico|manifest\\.json|sw\\.js|icons/|ort/|.*\\.(?:svg|png|jpg|jpeg|gif|webp|ico|wasm|mjs)$).*)",
+];
+export function createAuthGuard({ publicPaths = [], isHub = false, hubUrl, } = {}) {
+    function isPublicPath(pathname) {
+        return publicPaths.some((p) => pathname === p || pathname.startsWith(p + "/"));
+    }
+    return async function proxy(request) {
+        const requestHeaders = new Headers(request.headers);
+        requestHeaders.delete("x-middleware-subrequest");
+        let response = NextResponse.next({
+            request: { headers: requestHeaders },
+        });
+        const { pathname } = request.nextUrl;
+        if (isPublicPath(pathname)) {
+            return response;
+        }
+        if (pathname.startsWith("/api/") &&
+            request.headers.get("authorization")?.startsWith("Bearer ")) {
+            return response;
+        }
+        const supabase = createServerClient(process.env.NEXT_PUBLIC_SUPABASE_URL, process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY, {
+            cookieOptions: process.env.COOKIE_DOMAIN
+                ? { domain: process.env.COOKIE_DOMAIN }
+                : undefined,
+            cookies: {
+                getAll() {
+                    return request.cookies.getAll();
+                },
+                setAll(cookiesToSet) {
+                    cookiesToSet.forEach(({ name, value, options }) => {
+                        request.cookies.set(name, value);
+                        response.cookies.set(name, value, options);
+                    });
+                },
+            },
+        });
+        const { data: { user }, } = await supabase.auth.getUser();
+        if (!user) {
+            if (pathname.startsWith("/api/")) {
+                return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+            }
+            if (isHub) {
+                const loginUrl = new URL("/login", request.url);
+                loginUrl.searchParams.set("redirect", pathname);
+                return NextResponse.redirect(loginUrl);
+            }
+            const loginUrl = new URL(`${hubUrl}/login`);
+            loginUrl.searchParams.set("redirect", request.url);
+            return NextResponse.redirect(loginUrl);
+        }
+        if (isHub && pathname === "/login") {
+            return NextResponse.redirect(new URL("/", request.url));
+        }
+        return response;
+    };
+}
+//# sourceMappingURL=guard.js.map

package/dist/guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.js","sourceRoot":"","sources":["../src/guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,sIAAsI;CACvI,CAAC;AAQF,MAAM,UAAU,eAAe,CAAC,EAC9B,WAAW,GAAG,EAAE,EAChB,KAAK,GAAG,KAAK,EACb,MAAM,MACc,EAAE;IACtB,SAAS,YAAY,CAAC,QAAgB;QACpC,OAAO,WAAW,CAAC,IAAI,CACrB,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,KAAK,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,CACtD,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,UAAU,KAAK,CAAC,OAAoB;QAC9C,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACpD,cAAc,CAAC,MAAM,CAAC,yBAAyB,CAAC,CAAC;QAEjD,IAAI,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC;YAC/B,OAAO,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE;SACrC,CAAC,CAAC;QAEH,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QAErC,IAAI,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,IACE,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;YAC5B,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,EAC3D,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,kBAAkB,CACjC,OAAO,CAAC,GAAG,CAAC,wBAAyB,EACrC,OAAO,CAAC,GAAG,CAAC,6BAA8B,EAC1C;YACE,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa;gBACtC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,aAAuB,EAAE;gBACjD,CAAC,CAAC,SAAS;YACb,OAAO,EAAE;gBACP,MAAM;oBACJ,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBAClC,CAAC;gBACD,MAAM,CAAC,YAAY;oBACjB,YAAY,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE;wBAChD,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;wBACjC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;oBAC7C,CAAC,CAAC,CAAC;gBACL,CAAC;aACF;SACF,CACF,CAAC;QAEF,MAAM,EACJ,IAAI,EAAE,EAAE,IAAI,EAAE,GACf,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAElC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjC,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,yBAAyB,EAAE,EACpC,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;YAED,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;gBAChD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;gBAChD,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACzC,CAAC;YAED,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,QAAQ,CAAC,CAAC;YAC5C,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;YACnD,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,KAAK,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC"}

package/dist/server.d.ts

@@ -0,0 +1,11 @@
+import type { SupabaseClient, User } from "@supabase/supabase-js";
+export interface ServerUserResult {
+    user: User | null;
+    supabase: SupabaseClient;
+}
+export declare function getServerUser(): Promise<ServerUserResult>;
+export declare function requireServerAuth(hubUrl?: string): Promise<{
+    user: User;
+    supabase: SupabaseClient;
+}>;
+//# sourceMappingURL=server.d.ts.map

package/dist/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAMlE,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,QAAQ,EAAE,cAAc,CAAC;CAC1B;AAED,wBAAsB,aAAa,IAAI,OAAO,CAAC,gBAAgB,CAAC,CAmC/D;AAED,wBAAsB,iBAAiB,CACrC,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;IAAE,IAAI,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,cAAc,CAAA;CAAE,CAAC,CAYnD"}

package/dist/server.js

@@ -0,0 +1,40 @@
+import { createServerClient } from "@supabase/ssr";
+import { cookies } from "next/headers";
+const COOKIE_OPTIONS = process.env.COOKIE_DOMAIN
+    ? { domain: process.env.COOKIE_DOMAIN }
+    : undefined;
+export async function getServerUser() {
+    const cookieStore = await cookies();
+    const supabase = createServerClient(process.env.NEXT_PUBLIC_SUPABASE_URL, process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY, {
+        cookieOptions: COOKIE_OPTIONS,
+        cookies: {
+            getAll() {
+                return cookieStore.getAll();
+            },
+            setAll(cookiesToSet) {
+                try {
+                    cookiesToSet.forEach(({ name, value, options }) => cookieStore.set(name, value, options));
+                }
+                catch {
+                    // setAll called from a Server Component — safe to ignore.
+                }
+            },
+        },
+    });
+    const { data: { user }, error, } = await supabase.auth.getUser();
+    if (error || !user) {
+        return { user: null, supabase };
+    }
+    return { user, supabase };
+}
+export async function requireServerAuth(hubUrl) {
+    const { redirect } = await import("next/navigation");
+    const { user, supabase } = await getServerUser();
+    if (!user) {
+        redirect(hubUrl ? `${hubUrl}/login` : "/login");
+        // redirect() throws internally — this satisfies TypeScript narrowing
+        throw new Error("Redirect should have been thrown");
+    }
+    return { user, supabase };
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAGvC,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa;IAC9C,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,aAAuB,EAAE;IACjD,CAAC,CAAC,SAAS,CAAC;AAOd,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IAEpC,MAAM,QAAQ,GAAG,kBAAkB,CACjC,OAAO,CAAC,GAAG,CAAC,wBAAyB,EACrC,OAAO,CAAC,GAAG,CAAC,6BAA8B,EAC1C;QACE,aAAa,EAAE,cAAc;QAC7B,OAAO,EAAE;YACP,MAAM;gBACJ,OAAO,WAAW,CAAC,MAAM,EAAE,CAAC;YAC9B,CAAC;YACD,MAAM,CAAC,YAAY;gBACjB,IAAI,CAAC;oBACH,YAAY,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,CAChD,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CACtC,CAAC;gBACJ,CAAC;gBAAC,MAAM,CAAC;oBACP,0DAA0D;gBAC5D,CAAC;YACH,CAAC;SACF;KACF,CACF,CAAC;IAEF,MAAM,EACJ,IAAI,EAAE,EAAE,IAAI,EAAE,EACd,KAAK,GACN,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;IAElC,IAAI,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC;QACnB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAClC,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAe;IAEf,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAErD,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,MAAM,aAAa,EAAE,CAAC;IAEjD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAChD,qEAAqE;QACrE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC5B,CAAC"}

package/package.json

@@ -0,0 +1,81 @@
+{
+  "name": "@lifelens/auth",
+  "version": "0.1.0",
+  "description": "Universal auth SDK for the LifeLens ecosystem — works across any Next.js app, independent repos, and mobile apps",
+  "license": "MIT",
+  "private": false,
+  "publishConfig": {
+    "access": "public"
+  },
+  "type": "module",
+  "main": "./dist/context.js",
+  "types": "./dist/context.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/context.d.ts",
+      "import": "./dist/context.js"
+    },
+    "./client": {
+      "types": "./dist/client.d.ts",
+      "import": "./dist/client.js"
+    },
+    "./server": {
+      "types": "./dist/server.d.ts",
+      "import": "./dist/server.js"
+    },
+    "./context": {
+      "types": "./dist/context.d.ts",
+      "import": "./dist/context.js"
+    },
+    "./guard": {
+      "types": "./dist/guard.d.ts",
+      "import": "./dist/guard.js"
+    },
+    "./bridge": {
+      "types": "./dist/bridge.d.ts",
+      "import": "./dist/bridge.js"
+    },
+    "./callback": {
+      "types": "./dist/callback.d.ts",
+      "import": "./dist/callback.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "clean": "rimraf dist",
+    "prepublishOnly": "npm run build"
+  },
+  "dependencies": {
+    "@supabase/ssr": "^0.7.0",
+    "@supabase/supabase-js": "^2.80.0"
+  },
+  "peerDependencies": {
+    "next": "^14.0.0 || ^15.0.0 || ^16.0.0",
+    "react": "^18.0.0 || ^19.0.0"
+  },
+  "peerDependenciesMeta": {
+    "next": {
+      "optional": true
+    },
+    "react": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@sentry/nextjs": "^10.61.0",
+    "@types/node": "^22.20.0",
+    "@types/react": "^19.2.17",
+    "@types/react-dom": "^19.2.3",
+    "next": "^16.2.9",
+    "react": "^19.2.7",
+    "rimraf": "^5.0.0",
+    "typescript": "^5.3.0"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/lifelens/lifelens-auth"
+  }
+}