@propelauth/nextjs 0.0.63 → 0.0.68

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,320 @@
1
+ var __async = (__this, __arguments, generator) => {
2
+ return new Promise((resolve, reject) => {
3
+ var fulfilled = (value) => {
4
+ try {
5
+ step(generator.next(value));
6
+ } catch (e) {
7
+ reject(e);
8
+ }
9
+ };
10
+ var rejected = (value) => {
11
+ try {
12
+ step(generator.throw(value));
13
+ } catch (e) {
14
+ reject(e);
15
+ }
16
+ };
17
+ var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
18
+ step((generator = generator.apply(__this, __arguments)).next());
19
+ });
20
+ };
21
+
22
+ // src/user.ts
23
+ var User = class {
24
+ constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId) {
25
+ this.userId = userId;
26
+ this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo;
27
+ this.email = email;
28
+ this.firstName = firstName;
29
+ this.lastName = lastName;
30
+ this.username = username;
31
+ this.legacyUserId = legacyUserId;
32
+ this.impersonatorUserId = impersonatorUserId;
33
+ }
34
+ getOrg(orgId) {
35
+ if (!this.orgIdToOrgMemberInfo) {
36
+ return void 0;
37
+ }
38
+ return this.orgIdToOrgMemberInfo[orgId];
39
+ }
40
+ getOrgByName(orgName) {
41
+ if (!this.orgIdToOrgMemberInfo) {
42
+ return void 0;
43
+ }
44
+ const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, "-");
45
+ for (const orgId in this.orgIdToOrgMemberInfo) {
46
+ const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId];
47
+ if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {
48
+ return orgMemberInfo;
49
+ }
50
+ }
51
+ return void 0;
52
+ }
53
+ getOrgs() {
54
+ if (!this.orgIdToOrgMemberInfo) {
55
+ return [];
56
+ }
57
+ return Object.values(this.orgIdToOrgMemberInfo);
58
+ }
59
+ isImpersonating() {
60
+ return !!this.impersonatorUserId;
61
+ }
62
+ static fromJSON(json) {
63
+ const obj = JSON.parse(json);
64
+ const orgIdToOrgMemberInfo = {};
65
+ for (const orgId in obj.orgIdToOrgMemberInfo) {
66
+ orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(
67
+ JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])
68
+ );
69
+ }
70
+ return new User(
71
+ obj.userId,
72
+ obj.email,
73
+ orgIdToOrgMemberInfo,
74
+ obj.firstName,
75
+ obj.lastName,
76
+ obj.username,
77
+ obj.legacyUserId,
78
+ obj.impersonatorUserId
79
+ );
80
+ }
81
+ };
82
+ var OrgMemberInfo = class {
83
+ constructor(orgId, orgName, orgMetadata, urlSafeOrgName, userAssignedRole, userInheritedRolesPlusCurrentRole, userPermissions) {
84
+ this.orgId = orgId;
85
+ this.orgName = orgName;
86
+ this.orgMetadata = orgMetadata;
87
+ this.urlSafeOrgName = urlSafeOrgName;
88
+ this.userAssignedRole = userAssignedRole;
89
+ this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole;
90
+ this.userPermissions = userPermissions;
91
+ }
92
+ // validation methods
93
+ isRole(role) {
94
+ return this.userAssignedRole === role;
95
+ }
96
+ isAtLeastRole(role) {
97
+ return this.userInheritedRolesPlusCurrentRole.includes(role);
98
+ }
99
+ hasPermission(permission) {
100
+ return this.userPermissions.includes(permission);
101
+ }
102
+ hasAllPermissions(permissions) {
103
+ return permissions.every((permission) => this.hasPermission(permission));
104
+ }
105
+ static fromJSON(json) {
106
+ const obj = JSON.parse(json);
107
+ return new OrgMemberInfo(
108
+ obj.orgId,
109
+ obj.orgName,
110
+ obj.orgMetadata,
111
+ obj.urlSafeOrgName,
112
+ obj.userAssignedRole,
113
+ obj.userInheritedRolesPlusCurrentRole,
114
+ obj.userPermissions
115
+ );
116
+ }
117
+ // getters for the private fields
118
+ get assignedRole() {
119
+ return this.userAssignedRole;
120
+ }
121
+ get inheritedRolesPlusCurrentRole() {
122
+ return this.userInheritedRolesPlusCurrentRole;
123
+ }
124
+ get permissions() {
125
+ return this.userPermissions;
126
+ }
127
+ };
128
+ function toUser(snake_case) {
129
+ return new User(
130
+ snake_case.user_id,
131
+ snake_case.email,
132
+ toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),
133
+ snake_case.first_name,
134
+ snake_case.last_name,
135
+ snake_case.username,
136
+ snake_case.legacy_user_id,
137
+ snake_case.impersonatorUserId
138
+ );
139
+ }
140
+ function toOrgIdToOrgMemberInfo(snake_case) {
141
+ if (snake_case === void 0) {
142
+ return void 0;
143
+ }
144
+ const camelCase = {};
145
+ for (const key of Object.keys(snake_case)) {
146
+ const snakeCaseValue = snake_case[key];
147
+ if (snakeCaseValue) {
148
+ camelCase[key] = new OrgMemberInfo(
149
+ snakeCaseValue.org_id,
150
+ snakeCaseValue.org_name,
151
+ snakeCaseValue.org_metadata,
152
+ snakeCaseValue.url_safe_org_name,
153
+ snakeCaseValue.user_role,
154
+ snakeCaseValue.inherited_user_roles_plus_current_role,
155
+ snakeCaseValue.user_permissions
156
+ );
157
+ }
158
+ }
159
+ return camelCase;
160
+ }
161
+
162
+ // src/server/exceptions.ts
163
+ var UnauthorizedException = class extends Error {
164
+ constructor(message) {
165
+ super(message);
166
+ this.message = message;
167
+ this.status = 401;
168
+ }
169
+ };
170
+ var ConfigurationException = class extends Error {
171
+ constructor(message) {
172
+ super(message);
173
+ this.message = message;
174
+ this.status = 500;
175
+ }
176
+ };
177
+
178
+ // src/server/shared.ts
179
+ import * as jose from "jose";
180
+ var ACCESS_TOKEN_COOKIE_NAME = "__pa_at";
181
+ var REFRESH_TOKEN_COOKIE_NAME = "__pa_rt";
182
+ function getAuthUrlOrigin() {
183
+ const authUrl = process.env.NEXT_PUBLIC_AUTH_URL;
184
+ if (!authUrl) {
185
+ throw new Error("NEXT_PUBLIC_AUTH_URL is not set");
186
+ }
187
+ return new URL(authUrl).origin;
188
+ }
189
+ function getIntegrationApiKey() {
190
+ const integrationApiKey = process.env.PROPELAUTH_API_KEY;
191
+ if (!integrationApiKey) {
192
+ throw new Error("PROPELAUTH_API_KEY is not set");
193
+ }
194
+ return integrationApiKey;
195
+ }
196
+ function getVerifierKey() {
197
+ const verifierKey = process.env.VERIFIER_KEY;
198
+ if (!verifierKey) {
199
+ throw new Error("VERIFIER_KEY is not set");
200
+ }
201
+ return verifierKey.replace(/\\n/g, "\n");
202
+ }
203
+ function refreshTokenWithAccessAndRefreshToken(refreshToken) {
204
+ return __async(this, null, function* () {
205
+ const body = {
206
+ refresh_token: refreshToken
207
+ };
208
+ const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`;
209
+ const response = yield fetch(url, {
210
+ method: "POST",
211
+ body: JSON.stringify(body),
212
+ headers: {
213
+ "Content-Type": "application/json",
214
+ Authorization: "Bearer " + getIntegrationApiKey()
215
+ }
216
+ });
217
+ if (response.ok) {
218
+ const data = yield response.json();
219
+ const newRefreshToken = data.refresh_token;
220
+ const {
221
+ access_token: accessToken,
222
+ expires_at_seconds: expiresAtSeconds
223
+ } = data.access_token;
224
+ return {
225
+ refreshToken: newRefreshToken,
226
+ accessToken,
227
+ error: "none"
228
+ };
229
+ } else if (response.status === 400) {
230
+ return { error: "unauthorized" };
231
+ } else {
232
+ return { error: "unexpected" };
233
+ }
234
+ });
235
+ }
236
+ function validateAccessTokenOrUndefined(accessToken) {
237
+ return __async(this, null, function* () {
238
+ try {
239
+ return yield validateAccessToken(accessToken);
240
+ } catch (err) {
241
+ if (err instanceof ConfigurationException) {
242
+ throw err;
243
+ } else if (err instanceof UnauthorizedException) {
244
+ return void 0;
245
+ } else {
246
+ console.log("Error validating access token", err);
247
+ return void 0;
248
+ }
249
+ }
250
+ });
251
+ }
252
+ function validateAccessToken(accessToken) {
253
+ return __async(this, null, function* () {
254
+ let publicKey;
255
+ try {
256
+ publicKey = yield jose.importSPKI(getVerifierKey(), "RS256");
257
+ } catch (err) {
258
+ console.error("Verifier key is invalid. Make sure it's specified correctly, including the newlines.", err);
259
+ throw new ConfigurationException("Invalid verifier key");
260
+ }
261
+ if (!accessToken) {
262
+ throw new UnauthorizedException("No access token provided");
263
+ }
264
+ let accessTokenWithoutBearer = accessToken;
265
+ if (accessToken.toLowerCase().startsWith("bearer ")) {
266
+ accessTokenWithoutBearer = accessToken.substring("bearer ".length);
267
+ }
268
+ try {
269
+ const { payload } = yield jose.jwtVerify(accessTokenWithoutBearer, publicKey, {
270
+ issuer: getAuthUrlOrigin(),
271
+ algorithms: ["RS256"]
272
+ });
273
+ return toUser(payload);
274
+ } catch (e) {
275
+ if (e instanceof Error) {
276
+ throw new UnauthorizedException(e.message);
277
+ } else {
278
+ throw new UnauthorizedException("Unable to decode jwt");
279
+ }
280
+ }
281
+ });
282
+ }
283
+
284
+ // src/server/pages.ts
285
+ function getUserFromServerSideProps(props) {
286
+ return __async(this, null, function* () {
287
+ const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME];
288
+ const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME];
289
+ if (accessToken) {
290
+ const user = yield validateAccessTokenOrUndefined(accessToken);
291
+ if (user) {
292
+ return user;
293
+ }
294
+ }
295
+ if (refreshToken) {
296
+ const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
297
+ if (response.error === "unexpected") {
298
+ throw new Error("Unexpected error while refreshing access token");
299
+ } else if (response.error === "unauthorized") {
300
+ props.res.setHeader("Set-Cookie", [
301
+ `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,
302
+ `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
303
+ ]);
304
+ return void 0;
305
+ } else {
306
+ const user = yield validateAccessToken(response.accessToken);
307
+ props.res.setHeader("Set-Cookie", [
308
+ `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,
309
+ `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
310
+ ]);
311
+ return user;
312
+ }
313
+ }
314
+ return void 0;
315
+ });
316
+ }
317
+ export {
318
+ getUserFromServerSideProps
319
+ };
320
+ //# sourceMappingURL=index.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../src/user.ts","../../../src/server/exceptions.ts","../../../src/server/shared.ts","../../../src/server/pages.ts"],"sourcesContent":["export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, User} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n RefreshAndAccessTokens\n | RefreshAndAccessTokensUnauthorizedError\n | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n if (!authUrl) {\n throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n }\n return new URL(authUrl).origin\n}\n\nexport function getRedirectUri() {\n const redirectUri = process.env.REDIRECT_URI\n if (!redirectUri) {\n throw new Error(\"REDIRECT_URI is not set\")\n }\n return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n const integrationApiKey = process.env.PROPELAUTH_API_KEY\n if (!integrationApiKey) {\n throw new Error(\"PROPELAUTH_API_KEY is not set\")\n }\n return integrationApiKey\n}\n\nexport function getVerifierKey() {\n const verifierKey = process.env.VERIFIER_KEY\n if (!verifierKey) {\n throw new Error(\"VERIFIER_KEY is not set\")\n }\n return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + getIntegrationApiKey(),\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400) {\n return {error: \"unauthorized\"}\n } else {\n return {error: \"unexpected\"}\n }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<User | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.log(\"Error validating access token\", err)\n return undefined\n }\n }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<User> {\n let publicKey\n try {\n publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: getAuthUrlOrigin(),\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n}\n","import {GetServerSidePropsContext} from \"next\";\nimport {\n ACCESS_TOKEN_COOKIE_NAME,\n REFRESH_TOKEN_COOKIE_NAME,\n refreshTokenWithAccessAndRefreshToken, validateAccessToken,\n validateAccessTokenOrUndefined\n} from \"./shared\";\n\nexport async function getUserFromServerSideProps(props: GetServerSidePropsContext) {\n const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAgC;AACnD,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AC3OO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACjBA,YAAY,UAAU;AAyBf,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAWlC,SAAS,mBAAmB;AAC/B,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO,EAAE;AAC5B;AAUO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,KAAK;AAChC,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAA4D;AAAA;AAC7G,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,IAAI,iCAAiC,GAAG;AAChD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAgD;AAAA;AACtF,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;ACjJA,SAAsB,2BAA2B,OAAkC;AAAA;AAC/E,UAAM,cAAc,MAAM,IAAI,QAAQ,wBAAwB;AAC9D,UAAM,eAAe,MAAM,IAAI,QAAQ,yBAAyB;AAGhE,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA;","names":[]}
package/package.json CHANGED
@@ -1,12 +1,22 @@
1
1
  {
2
2
  "name": "@propelauth/nextjs",
3
- "version": "0.0.63",
3
+ "version": "0.0.68",
4
4
  "exports": {
5
5
  "./server": {
6
6
  "browser": "./dist/server/index.mjs",
7
7
  "import": "./dist/server/index.mjs",
8
8
  "require": "./dist/server/index.js"
9
9
  },
10
+ "./server/app-router": {
11
+ "browser": "./dist/server/app-router/index.mjs",
12
+ "import": "./dist/server/app-router/index.mjs",
13
+ "require": "./dist/server/app-router/index.js"
14
+ },
15
+ "./server/pages": {
16
+ "browser": "./dist/server/pages/index.mjs",
17
+ "import": "./dist/server/pages/index.mjs",
18
+ "require": "./dist/server/pages/index.js"
19
+ },
10
20
  "./client": {
11
21
  "browser": "./dist/client/index.mjs",
12
22
  "import": "./dist/client/index.mjs",
@@ -18,6 +28,12 @@
18
28
  "server": [
19
29
  "./dist/server/index.d.ts"
20
30
  ],
31
+ "server/app-router": [
32
+ "./dist/server/app-router.d.ts"
33
+ ],
34
+ "server/pages": [
35
+ "./dist/server/pages.d.ts"
36
+ ],
21
37
  "client": [
22
38
  "./dist/client/index.d.ts"
23
39
  ]
@@ -32,6 +48,7 @@
32
48
  "test": "jest"
33
49
  },
34
50
  "devDependencies": {
51
+ "@types/node": "^20.3.1",
35
52
  "@types/react": "^18.2.0",
36
53
  "@types/react-dom": "^18.2.0",
37
54
  "tsup": "^6.7.0",