@tern-secure/nextjs 5.0.0 → 5.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/app-router/admin/index.js +3 -0
- package/dist/cjs/app-router/admin/index.js.map +1 -1
- package/dist/cjs/app-router/admin/sessionHandler.js +74 -0
- package/dist/cjs/app-router/admin/sessionHandler.js.map +1 -0
- package/dist/cjs/app-router/client/TernSecureProvider.js +2 -2
- package/dist/cjs/app-router/client/TernSecureProvider.js.map +1 -1
- package/dist/cjs/server/auth.js.map +1 -1
- package/dist/cjs/server/edge-session.js +8 -10
- package/dist/cjs/server/edge-session.js.map +1 -1
- package/dist/cjs/server/ternSecureMiddleware.js +43 -25
- package/dist/cjs/server/ternSecureMiddleware.js.map +1 -1
- package/dist/cjs/server/types.js.map +1 -1
- package/dist/cjs/utils/admin-init.js +1 -57
- package/dist/cjs/utils/admin-init.js.map +1 -1
- package/dist/cjs/utils/allNextProviderProps.js +8 -2
- package/dist/cjs/utils/allNextProviderProps.js.map +1 -1
- package/dist/cjs/utils/tern-ui-script.js +4 -2
- package/dist/cjs/utils/tern-ui-script.js.map +1 -1
- package/dist/cjs/utils/ternsecure-sw.js +54 -0
- package/dist/cjs/utils/ternsecure-sw.js.map +1 -0
- package/dist/esm/app-router/admin/index.js +2 -0
- package/dist/esm/app-router/admin/index.js.map +1 -1
- package/dist/esm/app-router/admin/sessionHandler.js +50 -0
- package/dist/esm/app-router/admin/sessionHandler.js.map +1 -0
- package/dist/esm/app-router/client/TernSecureProvider.js +2 -2
- package/dist/esm/app-router/client/TernSecureProvider.js.map +1 -1
- package/dist/esm/server/auth.js.map +1 -1
- package/dist/esm/server/edge-session.js +8 -10
- package/dist/esm/server/edge-session.js.map +1 -1
- package/dist/esm/server/ternSecureMiddleware.js +43 -25
- package/dist/esm/server/ternSecureMiddleware.js.map +1 -1
- package/dist/esm/utils/admin-init.js +1 -22
- package/dist/esm/utils/admin-init.js.map +1 -1
- package/dist/esm/utils/allNextProviderProps.js +8 -2
- package/dist/esm/utils/allNextProviderProps.js.map +1 -1
- package/dist/esm/utils/tern-ui-script.js +4 -2
- package/dist/esm/utils/tern-ui-script.js.map +1 -1
- package/dist/esm/utils/ternsecure-sw.js +30 -0
- package/dist/esm/utils/ternsecure-sw.js.map +1 -0
- package/dist/types/app-router/admin/index.d.ts +1 -0
- package/dist/types/app-router/admin/index.d.ts.map +1 -1
- package/dist/types/app-router/admin/sessionHandler.d.ts +3 -0
- package/dist/types/app-router/admin/sessionHandler.d.ts.map +1 -0
- package/dist/types/server/auth.d.ts +4 -4
- package/dist/types/server/auth.d.ts.map +1 -1
- package/dist/types/server/edge-session.d.ts.map +1 -1
- package/dist/types/server/ternSecureMiddleware.d.ts +7 -7
- package/dist/types/server/ternSecureMiddleware.d.ts.map +1 -1
- package/dist/types/server/types.d.ts +15 -3
- package/dist/types/server/types.d.ts.map +1 -1
- package/dist/types/utils/admin-init.d.ts +1 -4
- package/dist/types/utils/admin-init.d.ts.map +1 -1
- package/dist/types/utils/allNextProviderProps.d.ts.map +1 -1
- package/dist/types/utils/tern-ui-script.d.ts +2 -1
- package/dist/types/utils/tern-ui-script.d.ts.map +1 -1
- package/dist/types/utils/ternsecure-sw.d.ts +8 -0
- package/dist/types/utils/ternsecure-sw.d.ts.map +1 -0
- package/package.json +4 -5
- package/dist/cjs/app-router/admin/sessionTernSecure.js +0 -165
- package/dist/cjs/app-router/admin/sessionTernSecure.js.map +0 -1
- package/dist/esm/app-router/admin/sessionTernSecure.js +0 -135
- package/dist/esm/app-router/admin/sessionTernSecure.js.map +0 -1
- package/dist/types/app-router/admin/sessionTernSecure.d.ts +0 -39
- package/dist/types/app-router/admin/sessionTernSecure.d.ts.map +0 -1
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
import { NextResponse } from "next/server";
|
|
2
|
+
import { createSessionCookie } from "@tern-secure/backend";
|
|
3
|
+
async function createSessionHandler(request) {
|
|
4
|
+
try {
|
|
5
|
+
const body = await request.json();
|
|
6
|
+
const { idToken, csrfToken } = body;
|
|
7
|
+
if (!idToken) {
|
|
8
|
+
return NextResponse.json(
|
|
9
|
+
{
|
|
10
|
+
success: false,
|
|
11
|
+
message: "ID token is required",
|
|
12
|
+
error: "INVALID_TOKEN"
|
|
13
|
+
},
|
|
14
|
+
{ status: 400 }
|
|
15
|
+
);
|
|
16
|
+
}
|
|
17
|
+
if (!csrfToken) {
|
|
18
|
+
return NextResponse.json(
|
|
19
|
+
{
|
|
20
|
+
success: false,
|
|
21
|
+
message: "CSRF token is required",
|
|
22
|
+
error: "INVALID_CSRF_TOKEN"
|
|
23
|
+
},
|
|
24
|
+
{ status: 400 }
|
|
25
|
+
);
|
|
26
|
+
}
|
|
27
|
+
const res = await createSessionCookie(idToken);
|
|
28
|
+
if (!res.success) {
|
|
29
|
+
console.error("[createSessionHandler] Error creating session cookie:", {
|
|
30
|
+
error: res.error,
|
|
31
|
+
message: res.message,
|
|
32
|
+
cookieSet: res.cookieSet
|
|
33
|
+
});
|
|
34
|
+
}
|
|
35
|
+
const statusCode = res.success ? 200 : res.error === "INVALID_TOKEN" ? 400 : res.error === "EXPIRED_TOKEN" ? 401 : 500;
|
|
36
|
+
return NextResponse.json(res, { status: statusCode });
|
|
37
|
+
} catch (error) {
|
|
38
|
+
return NextResponse.json(
|
|
39
|
+
{
|
|
40
|
+
success: false,
|
|
41
|
+
message: "Invalid request format"
|
|
42
|
+
},
|
|
43
|
+
{ status: 400 }
|
|
44
|
+
);
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
export {
|
|
48
|
+
createSessionHandler
|
|
49
|
+
};
|
|
50
|
+
//# sourceMappingURL=sessionHandler.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/admin/sessionHandler.ts"],"sourcesContent":["import { NextRequest, NextResponse } from \"next/server\"\nimport { createSessionCookie } from \"@tern-secure/backend\"\n\nexport async function createSessionHandler(request: NextRequest): Promise<NextResponse> {\n try {\n const body = await request.json()\n const { idToken, csrfToken } = body\n\n if (!idToken) {\n return NextResponse.json(\n {\n success: false, \n message: 'ID token is required', \n error: 'INVALID_TOKEN'\n },\n { status: 400 }\n );\n }\n\n if (!csrfToken) {\n return NextResponse.json(\n {\n success: false, \n message: 'CSRF token is required', \n error: 'INVALID_CSRF_TOKEN'\n },\n { status: 400 }\n );\n }\n\n const res = await createSessionCookie(idToken);\n\n if (!res.success) {\n console.error('[createSessionHandler] Error creating session cookie:', {\n error: res.error,\n message: res.message,\n cookieSet: res.cookieSet\n });\n }\n\n const statusCode = res.success ? 200 : \n res.error === 'INVALID_TOKEN' ? 400 :\n res.error === 'EXPIRED_TOKEN' ? 401 : 500;\n\n return NextResponse.json(res, { status: statusCode })\n\n } catch (error) {\n return NextResponse.json(\n {\n success: false,\n message: 'Invalid request format'\n },\n { status: 400 }\n )\n }\n}"],"mappings":"AAAA,SAAsB,oBAAoB;AAC1C,SAAS,2BAA2B;AAEpC,eAAsB,qBAAqB,SAA6C;AACpF,MAAI;AACA,UAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,UAAM,EAAE,SAAS,UAAU,IAAI;AAE/B,QAAI,CAAC,SAAS;AACV,aAAO,aAAa;AAAA,QAChB;AAAA,UACI,SAAS;AAAA,UACT,SAAS;AAAA,UACT,OAAO;AAAA,QACX;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAClB;AAAA,IACJ;AAEA,QAAI,CAAC,WAAW;AACZ,aAAO,aAAa;AAAA,QAChB;AAAA,UACI,SAAS;AAAA,UACT,SAAS;AAAA,UACT,OAAO;AAAA,QACX;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAClB;AAAA,IACJ;AAEA,UAAM,MAAM,MAAM,oBAAoB,OAAO;AAE7C,QAAI,CAAC,IAAI,SAAS;AACd,cAAQ,MAAM,yDAAyD;AAAA,QACnE,OAAO,IAAI;AAAA,QACX,SAAS,IAAI;AAAA,QACb,WAAW,IAAI;AAAA,MACnB,CAAC;AAAA,IACL;AAEA,UAAM,aAAa,IAAI,UAAU,MACd,IAAI,UAAU,kBAAkB,MAC/B,IAAI,UAAU,kBAAkB,MAAM;AAE1D,WAAO,aAAa,KAAK,KAAK,EAAE,QAAQ,WAAW,CAAC;AAAA,EAExD,SAAS,OAAO;AACZ,WAAO,aAAa;AAAA,MAChB;AAAA,QACI,SAAS;AAAA,QACT,SAAS;AAAA,MACb;AAAA,MACA,EAAE,QAAQ,IAAI;AAAA,IAClB;AAAA,EACJ;AACJ;","names":[]}
|
|
@@ -5,10 +5,10 @@ import {
|
|
|
5
5
|
import { allNextProviderPropsWithEnv } from "../../utils/allNextProviderProps";
|
|
6
6
|
import { TernUIScript } from "../../utils/tern-ui-script";
|
|
7
7
|
function TernSecureProvider(props) {
|
|
8
|
-
const { children, ...nextProps } = props;
|
|
8
|
+
const { children, enableServiceWorker, ...nextProps } = props;
|
|
9
9
|
const providerProps = allNextProviderPropsWithEnv(nextProps);
|
|
10
10
|
return /* @__PURE__ */ jsxs(TernSecureReactProvider, { ...providerProps, children: [
|
|
11
|
-
/* @__PURE__ */ jsx(TernUIScript, {}),
|
|
11
|
+
/* @__PURE__ */ jsx(TernUIScript, { router: "app" }),
|
|
12
12
|
children
|
|
13
13
|
] });
|
|
14
14
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["import React from \"react\"\r\nimport { \r\n TernSecureProvider as TernSecureReactProvider \r\n} from \"@tern-secure/react\"\r\nimport type { TernSecureNextProps } from \"../../types\"\r\nimport { allNextProviderPropsWithEnv } from \"../../utils/allNextProviderProps\"\r\nimport { TernUIScript } from \"../../utils/tern-ui-script\";\r\n\r\n\r\n\r\n// Loading fallback component\r\n/*function TernSecureLoadingFallback() {\r\n return (\r\n <div>\r\n <span className=\"sr-only\">Loading...</span>\r\n </div>\r\n )\r\n}*/\r\n/**\r\n * Root Provider for TernSecure\r\n * Use this in your Next.js App Router root layout\r\n * Automatically handles client/server boundary and authentication state\r\n * \r\n * @example\r\n * /// app/layout.tsx\r\n * import { TernSecureProvider } from '@tern/secure'\r\n * \r\n * export default function RootLayout({ children }) {\r\n * return (\r\n * <html>\r\n * <body>\r\n * <TernSecureProvider>\r\n * {children}\r\n * </TernSecureProvider>\r\n * </body>\r\n * </html>\r\n * )\r\n * }\r\n */\r\nexport function TernSecureProvider(props: React.PropsWithChildren<TernSecureNextProps>) {\r\n const {children, ...nextProps } = props;\r\n const providerProps = allNextProviderPropsWithEnv(nextProps);\r\n return (\r\n <TernSecureReactProvider {...providerProps}>\r\n <TernUIScript />\r\n {children}\r\n </TernSecureReactProvider>\r\n )\r\n}"],"mappings":"AA2CI,SACE,KADF;AA1CJ;AAAA,EACE,sBAAsB;AAAA,OACjB;AAEP,SAAS,mCAAmC;AAC5C,SAAS,oBAAoB;AAiCtB,SAAS,mBAAmB,OAAqD;AACtF,QAAM,EAAC,UAAU,GAAG,UAAU,IAAI;
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["import React from \"react\"\r\nimport { \r\n TernSecureProvider as TernSecureReactProvider \r\n} from \"@tern-secure/react\"\r\nimport type { TernSecureNextProps } from \"../../types\"\r\nimport { allNextProviderPropsWithEnv } from \"../../utils/allNextProviderProps\"\r\nimport { TernUIScript } from \"../../utils/tern-ui-script\";\r\n\r\n\r\n\r\n// Loading fallback component\r\n/*function TernSecureLoadingFallback() {\r\n return (\r\n <div>\r\n <span className=\"sr-only\">Loading...</span>\r\n </div>\r\n )\r\n}*/\r\n/**\r\n * Root Provider for TernSecure\r\n * Use this in your Next.js App Router root layout\r\n * Automatically handles client/server boundary and authentication state\r\n * \r\n * @example\r\n * /// app/layout.tsx\r\n * import { TernSecureProvider } from '@tern/secure'\r\n * \r\n * export default function RootLayout({ children }) {\r\n * return (\r\n * <html>\r\n * <body>\r\n * <TernSecureProvider>\r\n * {children}\r\n * </TernSecureProvider>\r\n * </body>\r\n * </html>\r\n * )\r\n * }\r\n */\r\nexport function TernSecureProvider(props: React.PropsWithChildren<TernSecureNextProps>) {\r\n const {children, enableServiceWorker, ...nextProps } = props;\r\n const providerProps = allNextProviderPropsWithEnv(nextProps);\r\n return (\r\n <TernSecureReactProvider {...providerProps}>\r\n <TernUIScript router='app' />\r\n {children}\r\n </TernSecureReactProvider>\r\n )\r\n}"],"mappings":"AA2CI,SACE,KADF;AA1CJ;AAAA,EACE,sBAAsB;AAAA,OACjB;AAEP,SAAS,mCAAmC;AAC5C,SAAS,oBAAoB;AAiCtB,SAAS,mBAAmB,OAAqD;AACtF,QAAM,EAAC,UAAU,qBAAqB,GAAG,UAAU,IAAI;AACvD,QAAM,gBAAgB,4BAA4B,SAAS;AAC3D,SACE,qBAAC,2BAAyB,GAAG,eAC3B;AAAA,wBAAC,gBAAa,QAAO,OAAM;AAAA,IACxB;AAAA,KACL;AAEJ;","names":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/auth.ts"],"sourcesContent":["import { cache } from \"react\"\r\nimport { cookies } from \"next/headers\"\r\nimport type {
|
|
1
|
+
{"version":3,"sources":["../../../src/server/auth.ts"],"sourcesContent":["import { cache } from \"react\"\r\nimport { cookies } from \"next/headers\"\r\nimport type { UserInfo } from \"./types\"\r\nimport { verifyFirebaseToken } from \"./jwt-edge\"\r\nimport { TernSecureError } from \"../errors\"\r\n\r\n\r\n\r\nexport interface AuthResult {\r\n user: UserInfo | null\r\n error: Error | null\r\n}\r\n\r\n /**\r\n * Get the current authenticated user from the session or token\r\n */\r\nexport const auth = cache(async (): Promise<AuthResult> => {\r\n try {\r\n // Get all active sessions for debugging\r\n console.log(\"auth: Starting auth check...\")\r\n const cookieStore = await cookies()\r\n\r\n // First try session cookie as it's more secure\r\n const sessionCookie = cookieStore.get(\"_session_cookie\")?.value\r\n if (sessionCookie) {\r\n const result = await verifyFirebaseToken(sessionCookie, true)\r\n if (result.valid) {\r\n const user: UserInfo = {\r\n uid: result.uid ?? '',\r\n email: result.email || null,\r\n authTime: result.authTime\r\n }\r\n return { user, error: null }\r\n }\r\n }\r\n\r\n // Fallback to ID token\r\n const idToken = cookieStore.get(\"_session_token\")?.value\r\n if (idToken) {\r\n const result = await verifyFirebaseToken(idToken, false)\r\n if (result.valid) {\r\n const user: UserInfo = {\r\n uid: result.uid ?? '',\r\n email: result.email || null,\r\n authTime: result.authTime\r\n }\r\n return { user, error: null }\r\n }\r\n }\r\n\r\n return {\r\n user: null,\r\n error: new TernSecureError('UNAUTHENTICATED', 'No valid session found')\r\n }\r\n\r\n } catch (error) {\r\n console.error(\"Error in Auth:\", error)\r\n if (error instanceof TernSecureError) {\r\n return {\r\n user: null,\r\n error\r\n }\r\n }\r\n return {\r\n user: null,\r\n error: new TernSecureError('INTERNAL_ERROR', 'An unexpected error occurred')\r\n }\r\n }\r\n })\r\n\r\n/**\r\n * Type guard to check if user is authenticated\r\n */\r\nexport const isAuthenticated = cache(async (): Promise<boolean> => {\r\n const { user } = await auth()\r\n return user !== null\r\n})\r\n\r\n/**\r\n * Get user info from auth result\r\n */\r\nexport const getUser = cache(async (): Promise<UserInfo | null> => {\r\n const { user } = await auth()\r\n return user\r\n})\r\n\r\n/**\r\n * Require authentication\r\n * Throws error if not authenticated\r\n */\r\nexport const requireAuth = cache(async (): Promise<UserInfo> => {\r\n const { user, error } = await auth()\r\n\r\n if (!user) {\r\n throw error || new Error(\"Authentication required\")\r\n }\r\n\r\n return user\r\n})"],"mappings":"AAAA,SAAS,aAAa;AACtB,SAAS,eAAe;AAExB,SAAS,2BAA2B;AACpC,SAAS,uBAAuB;AAYzB,MAAM,OAAO,MAAM,YAAiC;AACzD,MAAI;AAEH,YAAQ,IAAI,8BAA8B;AAC1C,UAAM,cAAc,MAAM,QAAQ;AAGjC,UAAM,gBAAgB,YAAY,IAAI,iBAAiB,GAAG;AAC1D,QAAI,eAAe;AACjB,YAAM,SAAS,MAAM,oBAAoB,eAAe,IAAI;AAC5D,UAAI,OAAO,OAAO;AAChB,cAAM,OAAiB;AAAA,UACrB,KAAK,OAAO,OAAO;AAAA,UACnB,OAAO,OAAO,SAAS;AAAA,UACvB,UAAU,OAAO;AAAA,QACnB;AACA,eAAO,EAAE,MAAM,OAAO,KAAK;AAAA,MAC7B;AAAA,IACF;AAGA,UAAM,UAAU,YAAY,IAAI,gBAAgB,GAAG;AACnD,QAAI,SAAS;AACX,YAAM,SAAS,MAAM,oBAAoB,SAAS,KAAK;AACvD,UAAI,OAAO,OAAO;AAChB,cAAM,OAAiB;AAAA,UACrB,KAAK,OAAO,OAAO;AAAA,UACnB,OAAO,OAAO,SAAS;AAAA,UACvB,UAAU,OAAO;AAAA,QACnB;AACA,eAAO,EAAE,MAAM,OAAO,KAAK;AAAA,MAC7B;AAAA,IACF;AAEE,WAAO;AAAA,MACH,MAAM;AAAA,MACN,OAAO,IAAI,gBAAgB,mBAAmB,wBAAwB;AAAA,IAC1E;AAAA,EAEF,SAAS,OAAO;AACd,YAAQ,MAAM,kBAAkB,KAAK;AACrC,QAAI,iBAAiB,iBAAiB;AACpC,aAAO;AAAA,QACL,MAAM;AAAA,QACN;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,MACL,MAAM;AAAA,MACN,OAAO,IAAI,gBAAgB,kBAAkB,8BAA8B;AAAA,IAC7E;AAAA,EACF;AACF,CAAC;AAKI,MAAM,kBAAkB,MAAM,YAA+B;AAClE,QAAM,EAAE,KAAK,IAAI,MAAM,KAAK;AAC5B,SAAO,SAAS;AAClB,CAAC;AAKM,MAAM,UAAU,MAAM,YAAsC;AACjE,QAAM,EAAE,KAAK,IAAI,MAAM,KAAK;AAC5B,SAAO;AACT,CAAC;AAMM,MAAM,cAAc,MAAM,YAA+B;AAC9D,QAAM,EAAE,MAAM,MAAM,IAAI,MAAM,KAAK;AAEnC,MAAI,CAAC,MAAM;AACT,UAAM,SAAS,IAAI,MAAM,yBAAyB;AAAA,EACpD;AAEA,SAAO;AACT,CAAC;","names":[]}
|
|
@@ -10,12 +10,12 @@ async function verifySession(request) {
|
|
|
10
10
|
uid: result.uid ?? "",
|
|
11
11
|
email: result.email || null,
|
|
12
12
|
emailVerified: result.emailVerified ?? false,
|
|
13
|
+
disabled: false,
|
|
13
14
|
authTime: result.authTime
|
|
14
15
|
};
|
|
15
16
|
return {
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
sessionId: sessionCookie
|
|
17
|
+
isAuthenticated: true,
|
|
18
|
+
user
|
|
19
19
|
};
|
|
20
20
|
}
|
|
21
21
|
}
|
|
@@ -26,27 +26,25 @@ async function verifySession(request) {
|
|
|
26
26
|
uid: result.uid ?? "",
|
|
27
27
|
email: result.email || null,
|
|
28
28
|
emailVerified: result.emailVerified ?? false,
|
|
29
|
+
disabled: false,
|
|
29
30
|
authTime: result.authTime
|
|
30
31
|
};
|
|
31
32
|
return {
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
sessionId: idToken
|
|
33
|
+
isAuthenticated: true,
|
|
34
|
+
user
|
|
35
35
|
};
|
|
36
36
|
}
|
|
37
37
|
}
|
|
38
38
|
return {
|
|
39
|
+
isAuthenticated: false,
|
|
39
40
|
user: null,
|
|
40
|
-
token: null,
|
|
41
|
-
sessionId: null,
|
|
42
41
|
error: "No valid session found"
|
|
43
42
|
};
|
|
44
43
|
} catch (error) {
|
|
45
44
|
console.error("Session verification error:", error);
|
|
46
45
|
return {
|
|
46
|
+
isAuthenticated: false,
|
|
47
47
|
user: null,
|
|
48
|
-
token: null,
|
|
49
|
-
sessionId: null,
|
|
50
48
|
error: error instanceof Error ? error.message : "Session verification failed"
|
|
51
49
|
};
|
|
52
50
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/edge-session.ts"],"sourcesContent":["import { verifyFirebaseToken } from \"./jwt-edge\"\r\nimport type { NextRequest } from \"next/server\"\r\nimport type { SessionResult,
|
|
1
|
+
{"version":3,"sources":["../../../src/server/edge-session.ts"],"sourcesContent":["import { verifyFirebaseToken } from \"./jwt-edge\"\r\nimport type { NextRequest } from \"next/server\"\r\nimport type { SessionResult, UserInfo } from \"./types\"\r\n\r\n\r\n\r\nexport async function verifySession(request: NextRequest): Promise<SessionResult> {\r\n try {\r\n //const cookieStore = await cookies()\r\n\r\n // First try session cookie\r\n\r\n const sessionCookie = request.cookies.get(\"_session_cookie\")?.value\r\n const idToken = request.cookies.get(\"_session_token\")?.value\r\n\r\n //const sessionCookie = request.cookies.get(\"_session_cookie\")?.value\r\n if (sessionCookie) {\r\n const result = await verifyFirebaseToken(sessionCookie, true)\r\n if (result.valid) {\r\n const user: UserInfo = {\r\n uid: result.uid ?? '',\r\n email: result.email || null,\r\n emailVerified: result.emailVerified ?? false,\r\n disabled: false,\r\n authTime: result.authTime,\r\n }\r\n\r\n return {\r\n isAuthenticated: true,\r\n user\r\n }\r\n }\r\n }\r\n\r\n // Then try ID token\r\n //const idToken = request.cookies.get(\"_session_token\")?.value\r\n if (idToken) {\r\n const result = await verifyFirebaseToken(idToken, false)\r\n if (result.valid) {\r\n const user: UserInfo = {\r\n uid: result.uid ?? '',\r\n email: result.email || null,\r\n emailVerified: result.emailVerified ?? false,\r\n disabled: false,\r\n authTime: result.authTime,\r\n }\r\n \r\n return {\r\n isAuthenticated: true,\r\n user\r\n }\r\n }\r\n }\r\n\r\n return {\r\n isAuthenticated: false,\r\n user: null,\r\n error: \"No valid session found\"\r\n }\r\n } catch (error) {\r\n console.error(\"Session verification error:\", error)\r\n return {\r\n isAuthenticated: false,\r\n user: null,\r\n error: error instanceof Error ? error.message : \"Session verification failed\",\r\n }\r\n }\r\n}"],"mappings":"AAAA,SAAS,2BAA2B;AAMpC,eAAsB,cAAc,SAA8C;AAChF,MAAI;AAKF,UAAM,gBAAgB,QAAQ,QAAQ,IAAI,iBAAiB,GAAG;AAC9D,UAAM,UAAU,QAAQ,QAAQ,IAAI,gBAAgB,GAAG;AAGvD,QAAI,eAAe;AACjB,YAAM,SAAS,MAAM,oBAAoB,eAAe,IAAI;AAC5D,UAAI,OAAO,OAAO;AACd,cAAM,OAAiB;AAAA,UACrB,KAAK,OAAO,OAAO;AAAA,UACnB,OAAO,OAAO,SAAS;AAAA,UACvB,eAAe,OAAO,iBAAiB;AAAA,UACvC,UAAU;AAAA,UACV,UAAU,OAAO;AAAA,QACrB;AAEA,eAAO;AAAA,UACL,iBAAiB;AAAA,UACjB;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAIA,QAAI,SAAS;AACX,YAAM,SAAS,MAAM,oBAAoB,SAAS,KAAK;AACvD,UAAI,OAAO,OAAO;AAChB,cAAM,OAAkB;AAAA,UACpB,KAAK,OAAO,OAAO;AAAA,UACnB,OAAO,OAAO,SAAS;AAAA,UACvB,eAAe,OAAO,iBAAiB;AAAA,UACvC,UAAU;AAAA,UACV,UAAU,OAAO;AAAA,QACrB;AAEA,eAAO;AAAA,UACL,iBAAiB;AAAA,UACjB;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,MACL,iBAAiB;AAAA,MACjB,MAAM;AAAA,MACN,OAAO;AAAA,IACT;AAAA,EACF,SAAS,OAAO;AACd,YAAQ,MAAM,+BAA+B,KAAK;AAClD,WAAO;AAAA,MACL,iBAAiB;AAAA,MACjB,MAAM;AAAA,MACN,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAClD;AAAA,EACF;AACF;","names":[]}
|
|
@@ -1,43 +1,61 @@
|
|
|
1
1
|
import { NextResponse } from "next/server";
|
|
2
|
+
import { verifySession } from "./edge-session";
|
|
2
3
|
const runtime = "edge";
|
|
3
4
|
function createRouteMatcher(patterns) {
|
|
4
5
|
return (request) => {
|
|
5
6
|
const { pathname } = request.nextUrl;
|
|
6
7
|
return patterns.some((pattern) => {
|
|
7
|
-
const regexPattern =
|
|
8
|
-
return regexPattern.test(pathname);
|
|
8
|
+
const regexPattern = pattern.replace(/[.*+?^${}()|[\]\\]/g, "\\$&").replace(/\\\*/g, ".*");
|
|
9
|
+
return new RegExp(`^${regexPattern}$`).test(pathname);
|
|
9
10
|
});
|
|
10
11
|
};
|
|
11
12
|
}
|
|
12
|
-
function
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
13
|
+
async function edgeAuth(request) {
|
|
14
|
+
async function protect() {
|
|
15
|
+
throw new Error("Unauthorized access");
|
|
16
|
+
}
|
|
17
|
+
try {
|
|
18
|
+
const sessionResult = await verifySession(request);
|
|
19
|
+
if (sessionResult.isAuthenticated && sessionResult.user) {
|
|
20
|
+
return {
|
|
21
|
+
user: sessionResult.user,
|
|
22
|
+
token: request.cookies.get("_session_cookie")?.value || request.cookies.get("_session_token")?.value || null,
|
|
21
23
|
protect: async () => {
|
|
22
|
-
if (!hasCookies) {
|
|
23
|
-
const currentPath = request.nextUrl.pathname;
|
|
24
|
-
if (currentPath !== "/sign-in") {
|
|
25
|
-
const redirectUrl = new URL("/sign-in", request.url);
|
|
26
|
-
redirectUrl.searchParams.set("redirect", currentPath);
|
|
27
|
-
return NextResponse.redirect(redirectUrl);
|
|
28
|
-
}
|
|
29
|
-
}
|
|
30
24
|
}
|
|
31
25
|
};
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
26
|
+
}
|
|
27
|
+
return {
|
|
28
|
+
user: null,
|
|
29
|
+
token: null,
|
|
30
|
+
protect
|
|
31
|
+
};
|
|
32
|
+
} catch (error) {
|
|
33
|
+
console.error("Auth check error:", error instanceof Error ? error.message : "Unknown error");
|
|
34
|
+
return {
|
|
35
|
+
user: null,
|
|
36
|
+
token: null,
|
|
37
|
+
protect
|
|
38
|
+
};
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
function ternSecureMiddleware(callback) {
|
|
42
|
+
return async function middleware(request) {
|
|
43
|
+
try {
|
|
44
|
+
const auth = await edgeAuth(request);
|
|
45
|
+
try {
|
|
46
|
+
await callback(auth, request);
|
|
47
|
+
const response = NextResponse.next();
|
|
48
|
+
return response;
|
|
49
|
+
} catch (error) {
|
|
50
|
+
if (error instanceof Error && error.message === "Unauthorized access") {
|
|
51
|
+
const redirectUrl = new URL("/sign-in", request.url);
|
|
52
|
+
redirectUrl.searchParams.set("redirect", request.nextUrl.pathname);
|
|
53
|
+
return NextResponse.redirect(redirectUrl);
|
|
36
54
|
}
|
|
55
|
+
throw error;
|
|
37
56
|
}
|
|
38
|
-
return NextResponse.next();
|
|
39
57
|
} catch (error) {
|
|
40
|
-
console.error("Middleware error:", error);
|
|
58
|
+
console.error("Middleware error:", error instanceof Error ? error.message : "Unknown error");
|
|
41
59
|
const redirectUrl = new URL("/sign-in", request.url);
|
|
42
60
|
return NextResponse.redirect(redirectUrl);
|
|
43
61
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/ternSecureMiddleware.ts"],"sourcesContent":["import {
|
|
1
|
+
{"version":3,"sources":["../../../src/server/ternSecureMiddleware.ts"],"sourcesContent":["import { type NextRequest, NextResponse } from 'next/server';\r\nimport { verifySession } from './edge-session'\r\nimport type { UserInfo } from \"./types\"\r\n\r\nexport const runtime = \"edge\"\r\n\r\ninterface Auth {\r\n user: UserInfo | null\r\n token: string | null\r\n protect: () => Promise<void>\r\n}\r\n\r\ntype MiddlewareCallback = (\r\n auth: Auth,\r\n request: NextRequest\r\n) => Promise<void>\r\n\r\n\r\n/**\r\n * Create a route matcher function for public paths\r\n */\r\nexport function createRouteMatcher(patterns: string[]) {\r\n return (request: NextRequest): boolean => {\r\n const { pathname } = request.nextUrl\r\n return patterns.some((pattern) => {\r\n // Convert glob pattern to regex safely without dynamic evaluation\r\n const regexPattern = pattern\r\n .replace(/[.*+?^${}()|[\\]\\\\]/g, \"\\\\$&\")\r\n .replace(/\\\\\\*/g, \".*\")\r\n \r\n return new RegExp(`^${regexPattern}$`).test(pathname)\r\n })\r\n }\r\n}\r\n\r\n\r\n/**\r\n * Edge-compatible auth check\r\n */\r\nasync function edgeAuth(request: NextRequest): Promise<Auth> {\r\n async function protect() {\r\n throw new Error(\"Unauthorized access\")\r\n }\r\n\r\n try {\r\n const sessionResult = await verifySession(request)\r\n\r\n if (sessionResult.isAuthenticated && sessionResult.user) {\r\n return {\r\n user: sessionResult.user,\r\n token: request.cookies.get(\"_session_cookie\")?.value || request.cookies.get(\"_session_token\")?.value || null,\r\n protect: async () => {},\r\n }\r\n }\r\n\r\n return {\r\n user: null,\r\n token: null,\r\n protect,\r\n }\r\n } catch (error) {\r\n console.error(\"Auth check error:\", error instanceof Error ? error\r\n .message : \"Unknown error\")\r\n return {\r\n user: null,\r\n token: null,\r\n protect,\r\n }\r\n }\r\n}\r\n\r\n\r\n\r\n/**\r\n * Middleware factory that handles authentication and custom logic\r\n * @param customHandler Optional function for additional custom logic\r\n */\r\n\r\nexport function ternSecureMiddleware(callback: MiddlewareCallback) {\r\n return async function middleware(request: NextRequest) {\r\n try {\r\n const auth = await edgeAuth(request)\r\n\r\n try {\r\n \r\n await callback(auth, request)\r\n\r\n const response = NextResponse.next()\r\n\r\n\r\n return response\r\n } catch (error) {\r\n // Handle unauthorized access\r\n if (error instanceof Error && error.message === 'Unauthorized access') {\r\n const redirectUrl = new URL(\"/sign-in\", request.url)\r\n redirectUrl.searchParams.set(\"redirect\", request.nextUrl.pathname)\r\n return NextResponse.redirect(redirectUrl)\r\n }\r\n throw error\r\n }\r\n } catch (error) {\r\n console.error(\"Middleware error:\", error instanceof Error ? error.message : \"Unknown error\")\r\n const redirectUrl = new URL(\"/sign-in\", request.url)\r\n return NextResponse.redirect(redirectUrl)\r\n }\r\n }\r\n}"],"mappings":"AAAA,SAA2B,oBAAoB;AAC/C,SAAS,qBAAqB;AAGvB,MAAM,UAAU;AAiBhB,SAAS,mBAAmB,UAAoB;AACrD,SAAO,CAAC,YAAkC;AACxC,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,WAAO,SAAS,KAAK,CAAC,YAAY;AAEhC,YAAM,eAAe,QACpB,QAAQ,uBAAuB,MAAM,EACrC,QAAQ,SAAS,IAAI;AAEtB,aAAO,IAAI,OAAO,IAAI,YAAY,GAAG,EAAE,KAAK,QAAQ;AAAA,IACtD,CAAC;AAAA,EACH;AACF;AAMA,eAAe,SAAS,SAAqC;AAC3D,iBAAe,UAAU;AACvB,UAAM,IAAI,MAAM,qBAAqB;AAAA,EACvC;AAEA,MAAI;AACF,UAAM,gBAAgB,MAAM,cAAc,OAAO;AAEjD,QAAI,cAAc,mBAAmB,cAAc,MAAM;AACvD,aAAO;AAAA,QACL,MAAM,cAAc;AAAA,QACpB,OAAO,QAAQ,QAAQ,IAAI,iBAAiB,GAAG,SAAS,QAAQ,QAAQ,IAAI,gBAAgB,GAAG,SAAS;AAAA,QACxG,SAAS,YAAY;AAAA,QAAC;AAAA,MACxB;AAAA,IACF;AAEA,WAAO;AAAA,MACL,MAAM;AAAA,MACN,OAAO;AAAA,MACP;AAAA,IACF;AAAA,EACF,SAAS,OAAO;AACd,YAAQ,MAAM,qBAAqB,iBAAiB,QAAQ,MAC3D,UAAU,eAAe;AAC1B,WAAO;AAAA,MACL,MAAM;AAAA,MACN,OAAO;AAAA,MACP;AAAA,IACF;AAAA,EACF;AACF;AASO,SAAS,qBAAqB,UAA8B;AACjE,SAAO,eAAe,WAAW,SAAsB;AACrD,QAAI;AACF,YAAM,OAAO,MAAM,SAAS,OAAO;AAEnC,UAAI;AAEF,cAAM,SAAS,MAAM,OAAO;AAE5B,cAAM,WAAW,aAAa,KAAK;AAGnC,eAAO;AAAA,MACT,SAAS,OAAO;AAEd,YAAI,iBAAiB,SAAS,MAAM,YAAY,uBAAuB;AACrE,gBAAM,cAAc,IAAI,IAAI,YAAY,QAAQ,GAAG;AACnD,sBAAY,aAAa,IAAI,YAAY,QAAQ,QAAQ,QAAQ;AACjE,iBAAO,aAAa,SAAS,WAAW;AAAA,QAC1C;AACA,cAAM;AAAA,MACR;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAC3F,YAAM,cAAc,IAAI,IAAI,YAAY,QAAQ,GAAG;AACnD,aAAO,aAAa,SAAS,WAAW;AAAA,IAC1C;AAAA,EACF;AACF;","names":[]}
|
|
@@ -1,24 +1,3 @@
|
|
|
1
|
-
|
|
2
|
-
import { initializeAdminConfig } from "./config";
|
|
3
|
-
if (!admin.apps.length) {
|
|
4
|
-
try {
|
|
5
|
-
const config = initializeAdminConfig();
|
|
6
|
-
admin.initializeApp({
|
|
7
|
-
credential: admin.credential.cert({
|
|
8
|
-
...config,
|
|
9
|
-
privateKey: config.privateKey.replace(/\\n/g, "\n")
|
|
10
|
-
})
|
|
11
|
-
});
|
|
12
|
-
} catch (error) {
|
|
13
|
-
console.error("Firebase admin initialization error", error);
|
|
14
|
-
}
|
|
1
|
+
{
|
|
15
2
|
}
|
|
16
|
-
const adminTernSecureAuth = admin.auth();
|
|
17
|
-
const adminTernSecureDb = admin.firestore();
|
|
18
|
-
const TernSecureTenantManager = admin.auth().tenantManager();
|
|
19
|
-
export {
|
|
20
|
-
TernSecureTenantManager,
|
|
21
|
-
adminTernSecureAuth,
|
|
22
|
-
adminTernSecureDb
|
|
23
|
-
};
|
|
24
3
|
//# sourceMappingURL=admin-init.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/utils/admin-init.ts"],"sourcesContent":["import admin from 'firebase-admin';\r\nimport { initializeAdminConfig } from './config';\r\n\r\n// Initialize Firebase Admin if not already initialized\r\nif (!admin.apps.length) {\r\n try {\r\n const config = initializeAdminConfig();\r\n admin.initializeApp({\r\n credential: admin.credential.cert({\r\n ...config,\r\n privateKey: config.privateKey.replace(/\\\\n/g, '\\n'),\r\n }),\r\n });\r\n } catch (error) {\r\n console.error('Firebase admin initialization error', error);\r\n }\r\n}\r\n\r\n// Add explicit type annotations using the types from the admin namespace\r\nexport const adminTernSecureAuth: admin.auth.Auth = admin.auth();\r\nexport const adminTernSecureDb: admin.firestore.Firestore = admin.firestore();\r\nexport const TernSecureTenantManager: admin.auth.TenantManager = admin.auth().tenantManager()
|
|
1
|
+
{"version":3,"sources":["../../../src/utils/admin-init.ts"],"sourcesContent":["{/*import admin from 'firebase-admin';\r\nimport { initializeAdminConfig } from './config';\r\n\r\n// Initialize Firebase Admin if not already initialized\r\nif (!admin.apps.length) {\r\n try {\r\n const config = initializeAdminConfig();\r\n admin.initializeApp({\r\n credential: admin.credential.cert({\r\n ...config,\r\n privateKey: config.privateKey.replace(/\\\\n/g, '\\n'),\r\n }),\r\n });\r\n } catch (error) {\r\n console.error('Firebase admin initialization error', error);\r\n }\r\n}\r\n\r\n// Add explicit type annotations using the types from the admin namespace\r\nexport const adminTernSecureAuth: admin.auth.Auth = admin.auth();\r\nexport const adminTernSecureDb: admin.firestore.Firestore = admin.firestore();\r\nexport const TernSecureTenantManager: admin.auth.TenantManager = admin.auth().tenantManager();*/}"],"mappings":"AAAA;AAqBgG;","names":[]}
|
|
@@ -10,6 +10,8 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
10
10
|
proxyUrl: propsProxyUrl,
|
|
11
11
|
environment: propsEnvironment,
|
|
12
12
|
requiresVerification: propsRequiresVerification,
|
|
13
|
+
isTernSecureDev: propsIsTernSecureDev,
|
|
14
|
+
enableServiceWorker: propsEnableServiceWorker,
|
|
13
15
|
loadingComponent: propsLoadingComponent,
|
|
14
16
|
...baseProps
|
|
15
17
|
} = nextProps;
|
|
@@ -22,7 +24,10 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
22
24
|
signInUrl: process.env.NEXT_PUBLIC_SIGN_IN_URL,
|
|
23
25
|
signUpUrl: process.env.NEXT_PUBLIC_SIGN_UP_URL,
|
|
24
26
|
signInForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_IN_FORCE_REDIRECT_URL,
|
|
25
|
-
signUpForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_UP_FORCE_REDIRECT_URL
|
|
27
|
+
signUpForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_UP_FORCE_REDIRECT_URL,
|
|
28
|
+
projectIdAdmin: process.env.FIREBASE_PROJECT_ID,
|
|
29
|
+
clientEmail: process.env.FIREBASE_CLIENT_EMAIL,
|
|
30
|
+
privateKey: process.env.FIREBASE_PRIVATE_KEY
|
|
26
31
|
};
|
|
27
32
|
const ternSecureConfig = {
|
|
28
33
|
apiKey: process.env.NEXT_PUBLIC_FIREBASE_API_KEY || "",
|
|
@@ -56,8 +61,9 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
56
61
|
// Set properties explicitly taken from TernSecureNextProps (props version)
|
|
57
62
|
// These are part of the TernSecureProviderProps interface.
|
|
58
63
|
requiresVerification: propsRequiresVerification,
|
|
64
|
+
isTernSecureDev: propsIsTernSecureDev,
|
|
65
|
+
enableServiceWorker: propsEnableServiceWorker,
|
|
59
66
|
loadingComponent: propsLoadingComponent,
|
|
60
|
-
...propsRequiresVerification !== void 0 && { requireverification: propsRequiresVerification },
|
|
61
67
|
//TernSecure: baseProps.Instance,
|
|
62
68
|
initialState: baseProps.initialState,
|
|
63
69
|
bypassApiKey: baseProps.bypassApiKey,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/utils/allNextProviderProps.ts"],"sourcesContent":["import type { TernSecureNextProps } from \"../types\";\nimport type { \n TernSecureProviderProps, \n IsomorphicTernSecureOptions \n} from \"@tern-secure/react\";\n\n// Helper type for the return value, as children are handled by the consuming component\ntype NextProviderProcessedProps = Omit<TernSecureProviderProps, 'children'>;\n\nexport const allNextProviderPropsWithEnv = (\n nextProps: Omit<TernSecureNextProps, 'children'>\n): NextProviderProcessedProps => {\n const {\n signInUrl,\n signUpUrl,\n signInForceRedirectUrl: propsSignInForceRedirectUrl,\n signUpForceRedirectUrl: propsSignUpForceRedirectUrl,\n apiKey: propsApiKey,\n projectId: propsProjectId,\n customDomain: propsCustomDomain,\n proxyUrl: propsProxyUrl,\n environment: propsEnvironment,\n requiresVerification: propsRequiresVerification,\n loadingComponent: propsLoadingComponent,\n ...baseProps \n } = nextProps;\n\n const envConfig = {\n apiKey: process.env.NEXT_PUBLIC_TERN_API_KEY,\n projectId: process.env.NEXT_PUBLIC_TERN_PROJECT_ID,\n customDomain: process.env.NEXT_PUBLIC_TERN_CUSTOM_DOMAIN,\n proxyUrl: process.env.NEXT_PUBLIC_TERN_PROXY_URL,\n environment: process.env.NEXT_PUBLIC_TERN_ENVIRONMENT,\n signInUrl: process.env.NEXT_PUBLIC_SIGN_IN_URL,\n signUpUrl: process.env.NEXT_PUBLIC_SIGN_UP_URL,\n signInForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_IN_FORCE_REDIRECT_URL,\n signUpForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_UP_FORCE_REDIRECT_URL,\n };\n\n const ternSecureConfig = {\n apiKey: process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '',\n authDomain: process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN || '',\n appName: process.env.NEXT_PUBLIC_FIREBASE_APP_NAME || '',\n projectId: process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID || '',\n storageBucket: process.env.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET || '',\n messagingSenderId: process.env.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID || '',\n appId: process.env.NEXT_PUBLIC_FIREBASE_APP_ID || '',\n measurementId: process.env.NEXT_PUBLIC_FIREBASE_MEASUREMENTID\n };\n\n // Merge config values: props take precedence over environment variables\n const finalApiKey = propsApiKey ?? envConfig.apiKey;\n const finalProjectId = propsProjectId ?? envConfig.projectId;\n const finalCustomDomain = propsCustomDomain ?? envConfig.customDomain;\n const finalProxyUrl = propsProxyUrl ?? envConfig.proxyUrl;\n const finalEnvironment = propsEnvironment ?? envConfig.environment;\n const finalSignInUrl = signInUrl ?? envConfig.signInUrl;\n const finalSignUpUrl = signUpUrl ?? envConfig.signUpUrl;\n const finalSignInForceRedirectUrl = propsSignInForceRedirectUrl ?? envConfig.signInForceRedirectUrl;\n const finalSignUpForceRedirectUrl = propsSignUpForceRedirectUrl ?? envConfig.signUpForceRedirectUrl\n\n // Construct the result, ensuring it conforms to NextProviderProcessedProps\n // (Omit<TernSecureProviderProps, 'children'>)\n const result: NextProviderProcessedProps = {\n ...(baseProps as Omit<TernSecureProviderProps, 'children' | keyof IsomorphicTernSecureOptions | 'requiresVerification' | 'loadingComponent'>),\n \n // Set the merged/prioritized instance configuration properties\n apiKey: finalApiKey,\n projectId: finalProjectId,\n customDomain: finalCustomDomain,\n proxyUrl: finalProxyUrl,\n environment: finalEnvironment,\n\n // Set the Firebase configuration properties\n ternSecureConfig,\n \n // Set properties explicitly taken from TernSecureNextProps (props version)\n // These are part of the TernSecureProviderProps interface.\n requiresVerification: propsRequiresVerification,\n
|
|
1
|
+
{"version":3,"sources":["../../../src/utils/allNextProviderProps.ts"],"sourcesContent":["import type { TernSecureNextProps } from \"../types\";\nimport type { \n TernSecureProviderProps, \n IsomorphicTernSecureOptions \n} from \"@tern-secure/react\";\n\n// Helper type for the return value, as children are handled by the consuming component\ntype NextProviderProcessedProps = Omit<TernSecureProviderProps, 'children'>;\n\nexport const allNextProviderPropsWithEnv = (\n nextProps: Omit<TernSecureNextProps, 'children'>\n): NextProviderProcessedProps => {\n const {\n signInUrl,\n signUpUrl,\n signInForceRedirectUrl: propsSignInForceRedirectUrl,\n signUpForceRedirectUrl: propsSignUpForceRedirectUrl,\n apiKey: propsApiKey,\n projectId: propsProjectId,\n customDomain: propsCustomDomain,\n proxyUrl: propsProxyUrl,\n environment: propsEnvironment,\n requiresVerification: propsRequiresVerification,\n isTernSecureDev: propsIsTernSecureDev,\n enableServiceWorker: propsEnableServiceWorker,\n loadingComponent: propsLoadingComponent,\n ...baseProps \n } = nextProps;\n\n const envConfig = {\n apiKey: process.env.NEXT_PUBLIC_TERN_API_KEY,\n projectId: process.env.NEXT_PUBLIC_TERN_PROJECT_ID,\n customDomain: process.env.NEXT_PUBLIC_TERN_CUSTOM_DOMAIN,\n proxyUrl: process.env.NEXT_PUBLIC_TERN_PROXY_URL,\n environment: process.env.NEXT_PUBLIC_TERN_ENVIRONMENT,\n signInUrl: process.env.NEXT_PUBLIC_SIGN_IN_URL,\n signUpUrl: process.env.NEXT_PUBLIC_SIGN_UP_URL,\n signInForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_IN_FORCE_REDIRECT_URL,\n signUpForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_UP_FORCE_REDIRECT_URL,\n projectIdAdmin: process.env.FIREBASE_PROJECT_ID,\n clientEmail: process.env.FIREBASE_CLIENT_EMAIL,\n privateKey: process.env.FIREBASE_PRIVATE_KEY,\n };\n\n const ternSecureConfig = {\n apiKey: process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '',\n authDomain: process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN || '',\n appName: process.env.NEXT_PUBLIC_FIREBASE_APP_NAME || '',\n projectId: process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID || '',\n storageBucket: process.env.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET || '',\n messagingSenderId: process.env.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID || '',\n appId: process.env.NEXT_PUBLIC_FIREBASE_APP_ID || '',\n measurementId: process.env.NEXT_PUBLIC_FIREBASE_MEASUREMENTID\n };\n\n // Merge config values: props take precedence over environment variables\n const finalApiKey = propsApiKey ?? envConfig.apiKey;\n const finalProjectId = propsProjectId ?? envConfig.projectId;\n const finalCustomDomain = propsCustomDomain ?? envConfig.customDomain;\n const finalProxyUrl = propsProxyUrl ?? envConfig.proxyUrl;\n const finalEnvironment = propsEnvironment ?? envConfig.environment;\n const finalSignInUrl = signInUrl ?? envConfig.signInUrl;\n const finalSignUpUrl = signUpUrl ?? envConfig.signUpUrl;\n const finalSignInForceRedirectUrl = propsSignInForceRedirectUrl ?? envConfig.signInForceRedirectUrl;\n const finalSignUpForceRedirectUrl = propsSignUpForceRedirectUrl ?? envConfig.signUpForceRedirectUrl\n\n // Construct the result, ensuring it conforms to NextProviderProcessedProps\n // (Omit<TernSecureProviderProps, 'children'>)\n const result: NextProviderProcessedProps = {\n ...(baseProps as Omit<TernSecureProviderProps, 'children' | keyof IsomorphicTernSecureOptions | 'requiresVerification' | 'loadingComponent'>),\n \n // Set the merged/prioritized instance configuration properties\n apiKey: finalApiKey,\n projectId: finalProjectId,\n customDomain: finalCustomDomain,\n proxyUrl: finalProxyUrl,\n environment: finalEnvironment,\n\n // Set the Firebase configuration properties\n ternSecureConfig,\n \n // Set properties explicitly taken from TernSecureNextProps (props version)\n // These are part of the TernSecureProviderProps interface.\n requiresVerification: propsRequiresVerification,\n isTernSecureDev: propsIsTernSecureDev,\n enableServiceWorker: propsEnableServiceWorker,\n loadingComponent: propsLoadingComponent,\n\n //TernSecure: baseProps.Instance,\n initialState: baseProps.initialState,\n bypassApiKey: baseProps.bypassApiKey,\n initialSession: baseProps.initialSession,\n defaultAppearance: baseProps.defaultAppearance,\n signInUrl: finalSignInUrl,\n signUpUrl: finalSignUpUrl,\n signInForceRedirectUrl: finalSignInForceRedirectUrl,\n signUpForceRedirectUrl: finalSignUpForceRedirectUrl,\n mode: baseProps.mode,\n onAuthStateChanged: baseProps.onAuthStateChanged,\n onError: baseProps.onError,\n };\n\n // Clean up undefined keys that might have resulted from spreading if not present in baseProps\n // and also not set by merged values (e.g. if env var is also undefined)\n Object.keys(result).forEach(key => {\n if (result[key as keyof NextProviderProcessedProps] === undefined) {\n delete result[key as keyof NextProviderProcessedProps];\n }\n });\n\n return result;\n};"],"mappings":"AASO,MAAM,8BAA8B,CACzC,cAC+B;AAC/B,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA,wBAAwB;AAAA,IACxB,wBAAwB;AAAA,IACxB,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,cAAc;AAAA,IACd,UAAU;AAAA,IACV,aAAa;AAAA,IACb,sBAAsB;AAAA,IACtB,iBAAiB;AAAA,IACjB,qBAAqB;AAAA,IACrB,kBAAkB;AAAA,IAClB,GAAG;AAAA,EACL,IAAI;AAEJ,QAAM,YAAY;AAAA,IAChB,QAAQ,QAAQ,IAAI;AAAA,IACpB,WAAW,QAAQ,IAAI;AAAA,IACvB,cAAc,QAAQ,IAAI;AAAA,IAC1B,UAAU,QAAQ,IAAI;AAAA,IACtB,aAAa,QAAQ,IAAI;AAAA,IACzB,WAAW,QAAQ,IAAI;AAAA,IACvB,WAAW,QAAQ,IAAI;AAAA,IACvB,wBAAwB,QAAQ,IAAI;AAAA,IACpC,wBAAwB,QAAQ,IAAI;AAAA,IACpC,gBAAgB,QAAQ,IAAI;AAAA,IAC5B,aAAa,QAAQ,IAAI;AAAA,IACzB,YAAY,QAAQ,IAAI;AAAA,EAC1B;AAEA,QAAM,mBAAmB;AAAA,IACvB,QAAQ,QAAQ,IAAI,gCAAgC;AAAA,IACpD,YAAY,QAAQ,IAAI,oCAAoC;AAAA,IAC5D,SAAS,QAAQ,IAAI,iCAAiC;AAAA,IACtD,WAAW,QAAQ,IAAI,mCAAmC;AAAA,IAC1D,eAAe,QAAQ,IAAI,uCAAuC;AAAA,IAClE,mBAAmB,QAAQ,IAAI,4CAA4C;AAAA,IAC3E,OAAO,QAAQ,IAAI,+BAA+B;AAAA,IAClD,eAAe,QAAQ,IAAI;AAAA,EAC7B;AAGA,QAAM,cAAc,eAAe,UAAU;AAC7C,QAAM,iBAAiB,kBAAkB,UAAU;AACnD,QAAM,oBAAoB,qBAAqB,UAAU;AACzD,QAAM,gBAAgB,iBAAiB,UAAU;AACjD,QAAM,mBAAmB,oBAAoB,UAAU;AACvD,QAAM,iBAAiB,aAAa,UAAU;AAC9C,QAAM,iBAAiB,aAAa,UAAU;AAC9C,QAAM,8BAA8B,+BAA+B,UAAU;AAC7E,QAAM,8BAA8B,+BAA+B,UAAU;AAI7E,QAAM,SAAqC;AAAA,IACzC,GAAI;AAAA;AAAA,IAGJ,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,cAAc;AAAA,IACd,UAAU;AAAA,IACV,aAAa;AAAA;AAAA,IAGb;AAAA;AAAA;AAAA,IAIA,sBAAsB;AAAA,IACtB,iBAAiB;AAAA,IACjB,qBAAqB;AAAA,IACrB,kBAAkB;AAAA;AAAA,IAGlB,cAAc,UAAU;AAAA,IACxB,cAAc,UAAU;AAAA,IACxB,gBAAgB,UAAU;AAAA,IAC1B,mBAAmB,UAAU;AAAA,IAC7B,WAAW;AAAA,IACX,WAAW;AAAA,IACX,wBAAwB;AAAA,IACxB,wBAAwB;AAAA,IACxB,MAAM,UAAU;AAAA,IAChB,oBAAoB,UAAU;AAAA,IAC9B,SAAS,UAAU;AAAA,EACrB;AAIA,SAAO,KAAK,MAAM,EAAE,QAAQ,SAAO;AACjC,QAAI,OAAO,GAAuC,MAAM,QAAW;AACjE,aAAO,OAAO,GAAuC;AAAA,IACvD;AAAA,EACF,CAAC;AAED,SAAO;AACT;","names":[]}
|
|
@@ -8,7 +8,8 @@ function TernUIScript({
|
|
|
8
8
|
customDomain,
|
|
9
9
|
proxyUrl,
|
|
10
10
|
version,
|
|
11
|
-
nonce
|
|
11
|
+
nonce,
|
|
12
|
+
router = "app"
|
|
12
13
|
}) {
|
|
13
14
|
const effectiveDomain = isDevelopment ? devDomain : customDomain;
|
|
14
15
|
console.log("[TernSecure] TernUIScript: Using effective domain:", effectiveDomain);
|
|
@@ -20,7 +21,8 @@ function TernUIScript({
|
|
|
20
21
|
customDomain: effectiveDomain,
|
|
21
22
|
proxyUrl,
|
|
22
23
|
version,
|
|
23
|
-
nonce
|
|
24
|
+
nonce,
|
|
25
|
+
router
|
|
24
26
|
};
|
|
25
27
|
const scriptUrl = ternUIgetScriptUrl(scriptOptions);
|
|
26
28
|
const scriptAttributes = constructScriptAttributes(scriptOptions);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/utils/tern-ui-script.tsx"],"sourcesContent":["import Script from 'next/script'\nimport { ternUIgetScriptUrl, constructScriptAttributes } from '@tern-secure/react'\nimport type { TernSecureNextProps } from '../types'\n\nconst isDevelopment = process.env.NODE_ENV === 'development';\nconst localPort = process.env.TERN_UI_PORT || '4000';\n\ntype TernUIScriptProps = Pick<TernSecureNextProps, 'customDomain' | 'proxyUrl'> & {\n version?: string;\n nonce?: string;\n}\n\nconst devDomain = isDevelopment \n ? `http://localhost:${localPort || process.env.NEXT_PUBLIC_TERN_UI_PORT || '4000'}`\n : undefined\n\n\nexport function TernUIScript({\n customDomain,\n proxyUrl,\n version,\n nonce,\n}: TernUIScriptProps) {\n const effectiveDomain = isDevelopment ? devDomain : customDomain\n console.log('[TernSecure] TernUIScript: Using effective domain:', effectiveDomain);\n\n if (!effectiveDomain) {\n console.warn('[TernSecure] TernUIScript: No custom domain or proxy URL provided. The script will not be loaded.');\n return null;\n }\n\n const scriptOptions = {\n customDomain: effectiveDomain,\n proxyUrl,\n version,\n nonce,\n };\n\n const scriptUrl = ternUIgetScriptUrl(scriptOptions);\n const scriptAttributes = constructScriptAttributes(scriptOptions);\n\n return (\n <Script\n src={scriptUrl}\n data-ternui-script\n async\n nonce={nonce}\n strategy={undefined}\n {...scriptAttributes}\n //crossOrigin= {undefined}\n />\n )\n}"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../src/utils/tern-ui-script.tsx"],"sourcesContent":["import Script from 'next/script'\nimport { ternUIgetScriptUrl, constructScriptAttributes } from '@tern-secure/react'\nimport type { TernSecureNextProps } from '../types'\n\nconst isDevelopment = process.env.NODE_ENV === 'development';\nconst localPort = process.env.TERN_UI_PORT || '4000';\n\ntype TernUIScriptProps = Pick<TernSecureNextProps, 'customDomain' | 'proxyUrl'> & {\n version?: string;\n nonce?: string;\n router: 'app' | 'pages';\n}\n\nconst devDomain = isDevelopment \n ? `http://localhost:${localPort || process.env.NEXT_PUBLIC_TERN_UI_PORT || '4000'}`\n : undefined\n\n\nexport function TernUIScript({\n customDomain,\n proxyUrl,\n version,\n nonce,\n router = 'app'\n}: TernUIScriptProps) {\n const effectiveDomain = isDevelopment ? devDomain : customDomain\n console.log('[TernSecure] TernUIScript: Using effective domain:', effectiveDomain);\n\n if (!effectiveDomain) {\n console.warn('[TernSecure] TernUIScript: No custom domain or proxy URL provided. The script will not be loaded.');\n return null;\n }\n\n const scriptOptions = {\n customDomain: effectiveDomain,\n proxyUrl,\n version,\n nonce,\n router\n };\n\n const scriptUrl = ternUIgetScriptUrl(scriptOptions);\n const scriptAttributes = constructScriptAttributes(scriptOptions);\n\n return (\n <Script\n src={scriptUrl}\n data-ternui-script\n async\n nonce={nonce}\n strategy={undefined}\n {...scriptAttributes}\n //crossOrigin= {undefined}\n />\n )\n}"],"mappings":"AA6CQ;AA7CR,OAAO,YAAY;AACnB,SAAS,oBAAoB,iCAAiC;AAG9D,MAAM,gBAAgB,QAAQ,IAAI,aAAa;AAC/C,MAAM,YAAY,QAAQ,IAAI,gBAAgB;AAQ9C,MAAM,YAAY,gBACZ,oBAAoB,aAAa,QAAQ,IAAI,4BAA4B,MAAM,KAC/E;AAGC,SAAS,aAAa;AAAA,EACzB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,SAAS;AACb,GAAsB;AAClB,QAAM,kBAAkB,gBAAgB,YAAY;AACpD,UAAQ,IAAI,sDAAsD,eAAe;AAEjF,MAAI,CAAC,iBAAiB;AAClB,YAAQ,KAAK,mGAAmG;AAChH,WAAO;AAAA,EACX;AAEA,QAAM,gBAAgB;AAAA,IAClB,cAAc;AAAA,IACd;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AAEA,QAAM,YAAY,mBAAmB,aAAa;AAClD,QAAM,mBAAmB,0BAA0B,aAAa;AAEhE,SACI;AAAA,IAAC;AAAA;AAAA,MACC,KAAK;AAAA,MACL,sBAAkB;AAAA,MAClB,OAAK;AAAA,MACL;AAAA,MACA,UAAU;AAAA,MACP,GAAG;AAAA;AAAA,EAER;AAER;","names":[]}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
"use client";
|
|
2
|
+
import { useEffect } from "react";
|
|
3
|
+
import { reg } from "@tern-secure/shared/serviceWorker";
|
|
4
|
+
const TernUIServiceWorker = ({
|
|
5
|
+
ternSecureConfig,
|
|
6
|
+
baseUrl = window.location.origin
|
|
7
|
+
}) => {
|
|
8
|
+
useEffect(() => {
|
|
9
|
+
const registerServiceWorker = async () => {
|
|
10
|
+
if (!ternSecureConfig) {
|
|
11
|
+
console.warn("[TernSecure] Service worker registration skipped: config not provided");
|
|
12
|
+
return;
|
|
13
|
+
}
|
|
14
|
+
try {
|
|
15
|
+
await reg({
|
|
16
|
+
firebaseConfig: ternSecureConfig,
|
|
17
|
+
domain: baseUrl
|
|
18
|
+
});
|
|
19
|
+
} catch (error) {
|
|
20
|
+
console.error("[TernSecure] Service worker registration failed:", error);
|
|
21
|
+
}
|
|
22
|
+
};
|
|
23
|
+
registerServiceWorker();
|
|
24
|
+
}, [ternSecureConfig, baseUrl]);
|
|
25
|
+
return null;
|
|
26
|
+
};
|
|
27
|
+
export {
|
|
28
|
+
TernUIServiceWorker
|
|
29
|
+
};
|
|
30
|
+
//# sourceMappingURL=ternsecure-sw.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/utils/ternsecure-sw.ts"],"sourcesContent":["'use client';\n\nimport { useEffect } from 'react';\nimport type { TernSecureConfig } from '@tern-secure/types';\nimport { reg } from '@tern-secure/shared/serviceWorker';\n\ninterface TernUIServiceWorkerProps {\n ternSecureConfig?: TernSecureConfig;\n baseUrl?: string;\n}\n\nexport const TernUIServiceWorker: React.FC<TernUIServiceWorkerProps> = ({ \n ternSecureConfig,\n baseUrl = window.location.origin \n}) => {\n useEffect(() => {\n const registerServiceWorker = async () => {\n if (!ternSecureConfig) {\n console.warn('[TernSecure] Service worker registration skipped: config not provided');\n return;\n }\n\n try {\n await reg({\n firebaseConfig: ternSecureConfig,\n domain: baseUrl\n });\n } catch (error) {\n console.error('[TernSecure] Service worker registration failed:', error);\n }\n };\n\n registerServiceWorker();\n }, [ternSecureConfig, baseUrl]);\n\n return null;\n};"],"mappings":";AAEA,SAAS,iBAAiB;AAE1B,SAAS,WAAW;AAOb,MAAM,sBAA0D,CAAC;AAAA,EACpE;AAAA,EACA,UAAU,OAAO,SAAS;AAC9B,MAAM;AACJ,YAAU,MAAM;AACd,UAAM,wBAAwB,YAAY;AACxC,UAAI,CAAC,kBAAkB;AACrB,gBAAQ,KAAK,uEAAuE;AACpF;AAAA,MACF;AAEA,UAAI;AACF,cAAM,IAAI;AAAA,UACR,gBAAgB;AAAA,UAChB,QAAQ;AAAA,QACV,CAAC;AAAA,MACH,SAAS,OAAO;AACd,gBAAQ,MAAM,oDAAoD,KAAK;AAAA,MACzE;AAAA,IACF;AAEA,0BAAsB;AAAA,EACxB,GAAG,CAAC,kBAAkB,OAAO,CAAC;AAE9B,SAAO;AACT;","names":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/app-router/admin/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACH,uBAAuB,EACvB,mBAAmB,EACnB,kBAAkB,GACrB,MAAM,sBAAsB,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/app-router/admin/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACH,uBAAuB,EACvB,mBAAmB,EACnB,kBAAkB,GACrB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sessionHandler.d.ts","sourceRoot":"","sources":["../../../../src/app-router/admin/sessionHandler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAGvD,wBAAsB,oBAAoB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CAoDtF"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import type {
|
|
1
|
+
import type { UserInfo } from "./types";
|
|
2
2
|
export interface AuthResult {
|
|
3
|
-
user:
|
|
3
|
+
user: UserInfo | null;
|
|
4
4
|
error: Error | null;
|
|
5
5
|
}
|
|
6
6
|
/**
|
|
@@ -14,10 +14,10 @@ export declare const isAuthenticated: () => Promise<boolean>;
|
|
|
14
14
|
/**
|
|
15
15
|
* Get user info from auth result
|
|
16
16
|
*/
|
|
17
|
-
export declare const getUser: () => Promise<
|
|
17
|
+
export declare const getUser: () => Promise<UserInfo | null>;
|
|
18
18
|
/**
|
|
19
19
|
* Require authentication
|
|
20
20
|
* Throws error if not authenticated
|
|
21
21
|
*/
|
|
22
|
-
export declare const requireAuth: () => Promise<
|
|
22
|
+
export declare const requireAuth: () => Promise<UserInfo>;
|
|
23
23
|
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAMvC,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAA;CACpB;AAEC;;GAEG;AACL,eAAO,MAAM,IAAI,QAAmB,OAAO,CAAC,UAAU,CAoDlD,CAAA;AAEJ;;GAEG;AACH,eAAO,MAAM,eAAe,QAAmB,OAAO,CAAC,OAAO,CAG5D,CAAA;AAEF;;GAEG;AACH,eAAO,MAAM,OAAO,QAAmB,OAAO,CAAC,QAAQ,GAAG,IAAI,CAG5D,CAAA;AAEF;;;GAGG;AACH,eAAO,MAAM,WAAW,QAAmB,OAAO,CAAC,QAAQ,CAQzD,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"edge-session.d.ts","sourceRoot":"","sources":["../../../src/server/edge-session.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,
|
|
1
|
+
{"version":3,"file":"edge-session.d.ts","sourceRoot":"","sources":["../../../src/server/edge-session.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAY,MAAM,SAAS,CAAA;AAItD,wBAAsB,aAAa,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,aAAa,CAAC,CA6DhF"}
|
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { type
|
|
2
|
-
import type {
|
|
1
|
+
import { type NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
import type { UserInfo } from "./types";
|
|
3
3
|
export declare const runtime = "edge";
|
|
4
4
|
interface Auth {
|
|
5
|
-
user:
|
|
6
|
-
|
|
7
|
-
protect: () => Promise<void
|
|
5
|
+
user: UserInfo | null;
|
|
6
|
+
token: string | null;
|
|
7
|
+
protect: () => Promise<void>;
|
|
8
8
|
}
|
|
9
|
-
type MiddlewareCallback = (auth: Auth, request: NextRequest) => Promise<void
|
|
9
|
+
type MiddlewareCallback = (auth: Auth, request: NextRequest) => Promise<void>;
|
|
10
10
|
/**
|
|
11
11
|
* Create a route matcher function for public paths
|
|
12
12
|
*/
|
|
@@ -15,6 +15,6 @@ export declare function createRouteMatcher(patterns: string[]): (request: NextRe
|
|
|
15
15
|
* Middleware factory that handles authentication and custom logic
|
|
16
16
|
* @param customHandler Optional function for additional custom logic
|
|
17
17
|
*/
|
|
18
|
-
export declare function ternSecureMiddleware(callback
|
|
18
|
+
export declare function ternSecureMiddleware(callback: MiddlewareCallback): (request: NextRequest) => Promise<NextResponse<unknown>>;
|
|
19
19
|
export {};
|
|
20
20
|
//# sourceMappingURL=ternSecureMiddleware.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ternSecureMiddleware.d.ts","sourceRoot":"","sources":["../../../src/server/ternSecureMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"ternSecureMiddleware.d.ts","sourceRoot":"","sources":["../../../src/server/ternSecureMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE7D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAEvC,eAAO,MAAM,OAAO,SAAS,CAAA;AAE7B,UAAU,IAAI;IACZ,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC7B;AAED,KAAK,kBAAkB,GAAG,CACxB,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,WAAW,KACjB,OAAO,CAAC,IAAI,CAAC,CAAA;AAGlB;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAC3C,SAAS,WAAW,KAAG,OAAO,CAWvC;AAwCD;;;GAGG;AAEH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,kBAAkB,IAC9B,SAAS,WAAW,oCA2BtD"}
|
|
@@ -5,10 +5,22 @@ export interface User {
|
|
|
5
5
|
authTime?: number;
|
|
6
6
|
disabled?: boolean;
|
|
7
7
|
}
|
|
8
|
+
export interface UserInfo {
|
|
9
|
+
uid: string;
|
|
10
|
+
email: string | null;
|
|
11
|
+
emailVerified?: boolean;
|
|
12
|
+
authTime?: number;
|
|
13
|
+
disabled?: boolean;
|
|
14
|
+
}
|
|
15
|
+
export interface SessionUser {
|
|
16
|
+
uid: string;
|
|
17
|
+
email: string | null;
|
|
18
|
+
emailVerified: boolean;
|
|
19
|
+
disabled?: boolean;
|
|
20
|
+
}
|
|
8
21
|
export interface SessionResult {
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
sessionId: string | null;
|
|
22
|
+
isAuthenticated: boolean;
|
|
23
|
+
user: UserInfo | null;
|
|
12
24
|
error?: string;
|
|
13
25
|
}
|
|
14
26
|
//# sourceMappingURL=types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/server/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,IAAI;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACrB;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/server/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,IAAI;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACrB;AAIC,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,EAAE,OAAO,CAAA;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,eAAe,EAAE,OAAO,CAAA;IACxB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf"}
|
|
@@ -1,5 +1,2 @@
|
|
|
1
|
-
|
|
2
|
-
export declare const adminTernSecureAuth: admin.auth.Auth;
|
|
3
|
-
export declare const adminTernSecureDb: admin.firestore.Firestore;
|
|
4
|
-
export declare const TernSecureTenantManager: admin.auth.TenantManager;
|
|
1
|
+
export {};
|
|
5
2
|
//# sourceMappingURL=admin-init.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"admin-init.d.ts","sourceRoot":"","sources":["../../../src/utils/admin-init.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"admin-init.d.ts","sourceRoot":"","sources":["../../../src/utils/admin-init.ts"],"names":[],"mappings":""}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"allNextProviderProps.d.ts","sourceRoot":"","sources":["../../../src/utils/allNextProviderProps.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,KAAK,EACV,uBAAuB,EAExB,MAAM,oBAAoB,CAAC;AAG5B,KAAK,0BAA0B,GAAG,IAAI,CAAC,uBAAuB,EAAE,UAAU,CAAC,CAAC;AAE5E,eAAO,MAAM,2BAA2B,GACtC,WAAW,IAAI,CAAC,mBAAmB,EAAE,UAAU,CAAC,KAC/C,
|
|
1
|
+
{"version":3,"file":"allNextProviderProps.d.ts","sourceRoot":"","sources":["../../../src/utils/allNextProviderProps.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,KAAK,EACV,uBAAuB,EAExB,MAAM,oBAAoB,CAAC;AAG5B,KAAK,0BAA0B,GAAG,IAAI,CAAC,uBAAuB,EAAE,UAAU,CAAC,CAAC;AAE5E,eAAO,MAAM,2BAA2B,GACtC,WAAW,IAAI,CAAC,mBAAmB,EAAE,UAAU,CAAC,KAC/C,0BAoGF,CAAC"}
|