npm - @workos-inc/authkit-nextjs - Versions diffs - 0.10.1 → 0.11.0 - Mend

@workos-inc/authkit-nextjs 0.10.1 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (85) hide show

package/README.md +56 -10
package/dist/esm/actions.js +10 -0
package/dist/esm/actions.js.map +1 -0
package/dist/esm/auth.js +18 -0
package/dist/esm/auth.js.map +1 -0
package/dist/{cjs → esm}/authkit-callback-route.js +14 -17
package/dist/esm/authkit-callback-route.js.map +1 -0
package/dist/{cjs/provider.js → esm/authkit-provider.js} +14 -15
package/dist/esm/authkit-provider.js.map +1 -0
package/dist/{cjs → esm}/button.js +2 -6
package/dist/esm/button.js.map +1 -0
package/dist/{cjs → esm}/cookie.d.ts +1 -2
package/dist/esm/cookie.js +16 -0
package/dist/esm/cookie.js.map +1 -0
package/dist/{cjs → esm}/env-variables.d.ts +6 -5
package/dist/esm/env-variables.js +16 -0
package/dist/esm/env-variables.js.map +1 -0
package/dist/esm/get-authorization-url.js +17 -0
package/dist/esm/get-authorization-url.js.map +1 -0
package/dist/{cjs → esm}/impersonation.js +13 -18
package/dist/esm/impersonation.js.map +1 -0
package/dist/esm/index.d.ts +7 -0
package/dist/esm/index.js +14 -0
package/dist/esm/index.js.map +1 -0
package/dist/{cjs → esm}/interfaces.d.ts +2 -0
package/dist/esm/interfaces.js +2 -0
package/dist/{cjs → esm}/middleware.d.ts +1 -1
package/dist/esm/middleware.js +7 -0
package/dist/esm/middleware.js.map +1 -0
package/dist/esm/min-max-button.js +10 -0
package/dist/esm/min-max-button.js.map +1 -0
package/dist/esm/session.d.ts +34 -0
package/dist/{cjs → esm}/session.js +83 -59
package/dist/esm/session.js.map +1 -0
package/dist/{cjs → esm}/workos.d.ts +1 -1
package/dist/esm/workos.js +16 -0
package/dist/esm/workos.js.map +1 -0
package/package.json +6 -6
package/src/auth.ts +4 -1
package/src/authkit-callback-route.ts +4 -2
package/src/{provider.tsx → authkit-provider.tsx} +9 -5
package/src/cookie.ts +1 -2
package/src/env-variables.ts +16 -26
package/src/get-authorization-url.ts +4 -1
package/src/impersonation.tsx +2 -2
package/src/index.ts +4 -3
package/src/interfaces.ts +2 -0
package/src/middleware.ts +2 -1
package/src/session.ts +57 -13
package/src/workos.ts +2 -2
package/dist/cjs/actions.js +0 -14
package/dist/cjs/actions.js.map +0 -1
package/dist/cjs/auth.js +0 -21
package/dist/cjs/auth.js.map +0 -1
package/dist/cjs/authkit-callback-route.js.map +0 -1
package/dist/cjs/button.js.map +0 -1
package/dist/cjs/cookie.js +0 -21
package/dist/cjs/cookie.js.map +0 -1
package/dist/cjs/env-variables.js +0 -35
package/dist/cjs/env-variables.js.map +0 -1
package/dist/cjs/get-authorization-url.js +0 -18
package/dist/cjs/get-authorization-url.js.map +0 -1
package/dist/cjs/impersonation.js.map +0 -1
package/dist/cjs/index.d.ts +0 -7
package/dist/cjs/index.js +0 -19
package/dist/cjs/index.js.map +0 -1
package/dist/cjs/interfaces.js +0 -3
package/dist/cjs/middleware.js +0 -11
package/dist/cjs/middleware.js.map +0 -1
package/dist/cjs/min-max-button.js +0 -15
package/dist/cjs/min-max-button.js.map +0 -1
package/dist/cjs/provider.js.map +0 -1
package/dist/cjs/session.d.ts +0 -20
package/dist/cjs/session.js.map +0 -1
package/dist/cjs/workos.js +0 -19
package/dist/cjs/workos.js.map +0 -1
/package/dist/{cjs → esm}/actions.d.ts +0 -0
/package/dist/{cjs → esm}/auth.d.ts +0 -0
/package/dist/{cjs → esm}/authkit-callback-route.d.ts +0 -0
/package/dist/{cjs/provider.d.ts → esm/authkit-provider.d.ts} +0 -0
/package/dist/{cjs → esm}/button.d.ts +0 -0
/package/dist/{cjs → esm}/get-authorization-url.d.ts +0 -0
/package/dist/{cjs → esm}/impersonation.d.ts +0 -0
/package/dist/{cjs → esm}/interfaces.js.map +0 -0
/package/dist/{cjs → esm}/min-max-button.d.ts +0 -0

package/README.md CHANGED Viewed

@@ -2,6 +2,8 @@
 The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js.
+> Note: This library is intended for use with the Next.js App Router.
 ## Installation
 Install the package with:
@@ -29,8 +31,8 @@ Make sure the following values are present in your `.env.local` environment vari
 ```sh
 WORKOS_CLIENT_ID="client_..." # retrieved from the WorkOS dashboard
 WORKOS_API_KEY="sk_test_..." # retrieved from the WorkOS dashboard
-WORKOS_REDIRECT_URI="http://localhost:3000/callback" # configured in the WorkOS dashboard
 WORKOS_COOKIE_PASSWORD="<your password>" # generate a secure password here
+NEXT_PUBLIC_WORKOS_REDIRECT_URI="http://localhost:3000/callback" # configured in the WorkOS dashboard
 ```
 `WORKOS_COOKIE_PASSWORD` is the private key used to encrypt the session cookie. It has to be at least 32 characters long. You can use the [1Password generator](https://1password.com/password-generator/) or the `openssl` library to generate a strong password via the command line:
@@ -46,7 +48,9 @@ To use the `signOut` method, you'll need to set your app's homepage in your Work
 Certain environment variables are optional and can be used to debug or configure cookie settings.
 ```sh
-WORKOS_COOKIE_MAX_AGE='600' # maximum age of the cookie in seconds. Defaults to 31 days
+WORKOS_COOKIE_MAX_AGE='600' # maximum age of the cookie in seconds. Defaults to 400 days, the maximum allowed in Chrome
+WORKOS_COOKIE_DOMAIN='example.com'
+WORKOS_COOKIE_NAME='authkit-cookie'
 WORKOS_API_HOSTNAME='api.workos.com' # base WorkOS API URL
 WORKOS_API_HTTPS=true # whether to use HTTPS in API calls
 WORKOS_API_PORT=3000 # port to use for API calls
@@ -90,6 +94,24 @@ export default authkitMiddleware();
 export const config = { matcher: ['/', '/admin'] };
 ```
+#### Custom redirect URI
+In cases where you need your redirect URI to be set dynamically (e.g. Vercel preview deployments), use the `redirectUri` option in `authkitMiddleware`:
+```ts
+import { authkitMiddleware } from '@workos-inc/authkit-nextjs';
+export default authkitMiddleware({
+  redirectUri: 'https://foo.example.com/callback',
+});
+// Match against pages that require auth
+// Leave this out if you want auth on every resource (including images, css etc.)
+export const config = { matcher: ['/', '/admin'] };
+```
+Custom redirect URIs will be used over a redirect URI configured in the environment variables.
 ## Usage
 ### Wrap your app in `AuthKitProvider`
@@ -112,15 +134,15 @@ export default function RootLayout({ children }: { children: React.ReactNode })
 ### Get the current user
-For pages where you want to display a signed-in and signed-out view, use `getUser` to retrieve the user profile from WorkOS.
+For pages where you want to display a signed-in and signed-out view, use `withAuth` to retrieve the user profile from WorkOS.
 ```jsx
 import Link from 'next/link';
-import { getSignInUrl, getSignUpUrl, getUser, signOut } from '@workos-inc/authkit-nextjs';
+import { getSignInUrl, getSignUpUrl, withAuth, signOut } from '@workos-inc/authkit-nextjs';
 export default async function HomePage() {
   // Retrieves the user from the session or returns `null` if no user is signed in
-  const { user } = await getUser();
+  const { user } = await withAuth();
   if (!user) {
     // Get the URL to redirect the user to AuthKit to sign in
@@ -156,14 +178,14 @@ export default async function HomePage() {
 For pages where a signed-in user is mandatory, you can use the `ensureSignedIn` option:
 ```jsx
-const { user } = await getUser({ ensureSignedIn: true });
+const { user } = await withAuth({ ensureSignedIn: true });
 ```
 Enabling `ensureSignedIn` will redirect users to AuthKit if they attempt to access the page without being authenticated.
 ### Middleware auth
-The default behavior of this library is to request authentication via the `getUser` method on a per-page basis. There are some use cases where you don't want to call `getUser` (e.g. you don't need user data for your page) or if you'd prefer a "secure by default" approach where every route defined in your middleware matcher is protected unless specified otherwise. In those cases you can opt-in to use middleware auth instead:
+The default behavior of this library is to request authentication via the `withAuth` method on a per-page basis. There are some use cases where you don't want to call `withAuth` (e.g. you don't need user data for your page) or if you'd prefer a "secure by default" approach where every route defined in your middleware matcher is protected unless specified otherwise. In those cases you can opt-in to use middleware auth instead:
 ```ts
 import { authkitMiddleware } from '@workos-inc/authkit-nextjs';
@@ -184,6 +206,30 @@ In the above example the `/admin` page will require a user to be signed in, wher
 `unauthenticatedPaths` uses the same glob logic as the [Next.js matcher](https://nextjs.org/docs/pages/building-your-application/routing/middleware#matcher).
+### Retrieve session in middleware
+Sometimes it's useful to check the user session if you want to compose custom middleware. The `getSession` helper method will retrieve the session from the cookie and verify the access token.
+```ts
+import { authkitMiddleware, getSession } from '@workos-inc/authkit-nextjs';
+import { NextRequest } from 'next/server';
+export default async function middleware(request: NextRequest) {
+  // authkitMiddleware will handle refreshing the session if the access token has expired
+  const response = await authkitMiddleware()(request);
+  // If session is undefined, the user is not authenticated
+  const session = await getSession(response);
+  // ...add additional middleware logic here
+  return response;
+}
+// Match against pages that require auth
+export const config = { matcher: ['/', '/account/:path*'] };
+```
 ### Signing out
 Use the `signOut` method to sign out the current logged in user and redirect to your app's homepage. The homepage redirect is set in your WorkOS dashboard settings under "Redirect".
@@ -211,10 +257,10 @@ export default function App() {
 Sometimes it is useful to obtain the access token directly, for instance to make API requests to another service.
 ```jsx
-import { getUser } from '@workos-inc/authkit-nextjs';
+import { withAuth } from '@workos-inc/authkit-nextjs';
 export default async function HomePage() {
-  const { accessToken } = await getUser();
+  const { accessToken } = await withAuth();
   if (!accessToken) {
     return <div>Not signed in</div>;
@@ -250,4 +296,4 @@ export default authkitMiddleware({ debug: true });
 #### NEXT_REDIRECT error when using try/catch blocks
-Wrapping a `getUser({ ensureSignedIn: true })` call in a try/catch block will cause a `NEXT_REDIRECT` error. This is because `getUser` will attempt to redirect the user to AuthKit if no session is detected and redirects in Next must be [called outside a try/catch](https://nextjs.org/docs/app/building-your-application/data-fetching/server-actions-and-mutations#redirecting).
+Wrapping a `withAuth({ ensureSignedIn: true })` call in a try/catch block will cause a `NEXT_REDIRECT` error. This is because `withAuth` will attempt to redirect the user to AuthKit if no session is detected and redirects in Next must be [called outside a try/catch](https://nextjs.org/docs/app/building-your-application/data-fetching/server-actions-and-mutations#redirecting).

package/dist/esm/actions.js ADDED Viewed

@@ -0,0 +1,10 @@
+'use server';
+/**
+ * This action is only accessible to authenticated users,
+ * there is no need to check the session here as the middleware will
+ * be responsible for that.
+ */
+export const checkSessionAction = async () => {
+    return true;
+};
+//# sourceMappingURL=actions.js.map

package/dist/esm/actions.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"actions.js","sourceRoot":"","sources":["../../src/actions.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb;;;;GAIG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,IAAI,EAAE;IAC3C,OAAO,IAAI,CAAC;AACd,CAAC,CAAC"}

package/dist/esm/auth.js ADDED Viewed

@@ -0,0 +1,18 @@
+'use server';
+import { getAuthorizationUrl } from './get-authorization-url.js';
+import { cookies } from 'next/headers';
+import { terminateSession } from './session.js';
+import { WORKOS_COOKIE_NAME } from './env-variables.js';
+async function getSignInUrl({ organizationId } = {}) {
+    return getAuthorizationUrl({ organizationId, screenHint: 'sign-in' });
+}
+async function getSignUpUrl() {
+    return getAuthorizationUrl({ screenHint: 'sign-up' });
+}
+async function signOut() {
+    const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
+    cookies().delete(cookieName);
+    await terminateSession();
+}
+export { getSignInUrl, getSignUpUrl, signOut };
+//# sourceMappingURL=auth.js.map

package/dist/esm/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/auth.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAExD,KAAK,UAAU,YAAY,CAAC,EAAE,cAAc,KAAkC,EAAE;IAC9E,OAAO,mBAAmB,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,KAAK,UAAU,YAAY;IACzB,OAAO,mBAAmB,CAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;AACxD,CAAC;AAED,KAAK,UAAU,OAAO;IACpB,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IACvD,OAAO,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC7B,MAAM,gBAAgB,EAAE,CAAC;AAC3B,CAAC;AAED,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC"}

package/dist/{cjs → esm}/authkit-callback-route.js RENAMED Viewed

@@ -1,13 +1,10 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.handleAuth = void 0;
-const server_1 = require("next/server");
-const headers_1 = require("next/headers");
-const workos_js_1 = require("./workos.js");
-const env_variables_js_1 = require("./env-variables.js");
-const session_js_1 = require("./session.js");
-const cookie_js_1 = require("./cookie.js");
-function handleAuth(options = {}) {
+import { NextResponse } from 'next/server';
+import { cookies } from 'next/headers';
+import { workos } from './workos.js';
+import { WORKOS_CLIENT_ID, WORKOS_COOKIE_NAME } from './env-variables.js';
+import { encryptSession } from './session.js';
+import { cookieOptions } from './cookie.js';
+export function handleAuth(options = {}) {
     const { returnPathname: returnPathnameOption = '/' } = options;
     return async function GET(request) {
         const code = request.nextUrl.searchParams.get('code');
@@ -16,8 +13,8 @@ function handleAuth(options = {}) {
         if (code) {
             try {
                 // Use the code returned to us by AuthKit and authenticate the user with WorkOS
-                const { accessToken, refreshToken, user, impersonator } = await workos_js_1.workos.userManagement.authenticateWithCode({
-                    clientId: env_variables_js_1.WORKOS_CLIENT_ID,
+                const { accessToken, refreshToken, user, impersonator } = await workos.userManagement.authenticateWithCode({
+                    clientId: WORKOS_CLIENT_ID,
                     code,
                 });
                 const url = request.nextUrl.clone();
@@ -37,13 +34,14 @@ function handleAuth(options = {}) {
                 else {
                     url.pathname = returnPathname;
                 }
-                const response = server_1.NextResponse.redirect(url);
+                const response = NextResponse.redirect(url);
                 if (!accessToken || !refreshToken)
                     throw new Error('response is missing tokens');
                 // The refreshToken should never be accesible publicly, hence why we encrypt it in the cookie session
                 // Alternatively you could persist the refresh token in a backend database
-                const session = await (0, session_js_1.encryptSession)({ accessToken, refreshToken, user, impersonator });
-                (0, headers_1.cookies)().set(cookie_js_1.cookieName, session, cookie_js_1.cookieOptions);
+                const session = await encryptSession({ accessToken, refreshToken, user, impersonator });
+                const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
+                cookies().set(cookieName, session, cookieOptions);
                 return response;
             }
             catch (error) {
@@ -57,7 +55,7 @@ function handleAuth(options = {}) {
         return errorResponse();
     };
     function errorResponse() {
-        return server_1.NextResponse.json({
+        return NextResponse.json({
             error: {
                 message: 'Something went wrong',
                 description: 'Couldn’t sign in. If you are not sure what happened, please contact your organization admin.',
@@ -65,5 +63,4 @@ function handleAuth(options = {}) {
         }, { status: 500 });
     }
 }
-exports.handleAuth = handleAuth;
 //# sourceMappingURL=authkit-callback-route.js.map

package/dist/esm/authkit-callback-route.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"authkit-callback-route.js","sourceRoot":"","sources":["../../src/authkit-callback-route.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAG5C,MAAM,UAAU,UAAU,CAAC,UAA6B,EAAE;IACxD,MAAM,EAAE,cAAc,EAAE,oBAAoB,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC;IAE/D,OAAO,KAAK,UAAU,GAAG,CAAC,OAAoB;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxD,IAAI,cAAc,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC;QAE3E,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC;gBACH,+EAA+E;gBAC/E,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC;oBACzG,QAAQ,EAAE,gBAAgB;oBAC1B,IAAI;iBACL,CAAC,CAAC;gBAEH,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAEpC,iBAAiB;gBACjB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBAChC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAEjC,uDAAuD;gBACvD,cAAc,GAAG,cAAc,aAAd,cAAc,cAAd,cAAc,GAAI,oBAAoB,CAAC;gBAExD,gDAAgD;gBAChD,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,qBAAqB,CAAC,CAAC;oBAC9D,GAAG,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;oBAE/B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;wBAC/C,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,QAAQ,GAAG,cAAc,CAAC;gBAChC,CAAC;gBAED,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;gBAE5C,IAAI,CAAC,WAAW,IAAI,CAAC,YAAY;oBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;gBAEjF,qGAAqG;gBACrG,0EAA0E;gBAC1E,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;gBACxF,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;gBAEvD,OAAO,EAAE,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;gBAElD,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG;oBACf,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;iBAC9D,CAAC;gBAEF,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAExB,OAAO,aAAa,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,OAAO,aAAa,EAAE,CAAC;IACzB,CAAC,CAAC;IAEF,SAAS,aAAa;QACpB,OAAO,YAAY,CAAC,IAAI,CACtB;YACE,KAAK,EAAE;gBACL,OAAO,EAAE,sBAAsB;gBAC/B,WAAW,EAAE,8FAA8F;aAC5G;SACF,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/{cjs/provider.js → esm/authkit-provider.js} RENAMED Viewed

@@ -1,11 +1,7 @@
-"use strict";
 'use client';
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthKitProvider = void 0;
-const tslib_1 = require("tslib");
-const React = tslib_1.__importStar(require("react"));
-const actions_js_1 = require("./actions.js");
-const AuthKitProvider = ({ children, onSessionExpired = false }) => {
+import * as React from 'react';
+import { checkSessionAction } from './actions.js';
+export const AuthKitProvider = ({ children, onSessionExpired }) => {
     React.useEffect(() => {
         // Return early if the session expired checks are disabled.
         if (onSessionExpired === false) {
@@ -22,17 +18,21 @@ const AuthKitProvider = ({ children, onSessionExpired = false }) => {
             if (document.visibilityState === 'visible') {
                 visibilityChangedCalled = true;
                 try {
-                    const hasSession = await (0, actions_js_1.checkSessionAction)();
+                    const hasSession = await checkSessionAction();
                     if (!hasSession) {
                         throw new Error('Session expired');
                     }
                 }
                 catch (error) {
-                    if (onSessionExpired) {
-                        onSessionExpired();
-                    }
-                    else {
-                        window.location.reload();
+                    // 'Failed to fetch' is the error we are looking for if the action fails
+                    // If any other error happens, for other reasons, we should not reload the page
+                    if (error instanceof Error && error.message.includes('Failed to fetch')) {
+                        if (onSessionExpired) {
+                            onSessionExpired();
+                        }
+                        else {
+                            window.location.reload();
+                        }
                     }
                 }
                 finally {
@@ -49,5 +49,4 @@ const AuthKitProvider = ({ children, onSessionExpired = false }) => {
     }, [onSessionExpired]);
     return React.createElement(React.Fragment, null, children);
 };
-exports.AuthKitProvider = AuthKitProvider;
-//# sourceMappingURL=provider.js.map
+//# sourceMappingURL=authkit-provider.js.map

package/dist/esm/authkit-provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"authkit-provider.js","sourceRoot":"","sources":["../../src/authkit-provider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAC/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAWlD,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,EAAE,QAAQ,EAAE,gBAAgB,EAAwB,EAAE,EAAE;IACtF,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE;QACnB,2DAA2D;QAC3D,IAAI,gBAAgB,KAAK,KAAK,EAAE,CAAC;YAC/B,OAAO;QACT,CAAC;QAED,IAAI,uBAAuB,GAAG,KAAK,CAAC;QAEpC,MAAM,sBAAsB,GAAG,KAAK,IAAI,EAAE;YACxC,IAAI,uBAAuB,EAAE,CAAC;gBAC5B,OAAO;YACT,CAAC;YAED,oGAAoG;YACpG,qFAAqF;YACrF,oGAAoG;YACpG,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;gBAC3C,uBAAuB,GAAG,IAAI,CAAC;gBAE/B,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,MAAM,kBAAkB,EAAE,CAAC;oBAC9C,IAAI,CAAC,UAAU,EAAE,CAAC;wBAChB,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;oBACrC,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,wEAAwE;oBACxE,+EAA+E;oBAC/E,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;wBACxE,IAAI,gBAAgB,EAAE,CAAC;4BACrB,gBAAgB,EAAE,CAAC;wBACrB,CAAC;6BAAM,CAAC;4BACN,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;wBAC3B,CAAC;oBACH,CAAC;gBACH,CAAC;wBAAS,CAAC;oBACT,uBAAuB,GAAG,KAAK,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,sBAAsB,CAAC,CAAC;QACpE,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;QAEzD,OAAO,GAAG,EAAE;YACV,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;YAC5D,MAAM,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,sBAAsB,CAAC,CAAC;QACzE,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAEvB,OAAO,0CAAG,QAAQ,CAAI,CAAC;AACzB,CAAC,CAAC"}

package/dist/{cjs → esm}/button.js RENAMED Viewed

@@ -1,8 +1,4 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.Button = void 0;
-const tslib_1 = require("tslib");
-const React = tslib_1.__importStar(require("react"));
+import * as React from 'react';
 const Button = React.forwardRef((props, forwardedRef) => {
     return (React.createElement("button", { ref: forwardedRef, type: "button", ...props, style: {
             display: 'inline-flex',
@@ -20,6 +16,6 @@ const Button = React.forwardRef((props, forwardedRef) => {
             ...props.style,
         } }));
 });
-exports.Button = Button;
 Button.displayName = 'Button';
+export { Button };
 //# sourceMappingURL=button.js.map

package/dist/esm/button.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"button.js","sourceRoot":"","sources":["../../src/button.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAE/B,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAA8D,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE;IACnH,OAAO,CACL,gCACE,GAAG,EAAE,YAAY,EACjB,IAAI,EAAC,QAAQ,KACT,KAAK,EACT,KAAK,EAAE;YACL,OAAO,EAAE,aAAa;YACtB,UAAU,EAAE,QAAQ;YACpB,cAAc,EAAE,QAAQ;YACxB,UAAU,EAAE,CAAC;YACb,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,SAAS;YAElB,UAAU,EAAE,SAAS;YACrB,QAAQ,EAAE,SAAS;YACnB,YAAY,EAAE,6CAA6C;YAC3D,MAAM,EAAE,MAAM;YACd,eAAe,EAAE,aAAa;YAC9B,KAAK,EAAE,OAAO;YAEd,GAAG,KAAK,CAAC,KAAK;SACf,GACD,CACH,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,WAAW,GAAG,QAAQ,CAAC;AAE9B,OAAO,EAAE,MAAM,EAAE,CAAC"}

package/dist/{cjs → esm}/cookie.d.ts RENAMED Viewed

@@ -1,4 +1,3 @@
-declare const cookieName = "wos-session";
 declare const cookieOptions: {
     path: string;
     httpOnly: boolean;
@@ -7,4 +6,4 @@ declare const cookieOptions: {
     maxAge: number;
     domain: string | undefined;
 };
-export { cookieName, cookieOptions };
+export { cookieOptions };

package/dist/esm/cookie.js ADDED Viewed

@@ -0,0 +1,16 @@
+import { WORKOS_REDIRECT_URI, WORKOS_COOKIE_MAX_AGE, WORKOS_COOKIE_DOMAIN } from './env-variables.js';
+const redirectUrl = new URL(WORKOS_REDIRECT_URI);
+const isSecureProtocol = redirectUrl.protocol === 'https:';
+const cookieOptions = {
+    path: '/',
+    httpOnly: true,
+    secure: isSecureProtocol,
+    sameSite: 'lax',
+    // Defaults to 400 days, the maximum allowed by Chrome
+    // It's fine to have a long cookie expiry date as the access/refresh tokens
+    // act as the actual time-limited aspects of the session.
+    maxAge: WORKOS_COOKIE_MAX_AGE ? parseInt(WORKOS_COOKIE_MAX_AGE, 10) : 60 * 60 * 24 * 400,
+    domain: WORKOS_COOKIE_DOMAIN,
+};
+export { cookieOptions };
+//# sourceMappingURL=cookie.js.map

package/dist/esm/cookie.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cookie.js","sourceRoot":"","sources":["../../src/cookie.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAEtG,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC;AACjD,MAAM,gBAAgB,GAAG,WAAW,CAAC,QAAQ,KAAK,QAAQ,CAAC;AAE3D,MAAM,aAAa,GAAG;IACpB,IAAI,EAAE,GAAG;IACT,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,gBAAgB;IACxB,QAAQ,EAAE,KAAc;IACxB,sDAAsD;IACtD,2EAA2E;IAC3E,yDAAyD;IACzD,MAAM,EAAE,qBAAqB,CAAC,CAAC,CAAC,QAAQ,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG;IACxF,MAAM,EAAE,oBAAoB;CAC7B,CAAC;AAEF,OAAO,EAAE,aAAa,EAAE,CAAC"}

package/dist/{cjs → esm}/env-variables.d.ts RENAMED Viewed

@@ -1,10 +1,11 @@
-declare const WORKOS_CLIENT_ID: string;
-declare const WORKOS_API_KEY: string;
-declare const WORKOS_REDIRECT_URI: string;
-declare const WORKOS_COOKIE_PASSWORD: string;
 declare const WORKOS_API_HOSTNAME: string | undefined;
 declare const WORKOS_API_HTTPS: string | undefined;
+declare const WORKOS_API_KEY: string;
 declare const WORKOS_API_PORT: string | undefined;
+declare const WORKOS_CLIENT_ID: string;
 declare const WORKOS_COOKIE_DOMAIN: string | undefined;
 declare const WORKOS_COOKIE_MAX_AGE: string | undefined;
-export { WORKOS_CLIENT_ID, WORKOS_API_KEY, WORKOS_REDIRECT_URI, WORKOS_COOKIE_PASSWORD, WORKOS_API_HOSTNAME, WORKOS_API_HTTPS, WORKOS_API_PORT, WORKOS_COOKIE_DOMAIN, WORKOS_COOKIE_MAX_AGE, };
+declare const WORKOS_COOKIE_NAME: string | undefined;
+declare const WORKOS_COOKIE_PASSWORD: string;
+declare const WORKOS_REDIRECT_URI: string;
+export { WORKOS_API_HOSTNAME, WORKOS_API_HTTPS, WORKOS_API_KEY, WORKOS_API_PORT, WORKOS_CLIENT_ID, WORKOS_COOKIE_DOMAIN, WORKOS_COOKIE_MAX_AGE, WORKOS_COOKIE_NAME, WORKOS_COOKIE_PASSWORD, WORKOS_REDIRECT_URI, };

package/dist/esm/env-variables.js ADDED Viewed

@@ -0,0 +1,16 @@
+var _a, _b, _c, _d;
+function getEnvVariable(name) {
+    return process.env[name];
+}
+const WORKOS_API_HOSTNAME = getEnvVariable('WORKOS_API_HOSTNAME');
+const WORKOS_API_HTTPS = getEnvVariable('WORKOS_API_HTTPS');
+const WORKOS_API_KEY = (_a = getEnvVariable('WORKOS_API_KEY')) !== null && _a !== void 0 ? _a : '';
+const WORKOS_API_PORT = getEnvVariable('WORKOS_API_PORT');
+const WORKOS_CLIENT_ID = (_b = getEnvVariable('WORKOS_CLIENT_ID')) !== null && _b !== void 0 ? _b : '';
+const WORKOS_COOKIE_DOMAIN = getEnvVariable('WORKOS_COOKIE_DOMAIN');
+const WORKOS_COOKIE_MAX_AGE = getEnvVariable('WORKOS_COOKIE_MAX_AGE');
+const WORKOS_COOKIE_NAME = getEnvVariable('WORKOS_COOKIE_NAME');
+const WORKOS_COOKIE_PASSWORD = (_c = getEnvVariable('WORKOS_COOKIE_PASSWORD')) !== null && _c !== void 0 ? _c : '';
+const WORKOS_REDIRECT_URI = (_d = getEnvVariable('NEXT_PUBLIC_WORKOS_REDIRECT_URI')) !== null && _d !== void 0 ? _d : '';
+export { WORKOS_API_HOSTNAME, WORKOS_API_HTTPS, WORKOS_API_KEY, WORKOS_API_PORT, WORKOS_CLIENT_ID, WORKOS_COOKIE_DOMAIN, WORKOS_COOKIE_MAX_AGE, WORKOS_COOKIE_NAME, WORKOS_COOKIE_PASSWORD, WORKOS_REDIRECT_URI, };
+//# sourceMappingURL=env-variables.js.map

package/dist/esm/env-variables.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"env-variables.js","sourceRoot":"","sources":["../../src/env-variables.ts"],"names":[],"mappings":";AAAA,SAAS,cAAc,CAAC,IAAY;IAClC,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED,MAAM,mBAAmB,GAAG,cAAc,CAAC,qBAAqB,CAAC,CAAC;AAClE,MAAM,gBAAgB,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;AAC5D,MAAM,cAAc,GAAG,MAAA,cAAc,CAAC,gBAAgB,CAAC,mCAAI,EAAE,CAAC;AAC9D,MAAM,eAAe,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;AAC1D,MAAM,gBAAgB,GAAG,MAAA,cAAc,CAAC,kBAAkB,CAAC,mCAAI,EAAE,CAAC;AAClE,MAAM,oBAAoB,GAAG,cAAc,CAAC,sBAAsB,CAAC,CAAC;AACpE,MAAM,qBAAqB,GAAG,cAAc,CAAC,uBAAuB,CAAC,CAAC;AACtE,MAAM,kBAAkB,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;AAChE,MAAM,sBAAsB,GAAG,MAAA,cAAc,CAAC,wBAAwB,CAAC,mCAAI,EAAE,CAAC;AAC9E,MAAM,mBAAmB,GAAG,MAAA,cAAc,CAAC,iCAAiC,CAAC,mCAAI,EAAE,CAAC;AAEpF,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,oBAAoB,EACpB,qBAAqB,EACrB,kBAAkB,EAClB,sBAAsB,EACtB,mBAAmB,GACpB,CAAC"}

package/dist/esm/get-authorization-url.js ADDED Viewed

@@ -0,0 +1,17 @@
+import { workos } from './workos.js';
+import { WORKOS_CLIENT_ID, WORKOS_REDIRECT_URI } from './env-variables.js';
+import { headers } from 'next/headers';
+async function getAuthorizationUrl(options = {}) {
+    const { returnPathname, screenHint, organizationId } = options;
+    const redirectUri = headers().get('x-redirect-uri');
+    return workos.userManagement.getAuthorizationUrl({
+        provider: 'authkit',
+        clientId: WORKOS_CLIENT_ID,
+        redirectUri: redirectUri !== null && redirectUri !== void 0 ? redirectUri : WORKOS_REDIRECT_URI,
+        state: returnPathname ? btoa(JSON.stringify({ returnPathname })) : undefined,
+        screenHint,
+        organizationId,
+    });
+}
+export { getAuthorizationUrl };
+//# sourceMappingURL=get-authorization-url.js.map

package/dist/esm/get-authorization-url.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"get-authorization-url.js","sourceRoot":"","sources":["../../src/get-authorization-url.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE3E,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,KAAK,UAAU,mBAAmB,CAAC,UAA6B,EAAE;IAChE,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC;IAE/D,MAAM,WAAW,GAAG,OAAO,EAAE,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAEpD,OAAO,MAAM,CAAC,cAAc,CAAC,mBAAmB,CAAC;QAC/C,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,mBAAmB;QAC/C,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;QAC5E,UAAU;QACV,cAAc;KACf,CAAC,CAAC;AACL,CAAC;AAED,OAAO,EAAE,mBAAmB,EAAE,CAAC"}

package/dist/{cjs → esm}/impersonation.js RENAMED Viewed

@@ -1,18 +1,14 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.Impersonation = void 0;
-const tslib_1 = require("tslib");
-const React = tslib_1.__importStar(require("react"));
-const session_js_1 = require("./session.js");
-const auth_js_1 = require("./auth.js");
-const workos_js_1 = require("./workos.js");
-const button_js_1 = require("./button.js");
-const min_max_button_js_1 = require("./min-max-button.js");
-async function Impersonation({ side = 'bottom', ...props }) {
-    const { impersonator, user, organizationId } = await (0, session_js_1.getUser)();
+import * as React from 'react';
+import { withAuth } from './session.js';
+import { signOut } from './auth.js';
+import { workos } from './workos.js';
+import { Button } from './button.js';
+import { MinMaxButton } from './min-max-button.js';
+export async function Impersonation({ side = 'bottom', ...props }) {
+    const { impersonator, user, organizationId } = await withAuth();
     if (!impersonator)
         return null;
-    const organization = organizationId ? await workos_js_1.workos.organizations.getOrganization(organizationId) : null;
+    const organization = organizationId ? await workos.organizations.getOrganization(organizationId) : null;
     return (React.createElement("div", { ...props, "data-workos-impersonation-root": "", style: {
             'position': 'fixed',
             'inset': 0,
@@ -52,7 +48,7 @@ async function Impersonation({ side = 'bottom', ...props }) {
             } },
             React.createElement("form", { action: async () => {
                     'use server';
-                    await (0, auth_js_1.signOut)();
+                    await signOut();
                 }, style: {
                     display: 'flex',
                     alignItems: 'baseline',
@@ -96,8 +92,8 @@ async function Impersonation({ side = 'bottom', ...props }) {
                         "within the ",
                         React.createElement("b", null, organization.name),
                         " organization"))),
-                React.createElement(button_js_1.Button, { type: "submit", style: { marginLeft: 'calc(var(--wi-s) * 2)', marginRight: 'var(--wi-s)' } }, "Stop"),
-                React.createElement(min_max_button_js_1.MinMaxButton, { minimizedValue: "1" }, side === 'top' ? '↗' : '↘')),
+                React.createElement(Button, { type: "submit", style: { marginLeft: 'calc(var(--wi-s) * 2)', marginRight: 'var(--wi-s)' } }, "Stop"),
+                React.createElement(MinMaxButton, { minimizedValue: "1" }, side === 'top' ? '↗' : '↘')),
             React.createElement("div", { style: {
                     padding: 'var(--wi-s)',
                     position: 'fixed',
@@ -113,7 +109,6 @@ async function Impersonation({ side = 'bottom', ...props }) {
                     ...(side === 'top' && { top: 'var(--wi-s)' }),
                     ...(side === 'bottom' && { bottom: 'var(--wi-s)' }),
                 } },
-                React.createElement(min_max_button_js_1.MinMaxButton, { minimizedValue: "0" }, side === 'top' ? '↙' : '↖')))));
+                React.createElement(MinMaxButton, { minimizedValue: "0" }, side === 'top' ? '↙' : '↖')))));
 }
-exports.Impersonation = Impersonation;
 //# sourceMappingURL=impersonation.js.map

package/dist/esm/impersonation.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"impersonation.js","sourceRoot":"","sources":["../../src/impersonation.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAC/B,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAMnD,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,EAAE,IAAI,GAAG,QAAQ,EAAE,GAAG,KAAK,EAAsB;IACnF,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,GAAG,MAAM,QAAQ,EAAE,CAAC;IAEhE,IAAI,CAAC,YAAY;QAAE,OAAO,IAAI,CAAC;IAE/B,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAExG,OAAO,CACL,gCACM,KAAK,oCACsB,EAAE,EACjC,KAAK,EAAE;YACL,UAAU,EAAE,OAAO;YACnB,OAAO,EAAE,CAAC;YACV,eAAe,EAAE,MAAM;YACvB,QAAQ,EAAE,IAAI;YAEd,2DAA2D;YAC3D,gBAAgB,EAAE,GAAG;YACrB,QAAQ,EAAE,4DAA4D;YACtE,UAAU,EAAE,uDAAuD;YACnE,QAAQ,EAAE,4CAA4C;YACtD,SAAS,EAAE,mDAAmD;YAC9D,SAAS,EAAE,+CAA+C;YAE1D,GAAG,KAAK,CAAC,KAAK;SACf;QAED,6BACE,KAAK,EAAE;gBACL,iBAAiB,EAAE,yFAAyF;gBAC5G,UAAU,EAAE,UAAU;gBACtB,OAAO,EAAE,iCAAiC;gBAC1C,cAAc,EAAE,gCAAgC;gBAChD,WAAW,EAAE;;;MAGjB;gBACI,YAAY,EAAE,yCAAyC;aACxD,GACD;QAEF,6BACE,KAAK,EAAE;gBACL,OAAO,EAAE,MAAM;gBACf,cAAc,EAAE,QAAQ;gBAExB,QAAQ,EAAE,OAAO;gBACjB,IAAI,EAAE,CAAC;gBACP,KAAK,EAAE,CAAC;gBACR,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC;gBAC7C,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;gBAEnD,UAAU,EACR,wIAAwI;gBAC1I,QAAQ,EAAE,gCAAgC;gBAC1C,UAAU,EAAE,KAAK;aAClB;YAED,8BACE,MAAM,EAAE,KAAK,IAAI,EAAE;oBACjB,YAAY,CAAC;oBACb,MAAM,OAAO,EAAE,CAAC;gBAClB,CAAC,EACD,KAAK,EAAE;oBACL,OAAO,EAAE,MAAM;oBACf,UAAU,EAAE,UAAU;oBACtB,WAAW,EAAE,aAAa;oBAC1B,YAAY,EAAE,aAAa;oBAE3B,QAAQ,EAAE,UAAU;oBACpB,UAAU,EAAE,uBAAuB;oBACnC,WAAW,EAAE,uBAAuB;oBAEpC,aAAa,EAAE,MAAM;oBACrB,eAAe,EAAE,eAAe;oBAChC,WAAW,EAAE,OAAO;oBACpB,WAAW,EAAE,cAAc;oBAC3B,eAAe,EAAE,cAAc;oBAC/B,gBAAgB,EAAE,cAAc;oBAEhC,UAAU,EAAE,yCAAyC;oBACrD,SAAS,EAAE,iEAAiE;oBAC5E,OAAO,EAAE,+BAA+B;oBACxC,MAAM,EAAE,+BAA+B;oBAEvC,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI;wBACpB,UAAU,EAAE,CAAC;wBACb,aAAa,EAAE,aAAa;wBAC5B,cAAc,EAAE,CAAC;wBACjB,iBAAiB,EAAE,cAAc;wBACjC,sBAAsB,EAAE,aAAa;wBACrC,uBAAuB,EAAE,aAAa;qBACvC,CAAC;oBAEF,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI;wBACvB,UAAU,EAAE,aAAa;wBACzB,aAAa,EAAE,CAAC;wBAChB,cAAc,EAAE,cAAc;wBAC9B,iBAAiB,EAAE,CAAC;wBACpB,mBAAmB,EAAE,aAAa;wBAClC,oBAAoB,EAAE,aAAa;qBACpC,CAAC;iBACH;gBAED,2BAAG,KAAK,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE;;oBACxE,+BAAI,IAAI,CAAC,KAAK,CAAK;oBAAC,GAAG;oBAC5C,YAAY,KAAK,IAAI,IAAI,CACxB;;wBACa,+BAAI,YAAY,CAAC,IAAI,CAAK;wCACpC,CACJ,CACC;gBACJ,oBAAC,MAAM,IAAC,IAAI,EAAC,QAAQ,EAAC,KAAK,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE,WAAW,EAAE,aAAa,EAAE,WAEvF;gBACT,oBAAC,YAAY,IAAC,cAAc,EAAC,GAAG,IAAE,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAgB,CACvE;YAEP,6BACE,KAAK,EAAE;oBACL,OAAO,EAAE,aAAa;oBAEtB,QAAQ,EAAE,OAAO;oBACjB,KAAK,EAAE,aAAa;oBAEpB,aAAa,EAAE,MAAM;oBACrB,eAAe,EAAE,eAAe;oBAChC,MAAM,EAAE,iCAAiC;oBACzC,YAAY,EAAE,aAAa;oBAE3B,UAAU,EAAE,yCAAyC;oBACrD,SAAS,EAAE,gEAAgE;oBAC3E,OAAO,EAAE,qBAAqB;oBAC9B,MAAM,EAAE,qBAAqB;oBAE7B,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC;oBAC7C,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;iBACpD;gBAED,oBAAC,YAAY,IAAC,cAAc,EAAC,GAAG,IAAE,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAgB,CACxE,CACF,CACF,CACP,CAAC;AACJ,CAAC"}

package/dist/esm/index.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { handleAuth } from './authkit-callback-route.js';
+import { authkitMiddleware } from './middleware.js';
+import { withAuth, refreshSession, getSession } from './session.js';
+import { getSignInUrl, getSignUpUrl, signOut } from './auth.js';
+import { Impersonation } from './impersonation.js';
+import { AuthKitProvider } from './authkit-provider.js';
+export { handleAuth, authkitMiddleware, getSession, getSignInUrl, getSignUpUrl, withAuth, refreshSession, signOut, Impersonation, AuthKitProvider, };

package/dist/esm/index.js ADDED Viewed

@@ -0,0 +1,14 @@
+import { handleAuth } from './authkit-callback-route.js';
+import { authkitMiddleware } from './middleware.js';
+import { withAuth, refreshSession, getSession } from './session.js';
+import { getSignInUrl, getSignUpUrl, signOut } from './auth.js';
+import { Impersonation } from './impersonation.js';
+import { AuthKitProvider } from './authkit-provider.js';
+export { handleAuth,
+//
+authkitMiddleware, getSession,
+//
+getSignInUrl, getSignUpUrl, withAuth, refreshSession, signOut,
+//
+Impersonation, AuthKitProvider, };
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAExD,OAAO,EACL,UAAU;AACV,EAAE;AACF,iBAAiB,EACjB,UAAU;AACV,EAAE;AACF,YAAY,EACZ,YAAY,EACZ,QAAQ,EACR,cAAc,EACd,OAAO;AACP,EAAE;AACF,aAAa,EACb,eAAe,GAChB,CAAC"}

package/dist/{cjs → esm}/interfaces.d.ts RENAMED Viewed

@@ -39,6 +39,7 @@ export interface GetAuthURLOptions {
     screenHint?: 'sign-up' | 'sign-in';
     returnPathname?: string;
     organizationId?: string;
+    redirectUri?: string;
 }
 export interface AuthkitMiddlewareAuth {
     enabled: boolean;
@@ -47,4 +48,5 @@ export interface AuthkitMiddlewareAuth {
 export interface AuthkitMiddlewareOptions {
     debug?: boolean;
     middlewareAuth?: AuthkitMiddlewareAuth;
+    redirectUri?: string;
 }

package/dist/esm/interfaces.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=interfaces.js.map

package/dist/{cjs → esm}/middleware.d.ts RENAMED Viewed

@@ -1,3 +1,3 @@
 import { NextMiddleware } from 'next/server';
 import { AuthkitMiddlewareOptions } from './interfaces.js';
-export declare function authkitMiddleware({ debug, middlewareAuth, }?: AuthkitMiddlewareOptions): NextMiddleware;
+export declare function authkitMiddleware({ debug, middlewareAuth, redirectUri, }?: AuthkitMiddlewareOptions): NextMiddleware;

package/dist/esm/middleware.js ADDED Viewed

@@ -0,0 +1,7 @@
+import { updateSession } from './session.js';
+export function authkitMiddleware({ debug = false, middlewareAuth = { enabled: false, unauthenticatedPaths: [] }, redirectUri = '', } = {}) {
+    return function (request) {
+        return updateSession(request, debug, middlewareAuth, redirectUri);
+    };
+}
+//# sourceMappingURL=middleware.js.map

package/dist/esm/middleware.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG7C,MAAM,UAAU,iBAAiB,CAAC,EAChC,KAAK,GAAG,KAAK,EACb,cAAc,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,EAC7D,WAAW,GAAG,EAAE,MACY,EAAE;IAC9B,OAAO,UAAU,OAAO;QACtB,OAAO,aAAa,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC;IACpE,CAAC,CAAC;AACJ,CAAC"}

package/dist/esm/min-max-button.js ADDED Viewed

@@ -0,0 +1,10 @@
+'use client';
+import * as React from 'react';
+import { Button } from './button.js';
+export function MinMaxButton({ children, minimizedValue }) {
+    return (React.createElement(Button, { onClick: () => {
+            const root = document.querySelector('[data-workos-impersonation-root]');
+            root === null || root === void 0 ? void 0 : root.style.setProperty('--wi-minimized', minimizedValue);
+        }, style: { padding: 0, width: '1.714em' } }, children));
+}
+//# sourceMappingURL=min-max-button.js.map

package/dist/esm/min-max-button.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"min-max-button.js","sourceRoot":"","sources":["../../src/min-max-button.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAC/B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAOrC,MAAM,UAAU,YAAY,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAqB;IAC1E,OAAO,CACL,oBAAC,MAAM,IACL,OAAO,EAAE,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,QAAQ,CAAC,aAAa,CAAC,kCAAkC,CAAuB,CAAC;YAC9F,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK,CAAC,WAAW,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAC5D,CAAC,EACD,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,IAEtC,QAAQ,CACF,CACV,CAAC;AACJ,CAAC"}

package/dist/esm/session.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { AuthkitMiddlewareAuth, NoUserInfo, Session, UserInfo } from './interfaces.js';
+declare function encryptSession(session: Session): Promise<string>;
+declare function updateSession(request: NextRequest, debug: boolean, middlewareAuth: AuthkitMiddlewareAuth, redirectUri: string): Promise<NextResponse<unknown>>;
+declare function refreshSession(options?: {
+    organizationId?: string;
+    ensureSignedIn: false;
+}): Promise<UserInfo | NoUserInfo>;
+declare function refreshSession(options: {
+    organizationId?: string;
+    ensureSignedIn: true;
+}): Promise<UserInfo>;
+declare function withAuth(options?: {
+    ensureSignedIn: false;
+}): Promise<UserInfo | NoUserInfo>;
+declare function withAuth(options: {
+    ensureSignedIn: true;
+}): Promise<UserInfo>;
+declare function terminateSession(): Promise<void>;
+/**
+ * Retrieves the session from the cookie. Meant for use in the middleware, for client side use `withAuth` instead.
+ *
+ * @returns Session | undefined
+ */
+declare function getSession(response?: NextResponse): Promise<{
+    sessionId: string;
+    user: import("@workos-inc/node").User;
+    organizationId: string | undefined;
+    role: string | undefined;
+    permissions: string[] | undefined;
+    impersonator: import("./interfaces.js").Impersonator | undefined;
+    accessToken: string;
+} | undefined>;
+export { encryptSession, withAuth, refreshSession, terminateSession, updateSession, getSession };