@neowhale/storefront 0.1.2 → 0.2.2

package/dist/index.d.ts

@@ -1,269 +1,16 @@
-interface PricingTier {
-    id: string;
-    unit: string;
-    label: string;
-    quantity: number;
-    sort_order: number;
-    default_price: number;
-}
-interface ProductVariation {
-    id: string;
-    product_id: string;
-    name: string;
-    sku: string | null;
-    price: number;
-    stock_quantity: number;
-    attributes: Record<string, string>;
-}
-interface Product {
-    id: string;
-    name: string;
-    slug: string;
-    sku: string | null;
-    description: string | null;
-    status: string;
-    type: string;
-    primary_category_id: string;
-    featured_image: string | null;
-    image_gallery: string[];
-    pricing_data: PricingTier[] | {
-        mode?: string;
-        tiers?: PricingTier[];
-    } | null;
-    custom_fields: Record<string, string | null>;
-    stock_quantity?: number;
-}
-interface Category {
-    id: string;
-    name: string;
-    slug: string;
-}
-interface CartItem {
-    id: string;
-    product_id: string;
-    product_name: string;
-    image_url: string | null;
-    quantity: number;
-    unit_price: number;
-    tier_label: string | null;
-    line_total: number;
-}
-interface TaxBreakdown {
-    name: string;
-    rate: number;
-    type: string;
-    rate_decimal: number;
-}
-interface Cart {
-    id: string;
-    items: CartItem[];
-    item_count: number;
-    subtotal: number;
-    tax_rate: number;
-    tax_amount: number;
-    total: number;
-    tax_breakdown: TaxBreakdown[];
-    discount_amount: number;
-    customer_email: string | null;
-}
-interface Order {
-    id: string;
-    order_number: string;
-    status: string;
-    total_amount: number;
-    subtotal: number;
-    tax_amount: number;
-    discount_amount: number;
-    item_count?: number;
-    created_at: string;
-    payment_status?: string;
-    fulfillment_status?: string;
-    items?: OrderItem[];
-}
-interface OrderItem {
-    id: string;
-    product_name: string;
-    quantity: number;
-    unit_price?: number;
-    cost_per_unit?: number;
-    line_total: number;
-}
-interface Customer {
-    id: string;
-    first_name: string;
-    last_name: string;
-    email: string | null;
-    phone: string | null;
-    loyalty_points: number;
-    loyalty_tier: string;
-    total_spent: number;
-    total_orders: number;
-    lifetime_value?: number;
-    street_address?: string | null;
-    city?: string | null;
-    state?: string | null;
-    postal_code?: string | null;
-    date_of_birth?: string | null;
-    created_at?: string;
-    is_staff?: boolean;
-    email_consent?: boolean;
-    sms_consent?: boolean;
-}
-interface Address {
-    firstName: string;
-    lastName: string;
-    address: string;
-    city: string;
-    state: string;
-    zip: string;
-    country: string;
-}
-interface PaymentData {
-    payment_method: 'card' | 'cash';
-    opaque_data?: {
-        dataDescriptor: string;
-        dataValue: string;
-    };
-    billTo?: Address;
-    shipTo?: Address;
-}
-interface CustomerAnalytics {
-    customer_id: string;
-    customer_name: string;
-    total_orders: number;
-    lifetime_revenue: number;
-    avg_order_value: number;
-    ltv_tier: string;
-    rfm_segment: string;
-    churn_risk: string;
-    last_order_date: string;
-    recency_days: number;
-}
-interface Location {
-    id: string;
-    name: string;
-    address?: string;
-    city?: string;
-    state?: string;
-    zip?: string;
-    phone?: string;
-    is_active?: boolean;
-}
-interface SendCodeResponse {
-    sent: boolean;
-}
-interface VerifyCodeResponse {
-    object: string;
-    token_hash: string;
-    needs_profile: boolean;
-    customer: Customer | null;
-}
-interface StorefrontSession {
-    id: string;
-    store_id: string;
-    customer_id?: string;
-    started_at: string;
-    last_active_at: string;
-}
-interface ListResponse<T> {
-    object: 'list';
-    data: T[];
-    has_more: boolean;
-    cursors?: {
-        before?: string;
-        after?: string;
-    };
-    url?: string;
-}
-interface WhaleStorefrontConfig {
-    /** Store UUID */
-    storeId: string;
-    /** API key (wk_live_... or wk_test_...) */
-    apiKey: string;
-    /** Gateway base URL. Defaults to https://whale-gateway.fly.dev */
-    gatewayUrl?: string;
-    /** Client-side proxy path. Defaults to /api/gw */
-    proxyPath?: string;
-    /** Media signing secret for image/video proxy */
-    mediaSigningSecret?: string;
-    /** Supabase host for media URL detection */
-    supabaseHost?: string;
-    /** localStorage key prefix. Defaults to "whale" */
-    storagePrefix?: string;
-    /** Analytics session TTL in ms. Defaults to 30 minutes */
-    sessionTtl?: number;
-    /** Enable debug logging */
-    debug?: boolean;
-}
-type EventType = 'page_view' | 'product_view' | 'add_to_cart' | 'remove_from_cart' | 'begin_checkout' | 'purchase' | 'category_view' | 'search';
+export { A as Address, C as Cart, a as CartItem, b as Category, c as Customer, d as CustomerAnalytics, E as EventType, L as ListResponse, e as Location, O as Order, f as OrderItem, P as PaymentData, g as PixelConfig, h as PricingTier, i as Product, j as ProductVariation, S as SendCodeResponse, k as StorefrontConfig, l as StorefrontSession, T as TaxBreakdown, V as VerifyCodeResponse, W as WhaleClient, m as WhaleStorefrontConfig } from './client-y0V1x0px.js';
+export { P as PixelManager } from './pixel-manager-CYtRIGo0.js';
 
-declare class WhaleClient {
-    readonly storeId: string;
-    readonly apiKey: string;
-    readonly gatewayUrl: string;
-    readonly proxyPath: string;
-    private _sessionToken;
-    constructor(config: WhaleStorefrontConfig);
-    setSessionToken(token: string | null): void;
-    getSessionToken(): string | null;
-    private get baseUrl();
-    private request;
-    listProducts(params?: {
-        limit?: number;
-        starting_after?: string;
-        status?: string;
-    }): Promise<ListResponse<Product>>;
-    getProduct(id: string): Promise<Product>;
-    getAllProducts(options?: {
-        status?: string;
-        maxPages?: number;
-        revalidate?: number;
-        filter?: (product: Product) => boolean;
-    }): Promise<Product[]>;
-    createCart(customerEmail?: string): Promise<Cart>;
-    getCart(cartId: string): Promise<Cart>;
-    addToCart(cartId: string, productId: string, quantity: number, options?: {
-        tier?: string;
-        unitPrice?: number;
-    }): Promise<CartItem>;
-    updateCartItem(cartId: string, itemId: string, quantity: number): Promise<Cart>;
-    removeCartItem(cartId: string, itemId: string): Promise<void>;
-    checkout(cartId: string, customerEmail?: string, payment?: PaymentData): Promise<Order>;
-    findCustomer(query: string): Promise<Customer[]>;
-    getCustomer(id: string): Promise<Customer>;
-    createCustomer(data: {
-        first_name: string;
-        last_name: string;
-        email: string;
-        phone?: string;
-    }): Promise<Customer>;
-    listOrders(params?: {
-        customer_id?: string;
-        limit?: number;
-        starting_after?: string;
-    }): Promise<ListResponse<Order>>;
-    getOrder(id: string): Promise<Order>;
-    getCustomerOrders(customerId: string): Promise<Order[]>;
-    sendCode(email: string): Promise<SendCodeResponse>;
-    verifyCode(email: string, code: string): Promise<VerifyCodeResponse>;
-    getCustomerAnalytics(customerId: string, customerName?: string): Promise<CustomerAnalytics | null>;
-    listLocations(): Promise<ListResponse<Location>>;
-    getCOAEmbedUrl(productId: string): string;
-    createSession(params: {
-        user_agent?: string;
-        referrer?: string;
-    }): Promise<StorefrontSession>;
-    updateSession(sessionId: string, params: {
-        last_active_at?: string;
-        customer_id?: string;
-    }): Promise<StorefrontSession>;
-    trackEvent(params: {
-        session_id: string;
-        event_type: EventType;
-        event_data?: Record<string, unknown>;
-    }): Promise<void>;
-    static encodeBase64Url(url: string): string;
-    static signMedia(signingSecret: string, encodedUrl: string, w: string, q: string, f: string): string;
-}
+/**
+ * Resilient HTTP sender for analytics/event payloads.
+ *
+ * Retries transient (5xx / network) failures with linear back-off,
+ * then falls back to navigator.sendBeacon so the event still lands
+ * even when the tab is being unloaded.
+ *
+ * 4xx responses are NOT retried — they indicate a client error that
+ * won't resolve by resending.
+ */
+declare function resilientSend(url: string, payload: object, headers: Record<string, string>): Promise<void>;
 
-export { type Address, type Cart, type CartItem, type Category, type Customer, type CustomerAnalytics, type EventType, type ListResponse, type Location, type Order, type OrderItem, type PaymentData, type PricingTier, type Product, type ProductVariation, type SendCodeResponse, type StorefrontSession, type TaxBreakdown, type VerifyCodeResponse, WhaleClient, type WhaleStorefrontConfig };
+export { resilientSend };

package/dist/index.js

@@ -1,3 +1,4 @@
-export { WhaleClient } from './chunk-PR4PUHVN.js';
+export { PixelManager } from './chunk-NLH3W6JA.js';
+export { WhaleClient, resilientSend } from './chunk-QIIKQ7DN.js';
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map

package/dist/next/index.cjs

@@ -1,6 +1,6 @@
 'use strict';
 
-var chunkXMLH3TLA_cjs = require('../chunk-XMLH3TLA.cjs');
+var chunkOP4LOUCV_cjs = require('../chunk-OP4LOUCV.cjs');
 var server = require('next/server');
 
 // src/next/headers.ts
@@ -54,10 +54,10 @@ function whaleGatewayRewrite(gatewayUrl = "https://whale-gateway.fly.dev", proxy
 
 // src/next/server.ts
 function createServerClient(config) {
-  return new chunkXMLH3TLA_cjs.WhaleClient({
-    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || "",
-    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || "",
-    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || "https://whale-gateway.fly.dev",
+  return new chunkOP4LOUCV_cjs.WhaleClient({
+    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || process.env.NEXT_PUBLIC_WHALE_STORE_ID || "",
+    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || process.env.NEXT_PUBLIC_WHALE_API_KEY || "",
+    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || process.env.NEXT_PUBLIC_WHALE_GATEWAY_URL || "https://whale-gateway.fly.dev",
     proxyPath: config?.proxyPath
   });
 }
@@ -86,8 +86,8 @@ function createImageLoader(config) {
     const w = String(snapWidth(width));
     const q = String(quality || 80);
     const f = "webp";
-    const encoded = chunkXMLH3TLA_cjs.WhaleClient.encodeBase64Url(src);
-    const s = chunkXMLH3TLA_cjs.WhaleClient.signMedia(config.signingSecret, encoded, w, q, f);
+    const encoded = chunkOP4LOUCV_cjs.WhaleClient.encodeBase64Url(src);
+    const s = chunkOP4LOUCV_cjs.WhaleClient.signMedia(config.signingSecret, encoded, w, q, f);
     return `${config.gatewayUrl}/v1/stores/${config.storeId}/media?url=${encoded}&w=${w}&q=${q}&f=${f}&s=${s}`;
   };
 }
@@ -95,6 +95,9 @@ function createAuthMiddleware(options) {
   const { protectedPaths, loginPath, cookieName = "whale-session" } = options;
   return function middleware(request) {
     const { pathname } = request.nextUrl;
+    if (pathname === loginPath || pathname.startsWith(`${loginPath}/`)) {
+      return server.NextResponse.next();
+    }
     const isProtected = protectedPaths.some(
       (p) => pathname === p || pathname.startsWith(`${p}/`)
     );

package/dist/next/index.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/next/headers.ts","../../src/next/rewrite.ts","../../src/next/server.ts","../../src/next/image-loader.ts","../../src/next/middleware.ts"],"names":["WhaleClient","NextResponse"],"mappings":";;;;;;AAIO,IAAM,eAAA,GAAkB;AAAA,EAC7B;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,2BAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,kBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,oBAAA;AAAA,IACL,KAAA,EAAO;AAAA;AAEX;AAWO,SAAS,oBACd,KAAA,EACgF;AAChF,EAAA,MAAM,aAAa,KAAA,GAAQ,CAAC,GAAG,eAAA,EAAiB,GAAG,KAAK,CAAA,GAAI,eAAA;AAC5D,EAAA,OAAO,YAAY;AAAA,IACjB;AAAA,MACE,MAAA,EAAQ,SAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AACF;;;ACxCO,SAAS,mBAAA,CACd,UAAA,GAAa,+BAAA,EACb,SAAA,GAAY,SAAA,EAC6B;AACzC,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,GAAG,SAAS,CAAA,OAAA,CAAA;AAAA,IACpB,WAAA,EAAa,GAAG,UAAU,CAAA,OAAA;AAAA,GAC5B;AACF;;;ACfO,SAAS,mBAAmB,MAAA,EAAsD;AACvF,EAAA,OAAO,IAAIA,6BAAA,CAAY;AAAA,IACrB,OAAA,EAAS,MAAA,EAAQ,OAAA,IAAW,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,IAChE,MAAA,EAAQ,MAAA,EAAQ,MAAA,IAAU,OAAA,CAAQ,IAAI,mBAAA,IAAuB,EAAA;AAAA,IAC7D,UAAA,EAAY,MAAA,EAAQ,UAAA,IAAc,OAAA,CAAQ,IAAI,mBAAA,IAAuB,+BAAA;AAAA,IACrE,WAAW,MAAA,EAAQ;AAAA,GACpB,CAAA;AACH;AAMA,eAAsB,eAAe,OAAA,EAOd;AACrB,EAAA,MAAM,MAAA,GAAS,OAAA,EAAS,MAAA,IAAU,kBAAA,EAAmB;AACrD,EAAA,OAAO,OAAO,cAAA,CAAe;AAAA,IAC3B,MAAA,EAAQ,WAAA;AAAA,IACR,UAAA,EAAY,SAAS,UAAA,IAAc,EAAA;AAAA,IACnC,QAAQ,OAAA,EAAS;AAAA,GAClB,CAAA;AACH;;;AChCA,IAAM,cAAA,GAAiB,CAAC,EAAA,EAAI,EAAA,EAAI,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEzE,SAAS,UAAU,CAAA,EAAmB;AACpC,EAAA,KAAA,MAAW,MAAM,cAAA,EAAgB;AAC/B,IAAA,IAAI,EAAA,IAAM,GAAG,OAAO,EAAA;AAAA,EACtB;AACA,EAAA,OAAO,cAAA,CAAe,cAAA,CAAe,MAAA,GAAS,CAAC,CAAA;AACjD;AAsBO,SAAS,kBAAkB,MAAA,EAKQ;AACxC,EAAA,OAAO,CAAC,EAAE,GAAA,EAAK,KAAA,EAAO,SAAQ,KAAiC;AAC7D,IAAA,IAAI,CAAC,GAAA,CAAI,QAAA,CAAS,MAAA,CAAO,YAAY,CAAA,EAAG;AACtC,MAAA,OAAO,GAAA;AAAA,IACT;AAEA,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,SAAA,CAAU,KAAK,CAAC,CAAA;AACjC,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,OAAA,IAAW,EAAE,CAAA;AAC9B,IAAA,MAAM,CAAA,GAAI,MAAA;AACV,IAAA,MAAM,OAAA,GAAUA,6BAAA,CAAY,eAAA,CAAgB,GAAG,CAAA;AAC/C,IAAA,MAAM,CAAA,GAAIA,8BAAY,SAAA,CAAU,MAAA,CAAO,eAAe,OAAA,EAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAEtE,IAAA,OAAO,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,WAAA,EAAc,OAAO,OAAO,CAAA,WAAA,EAAc,OAAO,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,MAAM,CAAC,CAAA,CAAA;AAAA,EAC1G,CAAA;AACF;AC9BO,SAAS,qBAAqB,OAAA,EAIlC;AACD,EAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAW,UAAA,GAAa,iBAAgB,GAAI,OAAA;AAEpE,EAAA,OAAO,SAAS,WAAW,OAAA,EAAsB;AAC/C,IAAA,MAAM,EAAE,QAAA,EAAS,GAAI,OAAA,CAAQ,OAAA;AAG7B,IAAA,MAAM,cAAc,cAAA,CAAe,IAAA;AAAA,MACjC,CAAC,MAAM,QAAA,KAAa,CAAA,IAAK,SAAS,UAAA,CAAW,CAAA,EAAG,CAAC,CAAA,CAAA,CAAG;AAAA,KACtD;AAEA,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,OAAOC,oBAAa,IAAA,EAAK;AAAA,IAC3B;AAGA,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,KAAA;AAE/C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAM;AAClC,MAAA,GAAA,CAAI,QAAA,GAAW,SAAA;AACf,MAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,QAAQ,CAAA;AACzC,MAAA,OAAOA,mBAAA,CAAa,SAAS,GAAG,CAAA;AAAA,IAClC;AAEA,IAAA,OAAOA,oBAAa,IAAA,EAAK;AAAA,EAC3B,CAAA;AACF","file":"index.cjs","sourcesContent":["/**\n * Security headers for Next.js storefronts.\n */\n\nexport const securityHeaders = [\n  {\n    key: 'X-DNS-Prefetch-Control',\n    value: 'on',\n  },\n  {\n    key: 'Strict-Transport-Security',\n    value: 'max-age=63072000; includeSubDomains; preload',\n  },\n  {\n    key: 'X-Content-Type-Options',\n    value: 'nosniff',\n  },\n  {\n    key: 'X-Frame-Options',\n    value: 'SAMEORIGIN',\n  },\n  {\n    key: 'X-XSS-Protection',\n    value: '1; mode=block',\n  },\n  {\n    key: 'Referrer-Policy',\n    value: 'strict-origin-when-cross-origin',\n  },\n  {\n    key: 'Permissions-Policy',\n    value: 'camera=(), microphone=(), geolocation=(self), interest-cohort=()',\n  },\n]\n\n/**\n * Returns a Next.js `headers()` config with security headers applied to all routes.\n * Use in next.config.ts:\n *\n * ```ts\n * import { withSecurityHeaders } from '@neowhale/storefront/next'\n * export default { headers: withSecurityHeaders() }\n * ```\n */\nexport function withSecurityHeaders(\n  extra?: { key: string; value: string }[]\n): () => Promise<{ source: string; headers: { key: string; value: string }[] }[]> {\n  const allHeaders = extra ? [...securityHeaders, ...extra] : securityHeaders\n  return async () => [\n    {\n      source: '/:path*',\n      headers: allHeaders,\n    },\n  ]\n}\n","/**\n * Gateway rewrite rule for Next.js.\n * Proxies client-side /api/gw/* requests to whale-gateway to avoid CORS.\n *\n * Usage in next.config.ts:\n * ```ts\n * import { whaleGatewayRewrite } from '@neowhale/storefront/next'\n * export default {\n *   async rewrites() {\n *     return [whaleGatewayRewrite()]\n *   }\n * }\n * ```\n */\nexport function whaleGatewayRewrite(\n  gatewayUrl = 'https://whale-gateway.fly.dev',\n  proxyPath = '/api/gw'\n): { source: string; destination: string } {\n  return {\n    source: `${proxyPath}/:path*`,\n    destination: `${gatewayUrl}/:path*`,\n  }\n}\n","import { WhaleClient } from '../client.js'\nimport type { Product, WhaleStorefrontConfig } from '../types.js'\n\n/**\n * Creates a server-side WhaleClient.\n * Reads from env vars by default — override with explicit config.\n */\nexport function createServerClient(config?: Partial<WhaleStorefrontConfig>): WhaleClient {\n  return new WhaleClient({\n    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || '',\n    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || '',\n    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || 'https://whale-gateway.fly.dev',\n    proxyPath: config?.proxyPath,\n  })\n}\n\n/**\n * Server-side: fetch all published products with ISR caching.\n * Drop-in replacement for Flora's `getAllProducts()`.\n */\nexport async function getAllProducts(options?: {\n  /** Revalidate interval in seconds. Defaults to 60. */\n  revalidate?: number\n  /** Filter function to exclude products (e.g. hidden categories, out of stock) */\n  filter?: (product: Product) => boolean\n  /** Override client config */\n  client?: WhaleClient\n}): Promise<Product[]> {\n  const client = options?.client ?? createServerClient()\n  return client.getAllProducts({\n    status: 'published',\n    revalidate: options?.revalidate ?? 60,\n    filter: options?.filter,\n  })\n}\n","import { WhaleClient } from '../client.js'\n\nconst ALLOWED_WIDTHS = [64, 96, 128, 256, 384, 640, 828, 1080, 1280, 1920]\n\nfunction snapWidth(w: number): number {\n  for (const aw of ALLOWED_WIDTHS) {\n    if (aw >= w) return aw\n  }\n  return ALLOWED_WIDTHS[ALLOWED_WIDTHS.length - 1]\n}\n\ninterface ImageLoaderParams {\n  src: string\n  width: number\n  quality?: number\n}\n\n/**\n * Creates a Next.js custom image loader that proxies Supabase images through gateway.\n *\n * Usage in a loader file (e.g. src/lib/image-loader.ts):\n * ```ts\n * import { createImageLoader } from '@neowhale/storefront/next'\n * export default createImageLoader({\n *   storeId: process.env.NEXT_PUBLIC_STORE_ID!,\n *   gatewayUrl: 'https://whale-gateway.fly.dev',\n *   supabaseHost: 'your-project.supabase.co',\n *   signingSecret: process.env.NEXT_PUBLIC_MEDIA_SIGNING_SECRET!,\n * })\n * ```\n */\nexport function createImageLoader(config: {\n  storeId: string\n  gatewayUrl: string\n  supabaseHost: string\n  signingSecret: string\n}): (params: ImageLoaderParams) => string {\n  return ({ src, width, quality }: ImageLoaderParams): string => {\n    if (!src.includes(config.supabaseHost)) {\n      return src\n    }\n\n    const w = String(snapWidth(width))\n    const q = String(quality || 80)\n    const f = 'webp'\n    const encoded = WhaleClient.encodeBase64Url(src)\n    const s = WhaleClient.signMedia(config.signingSecret, encoded, w, q, f)\n\n    return `${config.gatewayUrl}/v1/stores/${config.storeId}/media?url=${encoded}&w=${w}&q=${q}&f=${f}&s=${s}`\n  }\n}\n","import type { NextRequest } from 'next/server'\nimport { NextResponse } from 'next/server'\n\n/**\n * Creates a Next.js middleware that protects routes requiring authentication.\n *\n * Checks for a session token cookie or localStorage indicator.\n * Since middleware runs on the edge and can't access localStorage,\n * this checks for a cookie-based token instead.\n *\n * Usage in middleware.ts:\n * ```ts\n * import { createAuthMiddleware } from '@neowhale/storefront/next'\n * export const middleware = createAuthMiddleware({\n *   protectedPaths: ['/account'],\n *   loginPath: '/account',\n * })\n * export const config = { matcher: ['/account/:path*'] }\n * ```\n */\nexport function createAuthMiddleware(options: {\n  protectedPaths: string[]\n  loginPath: string\n  cookieName?: string\n}) {\n  const { protectedPaths, loginPath, cookieName = 'whale-session' } = options\n\n  return function middleware(request: NextRequest) {\n    const { pathname } = request.nextUrl\n\n    // Check if this is a protected path\n    const isProtected = protectedPaths.some(\n      (p) => pathname === p || pathname.startsWith(`${p}/`)\n    )\n\n    if (!isProtected) {\n      return NextResponse.next()\n    }\n\n    // Check for session cookie\n    const token = request.cookies.get(cookieName)?.value\n\n    if (!token) {\n      const url = request.nextUrl.clone()\n      url.pathname = loginPath\n      url.searchParams.set('redirect', pathname)\n      return NextResponse.redirect(url)\n    }\n\n    return NextResponse.next()\n  }\n}\n"]}
+{"version":3,"sources":["../../src/next/headers.ts","../../src/next/rewrite.ts","../../src/next/server.ts","../../src/next/image-loader.ts","../../src/next/middleware.ts"],"names":["WhaleClient","NextResponse"],"mappings":";;;;;;AAIO,IAAM,eAAA,GAAkB;AAAA,EAC7B;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,2BAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,kBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,oBAAA;AAAA,IACL,KAAA,EAAO;AAAA;AAEX;AAWO,SAAS,oBACd,KAAA,EACgF;AAChF,EAAA,MAAM,aAAa,KAAA,GAAQ,CAAC,GAAG,eAAA,EAAiB,GAAG,KAAK,CAAA,GAAI,eAAA;AAC5D,EAAA,OAAO,YAAY;AAAA,IACjB;AAAA,MACE,MAAA,EAAQ,SAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AACF;;;ACxCO,SAAS,mBAAA,CACd,UAAA,GAAa,+BAAA,EACb,SAAA,GAAY,SAAA,EAC6B;AACzC,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,GAAG,SAAS,CAAA,OAAA,CAAA;AAAA,IACpB,WAAA,EAAa,GAAG,UAAU,CAAA,OAAA;AAAA,GAC5B;AACF;;;ACfO,SAAS,mBAAmB,MAAA,EAAsD;AACvF,EAAA,OAAO,IAAIA,6BAAA,CAAY;AAAA,IACrB,OAAA,EAAS,QAAQ,OAAA,IAAW,OAAA,CAAQ,IAAI,oBAAA,IAAwB,OAAA,CAAQ,IAAI,0BAAA,IAA8B,EAAA;AAAA,IAC1G,MAAA,EAAQ,QAAQ,MAAA,IAAU,OAAA,CAAQ,IAAI,mBAAA,IAAuB,OAAA,CAAQ,IAAI,yBAAA,IAA6B,EAAA;AAAA,IACtG,UAAA,EAAY,QAAQ,UAAA,IAAc,OAAA,CAAQ,IAAI,mBAAA,IAAuB,OAAA,CAAQ,IAAI,6BAAA,IAAiC,+BAAA;AAAA,IAClH,WAAW,MAAA,EAAQ;AAAA,GACpB,CAAA;AACH;AAMA,eAAsB,eAAe,OAAA,EAOd;AACrB,EAAA,MAAM,MAAA,GAAS,OAAA,EAAS,MAAA,IAAU,kBAAA,EAAmB;AACrD,EAAA,OAAO,OAAO,cAAA,CAAe;AAAA,IAC3B,MAAA,EAAQ,WAAA;AAAA,IACR,UAAA,EAAY,SAAS,UAAA,IAAc,EAAA;AAAA,IACnC,QAAQ,OAAA,EAAS;AAAA,GAClB,CAAA;AACH;;;AChCA,IAAM,cAAA,GAAiB,CAAC,EAAA,EAAI,EAAA,EAAI,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEzE,SAAS,UAAU,CAAA,EAAmB;AACpC,EAAA,KAAA,MAAW,MAAM,cAAA,EAAgB;AAC/B,IAAA,IAAI,EAAA,IAAM,GAAG,OAAO,EAAA;AAAA,EACtB;AACA,EAAA,OAAO,cAAA,CAAe,cAAA,CAAe,MAAA,GAAS,CAAC,CAAA;AACjD;AAsBO,SAAS,kBAAkB,MAAA,EAKQ;AACxC,EAAA,OAAO,CAAC,EAAE,GAAA,EAAK,KAAA,EAAO,SAAQ,KAAiC;AAC7D,IAAA,IAAI,CAAC,GAAA,CAAI,QAAA,CAAS,MAAA,CAAO,YAAY,CAAA,EAAG;AACtC,MAAA,OAAO,GAAA;AAAA,IACT;AAEA,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,SAAA,CAAU,KAAK,CAAC,CAAA;AACjC,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,OAAA,IAAW,EAAE,CAAA;AAC9B,IAAA,MAAM,CAAA,GAAI,MAAA;AACV,IAAA,MAAM,OAAA,GAAUA,6BAAA,CAAY,eAAA,CAAgB,GAAG,CAAA;AAC/C,IAAA,MAAM,CAAA,GAAIA,8BAAY,SAAA,CAAU,MAAA,CAAO,eAAe,OAAA,EAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAEtE,IAAA,OAAO,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,WAAA,EAAc,OAAO,OAAO,CAAA,WAAA,EAAc,OAAO,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,MAAM,CAAC,CAAA,CAAA;AAAA,EAC1G,CAAA;AACF;AC9BO,SAAS,qBAAqB,OAAA,EAIlC;AACD,EAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAW,UAAA,GAAa,iBAAgB,GAAI,OAAA;AAEpE,EAAA,OAAO,SAAS,WAAW,OAAA,EAAsB;AAC/C,IAAA,MAAM,EAAE,QAAA,EAAS,GAAI,OAAA,CAAQ,OAAA;AAG7B,IAAA,IAAI,aAAa,SAAA,IAAa,QAAA,CAAS,WAAW,CAAA,EAAG,SAAS,GAAG,CAAA,EAAG;AAClE,MAAA,OAAOC,oBAAa,IAAA,EAAK;AAAA,IAC3B;AAGA,IAAA,MAAM,cAAc,cAAA,CAAe,IAAA;AAAA,MACjC,CAAC,MAAM,QAAA,KAAa,CAAA,IAAK,SAAS,UAAA,CAAW,CAAA,EAAG,CAAC,CAAA,CAAA,CAAG;AAAA,KACtD;AAEA,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,OAAOA,oBAAa,IAAA,EAAK;AAAA,IAC3B;AAGA,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,KAAA;AAE/C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAM;AAClC,MAAA,GAAA,CAAI,QAAA,GAAW,SAAA;AACf,MAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,QAAQ,CAAA;AACzC,MAAA,OAAOA,mBAAA,CAAa,SAAS,GAAG,CAAA;AAAA,IAClC;AAEA,IAAA,OAAOA,oBAAa,IAAA,EAAK;AAAA,EAC3B,CAAA;AACF","file":"index.cjs","sourcesContent":["/**\n * Security headers for Next.js storefronts.\n */\n\nexport const securityHeaders = [\n  {\n    key: 'X-DNS-Prefetch-Control',\n    value: 'on',\n  },\n  {\n    key: 'Strict-Transport-Security',\n    value: 'max-age=63072000; includeSubDomains; preload',\n  },\n  {\n    key: 'X-Content-Type-Options',\n    value: 'nosniff',\n  },\n  {\n    key: 'X-Frame-Options',\n    value: 'SAMEORIGIN',\n  },\n  {\n    key: 'X-XSS-Protection',\n    value: '1; mode=block',\n  },\n  {\n    key: 'Referrer-Policy',\n    value: 'strict-origin-when-cross-origin',\n  },\n  {\n    key: 'Permissions-Policy',\n    value: 'camera=(), microphone=(), geolocation=(self), interest-cohort=()',\n  },\n]\n\n/**\n * Returns a Next.js `headers()` config with security headers applied to all routes.\n * Use in next.config.ts:\n *\n * ```ts\n * import { withSecurityHeaders } from '@neowhale/storefront/next'\n * export default { headers: withSecurityHeaders() }\n * ```\n */\nexport function withSecurityHeaders(\n  extra?: { key: string; value: string }[]\n): () => Promise<{ source: string; headers: { key: string; value: string }[] }[]> {\n  const allHeaders = extra ? [...securityHeaders, ...extra] : securityHeaders\n  return async () => [\n    {\n      source: '/:path*',\n      headers: allHeaders,\n    },\n  ]\n}\n","/**\n * Gateway rewrite rule for Next.js.\n * Proxies client-side /api/gw/* requests to whale-gateway to avoid CORS.\n *\n * Usage in next.config.ts:\n * ```ts\n * import { whaleGatewayRewrite } from '@neowhale/storefront/next'\n * export default {\n *   async rewrites() {\n *     return [whaleGatewayRewrite()]\n *   }\n * }\n * ```\n */\nexport function whaleGatewayRewrite(\n  gatewayUrl = 'https://whale-gateway.fly.dev',\n  proxyPath = '/api/gw'\n): { source: string; destination: string } {\n  return {\n    source: `${proxyPath}/:path*`,\n    destination: `${gatewayUrl}/:path*`,\n  }\n}\n","import { WhaleClient } from '../client.js'\nimport type { Product, WhaleStorefrontConfig } from '../types.js'\n\n/**\n * Creates a server-side WhaleClient.\n * Reads from env vars by default — override with explicit config.\n */\nexport function createServerClient(config?: Partial<WhaleStorefrontConfig>): WhaleClient {\n  return new WhaleClient({\n    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || process.env.NEXT_PUBLIC_WHALE_STORE_ID || '',\n    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || process.env.NEXT_PUBLIC_WHALE_API_KEY || '',\n    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || process.env.NEXT_PUBLIC_WHALE_GATEWAY_URL || 'https://whale-gateway.fly.dev',\n    proxyPath: config?.proxyPath,\n  })\n}\n\n/**\n * Server-side: fetch all published products with ISR caching.\n * Drop-in replacement for Flora's `getAllProducts()`.\n */\nexport async function getAllProducts(options?: {\n  /** Revalidate interval in seconds. Defaults to 60. */\n  revalidate?: number\n  /** Filter function to exclude products (e.g. hidden categories, out of stock) */\n  filter?: (product: Product) => boolean\n  /** Override client config */\n  client?: WhaleClient\n}): Promise<Product[]> {\n  const client = options?.client ?? createServerClient()\n  return client.getAllProducts({\n    status: 'published',\n    revalidate: options?.revalidate ?? 60,\n    filter: options?.filter,\n  })\n}\n","import { WhaleClient } from '../client.js'\n\nconst ALLOWED_WIDTHS = [64, 96, 128, 256, 384, 640, 828, 1080, 1280, 1920]\n\nfunction snapWidth(w: number): number {\n  for (const aw of ALLOWED_WIDTHS) {\n    if (aw >= w) return aw\n  }\n  return ALLOWED_WIDTHS[ALLOWED_WIDTHS.length - 1]\n}\n\ninterface ImageLoaderParams {\n  src: string\n  width: number\n  quality?: number\n}\n\n/**\n * Creates a Next.js custom image loader that proxies Supabase images through gateway.\n *\n * Usage in a loader file (e.g. src/lib/image-loader.ts):\n * ```ts\n * import { createImageLoader } from '@neowhale/storefront/next'\n * export default createImageLoader({\n *   storeId: process.env.NEXT_PUBLIC_STORE_ID!,\n *   gatewayUrl: 'https://whale-gateway.fly.dev',\n *   supabaseHost: 'your-project.supabase.co',\n *   signingSecret: process.env.NEXT_PUBLIC_MEDIA_SIGNING_SECRET!,\n * })\n * ```\n */\nexport function createImageLoader(config: {\n  storeId: string\n  gatewayUrl: string\n  supabaseHost: string\n  signingSecret: string\n}): (params: ImageLoaderParams) => string {\n  return ({ src, width, quality }: ImageLoaderParams): string => {\n    if (!src.includes(config.supabaseHost)) {\n      return src\n    }\n\n    const w = String(snapWidth(width))\n    const q = String(quality || 80)\n    const f = 'webp'\n    const encoded = WhaleClient.encodeBase64Url(src)\n    const s = WhaleClient.signMedia(config.signingSecret, encoded, w, q, f)\n\n    return `${config.gatewayUrl}/v1/stores/${config.storeId}/media?url=${encoded}&w=${w}&q=${q}&f=${f}&s=${s}`\n  }\n}\n","import type { NextRequest } from 'next/server'\nimport { NextResponse } from 'next/server'\n\n/**\n * Creates a Next.js middleware that protects routes requiring authentication.\n *\n * Checks for a session token cookie or localStorage indicator.\n * Since middleware runs on the edge and can't access localStorage,\n * this checks for a cookie-based token instead.\n *\n * Usage in middleware.ts:\n * ```ts\n * import { createAuthMiddleware } from '@neowhale/storefront/next'\n * export const middleware = createAuthMiddleware({\n *   protectedPaths: ['/account'],\n *   loginPath: '/account',\n * })\n * export const config = { matcher: ['/account/:path*'] }\n * ```\n */\nexport function createAuthMiddleware(options: {\n  protectedPaths: string[]\n  loginPath: string\n  cookieName?: string\n}) {\n  const { protectedPaths, loginPath, cookieName = 'whale-session' } = options\n\n  return function middleware(request: NextRequest) {\n    const { pathname } = request.nextUrl\n\n    // Never gate the login path itself — prevents redirect loops\n    if (pathname === loginPath || pathname.startsWith(`${loginPath}/`)) {\n      return NextResponse.next()\n    }\n\n    // Check if this is a protected path\n    const isProtected = protectedPaths.some(\n      (p) => pathname === p || pathname.startsWith(`${p}/`)\n    )\n\n    if (!isProtected) {\n      return NextResponse.next()\n    }\n\n    // Check for session cookie\n    const token = request.cookies.get(cookieName)?.value\n\n    if (!token) {\n      const url = request.nextUrl.clone()\n      url.pathname = loginPath\n      url.searchParams.set('redirect', pathname)\n      return NextResponse.redirect(url)\n    }\n\n    return NextResponse.next()\n  }\n}\n"]}

package/dist/next/index.d.cts

@@ -1,4 +1,4 @@
-import { WhaleStorefrontConfig, WhaleClient, Product } from '../index.cjs';
+import { m as WhaleStorefrontConfig, W as WhaleClient, i as Product } from '../client-y0V1x0px.cjs';
 import { NextRequest, NextResponse } from 'next/server';
 
 /**

package/dist/next/index.d.ts

@@ -1,4 +1,4 @@
-import { WhaleStorefrontConfig, WhaleClient, Product } from '../index.js';
+import { m as WhaleStorefrontConfig, W as WhaleClient, i as Product } from '../client-y0V1x0px.js';
 import { NextRequest, NextResponse } from 'next/server';
 
 /**

package/dist/next/index.js

@@ -1,4 +1,4 @@
-import { WhaleClient } from '../chunk-PR4PUHVN.js';
+import { WhaleClient } from '../chunk-QIIKQ7DN.js';
 import { NextResponse } from 'next/server';
 
 // src/next/headers.ts
@@ -53,9 +53,9 @@ function whaleGatewayRewrite(gatewayUrl = "https://whale-gateway.fly.dev", proxy
 // src/next/server.ts
 function createServerClient(config) {
   return new WhaleClient({
-    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || "",
-    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || "",
-    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || "https://whale-gateway.fly.dev",
+    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || process.env.NEXT_PUBLIC_WHALE_STORE_ID || "",
+    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || process.env.NEXT_PUBLIC_WHALE_API_KEY || "",
+    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || process.env.NEXT_PUBLIC_WHALE_GATEWAY_URL || "https://whale-gateway.fly.dev",
     proxyPath: config?.proxyPath
   });
 }
@@ -93,6 +93,9 @@ function createAuthMiddleware(options) {
   const { protectedPaths, loginPath, cookieName = "whale-session" } = options;
   return function middleware(request) {
     const { pathname } = request.nextUrl;
+    if (pathname === loginPath || pathname.startsWith(`${loginPath}/`)) {
+      return NextResponse.next();
+    }
     const isProtected = protectedPaths.some(
       (p) => pathname === p || pathname.startsWith(`${p}/`)
     );

package/dist/next/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/next/headers.ts","../../src/next/rewrite.ts","../../src/next/server.ts","../../src/next/image-loader.ts","../../src/next/middleware.ts"],"names":[],"mappings":";;;;AAIO,IAAM,eAAA,GAAkB;AAAA,EAC7B;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,2BAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,kBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,oBAAA;AAAA,IACL,KAAA,EAAO;AAAA;AAEX;AAWO,SAAS,oBACd,KAAA,EACgF;AAChF,EAAA,MAAM,aAAa,KAAA,GAAQ,CAAC,GAAG,eAAA,EAAiB,GAAG,KAAK,CAAA,GAAI,eAAA;AAC5D,EAAA,OAAO,YAAY;AAAA,IACjB;AAAA,MACE,MAAA,EAAQ,SAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AACF;;;ACxCO,SAAS,mBAAA,CACd,UAAA,GAAa,+BAAA,EACb,SAAA,GAAY,SAAA,EAC6B;AACzC,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,GAAG,SAAS,CAAA,OAAA,CAAA;AAAA,IACpB,WAAA,EAAa,GAAG,UAAU,CAAA,OAAA;AAAA,GAC5B;AACF;;;ACfO,SAAS,mBAAmB,MAAA,EAAsD;AACvF,EAAA,OAAO,IAAI,WAAA,CAAY;AAAA,IACrB,OAAA,EAAS,MAAA,EAAQ,OAAA,IAAW,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,IAChE,MAAA,EAAQ,MAAA,EAAQ,MAAA,IAAU,OAAA,CAAQ,IAAI,mBAAA,IAAuB,EAAA;AAAA,IAC7D,UAAA,EAAY,MAAA,EAAQ,UAAA,IAAc,OAAA,CAAQ,IAAI,mBAAA,IAAuB,+BAAA;AAAA,IACrE,WAAW,MAAA,EAAQ;AAAA,GACpB,CAAA;AACH;AAMA,eAAsB,eAAe,OAAA,EAOd;AACrB,EAAA,MAAM,MAAA,GAAS,OAAA,EAAS,MAAA,IAAU,kBAAA,EAAmB;AACrD,EAAA,OAAO,OAAO,cAAA,CAAe;AAAA,IAC3B,MAAA,EAAQ,WAAA;AAAA,IACR,UAAA,EAAY,SAAS,UAAA,IAAc,EAAA;AAAA,IACnC,QAAQ,OAAA,EAAS;AAAA,GAClB,CAAA;AACH;;;AChCA,IAAM,cAAA,GAAiB,CAAC,EAAA,EAAI,EAAA,EAAI,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEzE,SAAS,UAAU,CAAA,EAAmB;AACpC,EAAA,KAAA,MAAW,MAAM,cAAA,EAAgB;AAC/B,IAAA,IAAI,EAAA,IAAM,GAAG,OAAO,EAAA;AAAA,EACtB;AACA,EAAA,OAAO,cAAA,CAAe,cAAA,CAAe,MAAA,GAAS,CAAC,CAAA;AACjD;AAsBO,SAAS,kBAAkB,MAAA,EAKQ;AACxC,EAAA,OAAO,CAAC,EAAE,GAAA,EAAK,KAAA,EAAO,SAAQ,KAAiC;AAC7D,IAAA,IAAI,CAAC,GAAA,CAAI,QAAA,CAAS,MAAA,CAAO,YAAY,CAAA,EAAG;AACtC,MAAA,OAAO,GAAA;AAAA,IACT;AAEA,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,SAAA,CAAU,KAAK,CAAC,CAAA;AACjC,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,OAAA,IAAW,EAAE,CAAA;AAC9B,IAAA,MAAM,CAAA,GAAI,MAAA;AACV,IAAA,MAAM,OAAA,GAAU,WAAA,CAAY,eAAA,CAAgB,GAAG,CAAA;AAC/C,IAAA,MAAM,CAAA,GAAI,YAAY,SAAA,CAAU,MAAA,CAAO,eAAe,OAAA,EAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAEtE,IAAA,OAAO,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,WAAA,EAAc,OAAO,OAAO,CAAA,WAAA,EAAc,OAAO,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,MAAM,CAAC,CAAA,CAAA;AAAA,EAC1G,CAAA;AACF;AC9BO,SAAS,qBAAqB,OAAA,EAIlC;AACD,EAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAW,UAAA,GAAa,iBAAgB,GAAI,OAAA;AAEpE,EAAA,OAAO,SAAS,WAAW,OAAA,EAAsB;AAC/C,IAAA,MAAM,EAAE,QAAA,EAAS,GAAI,OAAA,CAAQ,OAAA;AAG7B,IAAA,MAAM,cAAc,cAAA,CAAe,IAAA;AAAA,MACjC,CAAC,MAAM,QAAA,KAAa,CAAA,IAAK,SAAS,UAAA,CAAW,CAAA,EAAG,CAAC,CAAA,CAAA,CAAG;AAAA,KACtD;AAEA,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,OAAO,aAAa,IAAA,EAAK;AAAA,IAC3B;AAGA,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,KAAA;AAE/C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAM;AAClC,MAAA,GAAA,CAAI,QAAA,GAAW,SAAA;AACf,MAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,QAAQ,CAAA;AACzC,MAAA,OAAO,YAAA,CAAa,SAAS,GAAG,CAAA;AAAA,IAClC;AAEA,IAAA,OAAO,aAAa,IAAA,EAAK;AAAA,EAC3B,CAAA;AACF","file":"index.js","sourcesContent":["/**\n * Security headers for Next.js storefronts.\n */\n\nexport const securityHeaders = [\n  {\n    key: 'X-DNS-Prefetch-Control',\n    value: 'on',\n  },\n  {\n    key: 'Strict-Transport-Security',\n    value: 'max-age=63072000; includeSubDomains; preload',\n  },\n  {\n    key: 'X-Content-Type-Options',\n    value: 'nosniff',\n  },\n  {\n    key: 'X-Frame-Options',\n    value: 'SAMEORIGIN',\n  },\n  {\n    key: 'X-XSS-Protection',\n    value: '1; mode=block',\n  },\n  {\n    key: 'Referrer-Policy',\n    value: 'strict-origin-when-cross-origin',\n  },\n  {\n    key: 'Permissions-Policy',\n    value: 'camera=(), microphone=(), geolocation=(self), interest-cohort=()',\n  },\n]\n\n/**\n * Returns a Next.js `headers()` config with security headers applied to all routes.\n * Use in next.config.ts:\n *\n * ```ts\n * import { withSecurityHeaders } from '@neowhale/storefront/next'\n * export default { headers: withSecurityHeaders() }\n * ```\n */\nexport function withSecurityHeaders(\n  extra?: { key: string; value: string }[]\n): () => Promise<{ source: string; headers: { key: string; value: string }[] }[]> {\n  const allHeaders = extra ? [...securityHeaders, ...extra] : securityHeaders\n  return async () => [\n    {\n      source: '/:path*',\n      headers: allHeaders,\n    },\n  ]\n}\n","/**\n * Gateway rewrite rule for Next.js.\n * Proxies client-side /api/gw/* requests to whale-gateway to avoid CORS.\n *\n * Usage in next.config.ts:\n * ```ts\n * import { whaleGatewayRewrite } from '@neowhale/storefront/next'\n * export default {\n *   async rewrites() {\n *     return [whaleGatewayRewrite()]\n *   }\n * }\n * ```\n */\nexport function whaleGatewayRewrite(\n  gatewayUrl = 'https://whale-gateway.fly.dev',\n  proxyPath = '/api/gw'\n): { source: string; destination: string } {\n  return {\n    source: `${proxyPath}/:path*`,\n    destination: `${gatewayUrl}/:path*`,\n  }\n}\n","import { WhaleClient } from '../client.js'\nimport type { Product, WhaleStorefrontConfig } from '../types.js'\n\n/**\n * Creates a server-side WhaleClient.\n * Reads from env vars by default — override with explicit config.\n */\nexport function createServerClient(config?: Partial<WhaleStorefrontConfig>): WhaleClient {\n  return new WhaleClient({\n    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || '',\n    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || '',\n    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || 'https://whale-gateway.fly.dev',\n    proxyPath: config?.proxyPath,\n  })\n}\n\n/**\n * Server-side: fetch all published products with ISR caching.\n * Drop-in replacement for Flora's `getAllProducts()`.\n */\nexport async function getAllProducts(options?: {\n  /** Revalidate interval in seconds. Defaults to 60. */\n  revalidate?: number\n  /** Filter function to exclude products (e.g. hidden categories, out of stock) */\n  filter?: (product: Product) => boolean\n  /** Override client config */\n  client?: WhaleClient\n}): Promise<Product[]> {\n  const client = options?.client ?? createServerClient()\n  return client.getAllProducts({\n    status: 'published',\n    revalidate: options?.revalidate ?? 60,\n    filter: options?.filter,\n  })\n}\n","import { WhaleClient } from '../client.js'\n\nconst ALLOWED_WIDTHS = [64, 96, 128, 256, 384, 640, 828, 1080, 1280, 1920]\n\nfunction snapWidth(w: number): number {\n  for (const aw of ALLOWED_WIDTHS) {\n    if (aw >= w) return aw\n  }\n  return ALLOWED_WIDTHS[ALLOWED_WIDTHS.length - 1]\n}\n\ninterface ImageLoaderParams {\n  src: string\n  width: number\n  quality?: number\n}\n\n/**\n * Creates a Next.js custom image loader that proxies Supabase images through gateway.\n *\n * Usage in a loader file (e.g. src/lib/image-loader.ts):\n * ```ts\n * import { createImageLoader } from '@neowhale/storefront/next'\n * export default createImageLoader({\n *   storeId: process.env.NEXT_PUBLIC_STORE_ID!,\n *   gatewayUrl: 'https://whale-gateway.fly.dev',\n *   supabaseHost: 'your-project.supabase.co',\n *   signingSecret: process.env.NEXT_PUBLIC_MEDIA_SIGNING_SECRET!,\n * })\n * ```\n */\nexport function createImageLoader(config: {\n  storeId: string\n  gatewayUrl: string\n  supabaseHost: string\n  signingSecret: string\n}): (params: ImageLoaderParams) => string {\n  return ({ src, width, quality }: ImageLoaderParams): string => {\n    if (!src.includes(config.supabaseHost)) {\n      return src\n    }\n\n    const w = String(snapWidth(width))\n    const q = String(quality || 80)\n    const f = 'webp'\n    const encoded = WhaleClient.encodeBase64Url(src)\n    const s = WhaleClient.signMedia(config.signingSecret, encoded, w, q, f)\n\n    return `${config.gatewayUrl}/v1/stores/${config.storeId}/media?url=${encoded}&w=${w}&q=${q}&f=${f}&s=${s}`\n  }\n}\n","import type { NextRequest } from 'next/server'\nimport { NextResponse } from 'next/server'\n\n/**\n * Creates a Next.js middleware that protects routes requiring authentication.\n *\n * Checks for a session token cookie or localStorage indicator.\n * Since middleware runs on the edge and can't access localStorage,\n * this checks for a cookie-based token instead.\n *\n * Usage in middleware.ts:\n * ```ts\n * import { createAuthMiddleware } from '@neowhale/storefront/next'\n * export const middleware = createAuthMiddleware({\n *   protectedPaths: ['/account'],\n *   loginPath: '/account',\n * })\n * export const config = { matcher: ['/account/:path*'] }\n * ```\n */\nexport function createAuthMiddleware(options: {\n  protectedPaths: string[]\n  loginPath: string\n  cookieName?: string\n}) {\n  const { protectedPaths, loginPath, cookieName = 'whale-session' } = options\n\n  return function middleware(request: NextRequest) {\n    const { pathname } = request.nextUrl\n\n    // Check if this is a protected path\n    const isProtected = protectedPaths.some(\n      (p) => pathname === p || pathname.startsWith(`${p}/`)\n    )\n\n    if (!isProtected) {\n      return NextResponse.next()\n    }\n\n    // Check for session cookie\n    const token = request.cookies.get(cookieName)?.value\n\n    if (!token) {\n      const url = request.nextUrl.clone()\n      url.pathname = loginPath\n      url.searchParams.set('redirect', pathname)\n      return NextResponse.redirect(url)\n    }\n\n    return NextResponse.next()\n  }\n}\n"]}
+{"version":3,"sources":["../../src/next/headers.ts","../../src/next/rewrite.ts","../../src/next/server.ts","../../src/next/image-loader.ts","../../src/next/middleware.ts"],"names":[],"mappings":";;;;AAIO,IAAM,eAAA,GAAkB;AAAA,EAC7B;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,2BAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,wBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,kBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,iBAAA;AAAA,IACL,KAAA,EAAO;AAAA,GACT;AAAA,EACA;AAAA,IACE,GAAA,EAAK,oBAAA;AAAA,IACL,KAAA,EAAO;AAAA;AAEX;AAWO,SAAS,oBACd,KAAA,EACgF;AAChF,EAAA,MAAM,aAAa,KAAA,GAAQ,CAAC,GAAG,eAAA,EAAiB,GAAG,KAAK,CAAA,GAAI,eAAA;AAC5D,EAAA,OAAO,YAAY;AAAA,IACjB;AAAA,MACE,MAAA,EAAQ,SAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AACF;;;ACxCO,SAAS,mBAAA,CACd,UAAA,GAAa,+BAAA,EACb,SAAA,GAAY,SAAA,EAC6B;AACzC,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,GAAG,SAAS,CAAA,OAAA,CAAA;AAAA,IACpB,WAAA,EAAa,GAAG,UAAU,CAAA,OAAA;AAAA,GAC5B;AACF;;;ACfO,SAAS,mBAAmB,MAAA,EAAsD;AACvF,EAAA,OAAO,IAAI,WAAA,CAAY;AAAA,IACrB,OAAA,EAAS,QAAQ,OAAA,IAAW,OAAA,CAAQ,IAAI,oBAAA,IAAwB,OAAA,CAAQ,IAAI,0BAAA,IAA8B,EAAA;AAAA,IAC1G,MAAA,EAAQ,QAAQ,MAAA,IAAU,OAAA,CAAQ,IAAI,mBAAA,IAAuB,OAAA,CAAQ,IAAI,yBAAA,IAA6B,EAAA;AAAA,IACtG,UAAA,EAAY,QAAQ,UAAA,IAAc,OAAA,CAAQ,IAAI,mBAAA,IAAuB,OAAA,CAAQ,IAAI,6BAAA,IAAiC,+BAAA;AAAA,IAClH,WAAW,MAAA,EAAQ;AAAA,GACpB,CAAA;AACH;AAMA,eAAsB,eAAe,OAAA,EAOd;AACrB,EAAA,MAAM,MAAA,GAAS,OAAA,EAAS,MAAA,IAAU,kBAAA,EAAmB;AACrD,EAAA,OAAO,OAAO,cAAA,CAAe;AAAA,IAC3B,MAAA,EAAQ,WAAA;AAAA,IACR,UAAA,EAAY,SAAS,UAAA,IAAc,EAAA;AAAA,IACnC,QAAQ,OAAA,EAAS;AAAA,GAClB,CAAA;AACH;;;AChCA,IAAM,cAAA,GAAiB,CAAC,EAAA,EAAI,EAAA,EAAI,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEzE,SAAS,UAAU,CAAA,EAAmB;AACpC,EAAA,KAAA,MAAW,MAAM,cAAA,EAAgB;AAC/B,IAAA,IAAI,EAAA,IAAM,GAAG,OAAO,EAAA;AAAA,EACtB;AACA,EAAA,OAAO,cAAA,CAAe,cAAA,CAAe,MAAA,GAAS,CAAC,CAAA;AACjD;AAsBO,SAAS,kBAAkB,MAAA,EAKQ;AACxC,EAAA,OAAO,CAAC,EAAE,GAAA,EAAK,KAAA,EAAO,SAAQ,KAAiC;AAC7D,IAAA,IAAI,CAAC,GAAA,CAAI,QAAA,CAAS,MAAA,CAAO,YAAY,CAAA,EAAG;AACtC,MAAA,OAAO,GAAA;AAAA,IACT;AAEA,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,SAAA,CAAU,KAAK,CAAC,CAAA;AACjC,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,OAAA,IAAW,EAAE,CAAA;AAC9B,IAAA,MAAM,CAAA,GAAI,MAAA;AACV,IAAA,MAAM,OAAA,GAAU,WAAA,CAAY,eAAA,CAAgB,GAAG,CAAA;AAC/C,IAAA,MAAM,CAAA,GAAI,YAAY,SAAA,CAAU,MAAA,CAAO,eAAe,OAAA,EAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAEtE,IAAA,OAAO,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,WAAA,EAAc,OAAO,OAAO,CAAA,WAAA,EAAc,OAAO,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,CAAA,GAAA,EAAM,CAAC,MAAM,CAAC,CAAA,CAAA;AAAA,EAC1G,CAAA;AACF;AC9BO,SAAS,qBAAqB,OAAA,EAIlC;AACD,EAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAW,UAAA,GAAa,iBAAgB,GAAI,OAAA;AAEpE,EAAA,OAAO,SAAS,WAAW,OAAA,EAAsB;AAC/C,IAAA,MAAM,EAAE,QAAA,EAAS,GAAI,OAAA,CAAQ,OAAA;AAG7B,IAAA,IAAI,aAAa,SAAA,IAAa,QAAA,CAAS,WAAW,CAAA,EAAG,SAAS,GAAG,CAAA,EAAG;AAClE,MAAA,OAAO,aAAa,IAAA,EAAK;AAAA,IAC3B;AAGA,IAAA,MAAM,cAAc,cAAA,CAAe,IAAA;AAAA,MACjC,CAAC,MAAM,QAAA,KAAa,CAAA,IAAK,SAAS,UAAA,CAAW,CAAA,EAAG,CAAC,CAAA,CAAA,CAAG;AAAA,KACtD;AAEA,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,OAAO,aAAa,IAAA,EAAK;AAAA,IAC3B;AAGA,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,KAAA;AAE/C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAM;AAClC,MAAA,GAAA,CAAI,QAAA,GAAW,SAAA;AACf,MAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,QAAQ,CAAA;AACzC,MAAA,OAAO,YAAA,CAAa,SAAS,GAAG,CAAA;AAAA,IAClC;AAEA,IAAA,OAAO,aAAa,IAAA,EAAK;AAAA,EAC3B,CAAA;AACF","file":"index.js","sourcesContent":["/**\n * Security headers for Next.js storefronts.\n */\n\nexport const securityHeaders = [\n  {\n    key: 'X-DNS-Prefetch-Control',\n    value: 'on',\n  },\n  {\n    key: 'Strict-Transport-Security',\n    value: 'max-age=63072000; includeSubDomains; preload',\n  },\n  {\n    key: 'X-Content-Type-Options',\n    value: 'nosniff',\n  },\n  {\n    key: 'X-Frame-Options',\n    value: 'SAMEORIGIN',\n  },\n  {\n    key: 'X-XSS-Protection',\n    value: '1; mode=block',\n  },\n  {\n    key: 'Referrer-Policy',\n    value: 'strict-origin-when-cross-origin',\n  },\n  {\n    key: 'Permissions-Policy',\n    value: 'camera=(), microphone=(), geolocation=(self), interest-cohort=()',\n  },\n]\n\n/**\n * Returns a Next.js `headers()` config with security headers applied to all routes.\n * Use in next.config.ts:\n *\n * ```ts\n * import { withSecurityHeaders } from '@neowhale/storefront/next'\n * export default { headers: withSecurityHeaders() }\n * ```\n */\nexport function withSecurityHeaders(\n  extra?: { key: string; value: string }[]\n): () => Promise<{ source: string; headers: { key: string; value: string }[] }[]> {\n  const allHeaders = extra ? [...securityHeaders, ...extra] : securityHeaders\n  return async () => [\n    {\n      source: '/:path*',\n      headers: allHeaders,\n    },\n  ]\n}\n","/**\n * Gateway rewrite rule for Next.js.\n * Proxies client-side /api/gw/* requests to whale-gateway to avoid CORS.\n *\n * Usage in next.config.ts:\n * ```ts\n * import { whaleGatewayRewrite } from '@neowhale/storefront/next'\n * export default {\n *   async rewrites() {\n *     return [whaleGatewayRewrite()]\n *   }\n * }\n * ```\n */\nexport function whaleGatewayRewrite(\n  gatewayUrl = 'https://whale-gateway.fly.dev',\n  proxyPath = '/api/gw'\n): { source: string; destination: string } {\n  return {\n    source: `${proxyPath}/:path*`,\n    destination: `${gatewayUrl}/:path*`,\n  }\n}\n","import { WhaleClient } from '../client.js'\nimport type { Product, WhaleStorefrontConfig } from '../types.js'\n\n/**\n * Creates a server-side WhaleClient.\n * Reads from env vars by default — override with explicit config.\n */\nexport function createServerClient(config?: Partial<WhaleStorefrontConfig>): WhaleClient {\n  return new WhaleClient({\n    storeId: config?.storeId || process.env.NEXT_PUBLIC_STORE_ID || process.env.NEXT_PUBLIC_WHALE_STORE_ID || '',\n    apiKey: config?.apiKey || process.env.NEXT_PUBLIC_API_KEY || process.env.NEXT_PUBLIC_WHALE_API_KEY || '',\n    gatewayUrl: config?.gatewayUrl || process.env.NEXT_PUBLIC_API_URL || process.env.NEXT_PUBLIC_WHALE_GATEWAY_URL || 'https://whale-gateway.fly.dev',\n    proxyPath: config?.proxyPath,\n  })\n}\n\n/**\n * Server-side: fetch all published products with ISR caching.\n * Drop-in replacement for Flora's `getAllProducts()`.\n */\nexport async function getAllProducts(options?: {\n  /** Revalidate interval in seconds. Defaults to 60. */\n  revalidate?: number\n  /** Filter function to exclude products (e.g. hidden categories, out of stock) */\n  filter?: (product: Product) => boolean\n  /** Override client config */\n  client?: WhaleClient\n}): Promise<Product[]> {\n  const client = options?.client ?? createServerClient()\n  return client.getAllProducts({\n    status: 'published',\n    revalidate: options?.revalidate ?? 60,\n    filter: options?.filter,\n  })\n}\n","import { WhaleClient } from '../client.js'\n\nconst ALLOWED_WIDTHS = [64, 96, 128, 256, 384, 640, 828, 1080, 1280, 1920]\n\nfunction snapWidth(w: number): number {\n  for (const aw of ALLOWED_WIDTHS) {\n    if (aw >= w) return aw\n  }\n  return ALLOWED_WIDTHS[ALLOWED_WIDTHS.length - 1]\n}\n\ninterface ImageLoaderParams {\n  src: string\n  width: number\n  quality?: number\n}\n\n/**\n * Creates a Next.js custom image loader that proxies Supabase images through gateway.\n *\n * Usage in a loader file (e.g. src/lib/image-loader.ts):\n * ```ts\n * import { createImageLoader } from '@neowhale/storefront/next'\n * export default createImageLoader({\n *   storeId: process.env.NEXT_PUBLIC_STORE_ID!,\n *   gatewayUrl: 'https://whale-gateway.fly.dev',\n *   supabaseHost: 'your-project.supabase.co',\n *   signingSecret: process.env.NEXT_PUBLIC_MEDIA_SIGNING_SECRET!,\n * })\n * ```\n */\nexport function createImageLoader(config: {\n  storeId: string\n  gatewayUrl: string\n  supabaseHost: string\n  signingSecret: string\n}): (params: ImageLoaderParams) => string {\n  return ({ src, width, quality }: ImageLoaderParams): string => {\n    if (!src.includes(config.supabaseHost)) {\n      return src\n    }\n\n    const w = String(snapWidth(width))\n    const q = String(quality || 80)\n    const f = 'webp'\n    const encoded = WhaleClient.encodeBase64Url(src)\n    const s = WhaleClient.signMedia(config.signingSecret, encoded, w, q, f)\n\n    return `${config.gatewayUrl}/v1/stores/${config.storeId}/media?url=${encoded}&w=${w}&q=${q}&f=${f}&s=${s}`\n  }\n}\n","import type { NextRequest } from 'next/server'\nimport { NextResponse } from 'next/server'\n\n/**\n * Creates a Next.js middleware that protects routes requiring authentication.\n *\n * Checks for a session token cookie or localStorage indicator.\n * Since middleware runs on the edge and can't access localStorage,\n * this checks for a cookie-based token instead.\n *\n * Usage in middleware.ts:\n * ```ts\n * import { createAuthMiddleware } from '@neowhale/storefront/next'\n * export const middleware = createAuthMiddleware({\n *   protectedPaths: ['/account'],\n *   loginPath: '/account',\n * })\n * export const config = { matcher: ['/account/:path*'] }\n * ```\n */\nexport function createAuthMiddleware(options: {\n  protectedPaths: string[]\n  loginPath: string\n  cookieName?: string\n}) {\n  const { protectedPaths, loginPath, cookieName = 'whale-session' } = options\n\n  return function middleware(request: NextRequest) {\n    const { pathname } = request.nextUrl\n\n    // Never gate the login path itself — prevents redirect loops\n    if (pathname === loginPath || pathname.startsWith(`${loginPath}/`)) {\n      return NextResponse.next()\n    }\n\n    // Check if this is a protected path\n    const isProtected = protectedPaths.some(\n      (p) => pathname === p || pathname.startsWith(`${p}/`)\n    )\n\n    if (!isProtected) {\n      return NextResponse.next()\n    }\n\n    // Check for session cookie\n    const token = request.cookies.get(cookieName)?.value\n\n    if (!token) {\n      const url = request.nextUrl.clone()\n      url.pathname = loginPath\n      url.searchParams.set('redirect', pathname)\n      return NextResponse.redirect(url)\n    }\n\n    return NextResponse.next()\n  }\n}\n"]}

package/dist/pixel-manager-CYtRIGo0.d.ts

@@ -0,0 +1,10 @@
+import { g as PixelConfig } from './client-y0V1x0px.js';
+
+declare class PixelManager {
+    private providers;
+    constructor(configs: PixelConfig[]);
+    initialize(): Promise<void>;
+    track(event: string, params?: Record<string, unknown>): void;
+}
+
+export { PixelManager as P };

package/dist/pixel-manager-Db6Czwr2.d.cts

@@ -0,0 +1,10 @@
+import { g as PixelConfig } from './client-y0V1x0px.cjs';
+
+declare class PixelManager {
+    private providers;
+    constructor(configs: PixelConfig[]);
+    initialize(): Promise<void>;
+    track(event: string, params?: Record<string, unknown>): void;
+}
+
+export { PixelManager as P };