npm - @mikandev/next-discord-auth - Versions diffs - 1.0.2 → 1.0.4 - Mend

@mikandev/next-discord-auth 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/lib/oauth.js CHANGED Viewed

@@ -24,3 +24,28 @@ export const ExchangeCodeForTokens = async (config, code) => {
         expiresIn: data.expires_in,
     };
 };
+export const RefreshAccessToken = async (config, refreshToken) => {
+    const response = await fetch("https://discord.com/api/oauth2/token", {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+        },
+        body: new URLSearchParams({
+            client_id: config.clientId,
+            client_secret: config.clientSecret,
+            grant_type: "refresh_token",
+            refresh_token: refreshToken,
+            scope: config.scopes.join(" "),
+        }),
+    });
+    if (!response.ok) {
+        const error = (await response.json());
+        throw new Error(`Failed to refresh access token: ${error.error_description || error.message}`);
+    }
+    const data = (await response.json());
+    return {
+        accessToken: data.access_token,
+        refreshToken: data.refresh_token || refreshToken,
+        expiresIn: data.expires_in,
+    };
+};

package/dist/redirect.js CHANGED Viewed

@@ -1,4 +1,5 @@
 import { NextResponse } from "next/server";
+import { redirect } from "next/navigation";
 import { getGlobalConfig } from "./index";
 import { cookies } from "next/headers";
 import { ExchangeCodeForTokens } from "./lib/oauth";
@@ -30,9 +31,14 @@ export const handleRedirect = async (req) => {
             avatar: `https://cdn.discordapp.com/avatars/${userData.id}/${userData.avatar}.png`
         },
         expires: new Date(Date.now() + response.expiresIn * 1000).toISOString(),
+        accessToken: response.accessToken,
+        refreshToken: response.refreshToken,
     };
     const token = jwt.sign(session, config.jwtSecret, {
         expiresIn: response.expiresIn,
     });
+    const redirectUri = cookieStore.get("REDIRECT_AFTER")?.value || "/";
     cookieStore.set("AUTH_SESSION", token, { sameSite: "lax", httpOnly: true, secure: true });
+    cookieStore.delete("REDIRECT_AFTER");
+    return redirect(redirectUri);
 };

package/dist/server-actions.js CHANGED Viewed

@@ -1,7 +1,9 @@
 import { NextRequest, NextResponse } from "next/server";
+import { headers } from "next/headers";
 import { cookies } from "next/headers";
 import { redirect } from "next/navigation";
 import { getGlobalConfig } from "./index";
+import { RefreshAccessToken } from "./lib/oauth";
 import jwt from "jsonwebtoken";
 export const getSession = async () => {
     const config = getGlobalConfig();
@@ -10,16 +12,42 @@ export const getSession = async () => {
     if (!token)
         return null;
     try {
-        return jwt.verify(token, config.jwtSecret);
+        const session = jwt.verify(token, config.jwtSecret);
+        if (session.expires) {
+            const expiresAt = new Date(session.expires);
+            if (expiresAt < new Date()) {
+                cookieStore.delete("AUTH_SESSION");
+                return null;
+            }
+            else {
+                const timeUntilExpiration = expiresAt.getTime() - Date.now();
+                if (timeUntilExpiration < 5 * 60 * 1000) { // less than 5 minutes
+                    const refreshedSession = await RefreshAccessToken(config, session.refreshToken || "");
+                    if (refreshedSession) {
+                        session.accessToken = refreshedSession.accessToken;
+                        session.refreshToken = refreshedSession.refreshToken;
+                        session.expires = new Date(Date.now() + refreshedSession.expiresIn * 1000).toISOString();
+                        const newToken = jwt.sign(session, config.jwtSecret);
+                        cookieStore.set("AUTH_SESSION", newToken, { sameSite: "lax", httpOnly: true, secure: true });
+                    }
+                }
+                return session;
+            }
+        }
+        return null;
     }
     catch (error) {
         console.error("Invalid token:", error);
         return null;
     }
 };
-export const signIn = async () => {
+export const signIn = async (redirectTo) => {
     const config = getGlobalConfig();
     const session = await getSession();
+    const cookieStore = await cookies();
+    const headersList = await headers();
+    const redirectUri = redirectTo ?? headersList.get("Referer") ?? "/";
+    await cookieStore.set("REDIRECT_AFTER", redirectUri, { sameSite: "lax", httpOnly: true, secure: true });
     if (session) {
         return NextResponse.json({ message: "Already signed in" }, { status: 200 });
     }

package/dist/types/index.d.ts CHANGED Viewed

@@ -7,6 +7,7 @@ export interface Session {
 	};
 	expires: string;
 	accessToken?: string;
+	refreshToken?: string;
 }
 export interface Config {

package/package.json CHANGED Viewed

@@ -8,7 +8,7 @@
 		"dist"
 	],
 	"license": "WTFPL",
-	"version": "1.0.2",
+	"version": "1.0.4",
 	"type": "module",
 	"keywords": [
 		"auth",