@logto/next 2.4.0 → 3.0.0

package/README.md

@@ -1,9 +1,14 @@
 # Logto Next.js SDK
+
 [![Version](https://img.shields.io/npm/v/@logto/next)](https://www.npmjs.com/package/@logto/next)
 [![Build Status](https://github.com/logto-io/js/actions/workflows/main.yml/badge.svg)](https://github.com/logto-io/js/actions/workflows/main.yml)
 [![Codecov](https://img.shields.io/codecov/c/github/logto-io/js)](https://app.codecov.io/gh/logto-io/js?branch=master)
 
-The Logto Next.js SDK written in TypeScript. Check out our [integration guide](https://docs.logto.io/docs/recipes/integrate-logto/next-js) or [docs](https://docs.logto.io/sdk/JavaScript/next/) for more information.
+The Logto Next.js SDK written in TypeScript.
+
+Check out our [docs](https://docs.logto.io/sdk/next) for more information.
+
+If you are using App Router and Server Actions, check out the [docs](https://docs.logto.io/sdk/next-app-router) for more information.
 
 ## Installation
 
@@ -25,18 +30,16 @@ yarn add @logto/next
 pnpm add @logto/next
 ```
 
-## Get sample
-
-A sample project can be found at [Next.js Sample](https://github.com/logto-io/js/tree/master/packages/next-sample)
+## Products
 
-Check out the source code and try it with ease.
-
-```bash
-pnpm i && pnpm start
-```
+| Name                  | Description                                   |
+| --------------------- | --------------------------------------------- |
+| @logto/next           | Traditional Next.js SDK using Page Router     |
+| @logto/edge           | Next.js SDK running in edge environment       |
+| @logto/server-actions | Next.js SDK for App Router and Server Actions |
 
 ## Resources
 
 [![Website](https://img.shields.io/badge/website-logto.io-8262F8.svg)](https://logto.io/)
-[![Docs](https://img.shields.io/badge/docs-logto.io-green.svg)](https://docs.logto.io/sdk/JavaScript/next/)
+[![Docs](https://img.shields.io/badge/docs-logto.io-green.svg)](https://docs.logto.io/)
 [![Discord](https://img.shields.io/discord/965845662535147551?logo=discord&logoColor=ffffff&color=7389D8&cacheSeconds=600)](https://discord.gg/UEPaF3j5e6)

package/lib/edge/index.cjs

@@ -3,9 +3,9 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 
 var cookies = require('@edge-runtime/cookies');
+var NodeClient$1 = require('@logto/node');
 var NodeClient = require('@logto/node/edge');
 var client = require('../src/client.cjs');
-var session = require('../src/session.cjs');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 
@@ -72,6 +72,7 @@ class LogtoClient extends client.default {
         this.getLogtoContext = async (request, config = {}) => {
             const { nodeClient } = await this.createNodeClientFromEdgeRequest(request);
             const context = await nodeClient.getContext(config);
+            await this.storage?.save();
             return context;
         };
     }
@@ -80,7 +81,7 @@ class LogtoClient extends client.default {
         const cookies$1 = new cookies.RequestCookies(request.headers);
         const headers = new Headers();
         const responseCookies = new cookies.ResponseCookies(headers);
-        const nodeClient = super.createNodeClient(await session.createSession({
+        const nodeClient = super.createNodeClient(await NodeClient$1.createSession({
             secret: this.config.cookieSecret,
             crypto,
         }, cookies$1.get(cookieName)?.value ?? '', (value) => {

package/lib/edge/index.js

@@ -1,7 +1,7 @@
 import { RequestCookies, ResponseCookies } from '@edge-runtime/cookies';
+import { createSession } from '@logto/node';
 import NodeClient from '@logto/node/edge';
 import LogtoNextBaseClient from '../src/client.js';
-import { createSession } from '../src/session.js';
 
 class LogtoClient extends LogtoNextBaseClient {
     constructor(config) {
@@ -64,6 +64,7 @@ class LogtoClient extends LogtoNextBaseClient {
         this.getLogtoContext = async (request, config = {}) => {
             const { nodeClient } = await this.createNodeClientFromEdgeRequest(request);
             const context = await nodeClient.getContext(config);
+            await this.storage?.save();
             return context;
         };
     }

package/lib/server-actions/index.cjs

@@ -2,9 +2,9 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
+var NodeClient$1 = require('@logto/node');
 var NodeClient = require('@logto/node/edge');
 var client = require('../src/client.cjs');
-var session = require('../src/session.cjs');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 
@@ -77,12 +77,12 @@ class LogtoClient extends client.default {
         return context;
     }
     async createNodeClientFromHeaders(cookie) {
-        const session$1 = await session.createSession({
+        const session = await NodeClient$1.createSession({
             secret: this.config.cookieSecret,
             crypto,
         }, cookie);
-        const nodeClient = super.createNodeClient(session$1);
-        return { nodeClient, session: session$1 };
+        const nodeClient = super.createNodeClient(session);
+        return { nodeClient, session };
     }
 }
 

package/lib/server-actions/index.d.ts

@@ -42,6 +42,6 @@ export default class LogtoClient extends BaseClient {
     getLogtoContext(cookie: string, config?: GetContextParameters): Promise<import("@logto/node").LogtoContext>;
     createNodeClientFromHeaders(cookie: string): Promise<{
         nodeClient: import("@logto/node").default;
-        session: import("../src/types.js").Session;
+        session: import("@logto/node").Session;
     }>;
 }

package/lib/server-actions/index.js

@@ -1,6 +1,6 @@
+import { createSession } from '@logto/node';
 import NodeClient from '@logto/node/edge';
 import LogtoNextBaseClient from '../src/client.js';
-import { createSession } from '../src/session.js';
 
 class LogtoClient extends LogtoNextBaseClient {
     constructor(config) {

package/lib/src/client.d.ts

@@ -1,5 +1,6 @@
+import { type Session } from '@logto/node';
 import NextStorage from './storage';
-import type { Adapters, LogtoNextConfig, Session } from './types';
+import type { Adapters, LogtoNextConfig } from './types';
 export default class LogtoNextBaseClient {
     protected readonly config: LogtoNextConfig;
     protected readonly adapters: Adapters;

package/lib/src/index.cjs

@@ -2,32 +2,11 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var crypto = require('crypto');
 var NodeClient = require('@logto/node');
 var client = require('./client.cjs');
-var session = require('./session.cjs');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 
-function _interopNamespace(e) {
-    if (e && e.__esModule) return e;
-    var n = Object.create(null);
-    if (e) {
-        Object.keys(e).forEach(function (k) {
-            if (k !== 'default') {
-                var d = Object.getOwnPropertyDescriptor(e, k);
-                Object.defineProperty(n, k, d.get ? d : {
-                    enumerable: true,
-                    get: function () { return e[k]; }
-                });
-            }
-        });
-    }
-    n.default = e;
-    return Object.freeze(n);
-}
-
-var crypto__namespace = /*#__PURE__*/_interopNamespace(crypto);
 var NodeClient__default = /*#__PURE__*/_interopDefault(NodeClient);
 
 class LogtoClient extends client.default {
@@ -85,6 +64,7 @@ class LogtoClient extends client.default {
         this.withLogtoApiRoute = (handler, config = {}) => async (request, response) => {
             const nodeClient = await this.createNodeClientFromNextApi(request, response);
             const user = await nodeClient.getContext(config);
+            await this.storage?.save();
             // eslint-disable-next-line @silverhand/fp/no-mutating-methods
             Object.defineProperty(request, 'user', { enumerable: true, get: () => user });
             return handler(request, response);
@@ -92,6 +72,7 @@ class LogtoClient extends client.default {
         this.withLogtoSsr = (handler, configs = {}) => async (context) => {
             const nodeClient = await this.createNodeClientFromNextApi(context.req, context.res);
             const user = await nodeClient.getContext(configs);
+            await this.storage?.save();
             // eslint-disable-next-line @silverhand/fp/no-mutating-methods
             Object.defineProperty(context.req, 'user', { enumerable: true, get: () => user });
             return handler(context);
@@ -99,9 +80,9 @@ class LogtoClient extends client.default {
     }
     async createNodeClientFromNextApi(request, response) {
         const cookieName = `logto:${this.config.appId}`;
-        return super.createNodeClient(await session.createSession({
+        return super.createNodeClient(await NodeClient.createSession({
             secret: this.config.cookieSecret,
-            crypto: crypto__namespace,
+            crypto,
         }, request.cookies[cookieName] ?? '', (value) => {
             const secure = this.config.cookieSecure;
             const maxAge = 14 * 3600 * 24;
@@ -110,51 +91,51 @@ class LogtoClient extends client.default {
     }
 }
 
-Object.defineProperty(exports, 'LogtoClientError', {
+Object.defineProperty(exports, "LogtoClientError", {
     enumerable: true,
     get: function () { return NodeClient.LogtoClientError; }
 });
-Object.defineProperty(exports, 'LogtoError', {
+Object.defineProperty(exports, "LogtoError", {
     enumerable: true,
     get: function () { return NodeClient.LogtoError; }
 });
-Object.defineProperty(exports, 'LogtoRequestError', {
+Object.defineProperty(exports, "LogtoRequestError", {
     enumerable: true,
     get: function () { return NodeClient.LogtoRequestError; }
 });
-Object.defineProperty(exports, 'OidcError', {
+Object.defineProperty(exports, "OidcError", {
     enumerable: true,
     get: function () { return NodeClient.OidcError; }
 });
-Object.defineProperty(exports, 'PersistKey', {
+Object.defineProperty(exports, "PersistKey", {
     enumerable: true,
     get: function () { return NodeClient.PersistKey; }
 });
-Object.defineProperty(exports, 'Prompt', {
+Object.defineProperty(exports, "Prompt", {
     enumerable: true,
     get: function () { return NodeClient.Prompt; }
 });
-Object.defineProperty(exports, 'ReservedResource', {
+Object.defineProperty(exports, "ReservedResource", {
     enumerable: true,
     get: function () { return NodeClient.ReservedResource; }
 });
-Object.defineProperty(exports, 'ReservedScope', {
+Object.defineProperty(exports, "ReservedScope", {
     enumerable: true,
     get: function () { return NodeClient.ReservedScope; }
 });
-Object.defineProperty(exports, 'UserScope', {
+Object.defineProperty(exports, "UserScope", {
     enumerable: true,
     get: function () { return NodeClient.UserScope; }
 });
-Object.defineProperty(exports, 'buildOrganizationUrn', {
+Object.defineProperty(exports, "buildOrganizationUrn", {
     enumerable: true,
     get: function () { return NodeClient.buildOrganizationUrn; }
 });
-Object.defineProperty(exports, 'getOrganizationIdFromUrn', {
+Object.defineProperty(exports, "getOrganizationIdFromUrn", {
     enumerable: true,
     get: function () { return NodeClient.getOrganizationIdFromUrn; }
 });
-Object.defineProperty(exports, 'organizationUrnPrefix', {
+Object.defineProperty(exports, "organizationUrnPrefix", {
     enumerable: true,
     get: function () { return NodeClient.organizationUrnPrefix; }
 });

package/lib/src/index.d.ts

@@ -1,4 +1,7 @@
 /// <reference types="node" />
+/// <reference types="node/http.js" />
+/// <reference types="@logto/node/lib/src/types.js" />
+/// <reference types="@logto/node/src/types.js" />
 import { type IncomingMessage, type ServerResponse } from 'http';
 import NodeClient, { type GetContextParameters, type InteractionMode } from '@logto/node';
 import { type GetServerSidePropsResult, type GetServerSidePropsContext, type NextApiHandler } from 'next';

package/lib/src/index.js

@@ -1,8 +1,6 @@
-import * as crypto from 'crypto';
-import NodeClient from '@logto/node';
+import NodeClient, { createSession } from '@logto/node';
 export { LogtoClientError, LogtoError, LogtoRequestError, OidcError, PersistKey, Prompt, ReservedResource, ReservedScope, UserScope, buildOrganizationUrn, getOrganizationIdFromUrn, organizationUrnPrefix } from '@logto/node';
 import LogtoNextBaseClient from './client.js';
-import { createSession } from './session.js';
 
 class LogtoClient extends LogtoNextBaseClient {
     constructor(config) {
@@ -59,6 +57,7 @@ class LogtoClient extends LogtoNextBaseClient {
         this.withLogtoApiRoute = (handler, config = {}) => async (request, response) => {
             const nodeClient = await this.createNodeClientFromNextApi(request, response);
             const user = await nodeClient.getContext(config);
+            await this.storage?.save();
             // eslint-disable-next-line @silverhand/fp/no-mutating-methods
             Object.defineProperty(request, 'user', { enumerable: true, get: () => user });
             return handler(request, response);
@@ -66,6 +65,7 @@ class LogtoClient extends LogtoNextBaseClient {
         this.withLogtoSsr = (handler, configs = {}) => async (context) => {
             const nodeClient = await this.createNodeClientFromNextApi(context.req, context.res);
             const user = await nodeClient.getContext(configs);
+            await this.storage?.save();
             // eslint-disable-next-line @silverhand/fp/no-mutating-methods
             Object.defineProperty(context.req, 'user', { enumerable: true, get: () => user });
             return handler(context);

package/lib/src/storage.d.ts

@@ -1,6 +1,5 @@
-import { type Storage } from '@logto/node';
+import { type Session, type Storage } from '@logto/node';
 import { PersistKey } from '@logto/node/edge';
-import { type Session } from './types';
 export default class NextStorage implements Storage<PersistKey> {
     private readonly session;
     private sessionChanged;

package/lib/src/types.d.ts

@@ -1,15 +1,5 @@
-import type { LogtoConfig, PersistKey } from '@logto/node';
+import type { LogtoConfig } from '@logto/node';
 import type NodeClient from '@logto/node';
-export type SessionData = {
-    [PersistKey.AccessToken]?: string;
-    [PersistKey.IdToken]?: string;
-    [PersistKey.SignInSession]?: string;
-    [PersistKey.RefreshToken]?: string;
-};
-export type Session = SessionData & {
-    save: () => Promise<void>;
-    getValues?: () => Promise<string>;
-};
 export type LogtoNextConfig = LogtoConfig & {
     cookieSecret: string;
     cookieSecure: boolean;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/next",
-  "version": "2.4.0",
+  "version": "3.0.0",
   "type": "module",
   "main": "./lib/src/index.cjs",
   "module": "./lib/src/index.js",
@@ -46,7 +46,7 @@
   },
   "dependencies": {
     "@edge-runtime/cookies": "^4.0.0",
-    "@logto/node": "^2.2.0"
+    "@logto/node": "^2.4.0"
   },
   "devDependencies": {
     "@silverhand/eslint-config": "^5.0.0",
@@ -65,7 +65,7 @@
     "prettier": "^3.0.0",
     "react": "^18.2.0",
     "react-dom": "^18.2.0",
-    "typescript": "^5.0.0"
+    "typescript": "^5.3.3"
   },
   "peerDependencies": {
     "next": ">=12"

package/lib/src/session.cjs

@@ -1,73 +0,0 @@
-'use strict';
-
-async function getKeyFromPassword(password, crypto) {
-    const encoder = new TextEncoder();
-    const data = encoder.encode(password);
-    const hash = await crypto.subtle.digest('SHA-256', data);
-    // Convert the hash to a hex string
-    return Array.from(new Uint8Array(hash))
-        .map((byte) => byte.toString(16).padStart(2, '0'))
-        .join('');
-}
-async function encrypt(text, password, crypto) {
-    const iv = crypto.getRandomValues(new Uint8Array(12));
-    const encodedPlaintext = new TextEncoder().encode(text);
-    const secretKey = await crypto.subtle.importKey('raw', Buffer.from(await getKeyFromPassword(password, crypto), 'hex'), {
-        name: 'AES-GCM',
-        length: 256,
-    }, true, ['encrypt', 'decrypt']);
-    const ciphertext = await crypto.subtle.encrypt({
-        name: 'AES-GCM',
-        iv,
-    }, secretKey, encodedPlaintext);
-    return {
-        ciphertext: Buffer.from(ciphertext).toString('base64'),
-        iv: Buffer.from(iv).toString('base64'),
-    };
-}
-async function decrypt(ciphertext, iv, password, crypto) {
-    const secretKey = await crypto.subtle.importKey('raw', Buffer.from(await getKeyFromPassword(password, crypto), 'hex'), {
-        name: 'AES-GCM',
-        length: 256,
-    }, true, ['encrypt', 'decrypt']);
-    const cleartext = await crypto.subtle.decrypt({
-        name: 'AES-GCM',
-        iv: Buffer.from(iv, 'base64'),
-    }, secretKey, Buffer.from(ciphertext, 'base64'));
-    return new TextDecoder().decode(cleartext);
-}
-const unwrapSession = async (cookie, secret, crypto) => {
-    try {
-        const [ciphertext, iv] = cookie.split('.');
-        if (!ciphertext || !iv) {
-            return {};
-        }
-        const decrypted = await decrypt(ciphertext, iv, secret, crypto);
-        // eslint-disable-next-line no-restricted-syntax
-        return JSON.parse(decrypted);
-    }
-    catch {
-        // Ignore invalid session
-    }
-    return {};
-};
-const wrapSession = async (session, secret, crypto) => {
-    const { ciphertext, iv } = await encrypt(JSON.stringify(session), secret, crypto);
-    return `${ciphertext}.${iv}`;
-};
-const createSession = async ({ secret, crypto }, cookie, setCookie) => {
-    const data = await unwrapSession(cookie, secret, crypto);
-    const getValues = async () => wrapSession(session, secret, crypto);
-    const session = {
-        ...data,
-        save: async () => {
-            setCookie?.(await getValues());
-        },
-        getValues,
-    };
-    return session;
-};
-
-exports.createSession = createSession;
-exports.unwrapSession = unwrapSession;
-exports.wrapSession = wrapSession;

package/lib/src/session.d.ts

@@ -1,9 +0,0 @@
-import { type SessionData, type Session } from './types';
-export declare const unwrapSession: (cookie: string, secret: string, crypto: Crypto) => Promise<SessionData>;
-export declare const wrapSession: (session: SessionData, secret: string, crypto: Crypto) => Promise<string>;
-type SessionConfigs = {
-    secret: string;
-    crypto: Crypto;
-};
-export declare const createSession: ({ secret, crypto }: SessionConfigs, cookie: string, setCookie?: ((value: string) => void) | undefined) => Promise<Session>;
-export {};

package/lib/src/session.js

@@ -1,69 +0,0 @@
-async function getKeyFromPassword(password, crypto) {
-    const encoder = new TextEncoder();
-    const data = encoder.encode(password);
-    const hash = await crypto.subtle.digest('SHA-256', data);
-    // Convert the hash to a hex string
-    return Array.from(new Uint8Array(hash))
-        .map((byte) => byte.toString(16).padStart(2, '0'))
-        .join('');
-}
-async function encrypt(text, password, crypto) {
-    const iv = crypto.getRandomValues(new Uint8Array(12));
-    const encodedPlaintext = new TextEncoder().encode(text);
-    const secretKey = await crypto.subtle.importKey('raw', Buffer.from(await getKeyFromPassword(password, crypto), 'hex'), {
-        name: 'AES-GCM',
-        length: 256,
-    }, true, ['encrypt', 'decrypt']);
-    const ciphertext = await crypto.subtle.encrypt({
-        name: 'AES-GCM',
-        iv,
-    }, secretKey, encodedPlaintext);
-    return {
-        ciphertext: Buffer.from(ciphertext).toString('base64'),
-        iv: Buffer.from(iv).toString('base64'),
-    };
-}
-async function decrypt(ciphertext, iv, password, crypto) {
-    const secretKey = await crypto.subtle.importKey('raw', Buffer.from(await getKeyFromPassword(password, crypto), 'hex'), {
-        name: 'AES-GCM',
-        length: 256,
-    }, true, ['encrypt', 'decrypt']);
-    const cleartext = await crypto.subtle.decrypt({
-        name: 'AES-GCM',
-        iv: Buffer.from(iv, 'base64'),
-    }, secretKey, Buffer.from(ciphertext, 'base64'));
-    return new TextDecoder().decode(cleartext);
-}
-const unwrapSession = async (cookie, secret, crypto) => {
-    try {
-        const [ciphertext, iv] = cookie.split('.');
-        if (!ciphertext || !iv) {
-            return {};
-        }
-        const decrypted = await decrypt(ciphertext, iv, secret, crypto);
-        // eslint-disable-next-line no-restricted-syntax
-        return JSON.parse(decrypted);
-    }
-    catch {
-        // Ignore invalid session
-    }
-    return {};
-};
-const wrapSession = async (session, secret, crypto) => {
-    const { ciphertext, iv } = await encrypt(JSON.stringify(session), secret, crypto);
-    return `${ciphertext}.${iv}`;
-};
-const createSession = async ({ secret, crypto }, cookie, setCookie) => {
-    const data = await unwrapSession(cookie, secret, crypto);
-    const getValues = async () => wrapSession(session, secret, crypto);
-    const session = {
-        ...data,
-        save: async () => {
-            setCookie?.(await getValues());
-        },
-        getValues,
-    };
-    return session;
-};
-
-export { createSession, unwrapSession, wrapSession };

package/lib/src/session.test.d.ts

@@ -1 +0,0 @@
-export {};