@netloc8/nextjs 0.2.0 → 1.0.1

package/README.md

@@ -1,9 +1,16 @@
 # @netloc8/nextjs
 
-Next.js integration for the NetLoc8 geolocation SDK. Adds a proxy for
-server-side IP resolution and helper functions for reading geo data in
-Server Components, Route Handlers, and Server Actions. Re-exports all
-React bindings (`NetLoc8Provider`, `useGeo`, `GeoGate`).
+[![npm version](https://img.shields.io/npm/v/@netloc8/nextjs)](https://www.npmjs.com/package/@netloc8/nextjs)
+[![npm downloads](https://img.shields.io/npm/dm/@netloc8/nextjs)](https://www.npmjs.com/package/@netloc8/nextjs)
+[![License: ELv2](https://img.shields.io/badge/license-ELv2-blue)](../../LICENSE)
+
+Add **IP geolocation** to any **Next.js** application. Detect visitor country,
+city, timezone, and EU membership in both Server and Client Components — with
+a server-side proxy that resolves geo data before your page renders.
+
+Show cookie consent to EU users (GDPR), redirect by locale, gate by region (CCPA),
+display local timezone — all with SSR support and automatic browser timezone
+reconciliation.
 
 ## Install
 
@@ -13,80 +20,216 @@ bun add @netloc8/nextjs
 
 **Peer dependencies:** `next >= 16`, `react >= 19`
 
+[Documentation](https://netloc8.com/docs) · [API Reference](https://netloc8.com/docs/api)
+
 ## Quick Start
 
-### 1. Set up the proxy
+### 1. Add geo to a Client Component (simplest)
+
+Wrap your root layout with the Provider and use the `useGeo()` hook in any
+client component. Get your API key from the [NetLoc8 dashboard](https://netloc8.com) — the page renders immediately and geo data loads in the background:
+
+```tsx
+// app/layout.tsx
+import { NetLoc8Provider } from '@netloc8/nextjs';
+
+export default function RootLayout({ children }) {
+    return (
+        <html>
+            <body>
+                <NetLoc8Provider apiKey={process.env.NEXT_PUBLIC_NETLOC8_API_KEY}>
+                    {children}
+                </NetLoc8Provider>
+            </body>
+        </html>
+    );
+}
+```
+
+```tsx
+// app/components/LocationBanner.tsx
+'use client';
+import { useGeo } from '@netloc8/nextjs';
+
+export function LocationBanner() {
+    const { geo, isLoading, error } = useGeo();
+
+    if (isLoading) return <p>Detecting location…</p>;
+    if (error) return <p>Geo unavailable</p>;
+
+    return <p>Hello from {geo.location?.city}, {geo.location?.country?.name}</p>;
+}
+```
+
+> **That's it.** No proxy, no server setup, no environment variables. Geo data
+> loads asynchronously via a publishable key — faster than SSR because the
+> browser calls the NetLoc8 edge API directly, eliminating the server hop.
+>
+> **Never use secret keys here.** The `apiKey` prop is included in your
+> client bundle. Always use a publishable key (`pk_...`). Keep secret
+> keys (`sk_...`) server-side only.
+>
+> **Trade-off:** On first visit, geo-dependent content appears after the API
+> call completes. Use the `loading` prop on the Provider and `<GeoGate>` to
+> show skeleton UI while data loads. On repeat visits, the `__netloc8` cookie
+> provides geo data synchronously — no content shift.
 
-Create `proxy.ts` in your Next.js app root:
+### 2. Server-side rendering (SSR proxy)
+
+For apps that need geo data available on first render (SEO, personalized SSR),
+set up the proxy and use `getGeo()` in Server Components:
 
 ```typescript
+// proxy.ts
 import { createProxy } from '@netloc8/nextjs/proxy';
 
 export default createProxy();
 ```
 
-### 2. Read geo data in Server Components
-
 ```typescript
+// app/page.tsx
 import { getGeo } from '@netloc8/nextjs/server';
 
 export default async function Page() {
     const geo = await getGeo();
-    return <p>Hello from {geo.city}, {geo.country}</p>;
+
+    return (
+        <div>
+            <p>Hello from {geo.location?.city}, {geo.location?.country?.name}</p>
+            <p>Timezone: {geo.location?.timezone}</p>
+            <p>{geo.location?.country?.flag}</p>
+        </div>
+    );
 }
 ```
 
-### 3. Read geo data in Client Components
-
-Wrap your layout with `<NetLoc8Provider>`:
+To make SSR geo data available in client components, pass it to the Provider:
 
 ```tsx
 import { getGeo } from '@netloc8/nextjs/server';
 import { NetLoc8Provider } from '@netloc8/nextjs';
 
-export default async function RootLayout( { children } ) {
+export default async function RootLayout({ children }) {
     const geo = await getGeo();
 
     return (
-        <NetLoc8Provider initialGeo={geo}>
-            {children}
-        </NetLoc8Provider>
+        <html>
+            <body>
+                <NetLoc8Provider geo={geo}>
+                    {children}
+                </NetLoc8Provider>
+            </body>
+        </html>
     );
 }
 ```
 
-Then use the hook in any client component:
-
-```tsx
-'use client';
-import { useGeo } from '@netloc8/nextjs';
-
-export function LocationBanner() {
-    const geo = useGeo();
-    return <p>Timezone: {geo.timezone}</p>;
-}
-```
-
-### 4. Conditional rendering with GeoGate
+### 3. Conditional rendering with GeoGate
 
 ```tsx
 import { GeoGate } from '@netloc8/nextjs';
 
-<GeoGate eu={true}>
+{/* EU users — show cookie consent */}
+<GeoGate eu={true} loading={<Skeleton />}>
     <CookieConsentBanner />
 </GeoGate>
 
+{/* Specific countries with fallback */}
 <GeoGate country={['US', 'CA']} fallback={<p>Not available in your region</p>}>
     <SpecialOffer />
 </GeoGate>
 ```
 
+### 4. Geo-based redirects
+
+```typescript
+import { createProxy, withGeoRedirect } from '@netloc8/nextjs/proxy';
+
+export default createProxy({
+    handler: withGeoRedirect({
+        defaultLocale: 'en',
+        localeMap: {
+            'DE': 'de',
+            'FR': 'fr',
+            'ES': 'es',
+        },
+        excludePaths: ['/api', '/_next'],
+    }),
+});
+```
+
+## Preventing Content Shift
+
+In direct mode, geo data loads asynchronously on first visit. Use these
+patterns to prevent layout shift:
+
+```tsx
+{/* GeoGate loading prop — recommended for conditional sections */}
+<GeoGate eu={true} loading={<div className="h-12 animate-pulse bg-gray-200 rounded" />}>
+    <CookieConsentBanner />
+</GeoGate>
+
+{/* useGeo isLoading — for inline geo content */}
+function CityName() {
+    const { geo, isLoading } = useGeo();
+    if (isLoading) return <span className="h-4 w-24 animate-pulse bg-gray-200 rounded inline-block" />;
+    return <span>{geo.location?.city}</span>;
+}
+```
+
+> **On repeat visits:** The `__netloc8` cookie provides geo data
+> synchronously — `isLoading` starts as `false`, no skeleton flash.
+
+## The `useGeo()` Hook
+
+In client components, `useGeo()` returns `{ geo, isLoading, error }`:
+
+```typescript
+const { geo, isLoading, error } = useGeo();
+
+if (isLoading) return <Skeleton />;
+if (error) return <p>Geo unavailable</p>;
+
+geo.query?.value;                 // "203.0.113.42"
+geo.location?.country?.code;      // "US"
+geo.location?.country?.name;      // "United States"
+geo.location?.country?.flag;      // "🇺🇸"
+geo.location?.country?.unions;    // ["EU"] or []
+geo.location?.region?.code;       // "CA"
+geo.location?.region?.name;       // "California"
+geo.location?.city;               // "Mountain View"
+geo.location?.timezone;           // "America/Los_Angeles"
+geo.location?.utcOffset;          // "-07:00"
+geo.location?.geoConfidence;      // 1.0
+geo.network?.asn;                 // "AS15169"
+geo.network?.organization;        // "Google LLC"
+geo.meta?.precision;              // "city"
+```
+
+### EU Detection
+
+```typescript
+import { isEU } from '@netloc8/nextjs';
+
+if (isEU(geo)) {
+    showCookieConsent();
+}
+```
+
+See [`@netloc8/core`](../core/) for the full `Geo` type reference.
+
+## RUM Telemetry
+
+RUM is **enabled by default** when using the Provider. Core Web Vitals, Navigation
+Timing, and JS errors are beaconed via `navigator.sendBeacon()` on page hide. Zero
+latency impact, no PII. Opt out with `rum={false}` on the Provider.
+
 ## Environment Variables
 
 | Variable | Required | Description |
 |----------|----------|-------------|
 | `NETLOC8_API_KEY` | Yes | Secret API key (`sk_...`) for the proxy |
-| `NETLOC8_API_URL` | No | API base URL (defaults to `https://netloc8.com`) |
+| `NETLOC8_API_URL` | No | API base URL (defaults to `https://api.netloc8.com`) |
 | `NETLOC8_TEST_IP` | No | Override IP in development |
 
 ## Exports
@@ -101,6 +244,19 @@ import { GeoGate } from '@netloc8/nextjs';
 | `@netloc8/nextjs` | `useGeo` | Re-exported from `@netloc8/react` |
 | `@netloc8/nextjs` | `GeoGate` | Re-exported from `@netloc8/react` |
 | `@netloc8/nextjs` | `GeoContext` | Re-exported from `@netloc8/react` |
+| `@netloc8/nextjs` | `GeoContextValue` | Type: `{ geo, isLoading, error }` |
+
+## How the Proxy Works
+
+The proxy runs on every incoming request:
+
+1. **IP detection** — reads `cf-connecting-ip`, `x-forwarded-for`, or `x-real-ip`
+2. **Cookie check** — if `__netloc8` cookie exists and IP hasn't changed, uses cached data
+3. **Platform headers** — reads Vercel/Cloudflare/CloudFront geo headers when available
+4. **API call** — calls `api.netloc8.com/v1/ip/{ip}` with your secret key if platform lacks country data
+5. **Reconciliation** — deep-merges all sources (cookie → platform → API) with API as highest priority
+6. **Header transport** — sets 25 `x-netloc8-*` headers for downstream Server Components
+7. **Cookie write** — persists geo data in `__netloc8` cookie for subsequent requests
 
 ## License
 

package/dist/index.d.mts

@@ -1,3 +1,3 @@
 
-import { GeoContext, GeoGate, GeoGateProps, NetLoc8Provider, useGeo } from "@netloc8/react";
-export { GeoContext, GeoGate, type GeoGateProps, NetLoc8Provider, useGeo };
+import { GeoContext, GeoContextValue, GeoGate, GeoGateProps, NetLoc8Provider, NetLoc8ProviderProps, useGeo } from "@netloc8/react";
+export { GeoContext, type GeoContextValue, GeoGate, type GeoGateProps, NetLoc8Provider, type NetLoc8ProviderProps, useGeo };

package/dist/index.mjs

@@ -1,3 +1,2 @@
 "use client";
-import { GeoContext, GeoGate, NetLoc8Provider, useGeo } from "@netloc8/react";
-export { GeoContext, GeoGate, NetLoc8Provider, useGeo };
+import{GeoContext as e,GeoGate as t,NetLoc8Provider as n,useGeo as r}from"@netloc8/react";export{e as GeoContext,t as GeoGate,n as NetLoc8Provider,r as useGeo};

package/dist/proxy.d.mts

@@ -15,6 +15,11 @@ interface GeoRedirectOptions {
   excludePaths?: string[];
 }
 /**
+* Read x-netloc8-* request headers back into a Geo object.
+* Used by server.ts to reconstruct Geo on the server side.
+*/
+declare function readGeoHeaders(headers: Headers): Geo;
+/**
 * Create a Next.js 16 proxy function that resolves geolocation for every
 * matching request.
 *
@@ -27,5 +32,5 @@ declare function createProxy(options?: CreateProxyOptions): (request: NextReques
 */
 declare function withGeoRedirect(options: GeoRedirectOptions): (request: NextRequest, geo: Geo) => NextResponse | undefined;
 //#endregion
-export { createProxy, withGeoRedirect };
+export { createProxy, readGeoHeaders, withGeoRedirect };
 //# sourceMappingURL=proxy.d.mts.map

package/dist/proxy.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"proxy.d.mts","names":[],"sources":["../src/proxy.ts"],"mappings":";;;;UAmBU,kBAAA;EACN,OAAA;EACA,MAAA;EACA,MAAA;EACA,MAAA;EACA,OAAA,IACI,OAAA,EAAS,WAAA,EACT,GAAA,EAAK,GAAA,KACJ,YAAA,eAA2B,OAAA,CAAQ,YAAA;AAAA;AAAA,UAGlC,kBAAA;EACN,aAAA;EACA,SAAA,EAAW,MAAA;EACX,YAAA;AAAA;;;;;;;;iBA+CY,WAAA,CAAY,OAAA,GAAU,kBAAA,IACjC,OAAA,EAAS,WAAA,KAAgB,OAAA,CAAQ,YAAA;;;;iBA2GtB,eAAA,CACZ,OAAA,EAAS,kBAAA,IACT,OAAA,EAAS,WAAA,EAAa,GAAA,EAAK,GAAA,KAAQ,YAAA"}
+{"version":3,"file":"proxy.d.mts","names":[],"sources":["../src/proxy.ts"],"mappings":";;;;UAmBU,kBAAA;EACN,OAAA;EACA,MAAA;EACA,MAAA;EACA,MAAA;EACA,OAAA,IACI,OAAA,EAAS,WAAA,EACT,GAAA,EAAK,GAAA,KACJ,YAAA,eAA2B,OAAA,CAAQ,YAAA;AAAA;AAAA,UAGlC,kBAAA;EACN,aAAA;EACA,SAAA,EAAW,MAAA;EACX,YAAA;AAAA;;;;;iBAiPY,cAAA,CAAe,OAAA,EAAS,OAAA,GAAU,GAAA;;;;;;;;iBA2BlC,WAAA,CAAY,OAAA,GAAU,kBAAA,IACjC,OAAA,EAAS,WAAA,KAAgB,OAAA,CAAQ,YAAA;AAnRM;;;AAAA,iBAkY5B,eAAA,CACZ,OAAA,EAAS,kBAAA,IACT,OAAA,EAAS,WAAA,EAAa,GAAA,EAAK,GAAA,KAAQ,YAAA"}

package/dist/proxy.mjs

@@ -1,128 +1,2 @@
-import { NextResponse } from "next/server";
-import { COOKIE_NAME, COOKIE_OPTIONS, fetchGeo, getClientIp, getGeoFromPlatformHeaders, isPublicIp, normalizeApiResponse, parseCookie, reconcileGeo, serializeCookie } from "@netloc8/core";
-//#region src/proxy.ts
-/**
-* Header-to-Geo field mapping for setting request headers.
-*/
-const GEO_HEADER_MAP = [
-	["ip", "x-netloc8-ip"],
-	["ipVersion", "x-netloc8-ip-version"],
-	["continent", "x-netloc8-continent"],
-	["continentName", "x-netloc8-continent-name"],
-	["country", "x-netloc8-country"],
-	["countryName", "x-netloc8-country-name"],
-	["isEU", "x-netloc8-is-eu"],
-	["region", "x-netloc8-region"],
-	["regionName", "x-netloc8-region-name"],
-	["city", "x-netloc8-city"],
-	["postalCode", "x-netloc8-postal-code"],
-	["latitude", "x-netloc8-latitude"],
-	["longitude", "x-netloc8-longitude"],
-	["timezone", "x-netloc8-timezone"],
-	["accuracyRadius", "x-netloc8-accuracy-radius"],
-	["precision", "x-netloc8-precision"],
-	["isLimited", "x-netloc8-is-limited"],
-	["limitReason", "x-netloc8-limit-reason"],
-	["timezoneFromClient", "x-netloc8-timezone-from-client"]
-];
-/**
-* Set x-netloc8-* request headers from a Geo object.
-*/
-function setGeoHeaders(requestHeaders, geo) {
-	for (const [field, header] of GEO_HEADER_MAP) {
-		const value = geo[field];
-		if (value !== void 0 && value !== null) requestHeaders.set(header, encodeURIComponent(String(value)));
-	}
-}
-/**
-* Create a Next.js 16 proxy function that resolves geolocation for every
-* matching request.
-*
-* Returns a standard proxy function that can be exported directly from the
-* user's proxy.ts / proxy.js file, or composed with other proxy logic.
-*/
-function createProxy(options) {
-	return async (request) => {
-		const apiKey = options?.apiKey ?? process.env.NETLOC8_API_KEY;
-		const apiUrl = options?.apiUrl ?? process.env.NETLOC8_API_URL;
-		const timeout = options?.timeout ?? 1500;
-		const requestHeaders = new Headers(request.headers);
-		for (const [, headerName] of GEO_HEADER_MAP) requestHeaders.delete(headerName);
-		let clientIp;
-		if (process.env.NODE_ENV !== "production") clientIp = options?.testIp ?? process.env.NETLOC8_TEST_IP;
-		if (!clientIp) clientIp = getClientIp(request.headers);
-		const cookieValue = request.cookies.get(COOKIE_NAME)?.value;
-		const cookieGeo = parseCookie(cookieValue);
-		const cookieTimezone = cookieGeo.timezoneFromClient === true && cookieGeo.ip === clientIp ? {
-			timezone: cookieGeo.timezone,
-			timezoneFromClient: cookieGeo.timezoneFromClient
-		} : void 0;
-		const platformGeo = getGeoFromPlatformHeaders(request.headers);
-		let apiGeo;
-		if (clientIp && isPublicIp(clientIp) && !platformGeo.timezone && !cookieTimezone) {
-			const raw = await fetchGeo(clientIp, {
-				apiKey,
-				apiUrl,
-				timeout,
-				clientId: `@netloc8/nextjs/0.2.0`
-			});
-			if (raw) apiGeo = normalizeApiResponse(raw, clientIp);
-		}
-		const geo = reconcileGeo({
-			cookie: cookieGeo.ip ? cookieGeo : void 0,
-			platform: platformGeo,
-			api: apiGeo,
-			ip: clientIp
-		});
-		if (cookieTimezone) {
-			geo.timezone = cookieTimezone.timezone;
-			geo.timezoneFromClient = cookieTimezone.timezoneFromClient;
-		}
-		setGeoHeaders(requestHeaders, geo);
-		let handlerResponse;
-		if (options?.handler) {
-			const sanitizedRequest = new Request(request.nextUrl.toString(), {
-				method: request.method ?? "GET",
-				headers: requestHeaders,
-				body: request.body,
-				duplex: "half"
-			});
-			handlerResponse = await options.handler(Object.assign(sanitizedRequest, {
-				nextUrl: request.nextUrl,
-				cookies: request.cookies
-			}), geo);
-		}
-		const response = handlerResponse ?? NextResponse.next({ request: { headers: requestHeaders } });
-		if (!cookieValue || cookieGeo.ip !== clientIp) response.cookies.set(COOKIE_NAME, serializeCookie(geo), {
-			path: COOKIE_OPTIONS.path,
-			httpOnly: COOKIE_OPTIONS.httpOnly,
-			secure: COOKIE_OPTIONS.secure,
-			sameSite: COOKIE_OPTIONS.sameSite,
-			maxAge: COOKIE_OPTIONS.maxAge
-		});
-		return response;
-	};
-}
-/**
-* Create a geo-redirect handler for use with createProxy.
-*/
-function withGeoRedirect(options) {
-	const { defaultLocale, localeMap, excludePaths = [] } = options;
-	const validLocales = new Set(Object.values(localeMap));
-	validLocales.add(defaultLocale);
-	return (request, geo) => {
-		const pathname = request.nextUrl.pathname;
-		for (const prefix of excludePaths) if (pathname.startsWith(prefix)) return;
-		const currentPrefix = pathname.split("/").filter(Boolean)[0];
-		if (currentPrefix && validLocales.has(currentPrefix)) return;
-		const locale = geo.country && localeMap[geo.country] || defaultLocale;
-		if (locale === defaultLocale) return;
-		const url = request.nextUrl.clone();
-		url.pathname = `/${locale}${pathname}`;
-		return NextResponse.redirect(url, 307);
-	};
-}
-//#endregion
-export { createProxy, withGeoRedirect };
-
+import{NextResponse as e}from"next/server";import{COOKIE_NAME as t,COOKIE_OPTIONS as n,fetchGeo as r,getClientIp as i,getGeoFromPlatformHeaders as a,isPublicIp as o,normalizeApiResponse as s,parseCookie as c,reconcileGeo as l,serializeCookie as u}from"@netloc8/core";const d=[{header:`x-netloc8-ip`,get:e=>e.query?.value,set:(e,t)=>{e.query||={},e.query.value=t},type:`string`},{header:`x-netloc8-ip-version`,get:e=>e.query?.ipVersion,set:(e,t)=>{let n=parseFloat(t);Number.isFinite(n)&&(e.query||={},e.query.ipVersion=n)},type:`number`},{header:`x-netloc8-continent-code`,get:e=>e.location?.continent?.code,set:(e,t)=>{e.location||={},e.location.continent||(e.location.continent={}),e.location.continent.code=t},type:`string`},{header:`x-netloc8-continent-name`,get:e=>e.location?.continent?.name,set:(e,t)=>{e.location||={},e.location.continent||(e.location.continent={}),e.location.continent.name=t},type:`string`},{header:`x-netloc8-country-code`,get:e=>e.location?.country?.code,set:(e,t)=>{e.location||={},e.location.country||(e.location.country={}),e.location.country.code=t},type:`string`},{header:`x-netloc8-country-name`,get:e=>e.location?.country?.name,set:(e,t)=>{e.location||={},e.location.country||(e.location.country={}),e.location.country.name=t},type:`string`},{header:`x-netloc8-country-flag`,get:e=>e.location?.country?.flag,set:(e,t)=>{e.location||={},e.location.country||(e.location.country={}),e.location.country.flag=t},type:`string`},{header:`x-netloc8-country-unions`,get:e=>e.location?.country?.unions,set:(e,t)=>{e.location||={},e.location.country||(e.location.country={});try{let n=JSON.parse(t);Array.isArray(n)&&(e.location.country.unions=n)}catch{}},type:`json`},{header:`x-netloc8-region-code`,get:e=>e.location?.region?.code,set:(e,t)=>{e.location||={},e.location.region||(e.location.region={}),e.location.region.code=t},type:`string`},{header:`x-netloc8-region-name`,get:e=>e.location?.region?.name,set:(e,t)=>{e.location||={},e.location.region||(e.location.region={}),e.location.region.name=t},type:`string`},{header:`x-netloc8-district`,get:e=>e.location?.district,set:(e,t)=>{e.location||={},e.location.district=t},type:`string`},{header:`x-netloc8-city`,get:e=>e.location?.city,set:(e,t)=>{e.location||={},e.location.city=t},type:`string`},{header:`x-netloc8-postal-code`,get:e=>e.location?.postalCode,set:(e,t)=>{e.location||={},e.location.postalCode=t},type:`string`},{header:`x-netloc8-latitude`,get:e=>e.location?.coordinates?.latitude,set:(e,t)=>{e.location||={},e.location.coordinates||(e.location.coordinates={});let n=parseFloat(t);Number.isFinite(n)&&(e.location.coordinates.latitude=n)},type:`number`},{header:`x-netloc8-longitude`,get:e=>e.location?.coordinates?.longitude,set:(e,t)=>{e.location||={},e.location.coordinates||(e.location.coordinates={});let n=parseFloat(t);Number.isFinite(n)&&(e.location.coordinates.longitude=n)},type:`number`},{header:`x-netloc8-accuracy-radius`,get:e=>e.location?.coordinates?.accuracyRadius,set:(e,t)=>{e.location||={},e.location.coordinates||(e.location.coordinates={});let n=parseFloat(t);Number.isFinite(n)&&(e.location.coordinates.accuracyRadius=n)},type:`number`},{header:`x-netloc8-timezone`,get:e=>e.location?.timezone,set:(e,t)=>{e.location||={},e.location.timezone=t},type:`string`},{header:`x-netloc8-utc-offset`,get:e=>e.location?.utcOffset,set:(e,t)=>{e.location||={},e.location.utcOffset=t},type:`string`},{header:`x-netloc8-geo-confidence`,get:e=>e.location?.geoConfidence,set:(e,t)=>{let n=parseFloat(t);Number.isFinite(n)&&(e.location||={},e.location.geoConfidence=n)},type:`number`},{header:`x-netloc8-asn`,get:e=>e.network?.asn,set:(e,t)=>{e.network||={},e.network.asn=t},type:`string`},{header:`x-netloc8-asn-org`,get:e=>e.network?.organization,set:(e,t)=>{e.network||={},e.network.organization=t},type:`string`},{header:`x-netloc8-asn-domain`,get:e=>e.network?.domain,set:(e,t)=>{e.network||={},e.network.domain=t},type:`string`},{header:`x-netloc8-precision`,get:e=>e.meta?.precision,set:(e,t)=>{e.meta||={},e.meta.precision=t},type:`string`},{header:`x-netloc8-degraded`,get:e=>e.meta?.degraded,set:(e,t)=>{e.meta||={},e.meta.degraded=t===`true`},type:`boolean`},{header:`x-netloc8-timezone-from-client`,get:e=>e.location?.timezoneFromClient,set:(e,t)=>{e.location||={},e.location.timezoneFromClient=t===`true`},type:`boolean`}];function f(e,t){for(let n of d){let r=n.get(t);r!=null&&(n.type===`json`?e.set(n.header,encodeURIComponent(JSON.stringify(r))):e.set(n.header,encodeURIComponent(String(r))))}}function p(e){let t={};for(let n of d){let r=e.get(n.header);if(r!==null)try{let e=decodeURIComponent(r);n.set(t,e)}catch{}}return t}function m(p){return async m=>{let h=p?.apiKey??process.env.NETLOC8_API_KEY,g=p?.apiUrl??process.env.NETLOC8_API_URL,_=p?.timeout??1500,v=new Headers(m.headers);for(let e of d)v.delete(e.header);let y;process.env.NODE_ENV!==`production`&&(y=p?.testIp??process.env.NETLOC8_TEST_IP),y||=i(m.headers);let b=m.cookies.get(t)?.value,x=c(b),S=x.location?.timezoneFromClient===!0&&x.query?.value===y?{timezone:x.location.timezone,timezoneFromClient:x.location.timezoneFromClient}:void 0,C=a(m.headers),w;if(y&&o(y)&&!C.location?.country?.code&&!S){let e=await r(y,{apiKey:h,apiUrl:g,timeout:_,clientId:`@netloc8/nextjs/1.0.1`});e&&(w=s(e,y))}let T=l({cookie:x.query?.value?x:void 0,platform:C,api:w,ip:y});S&&(T.location||={},T.location.timezone=S.timezone,T.location.timezoneFromClient=S.timezoneFromClient),f(v,T);let E;if(p?.handler){let e=new Request(m.nextUrl.toString(),{method:m.method??`GET`,headers:v,body:m.body,duplex:`half`});E=await p.handler(Object.assign(e,{nextUrl:m.nextUrl,cookies:m.cookies}),T)}let D=E??e.next({request:{headers:v}});return(!b||x.query?.value!==y)&&D.cookies.set(t,u(T),{path:n.path,httpOnly:n.httpOnly,secure:n.secure,sameSite:n.sameSite,maxAge:n.maxAge}),D}}function h(t){let{defaultLocale:n,localeMap:r,excludePaths:i=[]}=t,a=new Set(Object.values(r));return a.add(n),(t,o)=>{let s=t.nextUrl.pathname;for(let e of i)if(s.startsWith(e))return;let c=s.split(`/`).filter(Boolean)[0];if(c&&a.has(c))return;let l=o.location?.country?.code,u=l&&r[l]||n;if(u===n)return;let d=t.nextUrl.clone();return d.pathname=`/${u}${s}`,e.redirect(d,307)}}export{m as createProxy,p as readGeoHeaders,h as withGeoRedirect};
 //# sourceMappingURL=proxy.mjs.map

package/dist/proxy.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"proxy.mjs","names":[],"sources":["../src/proxy.ts"],"sourcesContent":["declare const __PKG_NAME__: string;\ndeclare const __PKG_VERSION__: string;\n\nimport type { Geo } from '@netloc8/core';\nimport type { NextRequest } from 'next/server';\nimport { NextResponse } from 'next/server';\nimport {\n    getClientIp,\n    isPublicIp,\n    getGeoFromPlatformHeaders,\n    fetchGeo,\n    normalizeApiResponse,\n    parseCookie,\n    serializeCookie,\n    reconcileGeo,\n    COOKIE_NAME,\n    COOKIE_OPTIONS,\n} from '@netloc8/core';\n\ninterface CreateProxyOptions {\n    timeout?: number;\n    apiKey?: string;\n    apiUrl?: string;\n    testIp?: string;\n    handler?: (\n        request: NextRequest,\n        geo: Geo\n    ) => NextResponse | undefined | Promise<NextResponse | undefined>;\n}\n\ninterface GeoRedirectOptions {\n    defaultLocale: string;\n    localeMap: Record<string, string>;\n    excludePaths?: string[];\n}\n\n/**\n * Header-to-Geo field mapping for setting request headers.\n */\nconst GEO_HEADER_MAP: Array<[keyof Geo, string]> = [\n    ['ip', 'x-netloc8-ip'],\n    ['ipVersion', 'x-netloc8-ip-version'],\n    ['continent', 'x-netloc8-continent'],\n    ['continentName', 'x-netloc8-continent-name'],\n    ['country', 'x-netloc8-country'],\n    ['countryName', 'x-netloc8-country-name'],\n    ['isEU', 'x-netloc8-is-eu'],\n    ['region', 'x-netloc8-region'],\n    ['regionName', 'x-netloc8-region-name'],\n    ['city', 'x-netloc8-city'],\n    ['postalCode', 'x-netloc8-postal-code'],\n    ['latitude', 'x-netloc8-latitude'],\n    ['longitude', 'x-netloc8-longitude'],\n    ['timezone', 'x-netloc8-timezone'],\n    ['accuracyRadius', 'x-netloc8-accuracy-radius'],\n    ['precision', 'x-netloc8-precision'],\n    ['isLimited', 'x-netloc8-is-limited'],\n    ['limitReason', 'x-netloc8-limit-reason'],\n    ['timezoneFromClient', 'x-netloc8-timezone-from-client'],\n];\n\n/**\n * Set x-netloc8-* request headers from a Geo object.\n */\nfunction setGeoHeaders(requestHeaders: Headers, geo: Geo): void {\n    for (const [field, header] of GEO_HEADER_MAP) {\n        const value = geo[field];\n        if (value !== undefined && value !== null) {\n            requestHeaders.set(header, encodeURIComponent(String(value)));\n        }\n    }\n}\n\n/**\n * Create a Next.js 16 proxy function that resolves geolocation for every\n * matching request.\n *\n * Returns a standard proxy function that can be exported directly from the\n * user's proxy.ts / proxy.js file, or composed with other proxy logic.\n */\nexport function createProxy(options?: CreateProxyOptions):\n    (request: NextRequest) => Promise<NextResponse> {\n\n    return async (request: NextRequest): Promise<NextResponse> => {\n        const apiKey = options?.apiKey ?? process.env.NETLOC8_API_KEY;\n        const apiUrl = options?.apiUrl ?? process.env.NETLOC8_API_URL;\n        const timeout = options?.timeout ?? 1500;\n\n        // Security: Remove any incoming spoofed headers\n        const requestHeaders = new Headers(request.headers);\n        for (const [, headerName] of GEO_HEADER_MAP) {\n            requestHeaders.delete(headerName);\n        }\n\n        // 1. Determine client IP\n        let clientIp: string | undefined;\n\n        if (process.env.NODE_ENV !== 'production') {\n            clientIp = options?.testIp ?? process.env.NETLOC8_TEST_IP;\n        }\n\n        if (!clientIp) {\n            clientIp = getClientIp(request.headers);\n        }\n\n        // 2. Check the cookie cache (fast path)\n        const cookieValue = request.cookies.get(COOKIE_NAME)?.value;\n        const cookieGeo = parseCookie(cookieValue);\n\n        // Cookie fast path: only trust timezone/timezoneFromClient from the\n        // client-controlled cookie. Re-resolve other geo fields to prevent\n        // spoofing of country/region/city via cookie manipulation.\n        const cookieTimezone = (\n            cookieGeo.timezoneFromClient === true &&\n            cookieGeo.ip === clientIp\n        ) ? { timezone: cookieGeo.timezone, timezoneFromClient: cookieGeo.timezoneFromClient } : undefined;\n\n        // 3. Extract platform headers (zero-cost)\n        const platformGeo = getGeoFromPlatformHeaders(request.headers);\n\n        // 4. Decide whether to call the API\n        let apiGeo: Geo | undefined;\n\n        if (clientIp && isPublicIp(clientIp) && !platformGeo.timezone && !cookieTimezone) {\n            const raw = await fetchGeo(clientIp, { apiKey, apiUrl, timeout, clientId: typeof __PKG_NAME__ !== 'undefined' ? `${__PKG_NAME__}/${__PKG_VERSION__}` : undefined });\n            if (raw) {\n                apiGeo = normalizeApiResponse(raw, clientIp);\n            }\n        }\n\n        // 5. Reconcile all sources — cookie is lowest priority in\n        //    reconcileGeo, so platform headers and API data overwrite it.\n        //    Pass the full cookie so self-hosted deployments (no platform\n        //    headers, API call skipped) still have city/country/region.\n        const geo = reconcileGeo({\n            cookie: cookieGeo.ip ? cookieGeo : undefined,\n            platform: platformGeo,\n            api: apiGeo,\n            ip: clientIp,\n        });\n\n        // Apply trusted cookie timezone if available\n        if (cookieTimezone) {\n            geo.timezone = cookieTimezone.timezone;\n            geo.timezoneFromClient = cookieTimezone.timezoneFromClient;\n        }\n\n        // 6. Set request headers\n        setGeoHeaders(requestHeaders, geo);\n\n        // 7. Build the response — use sanitized headers in the handler\n        let handlerResponse: NextResponse | undefined;\n        if (options?.handler) {\n            const sanitizedRequest = new Request(request.nextUrl.toString(), {\n                method: request.method ?? 'GET',\n                headers: requestHeaders,\n                body: request.body,\n                // @ts-expect-error -- NextRequest supports duplex but TS doesn't expose it\n                duplex: 'half',\n            });\n            handlerResponse = await options.handler(\n                Object.assign(sanitizedRequest, { nextUrl: request.nextUrl, cookies: request.cookies }) as NextRequest,\n                geo\n            );\n        }\n\n        const response = handlerResponse ?? NextResponse.next({\n            request: { headers: requestHeaders },\n        });\n\n        // 8. Set/update the cookie if needed\n        if (!cookieValue || cookieGeo.ip !== clientIp) {\n            response.cookies.set(COOKIE_NAME, serializeCookie(geo), {\n                path: COOKIE_OPTIONS.path,\n                httpOnly: COOKIE_OPTIONS.httpOnly,\n                secure: COOKIE_OPTIONS.secure,\n                sameSite: COOKIE_OPTIONS.sameSite,\n                maxAge: COOKIE_OPTIONS.maxAge,\n            });\n        }\n\n        return response;\n    };\n}\n\n/**\n * Create a geo-redirect handler for use with createProxy.\n */\nexport function withGeoRedirect(\n    options: GeoRedirectOptions\n): (request: NextRequest, geo: Geo) => NextResponse | undefined {\n    const { defaultLocale, localeMap, excludePaths = [] } = options;\n    const validLocales = new Set(Object.values(localeMap));\n    validLocales.add(defaultLocale);\n\n    return (request: NextRequest, geo: Geo): NextResponse | undefined => {\n        const pathname = request.nextUrl.pathname;\n\n        // Skip excluded paths\n        for (const prefix of excludePaths) {\n            if (pathname.startsWith(prefix)) {\n                return undefined;\n            }\n        }\n\n        // Extract current locale prefix from path\n        const segments = pathname.split('/').filter(Boolean);\n        const currentPrefix = segments[0];\n\n        // If path already has a valid locale prefix, don't redirect\n        if (currentPrefix && validLocales.has(currentPrefix)) {\n            return undefined;\n        }\n\n        // Look up locale for the user's country\n        const locale = (geo.country && localeMap[geo.country]) || defaultLocale;\n\n        // If resolved locale is the default and path has no locale prefix, no redirect needed\n        if (locale === defaultLocale) {\n            return undefined;\n        }\n\n        // Redirect to locale-prefixed path\n        const url = request.nextUrl.clone();\n        url.pathname = `/${locale}${pathname}`;\n        return NextResponse.redirect(url, 307);\n    };\n}\n"],"mappings":";;;;;;AAuCA,MAAM,iBAA6C;CAC/C,CAAC,MAAM,eAAe;CACtB,CAAC,aAAa,uBAAuB;CACrC,CAAC,aAAa,sBAAsB;CACpC,CAAC,iBAAiB,2BAA2B;CAC7C,CAAC,WAAW,oBAAoB;CAChC,CAAC,eAAe,yBAAyB;CACzC,CAAC,QAAQ,kBAAkB;CAC3B,CAAC,UAAU,mBAAmB;CAC9B,CAAC,cAAc,wBAAwB;CACvC,CAAC,QAAQ,iBAAiB;CAC1B,CAAC,cAAc,wBAAwB;CACvC,CAAC,YAAY,qBAAqB;CAClC,CAAC,aAAa,sBAAsB;CACpC,CAAC,YAAY,qBAAqB;CAClC,CAAC,kBAAkB,4BAA4B;CAC/C,CAAC,aAAa,sBAAsB;CACpC,CAAC,aAAa,uBAAuB;CACrC,CAAC,eAAe,yBAAyB;CACzC,CAAC,sBAAsB,iCAAiC;CAC3D;;;;AAKD,SAAS,cAAc,gBAAyB,KAAgB;AAC5D,MAAK,MAAM,CAAC,OAAO,WAAW,gBAAgB;EAC1C,MAAM,QAAQ,IAAI;AAClB,MAAI,UAAU,KAAA,KAAa,UAAU,KACjC,gBAAe,IAAI,QAAQ,mBAAmB,OAAO,MAAM,CAAC,CAAC;;;;;;;;;;AAYzE,SAAgB,YAAY,SACwB;AAEhD,QAAO,OAAO,YAAgD;EAC1D,MAAM,SAAS,SAAS,UAAU,QAAQ,IAAI;EAC9C,MAAM,SAAS,SAAS,UAAU,QAAQ,IAAI;EAC9C,MAAM,UAAU,SAAS,WAAW;EAGpC,MAAM,iBAAiB,IAAI,QAAQ,QAAQ,QAAQ;AACnD,OAAK,MAAM,GAAG,eAAe,eACzB,gBAAe,OAAO,WAAW;EAIrC,IAAI;AAEJ,MAAI,QAAQ,IAAI,aAAa,aACzB,YAAW,SAAS,UAAU,QAAQ,IAAI;AAG9C,MAAI,CAAC,SACD,YAAW,YAAY,QAAQ,QAAQ;EAI3C,MAAM,cAAc,QAAQ,QAAQ,IAAI,YAAY,EAAE;EACtD,MAAM,YAAY,YAAY,YAAY;EAK1C,MAAM,iBACF,UAAU,uBAAuB,QACjC,UAAU,OAAO,WACjB;GAAE,UAAU,UAAU;GAAU,oBAAoB,UAAU;GAAoB,GAAG,KAAA;EAGzF,MAAM,cAAc,0BAA0B,QAAQ,QAAQ;EAG9D,IAAI;AAEJ,MAAI,YAAY,WAAW,SAAS,IAAI,CAAC,YAAY,YAAY,CAAC,gBAAgB;GAC9E,MAAM,MAAM,MAAM,SAAS,UAAU;IAAE;IAAQ;IAAQ;IAAS,UAAgD;IAAkD,CAAC;AACnK,OAAI,IACA,UAAS,qBAAqB,KAAK,SAAS;;EAQpD,MAAM,MAAM,aAAa;GACrB,QAAQ,UAAU,KAAK,YAAY,KAAA;GACnC,UAAU;GACV,KAAK;GACL,IAAI;GACP,CAAC;AAGF,MAAI,gBAAgB;AAChB,OAAI,WAAW,eAAe;AAC9B,OAAI,qBAAqB,eAAe;;AAI5C,gBAAc,gBAAgB,IAAI;EAGlC,IAAI;AACJ,MAAI,SAAS,SAAS;GAClB,MAAM,mBAAmB,IAAI,QAAQ,QAAQ,QAAQ,UAAU,EAAE;IAC7D,QAAQ,QAAQ,UAAU;IAC1B,SAAS;IACT,MAAM,QAAQ;IAEd,QAAQ;IACX,CAAC;AACF,qBAAkB,MAAM,QAAQ,QAC5B,OAAO,OAAO,kBAAkB;IAAE,SAAS,QAAQ;IAAS,SAAS,QAAQ;IAAS,CAAC,EACvF,IACH;;EAGL,MAAM,WAAW,mBAAmB,aAAa,KAAK,EAClD,SAAS,EAAE,SAAS,gBAAgB,EACvC,CAAC;AAGF,MAAI,CAAC,eAAe,UAAU,OAAO,SACjC,UAAS,QAAQ,IAAI,aAAa,gBAAgB,IAAI,EAAE;GACpD,MAAM,eAAe;GACrB,UAAU,eAAe;GACzB,QAAQ,eAAe;GACvB,UAAU,eAAe;GACzB,QAAQ,eAAe;GAC1B,CAAC;AAGN,SAAO;;;;;;AAOf,SAAgB,gBACZ,SAC4D;CAC5D,MAAM,EAAE,eAAe,WAAW,eAAe,EAAE,KAAK;CACxD,MAAM,eAAe,IAAI,IAAI,OAAO,OAAO,UAAU,CAAC;AACtD,cAAa,IAAI,cAAc;AAE/B,SAAQ,SAAsB,QAAuC;EACjE,MAAM,WAAW,QAAQ,QAAQ;AAGjC,OAAK,MAAM,UAAU,aACjB,KAAI,SAAS,WAAW,OAAO,CAC3B;EAMR,MAAM,gBADW,SAAS,MAAM,IAAI,CAAC,OAAO,QAAQ,CACrB;AAG/B,MAAI,iBAAiB,aAAa,IAAI,cAAc,CAChD;EAIJ,MAAM,SAAU,IAAI,WAAW,UAAU,IAAI,YAAa;AAG1D,MAAI,WAAW,cACX;EAIJ,MAAM,MAAM,QAAQ,QAAQ,OAAO;AACnC,MAAI,WAAW,IAAI,SAAS;AAC5B,SAAO,aAAa,SAAS,KAAK,IAAI"}
+{"version":3,"file":"proxy.mjs","names":[],"sources":["../src/proxy.ts"],"sourcesContent":["declare const __PKG_NAME__: string;\ndeclare const __PKG_VERSION__: string;\n\nimport type { Geo } from '@netloc8/core';\nimport type { NextRequest } from 'next/server';\nimport { NextResponse } from 'next/server';\nimport {\n    getClientIp,\n    isPublicIp,\n    getGeoFromPlatformHeaders,\n    fetchGeo,\n    normalizeApiResponse,\n    parseCookie,\n    serializeCookie,\n    reconcileGeo,\n    COOKIE_NAME,\n    COOKIE_OPTIONS,\n} from '@netloc8/core';\n\ninterface CreateProxyOptions {\n    timeout?: number;\n    apiKey?: string;\n    apiUrl?: string;\n    testIp?: string;\n    handler?: (\n        request: NextRequest,\n        geo: Geo\n    ) => NextResponse | undefined | Promise<NextResponse | undefined>;\n}\n\ninterface GeoRedirectOptions {\n    defaultLocale: string;\n    localeMap: Record<string, string>;\n    excludePaths?: string[];\n}\n\n// --- Header transport ---\n// These map nested Geo paths to/from x-netloc8-* request headers\n// for the proxy → Server Component transport layer.\n\ninterface HeaderEntry {\n    header: string;\n    get: (geo: Geo) => string | number | boolean | string[] | undefined;\n    set: (geo: Geo, raw: string) => void;\n    type: 'string' | 'number' | 'boolean' | 'json';\n}\n\nconst HEADER_ENTRIES: HeaderEntry[] = [\n    {\n        header: 'x-netloc8-ip',\n        get: (g) => g.query?.value,\n        set: (g, v) => { if (!g.query) g.query = {}; g.query.value = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-ip-version',\n        get: (g) => g.query?.ipVersion,\n        set: (g, v) => { const n = parseFloat(v); if (!Number.isFinite(n)) return; if (!g.query) g.query = {}; g.query.ipVersion = n; },\n        type: 'number',\n    },\n    {\n        header: 'x-netloc8-continent-code',\n        get: (g) => g.location?.continent?.code,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.continent) g.location.continent = {};\n            g.location.continent.code = v;\n        },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-continent-name',\n        get: (g) => g.location?.continent?.name,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.continent) g.location.continent = {};\n            g.location.continent.name = v;\n        },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-country-code',\n        get: (g) => g.location?.country?.code,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.country) g.location.country = {};\n            g.location.country.code = v;\n        },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-country-name',\n        get: (g) => g.location?.country?.name,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.country) g.location.country = {};\n            g.location.country.name = v;\n        },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-country-flag',\n        get: (g) => g.location?.country?.flag,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.country) g.location.country = {};\n            g.location.country.flag = v;\n        },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-country-unions',\n        get: (g) => g.location?.country?.unions,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.country) g.location.country = {};\n            try {\n                const parsed = JSON.parse(v);\n                if (Array.isArray(parsed)) {\n                    g.location.country.unions = parsed;\n                }\n            } catch {\n                // Skip malformed JSON\n            }\n        },\n        type: 'json',\n    },\n    {\n        header: 'x-netloc8-region-code',\n        get: (g) => g.location?.region?.code,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.region) g.location.region = {};\n            g.location.region.code = v;\n        },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-region-name',\n        get: (g) => g.location?.region?.name,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.region) g.location.region = {};\n            g.location.region.name = v;\n        },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-district',\n        get: (g) => g.location?.district,\n        set: (g, v) => { if (!g.location) g.location = {}; g.location.district = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-city',\n        get: (g) => g.location?.city,\n        set: (g, v) => { if (!g.location) g.location = {}; g.location.city = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-postal-code',\n        get: (g) => g.location?.postalCode,\n        set: (g, v) => { if (!g.location) g.location = {}; g.location.postalCode = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-latitude',\n        get: (g) => g.location?.coordinates?.latitude,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.coordinates) g.location.coordinates = {};\n            const n = parseFloat(v); if (!Number.isFinite(n)) return;\n            g.location.coordinates.latitude = n;\n        },\n        type: 'number',\n    },\n    {\n        header: 'x-netloc8-longitude',\n        get: (g) => g.location?.coordinates?.longitude,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.coordinates) g.location.coordinates = {};\n            const n = parseFloat(v); if (!Number.isFinite(n)) return;\n            g.location.coordinates.longitude = n;\n        },\n        type: 'number',\n    },\n    {\n        header: 'x-netloc8-accuracy-radius',\n        get: (g) => g.location?.coordinates?.accuracyRadius,\n        set: (g, v) => {\n            if (!g.location) g.location = {};\n            if (!g.location.coordinates) g.location.coordinates = {};\n            const n = parseFloat(v); if (!Number.isFinite(n)) return;\n            g.location.coordinates.accuracyRadius = n;\n        },\n        type: 'number',\n    },\n    {\n        header: 'x-netloc8-timezone',\n        get: (g) => g.location?.timezone,\n        set: (g, v) => { if (!g.location) g.location = {}; g.location.timezone = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-utc-offset',\n        get: (g) => g.location?.utcOffset,\n        set: (g, v) => { if (!g.location) g.location = {}; g.location.utcOffset = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-geo-confidence',\n        get: (g) => g.location?.geoConfidence,\n        set: (g, v) => { const n = parseFloat(v); if (!Number.isFinite(n)) return; if (!g.location) g.location = {}; g.location.geoConfidence = n; },\n        type: 'number',\n    },\n    {\n        header: 'x-netloc8-asn',\n        get: (g) => g.network?.asn,\n        set: (g, v) => { if (!g.network) g.network = {}; g.network.asn = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-asn-org',\n        get: (g) => g.network?.organization,\n        set: (g, v) => { if (!g.network) g.network = {}; g.network.organization = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-asn-domain',\n        get: (g) => g.network?.domain,\n        set: (g, v) => { if (!g.network) g.network = {}; g.network.domain = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-precision',\n        get: (g) => g.meta?.precision,\n        set: (g, v) => { if (!g.meta) g.meta = {}; g.meta.precision = v; },\n        type: 'string',\n    },\n    {\n        header: 'x-netloc8-degraded',\n        get: (g) => g.meta?.degraded,\n        set: (g, v) => { if (!g.meta) g.meta = {}; g.meta.degraded = v === 'true'; },\n        type: 'boolean',\n    },\n    {\n        header: 'x-netloc8-timezone-from-client',\n        get: (g) => g.location?.timezoneFromClient,\n        set: (g, v) => { if (!g.location) g.location = {}; g.location.timezoneFromClient = v === 'true'; },\n        type: 'boolean',\n    },\n];\n\n/**\n * Set x-netloc8-* request headers from a Geo object.\n */\nfunction setGeoHeaders(requestHeaders: Headers, geo: Geo): void {\n    for (const entry of HEADER_ENTRIES) {\n        const value = entry.get(geo);\n        if (value !== undefined && value !== null) {\n            if (entry.type === 'json') {\n                requestHeaders.set(entry.header, encodeURIComponent(JSON.stringify(value)));\n            } else {\n                requestHeaders.set(entry.header, encodeURIComponent(String(value)));\n            }\n        }\n    }\n}\n\n/**\n * Read x-netloc8-* request headers back into a Geo object.\n * Used by server.ts to reconstruct Geo on the server side.\n */\nexport function readGeoHeaders(headers: Headers): Geo {\n    const geo: Geo = {};\n\n    for (const entry of HEADER_ENTRIES) {\n        const raw = headers.get(entry.header);\n        if (raw === null) {\n            continue;\n        }\n\n        try {\n            const decoded = decodeURIComponent(raw);\n            entry.set(geo, decoded);\n        } catch {\n            // Skip this header if decodeURIComponent throws\n        }\n    }\n\n    return geo;\n}\n\n/**\n * Create a Next.js 16 proxy function that resolves geolocation for every\n * matching request.\n *\n * Returns a standard proxy function that can be exported directly from the\n * user's proxy.ts / proxy.js file, or composed with other proxy logic.\n */\nexport function createProxy(options?: CreateProxyOptions):\n    (request: NextRequest) => Promise<NextResponse> {\n\n    return async (request: NextRequest): Promise<NextResponse> => {\n        const apiKey = options?.apiKey ?? process.env.NETLOC8_API_KEY;\n        const apiUrl = options?.apiUrl ?? process.env.NETLOC8_API_URL;\n        const timeout = options?.timeout ?? 1500;\n\n        // Security: Remove any incoming spoofed headers\n        const requestHeaders = new Headers(request.headers);\n        for (const entry of HEADER_ENTRIES) {\n            requestHeaders.delete(entry.header);\n        }\n\n        // 1. Determine client IP\n        let clientIp: string | undefined;\n\n        if (process.env.NODE_ENV !== 'production') {\n            clientIp = options?.testIp ?? process.env.NETLOC8_TEST_IP;\n        }\n\n        if (!clientIp) {\n            clientIp = getClientIp(request.headers);\n        }\n\n        // 2. Check the cookie cache (fast path)\n        const cookieValue = request.cookies.get(COOKIE_NAME)?.value;\n        const cookieGeo = parseCookie(cookieValue);\n\n        // Cookie fast path: only trust timezone/timezoneFromClient from the\n        // client-controlled cookie. Re-resolve other geo fields to prevent\n        // spoofing of country/region/city via cookie manipulation.\n        const cookieTimezone = (\n            cookieGeo.location?.timezoneFromClient === true &&\n            cookieGeo.query?.value === clientIp\n        ) ? {\n            timezone: cookieGeo.location.timezone,\n            timezoneFromClient: cookieGeo.location.timezoneFromClient,\n        } : undefined;\n\n        // 3. Extract platform headers (zero-cost)\n        const platformGeo = getGeoFromPlatformHeaders(request.headers);\n\n        // 4. Decide whether to call the API\n        let apiGeo: Geo | undefined;\n\n        if (clientIp && isPublicIp(clientIp) && !platformGeo.location?.country?.code && !cookieTimezone) {\n            const raw = await fetchGeo(clientIp, { apiKey, apiUrl, timeout, clientId: typeof __PKG_NAME__ !== 'undefined' ? `${__PKG_NAME__}/${__PKG_VERSION__}` : undefined });\n            if (raw) {\n                apiGeo = normalizeApiResponse(raw, clientIp);\n            }\n        }\n\n        // 5. Reconcile all sources — cookie is lowest priority in\n        //    reconcileGeo, so platform headers and API data overwrite it.\n        //    Pass the full cookie so self-hosted deployments (no platform\n        //    headers, API call skipped) still have city/country/region.\n        const geo = reconcileGeo({\n            cookie: cookieGeo.query?.value ? cookieGeo : undefined,\n            platform: platformGeo,\n            api: apiGeo,\n            ip: clientIp,\n        });\n\n        // Apply trusted cookie timezone if available\n        if (cookieTimezone) {\n            if (!geo.location) geo.location = {};\n            geo.location.timezone = cookieTimezone.timezone;\n            geo.location.timezoneFromClient = cookieTimezone.timezoneFromClient;\n        }\n\n        // 6. Set request headers\n        setGeoHeaders(requestHeaders, geo);\n\n        // 7. Build the response — use sanitized headers in the handler\n        let handlerResponse: NextResponse | undefined;\n        if (options?.handler) {\n            const sanitizedRequest = new Request(request.nextUrl.toString(), {\n                method: request.method ?? 'GET',\n                headers: requestHeaders,\n                body: request.body,\n                // @ts-expect-error -- NextRequest supports duplex but TS doesn't expose it\n                duplex: 'half',\n            });\n            handlerResponse = await options.handler(\n                Object.assign(sanitizedRequest, { nextUrl: request.nextUrl, cookies: request.cookies }) as NextRequest,\n                geo\n            );\n        }\n\n        const response = handlerResponse ?? NextResponse.next({\n            request: { headers: requestHeaders },\n        });\n\n        // 8. Set/update the cookie if needed\n        if (!cookieValue || cookieGeo.query?.value !== clientIp) {\n            response.cookies.set(COOKIE_NAME, serializeCookie(geo), {\n                path: COOKIE_OPTIONS.path,\n                httpOnly: COOKIE_OPTIONS.httpOnly,\n                secure: COOKIE_OPTIONS.secure,\n                sameSite: COOKIE_OPTIONS.sameSite,\n                maxAge: COOKIE_OPTIONS.maxAge,\n            });\n        }\n\n        return response;\n    };\n}\n\n/**\n * Create a geo-redirect handler for use with createProxy.\n */\nexport function withGeoRedirect(\n    options: GeoRedirectOptions\n): (request: NextRequest, geo: Geo) => NextResponse | undefined {\n    const { defaultLocale, localeMap, excludePaths = [] } = options;\n    const validLocales = new Set(Object.values(localeMap));\n    validLocales.add(defaultLocale);\n\n    return (request: NextRequest, geo: Geo): NextResponse | undefined => {\n        const pathname = request.nextUrl.pathname;\n\n        // Skip excluded paths\n        for (const prefix of excludePaths) {\n            if (pathname.startsWith(prefix)) {\n                return undefined;\n            }\n        }\n\n        // Extract current locale prefix from path\n        const segments = pathname.split('/').filter(Boolean);\n        const currentPrefix = segments[0];\n\n        // If path already has a valid locale prefix, don't redirect\n        if (currentPrefix && validLocales.has(currentPrefix)) {\n            return undefined;\n        }\n\n        // Look up locale for the user's country\n        const countryCode = geo.location?.country?.code;\n        const locale = (countryCode && localeMap[countryCode]) || defaultLocale;\n\n        // If resolved locale is the default and path has no locale prefix, no redirect needed\n        if (locale === defaultLocale) {\n            return undefined;\n        }\n\n        // Redirect to locale-prefixed path\n        const url = request.nextUrl.clone();\n        url.pathname = `/${locale}${pathname}`;\n        return NextResponse.redirect(url, 307);\n    };\n}\n"],"mappings":"2QA+CA,MAAM,EAAgC,CAClC,CACI,OAAQ,eACR,IAAM,GAAM,EAAE,OAAO,MACrB,KAAM,EAAG,IAAM,CAAE,AAAc,EAAE,QAAQ,EAAE,CAAE,EAAE,MAAM,MAAQ,GAC7D,KAAM,SACT,CACD,CACI,OAAQ,uBACR,IAAM,GAAM,EAAE,OAAO,UACrB,KAAM,EAAG,IAAM,CAAE,IAAM,EAAI,WAAW,EAAE,CAAO,OAAO,SAAS,EAAE,GAAU,AAAc,EAAE,QAAQ,EAAE,CAAE,EAAE,MAAM,UAAY,IAC3H,KAAM,SACT,CACD,CACI,OAAQ,2BACR,IAAM,GAAM,EAAE,UAAU,WAAW,KACnC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,YAAW,EAAE,SAAS,UAAY,EAAE,EACpD,EAAE,SAAS,UAAU,KAAO,GAEhC,KAAM,SACT,CACD,CACI,OAAQ,2BACR,IAAM,GAAM,EAAE,UAAU,WAAW,KACnC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,YAAW,EAAE,SAAS,UAAY,EAAE,EACpD,EAAE,SAAS,UAAU,KAAO,GAEhC,KAAM,SACT,CACD,CACI,OAAQ,yBACR,IAAM,GAAM,EAAE,UAAU,SAAS,KACjC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,UAAS,EAAE,SAAS,QAAU,EAAE,EAChD,EAAE,SAAS,QAAQ,KAAO,GAE9B,KAAM,SACT,CACD,CACI,OAAQ,yBACR,IAAM,GAAM,EAAE,UAAU,SAAS,KACjC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,UAAS,EAAE,SAAS,QAAU,EAAE,EAChD,EAAE,SAAS,QAAQ,KAAO,GAE9B,KAAM,SACT,CACD,CACI,OAAQ,yBACR,IAAM,GAAM,EAAE,UAAU,SAAS,KACjC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,UAAS,EAAE,SAAS,QAAU,EAAE,EAChD,EAAE,SAAS,QAAQ,KAAO,GAE9B,KAAM,SACT,CACD,CACI,OAAQ,2BACR,IAAM,GAAM,EAAE,UAAU,SAAS,OACjC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,UAAS,EAAE,SAAS,QAAU,EAAE,EAChD,GAAI,CACA,IAAM,EAAS,KAAK,MAAM,EAAE,CACxB,MAAM,QAAQ,EAAO,GACrB,EAAE,SAAS,QAAQ,OAAS,QAE5B,IAIZ,KAAM,OACT,CACD,CACI,OAAQ,wBACR,IAAM,GAAM,EAAE,UAAU,QAAQ,KAChC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,SAAQ,EAAE,SAAS,OAAS,EAAE,EAC9C,EAAE,SAAS,OAAO,KAAO,GAE7B,KAAM,SACT,CACD,CACI,OAAQ,wBACR,IAAM,GAAM,EAAE,UAAU,QAAQ,KAChC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,SAAQ,EAAE,SAAS,OAAS,EAAE,EAC9C,EAAE,SAAS,OAAO,KAAO,GAE7B,KAAM,SACT,CACD,CACI,OAAQ,qBACR,IAAM,GAAM,EAAE,UAAU,SACxB,KAAM,EAAG,IAAM,CAAE,AAAiB,EAAE,WAAW,EAAE,CAAE,EAAE,SAAS,SAAW,GACzE,KAAM,SACT,CACD,CACI,OAAQ,iBACR,IAAM,GAAM,EAAE,UAAU,KACxB,KAAM,EAAG,IAAM,CAAE,AAAiB,EAAE,WAAW,EAAE,CAAE,EAAE,SAAS,KAAO,GACrE,KAAM,SACT,CACD,CACI,OAAQ,wBACR,IAAM,GAAM,EAAE,UAAU,WACxB,KAAM,EAAG,IAAM,CAAE,AAAiB,EAAE,WAAW,EAAE,CAAE,EAAE,SAAS,WAAa,GAC3E,KAAM,SACT,CACD,CACI,OAAQ,qBACR,IAAM,GAAM,EAAE,UAAU,aAAa,SACrC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,cAAa,EAAE,SAAS,YAAc,EAAE,EACxD,IAAM,EAAI,WAAW,EAAE,CAAO,OAAO,SAAS,EAAE,GAChD,EAAE,SAAS,YAAY,SAAW,IAEtC,KAAM,SACT,CACD,CACI,OAAQ,sBACR,IAAM,GAAM,EAAE,UAAU,aAAa,UACrC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,cAAa,EAAE,SAAS,YAAc,EAAE,EACxD,IAAM,EAAI,WAAW,EAAE,CAAO,OAAO,SAAS,EAAE,GAChD,EAAE,SAAS,YAAY,UAAY,IAEvC,KAAM,SACT,CACD,CACI,OAAQ,4BACR,IAAM,GAAM,EAAE,UAAU,aAAa,eACrC,KAAM,EAAG,IAAM,CACX,AAAiB,EAAE,WAAW,EAAE,CAC3B,EAAE,SAAS,cAAa,EAAE,SAAS,YAAc,EAAE,EACxD,IAAM,EAAI,WAAW,EAAE,CAAO,OAAO,SAAS,EAAE,GAChD,EAAE,SAAS,YAAY,eAAiB,IAE5C,KAAM,SACT,CACD,CACI,OAAQ,qBACR,IAAM,GAAM,EAAE,UAAU,SACxB,KAAM,EAAG,IAAM,CAAE,AAAiB,EAAE,WAAW,EAAE,CAAE,EAAE,SAAS,SAAW,GACzE,KAAM,SACT,CACD,CACI,OAAQ,uBACR,IAAM,GAAM,EAAE,UAAU,UACxB,KAAM,EAAG,IAAM,CAAE,AAAiB,EAAE,WAAW,EAAE,CAAE,EAAE,SAAS,UAAY,GAC1E,KAAM,SACT,CACD,CACI,OAAQ,2BACR,IAAM,GAAM,EAAE,UAAU,cACxB,KAAM,EAAG,IAAM,CAAE,IAAM,EAAI,WAAW,EAAE,CAAO,OAAO,SAAS,EAAE,GAAU,AAAiB,EAAE,WAAW,EAAE,CAAE,EAAE,SAAS,cAAgB,IACxI,KAAM,SACT,CACD,CACI,OAAQ,gBACR,IAAM,GAAM,EAAE,SAAS,IACvB,KAAM,EAAG,IAAM,CAAE,AAAgB,EAAE,UAAU,EAAE,CAAE,EAAE,QAAQ,IAAM,GACjE,KAAM,SACT,CACD,CACI,OAAQ,oBACR,IAAM,GAAM,EAAE,SAAS,aACvB,KAAM,EAAG,IAAM,CAAE,AAAgB,EAAE,UAAU,EAAE,CAAE,EAAE,QAAQ,aAAe,GAC1E,KAAM,SACT,CACD,CACI,OAAQ,uBACR,IAAM,GAAM,EAAE,SAAS,OACvB,KAAM,EAAG,IAAM,CAAE,AAAgB,EAAE,UAAU,EAAE,CAAE,EAAE,QAAQ,OAAS,GACpE,KAAM,SACT,CACD,CACI,OAAQ,sBACR,IAAM,GAAM,EAAE,MAAM,UACpB,KAAM,EAAG,IAAM,CAAE,AAAa,EAAE,OAAO,EAAE,CAAE,EAAE,KAAK,UAAY,GAC9D,KAAM,SACT,CACD,CACI,OAAQ,qBACR,IAAM,GAAM,EAAE,MAAM,SACpB,KAAM,EAAG,IAAM,CAAE,AAAa,EAAE,OAAO,EAAE,CAAE,EAAE,KAAK,SAAW,IAAM,QACnE,KAAM,UACT,CACD,CACI,OAAQ,iCACR,IAAM,GAAM,EAAE,UAAU,mBACxB,KAAM,EAAG,IAAM,CAAE,AAAiB,EAAE,WAAW,EAAE,CAAE,EAAE,SAAS,mBAAqB,IAAM,QACzF,KAAM,UACT,CACJ,CAKD,SAAS,EAAc,EAAyB,EAAgB,CAC5D,IAAK,IAAM,KAAS,EAAgB,CAChC,IAAM,EAAQ,EAAM,IAAI,EAAI,CACxB,GAAiC,OAC7B,EAAM,OAAS,OACf,EAAe,IAAI,EAAM,OAAQ,mBAAmB,KAAK,UAAU,EAAM,CAAC,CAAC,CAE3E,EAAe,IAAI,EAAM,OAAQ,mBAAmB,OAAO,EAAM,CAAC,CAAC,GAUnF,SAAgB,EAAe,EAAuB,CAClD,IAAM,EAAW,EAAE,CAEnB,IAAK,IAAM,KAAS,EAAgB,CAChC,IAAM,EAAM,EAAQ,IAAI,EAAM,OAAO,CACjC,OAAQ,KAIZ,GAAI,CACA,IAAM,EAAU,mBAAmB,EAAI,CACvC,EAAM,IAAI,EAAK,EAAQ,MACnB,GAKZ,OAAO,EAUX,SAAgB,EAAY,EACwB,CAEhD,OAAO,KAAO,IAAgD,CAC1D,IAAM,EAAS,GAAS,QAAU,QAAQ,IAAI,gBACxC,EAAS,GAAS,QAAU,QAAQ,IAAI,gBACxC,EAAU,GAAS,SAAW,KAG9B,EAAiB,IAAI,QAAQ,EAAQ,QAAQ,CACnD,IAAK,IAAM,KAAS,EAChB,EAAe,OAAO,EAAM,OAAO,CAIvC,IAAI,EAEA,QAAQ,IAAI,WAAa,eACzB,EAAW,GAAS,QAAU,QAAQ,IAAI,iBAG9C,AACI,IAAW,EAAY,EAAQ,QAAQ,CAI3C,IAAM,EAAc,EAAQ,QAAQ,IAAI,EAAY,EAAE,MAChD,EAAY,EAAY,EAAY,CAKpC,EACF,EAAU,UAAU,qBAAuB,IAC3C,EAAU,OAAO,QAAU,EAC3B,CACA,SAAU,EAAU,SAAS,SAC7B,mBAAoB,EAAU,SAAS,mBAC1C,CAAG,IAAA,GAGE,EAAc,EAA0B,EAAQ,QAAQ,CAG1D,EAEJ,GAAI,GAAY,EAAW,EAAS,EAAI,CAAC,EAAY,UAAU,SAAS,MAAQ,CAAC,EAAgB,CAC7F,IAAM,EAAM,MAAM,EAAS,EAAU,CAAE,SAAQ,SAAQ,UAAS,SAAgD,wBAAkD,CAAC,CAC/J,IACA,EAAS,EAAqB,EAAK,EAAS,EAQpD,IAAM,EAAM,EAAa,CACrB,OAAQ,EAAU,OAAO,MAAQ,EAAY,IAAA,GAC7C,SAAU,EACV,IAAK,EACL,GAAI,EACP,CAAC,CAGE,IACA,AAAmB,EAAI,WAAW,EAAE,CACpC,EAAI,SAAS,SAAW,EAAe,SACvC,EAAI,SAAS,mBAAqB,EAAe,oBAIrD,EAAc,EAAgB,EAAI,CAGlC,IAAI,EACJ,GAAI,GAAS,QAAS,CAClB,IAAM,EAAmB,IAAI,QAAQ,EAAQ,QAAQ,UAAU,CAAE,CAC7D,OAAQ,EAAQ,QAAU,MAC1B,QAAS,EACT,KAAM,EAAQ,KAEd,OAAQ,OACX,CAAC,CACF,EAAkB,MAAM,EAAQ,QAC5B,OAAO,OAAO,EAAkB,CAAE,QAAS,EAAQ,QAAS,QAAS,EAAQ,QAAS,CAAC,CACvF,EACH,CAGL,IAAM,EAAW,GAAmB,EAAa,KAAK,CAClD,QAAS,CAAE,QAAS,EAAgB,CACvC,CAAC,CAaF,OAVI,CAAC,GAAe,EAAU,OAAO,QAAU,IAC3C,EAAS,QAAQ,IAAI,EAAa,EAAgB,EAAI,CAAE,CACpD,KAAM,EAAe,KACrB,SAAU,EAAe,SACzB,OAAQ,EAAe,OACvB,SAAU,EAAe,SACzB,OAAQ,EAAe,OAC1B,CAAC,CAGC,GAOf,SAAgB,EACZ,EAC4D,CAC5D,GAAM,CAAE,gBAAe,YAAW,eAAe,EAAE,EAAK,EAClD,EAAe,IAAI,IAAI,OAAO,OAAO,EAAU,CAAC,CAGtD,OAFA,EAAa,IAAI,EAAc,EAEvB,EAAsB,IAAuC,CACjE,IAAM,EAAW,EAAQ,QAAQ,SAGjC,IAAK,IAAM,KAAU,EACjB,GAAI,EAAS,WAAW,EAAO,CAC3B,OAMR,IAAM,EADW,EAAS,MAAM,IAAI,CAAC,OAAO,QAAQ,CACrB,GAG/B,GAAI,GAAiB,EAAa,IAAI,EAAc,CAChD,OAIJ,IAAM,EAAc,EAAI,UAAU,SAAS,KACrC,EAAU,GAAe,EAAU,IAAiB,EAG1D,GAAI,IAAW,EACX,OAIJ,IAAM,EAAM,EAAQ,QAAQ,OAAO,CAEnC,MADA,GAAI,SAAW,IAAI,IAAS,IACrB,EAAa,SAAS,EAAK,IAAI"}

package/dist/server.d.mts

@@ -2,18 +2,19 @@ import { Geo } from "@netloc8/core";
 
 //#region src/server.d.ts
 /**
-* Get the full geolocation data for the current request.
-* Must be called from a Server Component, Route Handler, or Server Action.
+* Read geo data in a Server Component, Route Handler, or Server Action.
 *
-* Returns the Geo object populated by the proxy. If the proxy did not run
-* (e.g. the route is excluded from the matcher), returns an empty object.
+* Reads x-netloc8-* headers set by `createProxy()` and reconstructs a
+* full Geo object.
 */
 declare function getGeo(): Promise<Geo>;
 /**
-* Get the timezone for the current request.
-* Shorthand for (await getGeo()).timezone.
+* Read timezone in a Server Component, Route Handler, or Server Action.
+*
+* 1. Reads the timezone from the geo headers set by the proxy.
+* 2. If empty, fetches from the API using the request IP.
 */
-declare function getTimezone(): Promise<string | undefined>;
+declare function getTimezone(): Promise<string | null>;
 //#endregion
 export { getGeo, getTimezone };
 //# sourceMappingURL=server.d.mts.map

package/dist/server.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.mts","names":[],"sources":["../src/server.ts"],"mappings":";;;;;AAkCA;;;;;iBAAsB,MAAA,CAAA,GAAU,OAAA,CAAQ,GAAA;;;;;iBAwClB,WAAA,CAAA,GAAe,OAAA"}
+{"version":3,"file":"server.d.mts","names":[],"sources":["../src/server.ts"],"mappings":";;;;;AAWA;;;;iBAAsB,MAAA,CAAA,GAAU,OAAA,CAAQ,GAAA;AAWxC;;;;;;AAAA,iBAAsB,WAAA,CAAA,GAAe,OAAA"}

package/dist/server.mjs

@@ -1,141 +1,2 @@
-//#region src/server.ts
-/**
-* Header-to-Geo field mapping.
-*/
-const HEADER_MAP = [
-	[
-		"x-netloc8-ip",
-		"ip",
-		"string"
-	],
-	[
-		"x-netloc8-ip-version",
-		"ipVersion",
-		"number"
-	],
-	[
-		"x-netloc8-continent",
-		"continent",
-		"string"
-	],
-	[
-		"x-netloc8-continent-name",
-		"continentName",
-		"string"
-	],
-	[
-		"x-netloc8-country",
-		"country",
-		"string"
-	],
-	[
-		"x-netloc8-country-name",
-		"countryName",
-		"string"
-	],
-	[
-		"x-netloc8-is-eu",
-		"isEU",
-		"boolean"
-	],
-	[
-		"x-netloc8-region",
-		"region",
-		"string"
-	],
-	[
-		"x-netloc8-region-name",
-		"regionName",
-		"string"
-	],
-	[
-		"x-netloc8-city",
-		"city",
-		"string"
-	],
-	[
-		"x-netloc8-postal-code",
-		"postalCode",
-		"string"
-	],
-	[
-		"x-netloc8-latitude",
-		"latitude",
-		"number"
-	],
-	[
-		"x-netloc8-longitude",
-		"longitude",
-		"number"
-	],
-	[
-		"x-netloc8-timezone",
-		"timezone",
-		"string"
-	],
-	[
-		"x-netloc8-accuracy-radius",
-		"accuracyRadius",
-		"number"
-	],
-	[
-		"x-netloc8-precision",
-		"precision",
-		"string"
-	],
-	[
-		"x-netloc8-is-limited",
-		"isLimited",
-		"boolean"
-	],
-	[
-		"x-netloc8-limit-reason",
-		"limitReason",
-		"string"
-	],
-	[
-		"x-netloc8-timezone-from-client",
-		"timezoneFromClient",
-		"boolean"
-	]
-];
-/**
-* Get the full geolocation data for the current request.
-* Must be called from a Server Component, Route Handler, or Server Action.
-*
-* Returns the Geo object populated by the proxy. If the proxy did not run
-* (e.g. the route is excluded from the matcher), returns an empty object.
-*/
-async function getGeo() {
-	try {
-		const { headers } = await import("next/headers");
-		const h = await headers();
-		const geo = {};
-		for (const [header, field, type] of HEADER_MAP) {
-			const raw = h.get(header);
-			if (raw === null) continue;
-			try {
-				const decoded = decodeURIComponent(raw);
-				if (type === "number") {
-					const num = parseFloat(decoded);
-					if (!isNaN(num)) geo[field] = num;
-				} else if (type === "boolean") geo[field] = decoded === "true";
-				else geo[field] = decoded;
-			} catch {}
-		}
-		return geo;
-	} catch {
-		return {};
-	}
-}
-/**
-* Get the timezone for the current request.
-* Shorthand for (await getGeo()).timezone.
-*/
-async function getTimezone() {
-	return (await getGeo()).timezone;
-}
-//#endregion
-export { getGeo, getTimezone };
-
+import{readGeoHeaders as e}from"./proxy.mjs";import{DEFAULT_API_URL as t,fetchTimezone as n}from"@netloc8/core";import{headers as r}from"next/headers";async function i(){return e(await r())}async function a(){let e=await i(),r=e.location?.timezone;if(r)return r;let a=e.query?.value;return a?await n(a,{apiUrl:process.env.NETLOC8_API_URL??t,apiKey:process.env.NETLOC8_API_KEY}):null}export{i as getGeo,a as getTimezone};
 //# sourceMappingURL=server.mjs.map

package/dist/server.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"server.mjs","names":[],"sources":["../src/server.ts"],"sourcesContent":["import type { Geo } from '@netloc8/core';\n\n/**\n * Header-to-Geo field mapping.\n */\nconst HEADER_MAP: Array<[string, keyof Geo, 'string' | 'number' | 'boolean']> = [\n    ['x-netloc8-ip', 'ip', 'string'],\n    ['x-netloc8-ip-version', 'ipVersion', 'number'],\n    ['x-netloc8-continent', 'continent', 'string'],\n    ['x-netloc8-continent-name', 'continentName', 'string'],\n    ['x-netloc8-country', 'country', 'string'],\n    ['x-netloc8-country-name', 'countryName', 'string'],\n    ['x-netloc8-is-eu', 'isEU', 'boolean'],\n    ['x-netloc8-region', 'region', 'string'],\n    ['x-netloc8-region-name', 'regionName', 'string'],\n    ['x-netloc8-city', 'city', 'string'],\n    ['x-netloc8-postal-code', 'postalCode', 'string'],\n    ['x-netloc8-latitude', 'latitude', 'number'],\n    ['x-netloc8-longitude', 'longitude', 'number'],\n    ['x-netloc8-timezone', 'timezone', 'string'],\n    ['x-netloc8-accuracy-radius', 'accuracyRadius', 'number'],\n    ['x-netloc8-precision', 'precision', 'string'],\n    ['x-netloc8-is-limited', 'isLimited', 'boolean'],\n    ['x-netloc8-limit-reason', 'limitReason', 'string'],\n    ['x-netloc8-timezone-from-client', 'timezoneFromClient', 'boolean'],\n];\n\n/**\n * Get the full geolocation data for the current request.\n * Must be called from a Server Component, Route Handler, or Server Action.\n *\n * Returns the Geo object populated by the proxy. If the proxy did not run\n * (e.g. the route is excluded from the matcher), returns an empty object.\n */\nexport async function getGeo(): Promise<Geo> {\n    try {\n        const { headers } = await import('next/headers');\n        const h = await headers();\n        const geo: Geo = {};\n\n        for (const [header, field, type] of HEADER_MAP) {\n            const raw = h.get(header);\n            if (raw === null) {\n                continue;\n            }\n\n            try {\n                const decoded = decodeURIComponent(raw);\n\n                if (type === 'number') {\n                    const num = parseFloat(decoded);\n                    if (!isNaN(num)) {\n                        (geo as Record<string, unknown>)[field] = num;\n                    }\n                } else if (type === 'boolean') {\n                    (geo as Record<string, unknown>)[field] = decoded === 'true';\n                } else {\n                    (geo as Record<string, unknown>)[field] = decoded;\n                }\n            } catch {\n                // Skip this header if decodeURIComponent throws\n            }\n        }\n\n        return geo;\n    } catch {\n        return {};\n    }\n}\n\n/**\n * Get the timezone for the current request.\n * Shorthand for (await getGeo()).timezone.\n */\nexport async function getTimezone(): Promise<string | undefined> {\n    const geo = await getGeo();\n    return geo.timezone;\n}\n"],"mappings":";;;;AAKA,MAAM,aAA0E;CAC5E;EAAC;EAAgB;EAAM;EAAS;CAChC;EAAC;EAAwB;EAAa;EAAS;CAC/C;EAAC;EAAuB;EAAa;EAAS;CAC9C;EAAC;EAA4B;EAAiB;EAAS;CACvD;EAAC;EAAqB;EAAW;EAAS;CAC1C;EAAC;EAA0B;EAAe;EAAS;CACnD;EAAC;EAAmB;EAAQ;EAAU;CACtC;EAAC;EAAoB;EAAU;EAAS;CACxC;EAAC;EAAyB;EAAc;EAAS;CACjD;EAAC;EAAkB;EAAQ;EAAS;CACpC;EAAC;EAAyB;EAAc;EAAS;CACjD;EAAC;EAAsB;EAAY;EAAS;CAC5C;EAAC;EAAuB;EAAa;EAAS;CAC9C;EAAC;EAAsB;EAAY;EAAS;CAC5C;EAAC;EAA6B;EAAkB;EAAS;CACzD;EAAC;EAAuB;EAAa;EAAS;CAC9C;EAAC;EAAwB;EAAa;EAAU;CAChD;EAAC;EAA0B;EAAe;EAAS;CACnD;EAAC;EAAkC;EAAsB;EAAU;CACtE;;;;;;;;AASD,eAAsB,SAAuB;AACzC,KAAI;EACA,MAAM,EAAE,YAAY,MAAM,OAAO;EACjC,MAAM,IAAI,MAAM,SAAS;EACzB,MAAM,MAAW,EAAE;AAEnB,OAAK,MAAM,CAAC,QAAQ,OAAO,SAAS,YAAY;GAC5C,MAAM,MAAM,EAAE,IAAI,OAAO;AACzB,OAAI,QAAQ,KACR;AAGJ,OAAI;IACA,MAAM,UAAU,mBAAmB,IAAI;AAEvC,QAAI,SAAS,UAAU;KACnB,MAAM,MAAM,WAAW,QAAQ;AAC/B,SAAI,CAAC,MAAM,IAAI,CACV,KAAgC,SAAS;eAEvC,SAAS,UACf,KAAgC,SAAS,YAAY;QAErD,KAAgC,SAAS;WAE1C;;AAKZ,SAAO;SACH;AACJ,SAAO,EAAE;;;;;;;AAQjB,eAAsB,cAA2C;AAE7D,SADY,MAAM,QAAQ,EACf"}
+{"version":3,"file":"server.mjs","names":[],"sources":["../src/server.ts"],"sourcesContent":["import type { Geo } from '@netloc8/core';\nimport { headers } from 'next/headers';\nimport { DEFAULT_API_URL, fetchTimezone } from '@netloc8/core';\nimport { readGeoHeaders } from './proxy';\n\n/**\n * Read geo data in a Server Component, Route Handler, or Server Action.\n *\n * Reads x-netloc8-* headers set by `createProxy()` and reconstructs a\n * full Geo object.\n */\nexport async function getGeo(): Promise<Geo> {\n    const headerStore = await headers();\n    return readGeoHeaders(headerStore);\n}\n\n/**\n * Read timezone in a Server Component, Route Handler, or Server Action.\n *\n * 1. Reads the timezone from the geo headers set by the proxy.\n * 2. If empty, fetches from the API using the request IP.\n */\nexport async function getTimezone(): Promise<string | null> {\n    const geo = await getGeo();\n    const timezone = geo.location?.timezone;\n\n    if (timezone) {\n        return timezone;\n    }\n\n    // Fall back to API\n    const ip = geo.query?.value;\n    if (ip) {\n        return await fetchTimezone(ip, {\n            apiUrl: process.env.NETLOC8_API_URL ?? DEFAULT_API_URL,\n            apiKey: process.env.NETLOC8_API_KEY,\n        });\n    }\n\n    return null;\n}\n"],"mappings":"uJAWA,eAAsB,GAAuB,CAEzC,OAAO,EADa,MAAM,GAAS,CACD,CAStC,eAAsB,GAAsC,CACxD,IAAM,EAAM,MAAM,GAAQ,CACpB,EAAW,EAAI,UAAU,SAE/B,GAAI,EACA,OAAO,EAIX,IAAM,EAAK,EAAI,OAAO,MAQtB,OAPI,EACO,MAAM,EAAc,EAAI,CAC3B,OAAQ,QAAQ,IAAI,iBAAmB,EACvC,OAAQ,QAAQ,IAAI,gBACvB,CAAC,CAGC"}

package/package.json

@@ -1,6 +1,34 @@
 {
     "name": "@netloc8/nextjs",
-    "version": "0.2.0",
+    "version": "1.0.1",
+    "description": "Next.js geolocation plugin. Server-side proxy, getGeo() for Server Components, useGeo() hook, GeoGate, and locale-based redirects.",
+    "keywords": [
+        "nextjs",
+        "next",
+        "next-plugin",
+        "geolocation",
+        "ip-geolocation",
+        "geoip",
+        "server-components",
+        "app-router",
+        "middleware",
+        "proxy",
+        "ssr",
+        "timezone",
+        "eu-detection",
+        "gdpr",
+        "locale-redirect",
+        "geo-blocking",
+        "cookie-consent",
+        "location-detection",
+        "netloc8"
+    ],
+    "homepage": "https://netloc8.com",
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/netloc8/netloc8-js",
+        "directory": "packages/nextjs"
+    },
     "type": "module",
     "license": "Elastic-2.0",
     "exports": {
@@ -35,7 +63,10 @@
         "react": ">=19.0.0"
     },
     "dependencies": {
-        "@netloc8/core": "0.2.0",
-        "@netloc8/react": "0.2.0"
+        "@netloc8/core": "1.0.0",
+        "@netloc8/react": "1.0.0"
+    },
+    "engines": {
+        "node": ">=18"
     }
 }