@sylphx/sdk 0.15.0 → 0.15.1

package/dist/nextjs/index.mjs

@@ -1214,9 +1214,22 @@ async function handleSwitchOrg(request, ctx) {
   if (request.method !== "POST") {
     return NextResponse.json({ error: "Method not allowed" }, { status: 405 });
   }
-  const sessionToken = request.cookies.get(ctx.cookieNames.SESSION)?.value;
-  if (!sessionToken || isTokenExpired(sessionToken)) {
-    return NextResponse.json({ error: "Not authenticated", accessToken: null }, { status: 401 });
+  const currentSessionToken = request.cookies.get(ctx.cookieNames.SESSION)?.value;
+  let sessionToken = currentSessionToken && !isTokenExpired(currentSessionToken) ? currentSessionToken : null;
+  let restoredBaseSession = null;
+  if (!sessionToken) {
+    restoredBaseSession = await refreshSessionFromCookie(request, ctx, currentSessionToken);
+    sessionToken = restoredBaseSession?.tokens.accessToken ?? null;
+  }
+  if (!sessionToken) {
+    const response = NextResponse.json(
+      { error: "Not authenticated", accessToken: null },
+      { status: 401 }
+    );
+    if (currentSessionToken || request.cookies.has(ctx.cookieNames.REFRESH)) {
+      clearAuthCookiesMiddleware(response, ctx.namespace);
+    }
+    return response;
   }
   let orgId = null;
   let requestedOrgSlug = null;
@@ -1258,6 +1271,12 @@ async function handleSwitchOrg(request, ctx) {
       user: data.user ?? null,
       organization: activeOrganization
     });
+    if (restoredBaseSession) {
+      setAuthCookiesMiddleware(response, ctx.namespace, restoredBaseSession.tokens);
+      if (restoredBaseSession.activeOrganization) {
+        setActiveOrganizationCookies(response, ctx, restoredBaseSession.activeOrganization);
+      }
+    }
     response.cookies.set(ctx.cookieNames.SESSION, accessToken, {
       ...SECURE_COOKIE_OPTIONS,
       maxAge: expiresIn