@monocloud/auth-nextjs 0.1.9 → 0.1.11

package/README.md

@@ -29,7 +29,7 @@ This SDK is designed specifically for **Next.js**, providing first-class integra
 
 - **Documentation:** [https://www.monocloud.com/docs](https://www.monocloud.com/docs?utm_source=github&utm_medium=auth_js)
 - **Quickstart:** [https://www.monocloud.com/docs/quickstarts/nextjs-app-router](https://www.monocloud.com/docs/quickstarts/nextjs-app-router?utm_source=github&utm_medium=auth_js)
-- **SDK Reference:** [https://www.monocloud.com/docs/sdk-reference/nextjs](https://www.monocloud.com/docs/sdk-reference/nextjs/index?utm_source=github&utm_medium=auth_js)
+- **SDK Reference:** [https://www.monocloud.com/docs/sdks/nextjs](https://www.monocloud.com/docs/sdks/nextjs/index?utm_source=github&utm_medium=auth_js)
 - **API Reference:** [https://monocloud.github.io/auth-js](https://monocloud.github.io/auth-js?utm_source=github&utm_medium=auth_js)
 
 ## Supported Platforms

package/dist/{chunk-C0xms8kb.cjs → _virtual/_rolldown/runtime.cjs}

@@ -26,9 +26,4 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 
 //#endregion
 
-Object.defineProperty(exports, '__toESM', {
-  enumerable: true,
-  get: function () {
-    return __toESM;
-  }
-});
+exports.__toESM = __toESM;

package/dist/client/index.cjs

@@ -1,5 +1,6 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
-const require_protect_client_page = require('../protect-client-page-BdsnH8gs.cjs');
+const require_use_auth = require('./use-auth.cjs');
+const require_protect_client_page = require('./protect-client-page.cjs');
 
 exports.protectClientPage = require_protect_client_page.protectClientPage;
-exports.useAuth = require_protect_client_page.useAuth;
+exports.useAuth = require_use_auth.useAuth;

package/dist/client/index.d.mts

@@ -1,203 +1,3 @@
-import { c as ExtraAuthParams, l as GroupOptions } from "../types-ClljFIvK.mjs";
-import { MonoCloudUser } from "@monocloud/auth-node-core";
-import React, { ComponentType } from "react";
-
-//#region src/client/use-auth.d.ts
-/**
- * Authentication State returned by `useAuth` hook.
- *
- * @category Types
- */
-interface AuthenticationState {
-  /**
-   * Flag indicating if the authentication state is still loading.
-   */
-  isLoading: boolean;
-  /**
-   * Flag indicating if the user is authenticated.
-   */
-  isAuthenticated: boolean;
-  /**
-   * Error encountered during authentication, if any.
-   */
-  error?: Error;
-  /**
-   *  The authenticated user's information, if available.
-   */
-  user?: MonoCloudUser;
-  /**
-   * Function to refetch the authentication state.
-   *
-   */
-  refetch: (refresh?: boolean) => void;
-}
-/**
- *
- * `useAuth()` is a client-side hook that provides access to the current authentication state.
- *
- * It can only be used inside **Client Components**.
- *
- * @example Basic Usage
- * ```tsx title="Basic Usage"
- * "use client";
- *
- * import { useAuth } from "@monocloud/auth-nextjs/client";
- *
- * export default function Home() {
- *   const { user, isAuthenticated } = useAuth();
- *
- *   if (!isAuthenticated) {
- *     return <>Not signed in</>;
- *   }
- *
- *   return <>User Id: {user?.sub}</>;
- * }
- * ```
- *
- * @example Refetch user
- *
- * Calling `refetch(true)` forces a refresh of the user profile from the `UserInfo` endpoint.
- * Calling `refetch()` refreshes authentication state without forcing a `UserInfo` request.
- *
- * ```tsx title="Refetch User"
- * "use client";
- *
- * import { useAuth } from "@monocloud/auth-nextjs/client";
- *
- * export default function Home() {
- *   const { user, refetch } = useAuth();
- *
- *   return (
- *     <>
- *       <pre>{JSON.stringify(user, null, 2)}</pre>
- *       <button onClick={() => refetch(true)}>Refresh Profile</button>
- *     </>
- *   );
- * }
- * ```
- *
- * @returns
- *
- * @category Hooks
- */
-declare const useAuth: () => AuthenticationState;
-//#endregion
-//#region src/client/protect-client-page.d.ts
-/**
- * Options for configuring page protection.
- *
- * @category Types
- */
-interface ProtectClientPageOptions extends GroupOptions {
-  /**
-   * The URL where the user will be redirected to after sign in.
-   */
-  returnUrl?: string;
-  /**
-   * A custom react element to render when the user is not authenticated.
-   */
-  onAccessDenied?: () => React.ReactNode;
-  /**
-   * A custom react element to render when the user is authenticated but does not belong to the required groups.
-   */
-  onGroupAccessDenied?: (user: MonoCloudUser) => React.ReactNode;
-  /**
-   * Authorization parameters to be used during authentication.
-   */
-  authParams?: ExtraAuthParams;
-  /**
-   * Callback function to handle errors.
-   * If not provided, errors will be thrown.
-   *
-   * @param error - The error object.
-   * @returns JSX element to handle the error.
-   */
-  onError?: (error: Error) => React.ReactNode;
-}
-/**
- * `protectClientPage()` wraps a **client-rendered page component** and ensures that only authenticated users can access it.
- *
- * If the user is authenticated, the wrapped component receives a `user` prop.
- *
- * > This function runs on the client and controls rendering only.
- * > To enforce access before rendering (server-side), use the server {@link MonoCloudNextClient.protectPage | protectPage()} method on {@link MonoCloudNextClient}.
- *
- * @example Basic Usage
- *
- * ```tsx title="Basic Usage"
- * "use client";
- *
- * import { protectClientPage } from "@monocloud/auth-nextjs/client";
- *
- * export default protectClientPage(function Home({ user }) {
- *   return <>Signed in as {user.email}</>;
- * });
- * ```
- *
- * @example With Options
- *
- * ```tsx title="With Options"
- * "use client";
- *
- * import { protectClientPage } from "@monocloud/auth-nextjs/client";
- *
- * export default protectClientPage(
- *   function Home({ user }) {
- *     return <>Signed in as {user.email}</>;
- *   },
- *   {
- *     returnUrl: "/dashboard",
- *     authParams: { loginHint: "user@example.com" }
- *   }
- * );
- * ```
- *
- * @example Custom access denied UI
- *
- * ```tsx title="Custom access denied UI"
- * "use client";
- *
- * import { protectClientPage } from "@monocloud/auth-nextjs/client";
- *
- * export default protectClientPage(
- *   function Home({ user }) {
- *     return <>Signed in as {user.email}</>;
- *   },
- *   {
- *    onAccessDenied: () => <div>Please sign in to continue</div>
- *   }
- * );
- * ```
- *
- * @example Group protection
- *
- * ```tsx title="Group protection"
- * "use client";
- *
- * import { protectClientPage } from "@monocloud/auth-nextjs/client";
- *
- * export default protectClientPage(
- *   function Home({ user }) {
- *     return <>Welcome Admin {user.email}</>;
- *   },
- *   {
- *    groups: ["admin"],
- *    onGroupAccessDenied: (user) => <div>User {user.email} is not an admin</div>
- *   }
- * );
- * ```
- *
- * @param Component - The page component to protect
- * @typeParam P - Props of the protected component (excluding `user`).
- * @param options - Optional configuration
- * @returns A protected React component.
- *
- * @category Functions
- *
- */
-declare const protectClientPage: <P extends object>(Component: ComponentType<P & {
-  user: MonoCloudUser;
-}>, options?: ProtectClientPageOptions) => React.FC<P>;
-//#endregion
-export { type AuthenticationState, type ProtectClientPageOptions, protectClientPage, useAuth };
-//# sourceMappingURL=index.d.mts.map
+import { AuthenticationState, useAuth } from "./use-auth.mjs";
+import { ProtectClientPageOptions, protectClientPage } from "./protect-client-page.mjs";
+export { type AuthenticationState, type ProtectClientPageOptions, protectClientPage, useAuth };

package/dist/client/index.mjs

@@ -1,3 +1,4 @@
-import { r as useAuth, t as protectClientPage } from "../protect-client-page-BFVskb3X.mjs";
+import { useAuth } from "./use-auth.mjs";
+import { protectClientPage } from "./protect-client-page.mjs";
 
 export { protectClientPage, useAuth };

package/dist/{protect-client-page-BdsnH8gs.cjs → client/protect-client-page.cjs}

@@ -1,98 +1,11 @@
-const require_chunk = require('./chunk-C0xms8kb.cjs');
+'use client';
+
+const require_runtime = require('../_virtual/_rolldown/runtime.cjs');
+const require_use_auth = require('./use-auth.cjs');
 let _monocloud_auth_node_core_utils = require("@monocloud/auth-node-core/utils");
-let swr = require("swr");
-swr = require_chunk.__toESM(swr);
 let react = require("react");
-react = require_chunk.__toESM(react);
+react = require_runtime.__toESM(react);
 
-//#region src/client/use-auth.tsx
-const fetchUser = async (url) => {
-	const res = await fetch(url, { credentials: "include" });
-	if (res.status === 204) return;
-	if (res.ok) return res.json();
-	throw new Error("Failed to fetch user");
-};
-/**
-*
-* `useAuth()` is a client-side hook that provides access to the current authentication state.
-*
-* It can only be used inside **Client Components**.
-*
-* @example Basic Usage
-* ```tsx title="Basic Usage"
-* "use client";
-*
-* import { useAuth } from "@monocloud/auth-nextjs/client";
-*
-* export default function Home() {
-*   const { user, isAuthenticated } = useAuth();
-*
-*   if (!isAuthenticated) {
-*     return <>Not signed in</>;
-*   }
-*
-*   return <>User Id: {user?.sub}</>;
-* }
-* ```
-*
-* @example Refetch user
-*
-* Calling `refetch(true)` forces a refresh of the user profile from the `UserInfo` endpoint.
-* Calling `refetch()` refreshes authentication state without forcing a `UserInfo` request.
-*
-* ```tsx title="Refetch User"
-* "use client";
-*
-* import { useAuth } from "@monocloud/auth-nextjs/client";
-*
-* export default function Home() {
-*   const { user, refetch } = useAuth();
-*
-*   return (
-*     <>
-*       <pre>{JSON.stringify(user, null, 2)}</pre>
-*       <button onClick={() => refetch(true)}>Refresh Profile</button>
-*     </>
-*   );
-* }
-* ```
-*
-* @returns
-*
-* @category Hooks
-*/
-const useAuth = () => {
-	const key = process.env.NEXT_PUBLIC_MONOCLOUD_AUTH_USER_INFO_URL ?? `${process.env.__NEXT_ROUTER_BASEPATH ?? ""}/api/auth/userinfo`;
-	const { data, error, isLoading, mutate } = (0, swr.default)(key, fetchUser);
-	const refetch = (refresh) => {
-		const url = new URL(key, "https://dummy");
-		if (refresh) url.searchParams.set("refresh", "true");
-		mutate(async () => await fetchUser(url.pathname + url.search), { revalidate: false });
-	};
-	if (error) return {
-		user: void 0,
-		isLoading: false,
-		isAuthenticated: false,
-		error,
-		refetch
-	};
-	if (data) return {
-		user: data,
-		isLoading,
-		isAuthenticated: !!data && Object.keys(data).length > 0,
-		error: void 0,
-		refetch
-	};
-	return {
-		user: void 0,
-		isLoading,
-		isAuthenticated: false,
-		error: void 0,
-		refetch: () => {}
-	};
-};
-
-//#endregion
 //#region src/client/protect-client-page.tsx
 const redirectToSignIn = (options) => {
 	const searchParams = new URLSearchParams(window.location.search);
@@ -197,7 +110,7 @@ const handlePageError = (error, options) => {
 */
 const protectClientPage = (Component, options) => {
 	return (props) => {
-		const { user, error, isLoading } = useAuth();
+		const { user, error, isLoading } = require_use_auth.useAuth();
 		(0, react.useEffect)(() => {
 			if (!user && !isLoading && !error) {
 				if (options === null || options === void 0 ? void 0 : options.onAccessDenied) return;
@@ -229,22 +142,6 @@ const protectClientPage = (Component, options) => {
 };
 
 //#endregion
-Object.defineProperty(exports, 'protectClientPage', {
-  enumerable: true,
-  get: function () {
-    return protectClientPage;
-  }
-});
-Object.defineProperty(exports, 'redirectToSignIn', {
-  enumerable: true,
-  get: function () {
-    return redirectToSignIn;
-  }
-});
-Object.defineProperty(exports, 'useAuth', {
-  enumerable: true,
-  get: function () {
-    return useAuth;
-  }
-});
-//# sourceMappingURL=protect-client-page-BdsnH8gs.cjs.map
+exports.protectClientPage = protectClientPage;
+exports.redirectToSignIn = redirectToSignIn;
+//# sourceMappingURL=protect-client-page.cjs.map

package/dist/client/protect-client-page.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"protect-client-page.cjs","names":["useAuth"],"sources":["../../src/client/protect-client-page.tsx"],"sourcesContent":["/* eslint-disable react/display-name */\n'use client';\n\nimport React, { ComponentType, useEffect } from 'react';\nimport type { MonoCloudUser } from '@monocloud/auth-node-core';\nimport { isUserInGroup } from '@monocloud/auth-node-core/utils';\nimport { useAuth } from './use-auth';\nimport { ExtraAuthParams, GroupOptions } from '../types';\nimport type { MonoCloudNextClient } from '../monocloud-next-client';\n\n/**\n * Options for configuring page protection.\n *\n * @category Types\n */\nexport interface ProtectClientPageOptions extends GroupOptions {\n  /**\n   * The URL where the user will be redirected to after sign in.\n   */\n  returnUrl?: string;\n\n  /**\n   * A custom react element to render when the user is not authenticated.\n   */\n  onAccessDenied?: () => React.ReactNode;\n\n  /**\n   * A custom react element to render when the user is authenticated but does not belong to the required groups.\n   */\n  onGroupAccessDenied?: (user: MonoCloudUser) => React.ReactNode;\n\n  /**\n   * Authorization parameters to be used during authentication.\n   */\n  authParams?: ExtraAuthParams;\n\n  /**\n   * Callback function to handle errors.\n   * If not provided, errors will be thrown.\n   *\n   * @param error - The error object.\n   * @returns JSX element to handle the error.\n   */\n  onError?: (error: Error) => React.ReactNode;\n}\n\nexport const redirectToSignIn = (\n  options: { returnUrl?: string } & ExtraAuthParams\n): void => {\n  const searchParams = new URLSearchParams(window.location.search);\n  searchParams.set(\n    'return_url',\n    options.returnUrl ?? window.location.toString()\n  );\n\n  if (options?.scopes) {\n    searchParams.set('scope', options.scopes);\n  }\n  if (options?.resource) {\n    searchParams.set('resource', options.resource);\n  }\n\n  if (options?.acrValues) {\n    searchParams.set('acr_values', options.acrValues.join(' '));\n  }\n\n  if (options?.display) {\n    searchParams.set('display', options.display);\n  }\n\n  if (options?.prompt) {\n    searchParams.set('prompt', options.prompt);\n  }\n\n  if (options?.authenticatorHint) {\n    searchParams.set('authenticator_hint', options.authenticatorHint);\n  }\n\n  if (options?.uiLocales) {\n    searchParams.set('ui_locales', options.uiLocales);\n  }\n\n  if (options?.maxAge) {\n    searchParams.set('max_age', options.maxAge.toString());\n  }\n\n  if (options?.loginHint) {\n    searchParams.set('login_hint', options.loginHint);\n  }\n\n  window.location.assign(\n    // eslint-disable-next-line no-underscore-dangle\n    `${process.env.NEXT_PUBLIC_MONOCLOUD_AUTH_SIGNIN_URL ?? `${process.env.__NEXT_ROUTER_BASEPATH ?? ''}/api/auth/signin`}?${searchParams.toString()}`\n  );\n};\n\nconst handlePageError = (\n  error: Error,\n  options?: ProtectClientPageOptions\n): React.ReactNode => {\n  /* v8 ignore else -- @preserve */\n  if (options?.onError) {\n    return options.onError(error);\n  }\n\n  /* v8 ignore next -- @preserve */\n  throw error;\n};\n\n/**\n * `protectClientPage()` wraps a **client-rendered page component** and ensures that only authenticated users can access it.\n *\n * If the user is authenticated, the wrapped component receives a `user` prop.\n *\n * > This function runs on the client and controls rendering only.\n * > To enforce access before rendering (server-side), use the server {@link MonoCloudNextClient.protectPage | protectPage()} method on {@link MonoCloudNextClient}.\n *\n * @example Basic Usage\n *\n * ```tsx title=\"Basic Usage\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(function Home({ user }) {\n *   return <>Signed in as {user.email}</>;\n * });\n * ```\n *\n * @example With Options\n *\n * ```tsx title=\"With Options\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(\n *   function Home({ user }) {\n *     return <>Signed in as {user.email}</>;\n *   },\n *   {\n *     returnUrl: \"/dashboard\",\n *     authParams: { loginHint: \"user@example.com\" }\n *   }\n * );\n * ```\n *\n * @example Custom access denied UI\n *\n * ```tsx title=\"Custom access denied UI\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(\n *   function Home({ user }) {\n *     return <>Signed in as {user.email}</>;\n *   },\n *   {\n *    onAccessDenied: () => <div>Please sign in to continue</div>\n *   }\n * );\n * ```\n *\n * @example Group protection\n *\n * ```tsx title=\"Group protection\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(\n *   function Home({ user }) {\n *     return <>Welcome Admin {user.email}</>;\n *   },\n *   {\n *    groups: [\"admin\"],\n *    onGroupAccessDenied: (user) => <div>User {user.email} is not an admin</div>\n *   }\n * );\n * ```\n *\n * @param Component - The page component to protect\n * @typeParam P - Props of the protected component (excluding `user`).\n * @param options - Optional configuration\n * @returns A protected React component.\n *\n * @category Functions\n *\n */\nexport const protectClientPage = <P extends object>(\n  Component: ComponentType<P & { user: MonoCloudUser }>,\n  options?: ProtectClientPageOptions\n): React.FC<P> => {\n  return props => {\n    const { user, error, isLoading } = useAuth();\n\n    useEffect(() => {\n      if (!user && !isLoading && !error) {\n        if (options?.onAccessDenied) {\n          return;\n        }\n\n        const authParams = options?.authParams ?? {};\n        redirectToSignIn({\n          returnUrl: options?.returnUrl,\n          ...authParams,\n        });\n      }\n    }, [user, isLoading, error]);\n\n    if (error) {\n      return handlePageError(error, options);\n    }\n\n    if (!user && !isLoading && options?.onAccessDenied) {\n      return options.onAccessDenied();\n    }\n\n    if (user) {\n      if (\n        options?.groups &&\n        !isUserInGroup(\n          user,\n          options.groups,\n          options.groupsClaim ??\n            process.env.NEXT_PUBLIC_MONOCLOUD_AUTH_GROUPS_CLAIM,\n          options.matchAll\n        )\n      ) {\n        const {\n          onGroupAccessDenied = (): React.ReactNode => <div>Access Denied</div>,\n        } = options;\n        return onGroupAccessDenied(user);\n      }\n\n      return <Component user={user} {...props} />;\n    }\n\n    return null;\n  };\n};\n"],"mappings":";;;;;;;;;AA8CA,MAAa,oBACX,YACS;CACT,MAAM,eAAe,IAAI,gBAAgB,OAAO,SAAS,OAAO;AAChE,cAAa,IACX,cACA,QAAQ,aAAa,OAAO,SAAS,UAAU,CAChD;AAED,uDAAI,QAAS,OACX,cAAa,IAAI,SAAS,QAAQ,OAAO;AAE3C,uDAAI,QAAS,SACX,cAAa,IAAI,YAAY,QAAQ,SAAS;AAGhD,uDAAI,QAAS,UACX,cAAa,IAAI,cAAc,QAAQ,UAAU,KAAK,IAAI,CAAC;AAG7D,uDAAI,QAAS,QACX,cAAa,IAAI,WAAW,QAAQ,QAAQ;AAG9C,uDAAI,QAAS,OACX,cAAa,IAAI,UAAU,QAAQ,OAAO;AAG5C,uDAAI,QAAS,kBACX,cAAa,IAAI,sBAAsB,QAAQ,kBAAkB;AAGnE,uDAAI,QAAS,UACX,cAAa,IAAI,cAAc,QAAQ,UAAU;AAGnD,uDAAI,QAAS,OACX,cAAa,IAAI,WAAW,QAAQ,OAAO,UAAU,CAAC;AAGxD,uDAAI,QAAS,UACX,cAAa,IAAI,cAAc,QAAQ,UAAU;AAGnD,QAAO,SAAS,OAEd,GAAG,QAAQ,IAAI,yCAAyC,GAAG,QAAQ,IAAI,0BAA0B,GAAG,kBAAkB,GAAG,aAAa,UAAU,GACjJ;;AAGH,MAAM,mBACJ,OACA,YACoB;;AAEpB,uDAAI,QAAS,QACX,QAAO,QAAQ,QAAQ,MAAM;;AAI/B,OAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoFR,MAAa,qBACX,WACA,YACgB;AAChB,SAAO,UAAS;EACd,MAAM,EAAE,MAAM,OAAO,cAAcA,0BAAS;AAE5C,6BAAgB;AACd,OAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,OAAO;AACjC,0DAAI,QAAS,eACX;IAGF,MAAM,gEAAa,QAAS,eAAc,EAAE;AAC5C,qBAAiB;KACf,6DAAW,QAAS;KACpB,GAAG;KACJ,CAAC;;KAEH;GAAC;GAAM;GAAW;GAAM,CAAC;AAE5B,MAAI,MACF,QAAO,gBAAgB,OAAO,QAAQ;AAGxC,MAAI,CAAC,QAAQ,CAAC,gEAAa,QAAS,gBAClC,QAAO,QAAQ,gBAAgB;AAGjC,MAAI,MAAM;AACR,0DACE,QAAS,WACT,oDACE,MACA,QAAQ,QACR,QAAQ,eACN,QAAQ,IAAI,yCACd,QAAQ,SACT,EACD;IACA,MAAM,EACJ,4BAA6C,4CAAC,aAAI,gBAAmB,KACnE;AACJ,WAAO,oBAAoB,KAAK;;AAGlC,UAAO,4CAAC;IAAgB;IAAM,GAAI;KAAS;;AAG7C,SAAO"}

package/dist/client/protect-client-page.d.mts

@@ -0,0 +1,123 @@
+import { ExtraAuthParams, GroupOptions } from "../types.mjs";
+import { MonoCloudUser } from "@monocloud/auth-node-core";
+import React, { ComponentType } from "react";
+
+//#region src/client/protect-client-page.d.ts
+/**
+ * Options for configuring page protection.
+ *
+ * @category Types
+ */
+interface ProtectClientPageOptions extends GroupOptions {
+  /**
+   * The URL where the user will be redirected to after sign in.
+   */
+  returnUrl?: string;
+  /**
+   * A custom react element to render when the user is not authenticated.
+   */
+  onAccessDenied?: () => React.ReactNode;
+  /**
+   * A custom react element to render when the user is authenticated but does not belong to the required groups.
+   */
+  onGroupAccessDenied?: (user: MonoCloudUser) => React.ReactNode;
+  /**
+   * Authorization parameters to be used during authentication.
+   */
+  authParams?: ExtraAuthParams;
+  /**
+   * Callback function to handle errors.
+   * If not provided, errors will be thrown.
+   *
+   * @param error - The error object.
+   * @returns JSX element to handle the error.
+   */
+  onError?: (error: Error) => React.ReactNode;
+}
+/**
+ * `protectClientPage()` wraps a **client-rendered page component** and ensures that only authenticated users can access it.
+ *
+ * If the user is authenticated, the wrapped component receives a `user` prop.
+ *
+ * > This function runs on the client and controls rendering only.
+ * > To enforce access before rendering (server-side), use the server {@link MonoCloudNextClient.protectPage | protectPage()} method on {@link MonoCloudNextClient}.
+ *
+ * @example Basic Usage
+ *
+ * ```tsx title="Basic Usage"
+ * "use client";
+ *
+ * import { protectClientPage } from "@monocloud/auth-nextjs/client";
+ *
+ * export default protectClientPage(function Home({ user }) {
+ *   return <>Signed in as {user.email}</>;
+ * });
+ * ```
+ *
+ * @example With Options
+ *
+ * ```tsx title="With Options"
+ * "use client";
+ *
+ * import { protectClientPage } from "@monocloud/auth-nextjs/client";
+ *
+ * export default protectClientPage(
+ *   function Home({ user }) {
+ *     return <>Signed in as {user.email}</>;
+ *   },
+ *   {
+ *     returnUrl: "/dashboard",
+ *     authParams: { loginHint: "user@example.com" }
+ *   }
+ * );
+ * ```
+ *
+ * @example Custom access denied UI
+ *
+ * ```tsx title="Custom access denied UI"
+ * "use client";
+ *
+ * import { protectClientPage } from "@monocloud/auth-nextjs/client";
+ *
+ * export default protectClientPage(
+ *   function Home({ user }) {
+ *     return <>Signed in as {user.email}</>;
+ *   },
+ *   {
+ *    onAccessDenied: () => <div>Please sign in to continue</div>
+ *   }
+ * );
+ * ```
+ *
+ * @example Group protection
+ *
+ * ```tsx title="Group protection"
+ * "use client";
+ *
+ * import { protectClientPage } from "@monocloud/auth-nextjs/client";
+ *
+ * export default protectClientPage(
+ *   function Home({ user }) {
+ *     return <>Welcome Admin {user.email}</>;
+ *   },
+ *   {
+ *    groups: ["admin"],
+ *    onGroupAccessDenied: (user) => <div>User {user.email} is not an admin</div>
+ *   }
+ * );
+ * ```
+ *
+ * @param Component - The page component to protect
+ * @typeParam P - Props of the protected component (excluding `user`).
+ * @param options - Optional configuration
+ * @returns A protected React component.
+ *
+ * @category Functions
+ *
+ */
+declare const protectClientPage: <P extends object>(Component: ComponentType<P & {
+  user: MonoCloudUser;
+}>, options?: ProtectClientPageOptions) => React.FC<P>;
+//#endregion
+export { ProtectClientPageOptions, protectClientPage };
+//# sourceMappingURL=protect-client-page.d.mts.map

package/dist/{protect-client-page-BFVskb3X.mjs → client/protect-client-page.mjs}

@@ -1,95 +1,9 @@
+'use client';
+
+import { useAuth } from "./use-auth.mjs";
 import { isUserInGroup } from "@monocloud/auth-node-core/utils";
-import useSWR from "swr";
 import React, { useEffect } from "react";
 
-//#region src/client/use-auth.tsx
-const fetchUser = async (url) => {
-	const res = await fetch(url, { credentials: "include" });
-	if (res.status === 204) return;
-	if (res.ok) return res.json();
-	throw new Error("Failed to fetch user");
-};
-/**
-*
-* `useAuth()` is a client-side hook that provides access to the current authentication state.
-*
-* It can only be used inside **Client Components**.
-*
-* @example Basic Usage
-* ```tsx title="Basic Usage"
-* "use client";
-*
-* import { useAuth } from "@monocloud/auth-nextjs/client";
-*
-* export default function Home() {
-*   const { user, isAuthenticated } = useAuth();
-*
-*   if (!isAuthenticated) {
-*     return <>Not signed in</>;
-*   }
-*
-*   return <>User Id: {user?.sub}</>;
-* }
-* ```
-*
-* @example Refetch user
-*
-* Calling `refetch(true)` forces a refresh of the user profile from the `UserInfo` endpoint.
-* Calling `refetch()` refreshes authentication state without forcing a `UserInfo` request.
-*
-* ```tsx title="Refetch User"
-* "use client";
-*
-* import { useAuth } from "@monocloud/auth-nextjs/client";
-*
-* export default function Home() {
-*   const { user, refetch } = useAuth();
-*
-*   return (
-*     <>
-*       <pre>{JSON.stringify(user, null, 2)}</pre>
-*       <button onClick={() => refetch(true)}>Refresh Profile</button>
-*     </>
-*   );
-* }
-* ```
-*
-* @returns
-*
-* @category Hooks
-*/
-const useAuth = () => {
-	const key = process.env.NEXT_PUBLIC_MONOCLOUD_AUTH_USER_INFO_URL ?? `${process.env.__NEXT_ROUTER_BASEPATH ?? ""}/api/auth/userinfo`;
-	const { data, error, isLoading, mutate } = useSWR(key, fetchUser);
-	const refetch = (refresh) => {
-		const url = new URL(key, "https://dummy");
-		if (refresh) url.searchParams.set("refresh", "true");
-		mutate(async () => await fetchUser(url.pathname + url.search), { revalidate: false });
-	};
-	if (error) return {
-		user: void 0,
-		isLoading: false,
-		isAuthenticated: false,
-		error,
-		refetch
-	};
-	if (data) return {
-		user: data,
-		isLoading,
-		isAuthenticated: !!data && Object.keys(data).length > 0,
-		error: void 0,
-		refetch
-	};
-	return {
-		user: void 0,
-		isLoading,
-		isAuthenticated: false,
-		error: void 0,
-		refetch: () => {}
-	};
-};
-
-//#endregion
 //#region src/client/protect-client-page.tsx
 const redirectToSignIn = (options) => {
 	const searchParams = new URLSearchParams(window.location.search);
@@ -226,5 +140,5 @@ const protectClientPage = (Component, options) => {
 };
 
 //#endregion
-export { redirectToSignIn as n, useAuth as r, protectClientPage as t };
-//# sourceMappingURL=protect-client-page-BFVskb3X.mjs.map
+export { protectClientPage, redirectToSignIn };
+//# sourceMappingURL=protect-client-page.mjs.map

package/dist/client/protect-client-page.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"protect-client-page.mjs","names":[],"sources":["../../src/client/protect-client-page.tsx"],"sourcesContent":["/* eslint-disable react/display-name */\n'use client';\n\nimport React, { ComponentType, useEffect } from 'react';\nimport type { MonoCloudUser } from '@monocloud/auth-node-core';\nimport { isUserInGroup } from '@monocloud/auth-node-core/utils';\nimport { useAuth } from './use-auth';\nimport { ExtraAuthParams, GroupOptions } from '../types';\nimport type { MonoCloudNextClient } from '../monocloud-next-client';\n\n/**\n * Options for configuring page protection.\n *\n * @category Types\n */\nexport interface ProtectClientPageOptions extends GroupOptions {\n  /**\n   * The URL where the user will be redirected to after sign in.\n   */\n  returnUrl?: string;\n\n  /**\n   * A custom react element to render when the user is not authenticated.\n   */\n  onAccessDenied?: () => React.ReactNode;\n\n  /**\n   * A custom react element to render when the user is authenticated but does not belong to the required groups.\n   */\n  onGroupAccessDenied?: (user: MonoCloudUser) => React.ReactNode;\n\n  /**\n   * Authorization parameters to be used during authentication.\n   */\n  authParams?: ExtraAuthParams;\n\n  /**\n   * Callback function to handle errors.\n   * If not provided, errors will be thrown.\n   *\n   * @param error - The error object.\n   * @returns JSX element to handle the error.\n   */\n  onError?: (error: Error) => React.ReactNode;\n}\n\nexport const redirectToSignIn = (\n  options: { returnUrl?: string } & ExtraAuthParams\n): void => {\n  const searchParams = new URLSearchParams(window.location.search);\n  searchParams.set(\n    'return_url',\n    options.returnUrl ?? window.location.toString()\n  );\n\n  if (options?.scopes) {\n    searchParams.set('scope', options.scopes);\n  }\n  if (options?.resource) {\n    searchParams.set('resource', options.resource);\n  }\n\n  if (options?.acrValues) {\n    searchParams.set('acr_values', options.acrValues.join(' '));\n  }\n\n  if (options?.display) {\n    searchParams.set('display', options.display);\n  }\n\n  if (options?.prompt) {\n    searchParams.set('prompt', options.prompt);\n  }\n\n  if (options?.authenticatorHint) {\n    searchParams.set('authenticator_hint', options.authenticatorHint);\n  }\n\n  if (options?.uiLocales) {\n    searchParams.set('ui_locales', options.uiLocales);\n  }\n\n  if (options?.maxAge) {\n    searchParams.set('max_age', options.maxAge.toString());\n  }\n\n  if (options?.loginHint) {\n    searchParams.set('login_hint', options.loginHint);\n  }\n\n  window.location.assign(\n    // eslint-disable-next-line no-underscore-dangle\n    `${process.env.NEXT_PUBLIC_MONOCLOUD_AUTH_SIGNIN_URL ?? `${process.env.__NEXT_ROUTER_BASEPATH ?? ''}/api/auth/signin`}?${searchParams.toString()}`\n  );\n};\n\nconst handlePageError = (\n  error: Error,\n  options?: ProtectClientPageOptions\n): React.ReactNode => {\n  /* v8 ignore else -- @preserve */\n  if (options?.onError) {\n    return options.onError(error);\n  }\n\n  /* v8 ignore next -- @preserve */\n  throw error;\n};\n\n/**\n * `protectClientPage()` wraps a **client-rendered page component** and ensures that only authenticated users can access it.\n *\n * If the user is authenticated, the wrapped component receives a `user` prop.\n *\n * > This function runs on the client and controls rendering only.\n * > To enforce access before rendering (server-side), use the server {@link MonoCloudNextClient.protectPage | protectPage()} method on {@link MonoCloudNextClient}.\n *\n * @example Basic Usage\n *\n * ```tsx title=\"Basic Usage\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(function Home({ user }) {\n *   return <>Signed in as {user.email}</>;\n * });\n * ```\n *\n * @example With Options\n *\n * ```tsx title=\"With Options\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(\n *   function Home({ user }) {\n *     return <>Signed in as {user.email}</>;\n *   },\n *   {\n *     returnUrl: \"/dashboard\",\n *     authParams: { loginHint: \"user@example.com\" }\n *   }\n * );\n * ```\n *\n * @example Custom access denied UI\n *\n * ```tsx title=\"Custom access denied UI\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(\n *   function Home({ user }) {\n *     return <>Signed in as {user.email}</>;\n *   },\n *   {\n *    onAccessDenied: () => <div>Please sign in to continue</div>\n *   }\n * );\n * ```\n *\n * @example Group protection\n *\n * ```tsx title=\"Group protection\"\n * \"use client\";\n *\n * import { protectClientPage } from \"@monocloud/auth-nextjs/client\";\n *\n * export default protectClientPage(\n *   function Home({ user }) {\n *     return <>Welcome Admin {user.email}</>;\n *   },\n *   {\n *    groups: [\"admin\"],\n *    onGroupAccessDenied: (user) => <div>User {user.email} is not an admin</div>\n *   }\n * );\n * ```\n *\n * @param Component - The page component to protect\n * @typeParam P - Props of the protected component (excluding `user`).\n * @param options - Optional configuration\n * @returns A protected React component.\n *\n * @category Functions\n *\n */\nexport const protectClientPage = <P extends object>(\n  Component: ComponentType<P & { user: MonoCloudUser }>,\n  options?: ProtectClientPageOptions\n): React.FC<P> => {\n  return props => {\n    const { user, error, isLoading } = useAuth();\n\n    useEffect(() => {\n      if (!user && !isLoading && !error) {\n        if (options?.onAccessDenied) {\n          return;\n        }\n\n        const authParams = options?.authParams ?? {};\n        redirectToSignIn({\n          returnUrl: options?.returnUrl,\n          ...authParams,\n        });\n      }\n    }, [user, isLoading, error]);\n\n    if (error) {\n      return handlePageError(error, options);\n    }\n\n    if (!user && !isLoading && options?.onAccessDenied) {\n      return options.onAccessDenied();\n    }\n\n    if (user) {\n      if (\n        options?.groups &&\n        !isUserInGroup(\n          user,\n          options.groups,\n          options.groupsClaim ??\n            process.env.NEXT_PUBLIC_MONOCLOUD_AUTH_GROUPS_CLAIM,\n          options.matchAll\n        )\n      ) {\n        const {\n          onGroupAccessDenied = (): React.ReactNode => <div>Access Denied</div>,\n        } = options;\n        return onGroupAccessDenied(user);\n      }\n\n      return <Component user={user} {...props} />;\n    }\n\n    return null;\n  };\n};\n"],"mappings":";;;;;;;AA8CA,MAAa,oBACX,YACS;CACT,MAAM,eAAe,IAAI,gBAAgB,OAAO,SAAS,OAAO;AAChE,cAAa,IACX,cACA,QAAQ,aAAa,OAAO,SAAS,UAAU,CAChD;AAED,uDAAI,QAAS,OACX,cAAa,IAAI,SAAS,QAAQ,OAAO;AAE3C,uDAAI,QAAS,SACX,cAAa,IAAI,YAAY,QAAQ,SAAS;AAGhD,uDAAI,QAAS,UACX,cAAa,IAAI,cAAc,QAAQ,UAAU,KAAK,IAAI,CAAC;AAG7D,uDAAI,QAAS,QACX,cAAa,IAAI,WAAW,QAAQ,QAAQ;AAG9C,uDAAI,QAAS,OACX,cAAa,IAAI,UAAU,QAAQ,OAAO;AAG5C,uDAAI,QAAS,kBACX,cAAa,IAAI,sBAAsB,QAAQ,kBAAkB;AAGnE,uDAAI,QAAS,UACX,cAAa,IAAI,cAAc,QAAQ,UAAU;AAGnD,uDAAI,QAAS,OACX,cAAa,IAAI,WAAW,QAAQ,OAAO,UAAU,CAAC;AAGxD,uDAAI,QAAS,UACX,cAAa,IAAI,cAAc,QAAQ,UAAU;AAGnD,QAAO,SAAS,OAEd,GAAG,QAAQ,IAAI,yCAAyC,GAAG,QAAQ,IAAI,0BAA0B,GAAG,kBAAkB,GAAG,aAAa,UAAU,GACjJ;;AAGH,MAAM,mBACJ,OACA,YACoB;;AAEpB,uDAAI,QAAS,QACX,QAAO,QAAQ,QAAQ,MAAM;;AAI/B,OAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoFR,MAAa,qBACX,WACA,YACgB;AAChB,SAAO,UAAS;EACd,MAAM,EAAE,MAAM,OAAO,cAAc,SAAS;AAE5C,kBAAgB;AACd,OAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,OAAO;AACjC,0DAAI,QAAS,eACX;IAGF,MAAM,gEAAa,QAAS,eAAc,EAAE;AAC5C,qBAAiB;KACf,6DAAW,QAAS;KACpB,GAAG;KACJ,CAAC;;KAEH;GAAC;GAAM;GAAW;GAAM,CAAC;AAE5B,MAAI,MACF,QAAO,gBAAgB,OAAO,QAAQ;AAGxC,MAAI,CAAC,QAAQ,CAAC,gEAAa,QAAS,gBAClC,QAAO,QAAQ,gBAAgB;AAGjC,MAAI,MAAM;AACR,0DACE,QAAS,WACT,CAAC,cACC,MACA,QAAQ,QACR,QAAQ,eACN,QAAQ,IAAI,yCACd,QAAQ,SACT,EACD;IACA,MAAM,EACJ,4BAA6C,oCAAC,aAAI,gBAAmB,KACnE;AACJ,WAAO,oBAAoB,KAAK;;AAGlC,UAAO,oCAAC;IAAgB;IAAM,GAAI;KAAS;;AAG7C,SAAO"}