@logto/next 3.0.0 → 3.1.1

package/lib/edge/index.cjs

@@ -88,6 +88,7 @@ class LogtoClient extends client.default {
             responseCookies.set(cookieName, value, {
                 maxAge: 14 * 3600 * 24,
                 secure: this.config.cookieSecure,
+                sameSite: this.config.cookieSecure ? 'lax' : undefined,
             });
         }));
         return { nodeClient, headers };

package/lib/edge/index.js

@@ -80,6 +80,7 @@ class LogtoClient extends LogtoNextBaseClient {
             responseCookies.set(cookieName, value, {
                 maxAge: 14 * 3600 * 24,
                 secure: this.config.cookieSecure,
+                sameSite: this.config.cookieSecure ? 'lax' : undefined,
             });
         }));
         return { nodeClient, headers };

package/lib/server-actions/client.cjs

@@ -0,0 +1,89 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var NodeClient$1 = require('@logto/node');
+var NodeClient = require('@logto/node/edge');
+var client = require('../src/client.cjs');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var NodeClient__default = /*#__PURE__*/_interopDefault(NodeClient);
+
+class LogtoClient extends client.default {
+    constructor(config) {
+        super(config, {
+            NodeClient: NodeClient__default.default,
+        });
+    }
+    /**
+     * Init sign-in and return the url to redirect to Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param redirectUri the uri (callbackUri) to redirect to after sign in
+     * @param interactionMode OIDC interaction mode
+     * @returns the url to redirect to and new cookie if any
+     */
+    async handleSignIn(cookie, redirectUri, interactionMode) {
+        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
+        await nodeClient.signIn(redirectUri, interactionMode);
+        if (!this.navigateUrl) {
+            // Not expected to happen
+            throw new Error('navigateUrl is not set');
+        }
+        return {
+            url: this.navigateUrl,
+            newCookie: await session.getValues?.(),
+        };
+    }
+    /**
+     * Init sign-out and return the url to redirect to Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param redirectUri the uri (postSignOutUri) to redirect to after sign out
+     * @returns the url to redirect to
+     */
+    async handleSignOut(cookie, redirectUri = this.config.baseUrl) {
+        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
+        await nodeClient.signOut(redirectUri);
+        if (!this.navigateUrl) {
+            // Not expected to happen
+            throw new Error('navigateUrl is not set');
+        }
+        return this.navigateUrl;
+    }
+    /**
+     * Handle sign-in callback from Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param callbackUrl the uri (callbackUri) to redirect to after sign in, should match the one used in handleSignIn
+     * @returns new cookie if any
+     */
+    async handleSignInCallback(cookie, callbackUrl) {
+        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
+        await nodeClient.handleSignInCallback(callbackUrl);
+        return session.getValues?.();
+    }
+    /**
+     * Get Logto context from cookies.
+     *
+     * @param cookie the raw cookie string
+     * @param config additional configs of GetContextParameters
+     * @returns LogtoContext
+     */
+    async getLogtoContext(cookie, config = {}) {
+        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
+        const context = await nodeClient.getContext(config);
+        return context;
+    }
+    async createNodeClientFromHeaders(cookie) {
+        const session = await NodeClient$1.createSession({
+            secret: this.config.cookieSecret,
+            crypto,
+        }, cookie);
+        const nodeClient = super.createNodeClient(session);
+        return { nodeClient, session };
+    }
+}
+
+exports.default = LogtoClient;

package/lib/server-actions/client.d.ts

@@ -0,0 +1,47 @@
+import { type GetContextParameters, type InteractionMode } from '@logto/node';
+import BaseClient from '../src/client';
+import type { LogtoNextConfig } from '../src/types.js';
+export type { LogtoContext, InteractionMode } from '@logto/node';
+export default class LogtoClient extends BaseClient {
+    constructor(config: LogtoNextConfig);
+    /**
+     * Init sign-in and return the url to redirect to Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param redirectUri the uri (callbackUri) to redirect to after sign in
+     * @param interactionMode OIDC interaction mode
+     * @returns the url to redirect to and new cookie if any
+     */
+    handleSignIn(cookie: string, redirectUri: string, interactionMode?: InteractionMode): Promise<{
+        url: string;
+        newCookie?: string;
+    }>;
+    /**
+     * Init sign-out and return the url to redirect to Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param redirectUri the uri (postSignOutUri) to redirect to after sign out
+     * @returns the url to redirect to
+     */
+    handleSignOut(cookie: string, redirectUri?: string): Promise<string>;
+    /**
+     * Handle sign-in callback from Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param callbackUrl the uri (callbackUri) to redirect to after sign in, should match the one used in handleSignIn
+     * @returns new cookie if any
+     */
+    handleSignInCallback(cookie: string, callbackUrl: string): Promise<string | undefined>;
+    /**
+     * Get Logto context from cookies.
+     *
+     * @param cookie the raw cookie string
+     * @param config additional configs of GetContextParameters
+     * @returns LogtoContext
+     */
+    getLogtoContext(cookie: string, config?: GetContextParameters): Promise<import("@logto/node").LogtoContext>;
+    createNodeClientFromHeaders(cookie: string): Promise<{
+        nodeClient: import("@logto/node").default;
+        session: import("@logto/node").Session;
+    }>;
+}

package/lib/server-actions/client.js

@@ -0,0 +1,81 @@
+import { createSession } from '@logto/node';
+import NodeClient from '@logto/node/edge';
+import LogtoNextBaseClient from '../src/client.js';
+
+class LogtoClient extends LogtoNextBaseClient {
+    constructor(config) {
+        super(config, {
+            NodeClient,
+        });
+    }
+    /**
+     * Init sign-in and return the url to redirect to Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param redirectUri the uri (callbackUri) to redirect to after sign in
+     * @param interactionMode OIDC interaction mode
+     * @returns the url to redirect to and new cookie if any
+     */
+    async handleSignIn(cookie, redirectUri, interactionMode) {
+        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
+        await nodeClient.signIn(redirectUri, interactionMode);
+        if (!this.navigateUrl) {
+            // Not expected to happen
+            throw new Error('navigateUrl is not set');
+        }
+        return {
+            url: this.navigateUrl,
+            newCookie: await session.getValues?.(),
+        };
+    }
+    /**
+     * Init sign-out and return the url to redirect to Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param redirectUri the uri (postSignOutUri) to redirect to after sign out
+     * @returns the url to redirect to
+     */
+    async handleSignOut(cookie, redirectUri = this.config.baseUrl) {
+        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
+        await nodeClient.signOut(redirectUri);
+        if (!this.navigateUrl) {
+            // Not expected to happen
+            throw new Error('navigateUrl is not set');
+        }
+        return this.navigateUrl;
+    }
+    /**
+     * Handle sign-in callback from Logto.
+     *
+     * @param cookie the raw cookie string
+     * @param callbackUrl the uri (callbackUri) to redirect to after sign in, should match the one used in handleSignIn
+     * @returns new cookie if any
+     */
+    async handleSignInCallback(cookie, callbackUrl) {
+        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
+        await nodeClient.handleSignInCallback(callbackUrl);
+        return session.getValues?.();
+    }
+    /**
+     * Get Logto context from cookies.
+     *
+     * @param cookie the raw cookie string
+     * @param config additional configs of GetContextParameters
+     * @returns LogtoContext
+     */
+    async getLogtoContext(cookie, config = {}) {
+        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
+        const context = await nodeClient.getContext(config);
+        return context;
+    }
+    async createNodeClientFromHeaders(cookie) {
+        const session = await createSession({
+            secret: this.config.cookieSecret,
+            crypto,
+        }, cookie);
+        const nodeClient = super.createNodeClient(session);
+        return { nodeClient, session };
+    }
+}
+
+export { LogtoClient as default };

package/lib/server-actions/cookie.cjs

@@ -0,0 +1,17 @@
+'use strict';
+
+const getCookies = async (config) => {
+    const { cookies } = await import('next/headers');
+    return cookies().get(`logto:${config.appId}`)?.value ?? '';
+};
+const setCookies = async (newCookie, config) => {
+    const { cookies } = await import('next/headers');
+    cookies().set(`logto:${config.appId}`, newCookie, {
+        maxAge: 14 * 3600 * 24,
+        secure: config.cookieSecure,
+        sameSite: config.cookieSecure ? 'lax' : undefined,
+    });
+};
+
+exports.getCookies = getCookies;
+exports.setCookies = setCookies;

package/lib/server-actions/cookie.d.ts

@@ -0,0 +1,3 @@
+import { type LogtoNextConfig } from '../src/types';
+export declare const getCookies: (config: LogtoNextConfig) => Promise<string>;
+export declare const setCookies: (newCookie: string, config: LogtoNextConfig) => Promise<void>;

package/lib/server-actions/cookie.js

@@ -0,0 +1,14 @@
+const getCookies = async (config) => {
+    const { cookies } = await import('next/headers');
+    return cookies().get(`logto:${config.appId}`)?.value ?? '';
+};
+const setCookies = async (newCookie, config) => {
+    const { cookies } = await import('next/headers');
+    cookies().set(`logto:${config.appId}`, newCookie, {
+        maxAge: 14 * 3600 * 24,
+        secure: config.cookieSecure,
+        sameSite: config.cookieSecure ? 'lax' : undefined,
+    });
+};
+
+export { getCookies, setCookies };

package/lib/server-actions/index.cjs

@@ -2,88 +2,68 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var NodeClient$1 = require('@logto/node');
-var NodeClient = require('@logto/node/edge');
-var client = require('../src/client.cjs');
+var navigation = require('next/navigation');
+var client = require('./client.cjs');
+var cookie = require('./cookie.cjs');
 
-function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
-
-var NodeClient__default = /*#__PURE__*/_interopDefault(NodeClient);
-
-class LogtoClient extends client.default {
-    constructor(config) {
-        super(config, {
-            NodeClient: NodeClient__default.default,
-        });
-    }
-    /**
-     * Init sign-in and return the url to redirect to Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param redirectUri the uri (callbackUri) to redirect to after sign in
-     * @param interactionMode OIDC interaction mode
-     * @returns the url to redirect to and new cookie if any
-     */
-    async handleSignIn(cookie, redirectUri, interactionMode) {
-        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
-        await nodeClient.signIn(redirectUri, interactionMode);
-        if (!this.navigateUrl) {
-            // Not expected to happen
-            throw new Error('navigateUrl is not set');
-        }
-        return {
-            url: this.navigateUrl,
-            newCookie: await session.getValues?.(),
-        };
-    }
-    /**
-     * Init sign-out and return the url to redirect to Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param redirectUri the uri (postSignOutUri) to redirect to after sign out
-     * @returns the url to redirect to
-     */
-    async handleSignOut(cookie, redirectUri = this.config.baseUrl) {
-        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
-        await nodeClient.signOut(redirectUri);
-        if (!this.navigateUrl) {
-            // Not expected to happen
-            throw new Error('navigateUrl is not set');
-        }
-        return this.navigateUrl;
-    }
-    /**
-     * Handle sign-in callback from Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param callbackUrl the uri (callbackUri) to redirect to after sign in, should match the one used in handleSignIn
-     * @returns new cookie if any
-     */
-    async handleSignInCallback(cookie, callbackUrl) {
-        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
-        await nodeClient.handleSignInCallback(callbackUrl);
-        return session.getValues?.();
+/**
+ * Init sign in process and redirect to the Logto sign-in page
+ */
+const signIn = async (config, redirectUri, interactionMode) => {
+    const client$1 = new client.default(config);
+    const { url, newCookie } = await client$1.handleSignIn(await cookie.getCookies(config), redirectUri ?? `${config.baseUrl}/callback`, interactionMode);
+    if (newCookie) {
+        await cookie.setCookies(newCookie, config);
     }
-    /**
-     * Get Logto context from cookies.
-     *
-     * @param cookie the raw cookie string
-     * @param config additional configs of GetContextParameters
-     * @returns LogtoContext
-     */
-    async getLogtoContext(cookie, config = {}) {
-        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
-        const context = await nodeClient.getContext(config);
-        return context;
+    navigation.redirect(url);
+};
+/**
+ * Handle sign in callback from search params, save tokens to session
+ */
+const handleSignIn = async (config, searchParams) => {
+    const search = searchParams.toString();
+    const client$1 = new client.default(config);
+    const newCookie = await client$1.handleSignInCallback(await cookie.getCookies(config), `${config.baseUrl}/callback?${search}`);
+    if (newCookie) {
+        await cookie.setCookies(newCookie, config);
     }
-    async createNodeClientFromHeaders(cookie) {
-        const session = await NodeClient$1.createSession({
-            secret: this.config.cookieSecret,
-            crypto,
-        }, cookie);
-        const nodeClient = super.createNodeClient(session);
-        return { nodeClient, session };
+};
+/**
+ * Init sign out process, clear session, and redirect to the Logto sign-out page
+ */
+const signOut = async (config, redirectUri) => {
+    const client$1 = new client.default(config);
+    const url = await client$1.handleSignOut(await cookie.getCookies(config), redirectUri);
+    await cookie.setCookies('', config);
+    navigation.redirect(url);
+};
+/**
+ * Get Logto context from session, including auth status and claims
+ */
+const getLogtoContext = async (config, getContextParameters) => {
+    const client$1 = new client.default(config);
+    return client$1.getLogtoContext(await cookie.getCookies(config), getContextParameters);
+};
+/**
+ * Get organization tokens from session
+ */
+const getOrganizationTokens = async (config) => {
+    const { isAuthenticated } = await getLogtoContext(config);
+    if (!isAuthenticated) {
+        return [];
     }
-}
+    const client$1 = new client.default(config);
+    const { nodeClient } = await client$1.createNodeClientFromHeaders(await cookie.getCookies(config));
+    const { organizations = [] } = await nodeClient.getIdTokenClaims();
+    return Promise.all(organizations.map(async (organizationId) => ({
+        id: organizationId,
+        token: await nodeClient.getOrganizationToken(organizationId),
+    })));
+};
 
-exports.default = LogtoClient;
+exports.default = client.default;
+exports.getLogtoContext = getLogtoContext;
+exports.getOrganizationTokens = getOrganizationTokens;
+exports.handleSignIn = handleSignIn;
+exports.signIn = signIn;
+exports.signOut = signOut;

package/lib/server-actions/index.d.ts

@@ -1,47 +1,27 @@
-import { type GetContextParameters, type InteractionMode } from '@logto/node';
-import BaseClient from '../src/client';
+import { type LogtoContext, type GetContextParameters, type InteractionMode } from '@logto/node';
 import type { LogtoNextConfig } from '../src/types.js';
 export type { LogtoContext, InteractionMode } from '@logto/node';
-export default class LogtoClient extends BaseClient {
-    constructor(config: LogtoNextConfig);
-    /**
-     * Init sign-in and return the url to redirect to Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param redirectUri the uri (callbackUri) to redirect to after sign in
-     * @param interactionMode OIDC interaction mode
-     * @returns the url to redirect to and new cookie if any
-     */
-    handleSignIn(cookie: string, redirectUri: string, interactionMode?: InteractionMode): Promise<{
-        url: string;
-        newCookie?: string;
-    }>;
-    /**
-     * Init sign-out and return the url to redirect to Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param redirectUri the uri (postSignOutUri) to redirect to after sign out
-     * @returns the url to redirect to
-     */
-    handleSignOut(cookie: string, redirectUri?: string): Promise<string>;
-    /**
-     * Handle sign-in callback from Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param callbackUrl the uri (callbackUri) to redirect to after sign in, should match the one used in handleSignIn
-     * @returns new cookie if any
-     */
-    handleSignInCallback(cookie: string, callbackUrl: string): Promise<string | undefined>;
-    /**
-     * Get Logto context from cookies.
-     *
-     * @param cookie the raw cookie string
-     * @param config additional configs of GetContextParameters
-     * @returns LogtoContext
-     */
-    getLogtoContext(cookie: string, config?: GetContextParameters): Promise<import("@logto/node").LogtoContext>;
-    createNodeClientFromHeaders(cookie: string): Promise<{
-        nodeClient: import("@logto/node").default;
-        session: import("@logto/node").Session;
-    }>;
-}
+/**
+ * Init sign in process and redirect to the Logto sign-in page
+ */
+export declare const signIn: (config: LogtoNextConfig, redirectUri?: string, interactionMode?: InteractionMode) => Promise<void>;
+/**
+ * Handle sign in callback from search params, save tokens to session
+ */
+export declare const handleSignIn: (config: LogtoNextConfig, searchParams: URLSearchParams) => Promise<void>;
+/**
+ * Init sign out process, clear session, and redirect to the Logto sign-out page
+ */
+export declare const signOut: (config: LogtoNextConfig, redirectUri?: string) => Promise<void>;
+/**
+ * Get Logto context from session, including auth status and claims
+ */
+export declare const getLogtoContext: (config: LogtoNextConfig, getContextParameters?: GetContextParameters) => Promise<LogtoContext>;
+/**
+ * Get organization tokens from session
+ */
+export declare const getOrganizationTokens: (config: LogtoNextConfig) => Promise<{
+    id: string;
+    token: string;
+}[]>;
+export { default } from './client';

package/lib/server-actions/index.js

@@ -1,81 +1,60 @@
-import { createSession } from '@logto/node';
-import NodeClient from '@logto/node/edge';
-import LogtoNextBaseClient from '../src/client.js';
+import { redirect } from 'next/navigation';
+import LogtoClient from './client.js';
+import { getCookies, setCookies } from './cookie.js';
 
-class LogtoClient extends LogtoNextBaseClient {
-    constructor(config) {
-        super(config, {
-            NodeClient,
-        });
+/**
+ * Init sign in process and redirect to the Logto sign-in page
+ */
+const signIn = async (config, redirectUri, interactionMode) => {
+    const client = new LogtoClient(config);
+    const { url, newCookie } = await client.handleSignIn(await getCookies(config), redirectUri ?? `${config.baseUrl}/callback`, interactionMode);
+    if (newCookie) {
+        await setCookies(newCookie, config);
     }
-    /**
-     * Init sign-in and return the url to redirect to Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param redirectUri the uri (callbackUri) to redirect to after sign in
-     * @param interactionMode OIDC interaction mode
-     * @returns the url to redirect to and new cookie if any
-     */
-    async handleSignIn(cookie, redirectUri, interactionMode) {
-        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
-        await nodeClient.signIn(redirectUri, interactionMode);
-        if (!this.navigateUrl) {
-            // Not expected to happen
-            throw new Error('navigateUrl is not set');
-        }
-        return {
-            url: this.navigateUrl,
-            newCookie: await session.getValues?.(),
-        };
+    redirect(url);
+};
+/**
+ * Handle sign in callback from search params, save tokens to session
+ */
+const handleSignIn = async (config, searchParams) => {
+    const search = searchParams.toString();
+    const client = new LogtoClient(config);
+    const newCookie = await client.handleSignInCallback(await getCookies(config), `${config.baseUrl}/callback?${search}`);
+    if (newCookie) {
+        await setCookies(newCookie, config);
     }
-    /**
-     * Init sign-out and return the url to redirect to Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param redirectUri the uri (postSignOutUri) to redirect to after sign out
-     * @returns the url to redirect to
-     */
-    async handleSignOut(cookie, redirectUri = this.config.baseUrl) {
-        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
-        await nodeClient.signOut(redirectUri);
-        if (!this.navigateUrl) {
-            // Not expected to happen
-            throw new Error('navigateUrl is not set');
-        }
-        return this.navigateUrl;
+};
+/**
+ * Init sign out process, clear session, and redirect to the Logto sign-out page
+ */
+const signOut = async (config, redirectUri) => {
+    const client = new LogtoClient(config);
+    const url = await client.handleSignOut(await getCookies(config), redirectUri);
+    await setCookies('', config);
+    redirect(url);
+};
+/**
+ * Get Logto context from session, including auth status and claims
+ */
+const getLogtoContext = async (config, getContextParameters) => {
+    const client = new LogtoClient(config);
+    return client.getLogtoContext(await getCookies(config), getContextParameters);
+};
+/**
+ * Get organization tokens from session
+ */
+const getOrganizationTokens = async (config) => {
+    const { isAuthenticated } = await getLogtoContext(config);
+    if (!isAuthenticated) {
+        return [];
     }
-    /**
-     * Handle sign-in callback from Logto.
-     *
-     * @param cookie the raw cookie string
-     * @param callbackUrl the uri (callbackUri) to redirect to after sign in, should match the one used in handleSignIn
-     * @returns new cookie if any
-     */
-    async handleSignInCallback(cookie, callbackUrl) {
-        const { nodeClient, session } = await this.createNodeClientFromHeaders(cookie);
-        await nodeClient.handleSignInCallback(callbackUrl);
-        return session.getValues?.();
-    }
-    /**
-     * Get Logto context from cookies.
-     *
-     * @param cookie the raw cookie string
-     * @param config additional configs of GetContextParameters
-     * @returns LogtoContext
-     */
-    async getLogtoContext(cookie, config = {}) {
-        const { nodeClient } = await this.createNodeClientFromHeaders(cookie);
-        const context = await nodeClient.getContext(config);
-        return context;
-    }
-    async createNodeClientFromHeaders(cookie) {
-        const session = await createSession({
-            secret: this.config.cookieSecret,
-            crypto,
-        }, cookie);
-        const nodeClient = super.createNodeClient(session);
-        return { nodeClient, session };
-    }
-}
+    const client = new LogtoClient(config);
+    const { nodeClient } = await client.createNodeClientFromHeaders(await getCookies(config));
+    const { organizations = [] } = await nodeClient.getIdTokenClaims();
+    return Promise.all(organizations.map(async (organizationId) => ({
+        id: organizationId,
+        token: await nodeClient.getOrganizationToken(organizationId),
+    })));
+};
 
-export { LogtoClient as default };
+export { LogtoClient as default, getLogtoContext, getOrganizationTokens, handleSignIn, signIn, signOut };

package/lib/src/index.cjs

@@ -86,7 +86,7 @@ class LogtoClient extends client.default {
         }, request.cookies[cookieName] ?? '', (value) => {
             const secure = this.config.cookieSecure;
             const maxAge = 14 * 3600 * 24;
-            response.setHeader('Set-Cookie', `${cookieName}=${value}; Path=/; Max-Age=${maxAge}; ${secure ? 'Secure; SameSite=None' : ''}`);
+            response.setHeader('Set-Cookie', `${cookieName}=${value}; Path=/; Max-Age=${maxAge}; ${secure ? 'Secure; SameSite=Lax' : ''}`);
         }));
     }
 }

package/lib/src/index.d.ts

@@ -1,8 +1,5 @@
 /// <reference types="node" />
-/// <reference types="node/http.js" />
-/// <reference types="@logto/node/lib/src/types.js" />
-/// <reference types="@logto/node/src/types.js" />
-import { type IncomingMessage, type ServerResponse } from 'http';
+import { type IncomingMessage, type ServerResponse } from 'node:http';
 import NodeClient, { type GetContextParameters, type InteractionMode } from '@logto/node';
 import { type GetServerSidePropsResult, type GetServerSidePropsContext, type NextApiHandler } from 'next';
 import { type NextApiRequestCookies } from 'next/dist/server/api-utils/index.js';

package/lib/src/index.js

@@ -79,7 +79,7 @@ class LogtoClient extends LogtoNextBaseClient {
         }, request.cookies[cookieName] ?? '', (value) => {
             const secure = this.config.cookieSecure;
             const maxAge = 14 * 3600 * 24;
-            response.setHeader('Set-Cookie', `${cookieName}=${value}; Path=/; Max-Age=${maxAge}; ${secure ? 'Secure; SameSite=None' : ''}`);
+            response.setHeader('Set-Cookie', `${cookieName}=${value}; Path=/; Max-Age=${maxAge}; ${secure ? 'Secure; SameSite=Lax' : ''}`);
         }));
     }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/next",
-  "version": "3.0.0",
+  "version": "3.1.1",
   "type": "module",
   "main": "./lib/src/index.cjs",
   "module": "./lib/src/index.js",
@@ -60,8 +60,8 @@
     "jest-location-mock": "^2.0.0",
     "jest-matcher-specific-error": "^1.0.0",
     "lint-staged": "^15.0.0",
-    "next": "^13.5.3",
-    "next-test-api-route-handler": "^3.1.10",
+    "next": "^14.0.0",
+    "next-test-api-route-handler": "^4.0.0",
     "prettier": "^3.0.0",
     "react": "^18.2.0",
     "react-dom": "^18.2.0",
@@ -71,10 +71,7 @@
     "next": ">=12"
   },
   "eslintConfig": {
-    "extends": "@silverhand",
-    "rules": {
-      "unicorn/prefer-node-protocol": "off"
-    }
+    "extends": "@silverhand"
   },
   "prettier": "@silverhand/eslint-config/.prettierrc",
   "publishConfig": {