npm - @workos-inc/authkit-nextjs - Versions diffs - 0.13.2 → 0.15.0 - Mend

@workos-inc/authkit-nextjs 0.13.2 → 0.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +31 -3
package/dist/esm/authkit-callback-route.js +16 -4
package/dist/esm/authkit-callback-route.js.map +1 -1
package/dist/esm/interfaces.d.ts +6 -1
package/dist/esm/middleware.d.ts +1 -1
package/dist/esm/middleware.js +2 -2
package/dist/esm/middleware.js.map +1 -1
package/dist/esm/session.d.ts +1 -1
package/dist/esm/session.js +30 -4
package/dist/esm/session.js.map +1 -1
package/dist/esm/workos.d.ts +1 -1
package/dist/esm/workos.js +1 -1
package/package.json +2 -2
package/src/authkit-callback-route.ts +16 -4
package/src/interfaces.ts +6 -1
package/src/middleware.ts +2 -1
package/src/session.ts +37 -3
package/src/workos.ts +1 -1

package/README.md CHANGED Viewed

@@ -80,6 +80,13 @@ You can also control the pathname the user will be sent to after signing-in by p
 export const GET = handleAuth({ returnPathname: '/dashboard' });
 ```
+`handleAuth` can be used with several options.
+| Option           | Default     | Description                                                                                                                                                                                           |
+| ---------------- | ----------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `returnPathname` | `/`         | The pathname to redirect the user to after signing in                                                                                                                                                 |
+| `baseURL`        | `undefined` | The base URL to use for the redirect URI instead of the one in the request. Useful if the app is being run in a container like docker where the hostname can be different from the one in the request |
 ### Middleware
 This library relies on [Next.js middleware](https://nextjs.org/docs/app/building-your-application/routing/middleware) to provide session management for routes. Put the following in your `middleware.ts` file in the root of your project:
@@ -94,6 +101,15 @@ export default authkitMiddleware();
 export const config = { matcher: ['/', '/admin'] };
 ```
+The middleware can be configured with several options.
+| Option           | Default     | Description                                                                                            |
+| ---------------- | ----------- | ------------------------------------------------------------------------------------------------------ |
+| `redirectUri`    | `undefined` | Used in cases where you need your redirect URI to be set dynamically (e.g. Vercel preview deployments) |
+| `middlewareAuth` | `undefined` | Used to configure middleware auth options. See [middleware auth](#middleware-auth) for more details.   |
+| `debug`          | `false`     | Enables debug logs.                                                                                    |
+| `signUpPaths`    | `[]`        | Used to specify paths that should use the 'sign-up' screen hint when redirecting to AuthKit.           |
 #### Custom redirect URI
 In cases where you need your redirect URI to be set dynamically (e.g. Vercel preview deployments), use the `redirectUri` option in `authkitMiddleware`:
@@ -212,11 +228,11 @@ Sometimes it's useful to check the user session if you want to compose custom mi
 ```ts
 import { authkitMiddleware, getSession } from '@workos-inc/authkit-nextjs';
-import { NextRequest } from 'next/server';
+import { NextRequest, NextFetchEvent } from 'next/server';
-export default async function middleware(request: NextRequest) {
+export default async function middleware(request: NextRequest, event: NextFetchEvent) {
   // authkitMiddleware will handle refreshing the session if the access token has expired
-  const response = await authkitMiddleware()(request);
+  const response = await authkitMiddleware()(request, event);
   // If session is undefined, the user is not authenticated
   const session = await getSession(response);
@@ -282,6 +298,18 @@ Use the `refreshSession` method in a server action or route handler to fetch the
 The `organizationId` parameter can be passed to `refreshSession` in order to switch the session to a different organization. If the current session is not authorized for the next organization, an appropriate [authentication error](https://workos.com/docs/reference/user-management/authentication-errors) will be returned.
+### Sign up paths
+The `signUpPaths` option can be passed to `authkitMiddleware` to specify paths that should use the 'sign-up' screen hint when redirecting to AuthKit. This is useful for cases where you want a path that mandates authentication to be treated as a sign up page.
+```ts
+import { authkitMiddleware } from '@workos-inc/authkit-nextjs';
+export default authkitMiddleware({
+  signUpPaths: ['/account/sign-up', '/dashboard/:path*'],
+});
+```
 ### Debugging
 To enable debug logs, initialize the middleware with the debug flag enabled.

package/dist/esm/authkit-callback-route.js CHANGED Viewed

@@ -5,7 +5,16 @@ import { WORKOS_CLIENT_ID, WORKOS_COOKIE_NAME } from './env-variables.js';
 import { encryptSession } from './session.js';
 import { getCookieOptions } from './cookie.js';
 export function handleAuth(options = {}) {
-    const { returnPathname: returnPathnameOption = '/' } = options;
+    const { returnPathname: returnPathnameOption = '/', baseURL } = options;
+    // Throw early if baseURL is provided but invalid
+    if (baseURL) {
+        try {
+            new URL(baseURL);
+        }
+        catch (error) {
+            throw new Error(`Invalid baseURL: ${baseURL}`, { cause: error });
+        }
+    }
     return async function GET(request) {
         const code = request.nextUrl.searchParams.get('code');
         const state = request.nextUrl.searchParams.get('state');
@@ -13,11 +22,14 @@ export function handleAuth(options = {}) {
         if (code) {
             try {
                 // Use the code returned to us by AuthKit and authenticate the user with WorkOS
-                const { accessToken, refreshToken, user, impersonator } = await workos.userManagement.authenticateWithCode({
+                const { accessToken, refreshToken, user, impersonator, oauthTokens } = await workos.userManagement.authenticateWithCode({
                     clientId: WORKOS_CLIENT_ID,
                     code,
                 });
-                const url = request.nextUrl.clone();
+                // If baseURL is provided, use it instead of request.nextUrl
+                // This is useful if the app is being run in a container like docker where
+                // the hostname can be different from the one in the request
+                const url = baseURL ? new URL(baseURL) : request.nextUrl.clone();
                 // Cleanup params
                 url.searchParams.delete('code');
                 url.searchParams.delete('state');
@@ -48,7 +60,7 @@ export function handleAuth(options = {}) {
                     throw new Error('response is missing tokens');
                 // The refreshToken should never be accesible publicly, hence why we encrypt it in the cookie session
                 // Alternatively you could persist the refresh token in a backend database
-                const session = await encryptSession({ accessToken, refreshToken, user, impersonator });
+                const session = await encryptSession({ accessToken, refreshToken, user, impersonator, oauthTokens });
                 const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
                 const nextCookies = await cookies();
                 nextCookies.set(cookieName, session, getCookieOptions(request.url));

package/dist/esm/authkit-callback-route.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authkit-callback-route.js","sourceRoot":"","sources":["../../src/authkit-callback-route.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAG/C,MAAM,UAAU,UAAU,CAAC,UAA6B,EAAE;IACxD,MAAM,EAAE,cAAc,EAAE,oBAAoB,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC;~~IAE/D~~,OAAO,KAAK,UAAU,GAAG,CAAC,OAAoB;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxD,IAAI,cAAc,GAAG,KAAK,IAAI,KAAK,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC;QAE/F,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC;gBACH,+EAA+E;gBAC/E,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC;~~oBACzG~~,QAAQ,EAAE,gBAAgB;oBAC1B,IAAI;iBACL,CAAC,CAAC;gBAEH,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;~~gBAEpC~~,iBAAiB;gBACjB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBAChC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAEjC,uDAAuD;gBACvD,cAAc,GAAG,cAAc,aAAd,cAAc,cAAd,cAAc,GAAI,oBAAoB,CAAC;gBAExD,gDAAgD;gBAChD,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,qBAAqB,CAAC,CAAC;oBAC9D,GAAG,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;oBAE/B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;wBAC/C,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,QAAQ,GAAG,cAAc,CAAC;gBAChC,CAAC;gBAED,mEAAmE;gBACnE,iCAAiC;gBACjC,MAAM,QAAQ,GAAG,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,QAAQ;oBACrC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC;oBAC5B,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE;wBACjB,MAAM,EAAE,GAAG;wBACX,OAAO,EAAE;4BACP,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE;yBACzB;qBACF,CAAC,CAAC;gBAEP,IAAI,CAAC,WAAW,IAAI,CAAC,YAAY;oBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;gBAEjF,qGAAqG;gBACrG,0EAA0E;gBAC1E,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;~~gBACxF~~,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;gBACvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;gBAEpC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,EAAE,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;gBAEpE,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG;oBACf,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;iBAC9D,CAAC;gBAEF,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAExB,OAAO,aAAa,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,OAAO,aAAa,EAAE,CAAC;IACzB,CAAC,CAAC;IAEF,SAAS,aAAa;QACpB,MAAM,SAAS,GAAG;YAChB,KAAK,EAAE;gBACL,OAAO,EAAE,sBAAsB;gBAC/B,WAAW,EAAE,8FAA8F;aAC5G;SACF,CAAC;QAEF,+DAA+D;QAC/D,iCAAiC;QACjC,OAAO,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,IAAI;YACvB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;YAC/C,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;gBACtC,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CAAC,CAAC;IACT,CAAC;AACH,CAAC"}
1	+ {"version":3,"file":"authkit-callback-route.js","sourceRoot":"","sources":["../../src/authkit-callback-route.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAG/C,MAAM,UAAU,UAAU,CAAC,UAA6B,EAAE;IACxD,MAAM,EAAE,cAAc,EAAE,oBAAoB,GAAG,GAAG,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAExE,iDAAiD;IACjD,IAAI,OAAO,EAAE,CAAC;QACZ,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;QACnB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,OAAO,KAAK,UAAU,GAAG,CAAC,OAAoB;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxD,IAAI,cAAc,GAAG,KAAK,IAAI,KAAK,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC;QAE/F,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC;gBACH,+EAA+E;gBAC/E,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC;oBACtH,QAAQ,EAAE,gBAAgB;oBAC1B,IAAI;iBACL,CAAC,CAAC;gBAEH,4DAA4D;gBAC5D,0EAA0E;gBAC1E,4DAA4D;gBAC5D,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAEjE,iBAAiB;gBACjB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBAChC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAEjC,uDAAuD;gBACvD,cAAc,GAAG,cAAc,aAAd,cAAc,cAAd,cAAc,GAAI,oBAAoB,CAAC;gBAExD,gDAAgD;gBAChD,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,qBAAqB,CAAC,CAAC;oBAC9D,GAAG,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;oBAE/B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;wBAC/C,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,QAAQ,GAAG,cAAc,CAAC;gBAChC,CAAC;gBAED,mEAAmE;gBACnE,iCAAiC;gBACjC,MAAM,QAAQ,GAAG,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,QAAQ;oBACrC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC;oBAC5B,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE;wBACjB,MAAM,EAAE,GAAG;wBACX,OAAO,EAAE;4BACP,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE;yBACzB;qBACF,CAAC,CAAC;gBAEP,IAAI,CAAC,WAAW,IAAI,CAAC,YAAY;oBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;gBAEjF,qGAAqG;gBACrG,0EAA0E;gBAC1E,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC,CAAC;gBACrG,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;gBACvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;gBAEpC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,EAAE,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;gBAEpE,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG;oBACf,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;iBAC9D,CAAC;gBAEF,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAExB,OAAO,aAAa,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,OAAO,aAAa,EAAE,CAAC;IACzB,CAAC,CAAC;IAEF,SAAS,aAAa;QACpB,MAAM,SAAS,GAAG;YAChB,KAAK,EAAE;gBACL,OAAO,EAAE,sBAAsB;gBAC/B,WAAW,EAAE,8FAA8F;aAC5G;SACF,CAAC;QAEF,+DAA+D;QAC/D,iCAAiC;QACjC,OAAO,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,IAAI;YACvB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;YAC/C,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;gBACtC,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CAAC,CAAC;IACT,CAAC;AACH,CAAC"}

package/dist/esm/interfaces.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
-import { User } from '@workos-inc/node';
+import { OauthTokens, User } from '@workos-inc/node';
 export interface HandleAuthOptions {
     returnPathname?: string;
+    baseURL?: string;
 }
 export interface Impersonator {
     email: string;
@@ -11,6 +12,7 @@ export interface Session {
     refreshToken: string;
     user: User;
     impersonator?: Impersonator;
+    oauthTokens?: OauthTokens;
 }
 export interface UserInfo {
     user: User;
@@ -19,6 +21,7 @@ export interface UserInfo {
     role?: string;
     permissions?: string[];
     impersonator?: Impersonator;
+    oauthTokens?: OauthTokens;
     accessToken: string;
 }
 export interface NoUserInfo {
@@ -28,6 +31,7 @@ export interface NoUserInfo {
     role?: undefined;
     permissions?: undefined;
     impersonator?: undefined;
+    oauthTokens?: undefined;
     accessToken?: undefined;
 }
 export interface AccessToken {
@@ -50,6 +54,7 @@ export interface AuthkitMiddlewareOptions {
     debug?: boolean;
     middlewareAuth?: AuthkitMiddlewareAuth;
     redirectUri?: string;
+    signUpPaths?: string[];
 }
 export interface CookieOptions {
     path: '/';

package/dist/esm/middleware.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
 import { NextMiddleware } from 'next/server';
 import { AuthkitMiddlewareOptions } from './interfaces.js';
-export declare function authkitMiddleware({ debug, middlewareAuth, redirectUri, }?: AuthkitMiddlewareOptions): NextMiddleware;
+export declare function authkitMiddleware({ debug, middlewareAuth, redirectUri, signUpPaths, }?: AuthkitMiddlewareOptions): NextMiddleware;

package/dist/esm/middleware.js CHANGED Viewed

@@ -1,8 +1,8 @@
 import { updateSession } from './session.js';
 import { WORKOS_REDIRECT_URI } from './env-variables.js';
-export function authkitMiddleware({ debug = false, middlewareAuth = { enabled: false, unauthenticatedPaths: [] }, redirectUri = WORKOS_REDIRECT_URI, } = {}) {
+export function authkitMiddleware({ debug = false, middlewareAuth = { enabled: false, unauthenticatedPaths: [] }, redirectUri = WORKOS_REDIRECT_URI, signUpPaths = [], } = {}) {
     return function (request) {
-        return updateSession(request, debug, middlewareAuth, redirectUri);
+        return updateSession(request, debug, middlewareAuth, redirectUri, signUpPaths);
     };
 }
 //# sourceMappingURL=middleware.js.map

package/dist/esm/middleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,MAAM,UAAU,iBAAiB,CAAC,EAChC,KAAK,GAAG,KAAK,EACb,cAAc,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,EAC7D,WAAW,GAAG,mBAAmB,~~MACL~~,EAAE;IAC9B,OAAO,UAAU,OAAO;QACtB,OAAO,aAAa,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC;~~IACpE~~,CAAC,CAAC;AACJ,CAAC"}
1	+ {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,MAAM,UAAU,iBAAiB,CAAC,EAChC,KAAK,GAAG,KAAK,EACb,cAAc,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,EAC7D,WAAW,GAAG,mBAAmB,EACjC,WAAW,GAAG,EAAE,MACY,EAAE;IAC9B,OAAO,UAAU,OAAO;QACtB,OAAO,aAAa,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;IACjF,CAAC,CAAC;AACJ,CAAC"}

package/dist/esm/session.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { NextRequest, NextResponse } from 'next/server';
 import { AuthkitMiddlewareAuth, NoUserInfo, Session, UserInfo } from './interfaces.js';
 declare function encryptSession(session: Session): Promise<string>;
-declare function updateSession(request: NextRequest, debug: boolean, middlewareAuth: AuthkitMiddlewareAuth, redirectUri: string): Promise<Response>;
+declare function updateSession(request: NextRequest, debug: boolean, middlewareAuth: AuthkitMiddlewareAuth, redirectUri: string, signUpPaths: string[]): Promise<Response>;
 declare function refreshSession(options?: {
     organizationId?: string;
     ensureSignedIn: false;

package/dist/esm/session.js CHANGED Viewed

@@ -12,11 +12,12 @@ import { parse, tokensToRegexp } from 'path-to-regexp';
 const sessionHeaderName = 'x-workos-session';
 const middlewareHeaderName = 'x-workos-middleware';
 const redirectUriHeaderName = 'x-redirect-uri';
+const signUpPathsHeaderName = 'x-sign-up-paths';
 const JWKS = createRemoteJWKSet(new URL(workos.userManagement.getJwksUrl(WORKOS_CLIENT_ID)));
 async function encryptSession(session) {
     return sealData(session, { password: WORKOS_COOKIE_PASSWORD });
 }
-async function updateSession(request, debug, middlewareAuth, redirectUri) {
+async function updateSession(request, debug, middlewareAuth, redirectUri, signUpPaths) {
     if (!redirectUri && !WORKOS_REDIRECT_URI) {
         throw new Error('You must provide a redirect URI in the AuthKit middleware or in the environment variables.');
     }
@@ -28,6 +29,10 @@ async function updateSession(request, debug, middlewareAuth, redirectUri) {
     newRequestHeaders.set('x-url', request.url);
     // Record that the request was routed through the middleware so we can check later for DX purposes
     newRequestHeaders.set(middlewareHeaderName, 'true');
+    // Record the sign up paths so we can use it later
+    if (signUpPaths.length > 0) {
+        newRequestHeaders.set(signUpPathsHeaderName, signUpPaths.join(','));
+    }
     let url;
     // If the redirect URI is set, store it in the headers so we can use it later
     if (redirectUri) {
@@ -61,6 +66,7 @@ async function updateSession(request, debug, middlewareAuth, redirectUri) {
         const redirectTo = await getAuthorizationUrl({
             returnPathname: getReturnPathname(request.url),
             redirectUri: redirectUri !== null && redirectUri !== void 0 ? redirectUri : WORKOS_REDIRECT_URI,
+            screenHint: getScreenHint(signUpPaths, request.nextUrl.pathname),
         });
         // Fall back to standard Response if NextResponse is not available.
         // This is to support Next.js 13.
@@ -109,6 +115,7 @@ async function updateSession(request, debug, middlewareAuth, redirectUri) {
             refreshToken,
             user,
             impersonator,
+            oauthTokens: session.oauthTokens
         });
         newRequestHeaders.set(sessionHeaderName, encryptedSession);
         const response = NextResponse.next({
@@ -180,10 +187,15 @@ function getMiddlewareAuthPathRegex(pathGlob) {
     }
 }
 async function redirectToSignIn() {
+    var _a, _b;
     const headersList = await headers();
-    const url = headersList.get('x-url');
-    const returnPathname = url ? getReturnPathname(url) : undefined;
-    redirect(await getAuthorizationUrl({ returnPathname }));
+    const url = (_a = headersList.get('x-url')) !== null && _a !== void 0 ? _a : '';
+    // Determine if the current route is in the sign up paths
+    const signUpPaths = (_b = headersList.get(signUpPathsHeaderName)) === null || _b === void 0 ? void 0 : _b.split(',');
+    const pathname = new URL(url).pathname;
+    const screenHint = getScreenHint(signUpPaths, pathname);
+    const returnPathname = url && getReturnPathname(url);
+    redirect(await getAuthorizationUrl({ returnPathname, screenHint }));
 }
 async function withAuth({ ensureSignedIn = false } = {}) {
     const session = await getSessionFromHeader();
@@ -201,6 +213,7 @@ async function withAuth({ ensureSignedIn = false } = {}) {
         role,
         permissions,
         impersonator: session.impersonator,
+        oauthTokens: session.oauthTokens,
         accessToken: session.accessToken,
     };
 }
@@ -268,5 +281,18 @@ function getReturnPathname(url) {
     const newUrl = new URL(url);
     return `${newUrl.pathname}${newUrl.searchParams.size > 0 ? '?' + newUrl.searchParams.toString() : ''}`;
 }
+function getScreenHint(signUpPaths, pathname) {
+    if (!signUpPaths)
+        return 'sign-in';
+    if (!Array.isArray(signUpPaths)) {
+        const pathRegex = getMiddlewareAuthPathRegex(signUpPaths);
+        return pathRegex.exec(pathname) ? 'sign-up' : 'sign-in';
+    }
+    const screenHintPaths = signUpPaths.filter((pathGlob) => {
+        const pathRegex = getMiddlewareAuthPathRegex(pathGlob);
+        return pathRegex.exec(pathname);
+    });
+    return screenHintPaths.length > 0 ? 'sign-up' : 'sign-in';
+}
 export { encryptSession, withAuth, refreshSession, terminateSession, updateSession, getSession };
 //# sourceMappingURL=session.js.map

package/dist/esm/session.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/session.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAChE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACvH,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAGjE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEvD,MAAM,iBAAiB,GAAG,kBAAkB,CAAC;AAC7C,MAAM,oBAAoB,GAAG,qBAAqB,CAAC;AACnD,MAAM,qBAAqB,GAAG,gBAAgB,CAAC;AAE/C,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;AAE7F,KAAK,UAAU,cAAc,CAAC,OAAgB;IAC5C,OAAO,QAAQ,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,sBAAsB,EAAE,CAAC,CAAC;AACjE,CAAC;AAED,KAAK,UAAU,aAAa,CAC1B,OAAoB,EACpB,KAAc,EACd,cAAqC,EACrC,WAAmB;IAEnB,IAAI,CAAC,WAAW,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;IAChH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,MAAM,iBAAiB,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAEvD,0FAA0F;IAC1F,qGAAqG;IACrG,gFAAgF;IAChF,iBAAiB,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAE5C,kGAAkG;IAClG,iBAAiB,CAAC,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAEpD,IAAI,GAAG,CAAC;IAER,6EAA6E;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,iBAAiB,CAAC,GAAG,CAAC,qBAAqB,EAAE,WAAW,CAAC,CAAC;QAC1D,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACrC,CAAC;IAED,iBAAiB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAE5C,IACE,cAAc,CAAC,OAAO;QACtB,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,QAAQ;QACzC,CAAC,cAAc,CAAC,oBAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAC3D,CAAC;QACD,qBAAqB;QACrB,qCAAqC;QACrC,kDAAkD;QAClD,6DAA6D;QAC7D,EAAE;QACF,mGAAmG;QACnG,4GAA4G;QAC5G,cAAc,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,YAAY,GAAa,cAAc,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QACrF,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QAEvD,OAAO,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,4GAA4G;IAC5G,IAAI,cAAc,CAAC,OAAO,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QACpE,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,2CAA2C,OAAO,CAAC,GAAG,0BAA0B,CAAC,CAAC;QAEzG,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC;YAC3C,cAAc,EAAE,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC;YAC9C,WAAW,EAAE,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,mBAAmB;SAChD,CAAC,CAAC;QAEH,mEAAmE;QACnE,iCAAiC;QACjC,OAAO,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,QAAQ;YAC3B,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC;YACnC,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE;gBACjB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE;oBACP,QAAQ,EAAE,UAAU;iBACrB;aACF,CAAC,CAAC;IACT,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,YAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACrE,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IAEvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IAEpC,IAAI,eAAe,EAAE,CAAC;QACpB,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAC3C,wEAAwE;QACxE,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC,KAAK,CAAC,CAAC;QAC7E,OAAO,YAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC;QACH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,yDAAyD,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAElH,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;QAE/E,kHAAkH;QAClH,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;YACjH,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,cAAc;SACf,CAAC,CAAC;QAEH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,gDAAgD,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAEjG,qDAAqD;QACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;YAC5C,WAAW;YACX,YAAY;YACZ,IAAI;YACJ,YAAY;SACb,CAAC,CAAC;QAEH,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;QACH,oBAAoB;QACpB,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC;QAClF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,qDAAqD,EAAE,CAAC,CAAC,CAAC;QACjF,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;QACH,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACpC,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC;AAOD,KAAK,UAAU,cAAc,CAAC,EAC5B,cAAc,EAAE,kBAAkB,EAClC,cAAc,GAAG,KAAK,MAIpB,EAAE;IACJ,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,6BAA6B,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAE9F,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;QACjH,QAAQ,EAAE,gBAAgB;QAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,cAAc,EAAE,kBAAkB,aAAlB,kBAAkB,cAAlB,kBAAkB,GAAI,6BAA6B;KACpE,CAAC,CAAC;IAEH,qDAAqD;IACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;QAC5C,WAAW;QACX,YAAY;QACZ,IAAI;QACJ,YAAY;KACb,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IAEvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAErE,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,SAAS,CAAc,WAAW,CAAC,CAAC;IAE1G,OAAO;QACL,SAAS;QACT,IAAI;QACJ,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,WAAW;KACZ,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CAAC,QAAgB;IAClD,IAAI,KAAa,CAAC;IAElB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,GAAG,CAAC,QAAS,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAEjD,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,KAAK,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAEtC,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAEjE,MAAM,IAAI,KAAK,CAAC,qDAAqD,OAAO,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,gBAAgB;IAC7B,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,cAAc,GAAG,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEhE,QAAQ,CAAC,MAAM,mBAAmB,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC;AAC1D,CAAC;AAID,KAAK,UAAU,QAAQ,CAAC,EAAE,cAAc,GAAG,KAAK,EAAE,GAAG,EAAE;IACrD,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAE7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAElH,OAAO;QACL,SAAS;QACT,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB;IAC7B,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,QAAQ,EAAE,CAAC;IACvC,IAAI,SAAS,EAAE,CAAC;QACd,QAAQ,CAAC,MAAM,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAC9D,CAAC;IACD,QAAQ,CAAC,GAAG,CAAC,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,WAAmB;IAClD,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB,CAAC,QAAuB;IACzD,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IACvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAEzF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,UAAU,CAAU,MAAM,CAAC,KAAK,EAAE;YACvC,QAAQ,EAAE,sBAAsB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,UAAU,CAAC,QAAuB;IAC/C,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAErD,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAEpC,IAAI,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QACjD,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;QAElH,OAAO;YACL,SAAS;YACT,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,cAAc;YACd,IAAI;YACJ,WAAW;YACX,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,aAAa,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAErE,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,iLAAiL,CACtN,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACtD,IAAI,CAAC,UAAU;QAAE,OAAO;IAExB,OAAO,UAAU,CAAU,UAAU,EAAE,EAAE,QAAQ,EAAE,sBAAsB,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAE5B,OAAO,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACzG,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,cAAc,EAAE,gBAAgB,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC"}
1	+ {"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/session.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAChE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACvH,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAGjE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEvD,MAAM,iBAAiB,GAAG,kBAAkB,CAAC;AAC7C,MAAM,oBAAoB,GAAG,qBAAqB,CAAC;AACnD,MAAM,qBAAqB,GAAG,gBAAgB,CAAC;AAC/C,MAAM,qBAAqB,GAAG,iBAAiB,CAAC;AAEhD,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;AAE7F,KAAK,UAAU,cAAc,CAAC,OAAgB;IAC5C,OAAO,QAAQ,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,sBAAsB,EAAE,CAAC,CAAC;AACjE,CAAC;AAED,KAAK,UAAU,aAAa,CAC1B,OAAoB,EACpB,KAAc,EACd,cAAqC,EACrC,WAAmB,EACnB,WAAqB;IAErB,IAAI,CAAC,WAAW,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;IAChH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,MAAM,iBAAiB,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAEvD,0FAA0F;IAC1F,qGAAqG;IACrG,gFAAgF;IAChF,iBAAiB,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAE5C,kGAAkG;IAClG,iBAAiB,CAAC,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAEpD,kDAAkD;IAClD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,iBAAiB,CAAC,GAAG,CAAC,qBAAqB,EAAE,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,GAAG,CAAC;IAER,6EAA6E;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,iBAAiB,CAAC,GAAG,CAAC,qBAAqB,EAAE,WAAW,CAAC,CAAC;QAC1D,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACrC,CAAC;IAED,iBAAiB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAE5C,IACE,cAAc,CAAC,OAAO;QACtB,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,QAAQ;QACzC,CAAC,cAAc,CAAC,oBAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAC3D,CAAC;QACD,qBAAqB;QACrB,qCAAqC;QACrC,kDAAkD;QAClD,6DAA6D;QAC7D,EAAE;QACF,mGAAmG;QACnG,4GAA4G;QAC5G,cAAc,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,YAAY,GAAa,cAAc,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QACrF,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QAEvD,OAAO,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,4GAA4G;IAC5G,IAAI,cAAc,CAAC,OAAO,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QACpE,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,2CAA2C,OAAO,CAAC,GAAG,0BAA0B,CAAC,CAAC;QAEzG,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC;YAC3C,cAAc,EAAE,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC;YAC9C,WAAW,EAAE,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,mBAAmB;YAC/C,UAAU,EAAE,aAAa,CAAC,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;SACjE,CAAC,CAAC;QAEH,mEAAmE;QACnE,iCAAiC;QACjC,OAAO,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,QAAQ;YAC3B,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC;YACnC,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE;gBACjB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE;oBACP,QAAQ,EAAE,UAAU;iBACrB;aACF,CAAC,CAAC;IACT,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,YAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACrE,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IAEvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IAEpC,IAAI,eAAe,EAAE,CAAC;QACpB,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAC3C,wEAAwE;QACxE,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC,KAAK,CAAC,CAAC;QAC7E,OAAO,YAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC;QACH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,yDAAyD,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAElH,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;QAE/E,kHAAkH;QAClH,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;YACjH,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,cAAc;SACf,CAAC,CAAC;QAEH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,gDAAgD,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAEjG,qDAAqD;QACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;YAC5C,WAAW;YACX,YAAY;YACZ,IAAI;YACJ,YAAY;YACZ,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAC;QAEH,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;QACH,oBAAoB;QACpB,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC;QAClF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,qDAAqD,EAAE,CAAC,CAAC,CAAC;QACjF,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;QACH,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACpC,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC;AAOD,KAAK,UAAU,cAAc,CAAC,EAC5B,cAAc,EAAE,kBAAkB,EAClC,cAAc,GAAG,KAAK,MAIpB,EAAE;IACJ,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,6BAA6B,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAE9F,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;QACjH,QAAQ,EAAE,gBAAgB;QAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,cAAc,EAAE,kBAAkB,aAAlB,kBAAkB,cAAlB,kBAAkB,GAAI,6BAA6B;KACpE,CAAC,CAAC;IAEH,qDAAqD;IACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;QAC5C,WAAW;QACX,YAAY;QACZ,IAAI;QACJ,YAAY;KACb,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IAEvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAErE,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,SAAS,CAAc,WAAW,CAAC,CAAC;IAE1G,OAAO;QACL,SAAS;QACT,IAAI;QACJ,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,WAAW;KACZ,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CAAC,QAAgB;IAClD,IAAI,KAAa,CAAC;IAElB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,GAAG,CAAC,QAAS,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAEjD,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,KAAK,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAEtC,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAEjE,MAAM,IAAI,KAAK,CAAC,qDAAqD,OAAO,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,gBAAgB;;IAC7B,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,MAAA,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,mCAAI,EAAE,CAAC;IAE3C,yDAAyD;IACzD,MAAM,WAAW,GAAG,MAAA,WAAW,CAAC,GAAG,CAAC,qBAAqB,CAAC,0CAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IAEvE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IACvC,MAAM,UAAU,GAAG,aAAa,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAExD,MAAM,cAAc,GAAG,GAAG,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAErD,QAAQ,CAAC,MAAM,mBAAmB,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;AACtE,CAAC;AAKD,KAAK,UAAU,QAAQ,CAAC,EAAE,cAAc,GAAG,KAAK,EAAE,GAAG,EAAE;IACrD,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAE7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAElH,OAAO;QACL,SAAS;QACT,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB;IAC7B,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,QAAQ,EAAE,CAAC;IACvC,IAAI,SAAS,EAAE,CAAC;QACd,QAAQ,CAAC,MAAM,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAC9D,CAAC;IACD,QAAQ,CAAC,GAAG,CAAC,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,WAAmB;IAClD,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB,CAAC,QAAuB;IACzD,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IACvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAEzF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,UAAU,CAAU,MAAM,CAAC,KAAK,EAAE;YACvC,QAAQ,EAAE,sBAAsB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,UAAU,CAAC,QAAuB;IAC/C,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAErD,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAEpC,IAAI,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QACjD,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;QAElH,OAAO;YACL,SAAS;YACT,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,cAAc;YACd,IAAI;YACJ,WAAW;YACX,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,aAAa,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAErE,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,iLAAiL,CACtN,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACtD,IAAI,CAAC,UAAU;QAAE,OAAO;IAExB,OAAO,UAAU,CAAU,UAAU,EAAE,EAAE,QAAQ,EAAE,sBAAsB,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAE5B,OAAO,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACzG,CAAC;AAED,SAAS,aAAa,CAAC,WAA0C,EAAE,QAAgB;IACjF,IAAI,CAAC,WAAW;QAAE,OAAO,SAAS,CAAC;IAEnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,MAAM,SAAS,GAAG,0BAA0B,CAAC,WAAW,CAAC,CAAC;QAC1D,OAAO,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IAC1D,CAAC;IAED,MAAM,eAAe,GAAa,WAAW,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QAChE,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QACvD,OAAO,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;AAC5D,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,cAAc,EAAE,gBAAgB,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC"}

package/dist/esm/workos.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
 import { WorkOS } from '@workos-inc/node';
-export declare const VERSION = "0.13.2";
+export declare const VERSION = "0.15.0";
 declare const workos: WorkOS;
 export { workos };

package/dist/esm/workos.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import { WorkOS } from '@workos-inc/node';
 import { WORKOS_API_HOSTNAME, WORKOS_API_KEY, WORKOS_API_HTTPS, WORKOS_API_PORT } from './env-variables.js';
-export const VERSION = '0.13.2';
+export const VERSION = '0.15.0';
 const options = {
     apiHostname: WORKOS_API_HOSTNAME,
     https: WORKOS_API_HTTPS ? WORKOS_API_HTTPS === 'true' : true,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@workos-inc/authkit-nextjs",
-  "version": "0.13.2",
+  "version": "0.15.0",
   "description": "Authentication and session helpers for using WorkOS & AuthKit with Next.js",
   "sideEffects": false,
   "type": "module",
@@ -21,7 +21,7 @@
     "test": "echo \"Error: no test specified\" && exit 1"
   },
   "dependencies": {
-    "@workos-inc/node": "^7.29.0",
+    "@workos-inc/node": "^7.31.0",
     "iron-session": "^8.0.1",
     "jose": "^5.2.3",
     "path-to-regexp": "^6.2.2"

package/src/authkit-callback-route.ts CHANGED Viewed

@@ -7,7 +7,16 @@ import { getCookieOptions } from './cookie.js';
 import { HandleAuthOptions } from './interfaces.js';
 export function handleAuth(options: HandleAuthOptions = {}) {
-  const { returnPathname: returnPathnameOption = '/' } = options;
+  const { returnPathname: returnPathnameOption = '/', baseURL } = options;
+  // Throw early if baseURL is provided but invalid
+  if (baseURL) {
+    try {
+      new URL(baseURL);
+    } catch (error) {
+      throw new Error(`Invalid baseURL: ${baseURL}`, { cause: error });
+    }
+  }
   return async function GET(request: NextRequest) {
     const code = request.nextUrl.searchParams.get('code');
@@ -17,12 +26,15 @@ export function handleAuth(options: HandleAuthOptions = {}) {
     if (code) {
       try {
         // Use the code returned to us by AuthKit and authenticate the user with WorkOS
-        const { accessToken, refreshToken, user, impersonator } = await workos.userManagement.authenticateWithCode({
+        const { accessToken, refreshToken, user, impersonator, oauthTokens } = await workos.userManagement.authenticateWithCode({
           clientId: WORKOS_CLIENT_ID,
           code,
         });
-        const url = request.nextUrl.clone();
+        // If baseURL is provided, use it instead of request.nextUrl
+        // This is useful if the app is being run in a container like docker where
+        // the hostname can be different from the one in the request
+        const url = baseURL ? new URL(baseURL) : request.nextUrl.clone();
         // Cleanup params
         url.searchParams.delete('code');
@@ -58,7 +70,7 @@ export function handleAuth(options: HandleAuthOptions = {}) {
         // The refreshToken should never be accesible publicly, hence why we encrypt it in the cookie session
         // Alternatively you could persist the refresh token in a backend database
-        const session = await encryptSession({ accessToken, refreshToken, user, impersonator });
+        const session = await encryptSession({ accessToken, refreshToken, user, impersonator, oauthTokens });
         const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
         const nextCookies = await cookies();

package/src/interfaces.ts CHANGED Viewed

@@ -1,7 +1,8 @@
-import { User } from '@workos-inc/node';
+import { OauthTokens, User } from '@workos-inc/node';
 export interface HandleAuthOptions {
   returnPathname?: string;
+  baseURL?: string;
 }
 export interface Impersonator {
@@ -13,6 +14,7 @@ export interface Session {
   refreshToken: string;
   user: User;
   impersonator?: Impersonator;
+  oauthTokens?: OauthTokens;
 }
 export interface UserInfo {
@@ -22,6 +24,7 @@ export interface UserInfo {
   role?: string;
   permissions?: string[];
   impersonator?: Impersonator;
+  oauthTokens?: OauthTokens;
   accessToken: string;
 }
 export interface NoUserInfo {
@@ -31,6 +34,7 @@ export interface NoUserInfo {
   role?: undefined;
   permissions?: undefined;
   impersonator?: undefined;
+  oauthTokens?: undefined;
   accessToken?: undefined;
 }
@@ -57,6 +61,7 @@ export interface AuthkitMiddlewareOptions {
   debug?: boolean;
   middlewareAuth?: AuthkitMiddlewareAuth;
   redirectUri?: string;
+  signUpPaths?: string[];
 }
 export interface CookieOptions {

package/src/middleware.ts CHANGED Viewed

@@ -7,8 +7,9 @@ export function authkitMiddleware({
   debug = false,
   middlewareAuth = { enabled: false, unauthenticatedPaths: [] },
   redirectUri = WORKOS_REDIRECT_URI,
+  signUpPaths = [],
 }: AuthkitMiddlewareOptions = {}): NextMiddleware {
   return function (request) {
-    return updateSession(request, debug, middlewareAuth, redirectUri);
+    return updateSession(request, debug, middlewareAuth, redirectUri, signUpPaths);
   };
 }

package/src/session.ts CHANGED Viewed

@@ -16,6 +16,7 @@ import { parse, tokensToRegexp } from 'path-to-regexp';
 const sessionHeaderName = 'x-workos-session';
 const middlewareHeaderName = 'x-workos-middleware';
 const redirectUriHeaderName = 'x-redirect-uri';
+const signUpPathsHeaderName = 'x-sign-up-paths';
 const JWKS = createRemoteJWKSet(new URL(workos.userManagement.getJwksUrl(WORKOS_CLIENT_ID)));
@@ -28,6 +29,7 @@ async function updateSession(
   debug: boolean,
   middlewareAuth: AuthkitMiddlewareAuth,
   redirectUri: string,
+  signUpPaths: string[],
 ) {
   if (!redirectUri && !WORKOS_REDIRECT_URI) {
     throw new Error('You must provide a redirect URI in the AuthKit middleware or in the environment variables.');
@@ -44,6 +46,11 @@ async function updateSession(
   // Record that the request was routed through the middleware so we can check later for DX purposes
   newRequestHeaders.set(middlewareHeaderName, 'true');
+  // Record the sign up paths so we can use it later
+  if (signUpPaths.length > 0) {
+    newRequestHeaders.set(signUpPathsHeaderName, signUpPaths.join(','));
+  }
   let url;
   // If the redirect URI is set, store it in the headers so we can use it later
@@ -84,6 +91,7 @@ async function updateSession(
     const redirectTo = await getAuthorizationUrl({
       returnPathname: getReturnPathname(request.url),
       redirectUri: redirectUri ?? WORKOS_REDIRECT_URI,
+      screenHint: getScreenHint(signUpPaths, request.nextUrl.pathname),
     });
     // Fall back to standard Response if NextResponse is not available.
@@ -139,6 +147,7 @@ async function updateSession(
       refreshToken,
       user,
       impersonator,
+      oauthTokens: session.oauthTokens
     });
     newRequestHeaders.set(sessionHeaderName, encryptedSession);
@@ -236,13 +245,21 @@ function getMiddlewareAuthPathRegex(pathGlob: string) {
 async function redirectToSignIn() {
   const headersList = await headers();
-  const url = headersList.get('x-url');
-  const returnPathname = url ? getReturnPathname(url) : undefined;
+  const url = headersList.get('x-url') ?? '';
+  // Determine if the current route is in the sign up paths
+  const signUpPaths = headersList.get(signUpPathsHeaderName)?.split(',');
-  redirect(await getAuthorizationUrl({ returnPathname }));
+  const pathname = new URL(url).pathname;
+  const screenHint = getScreenHint(signUpPaths, pathname);
+  const returnPathname = url && getReturnPathname(url);
+  redirect(await getAuthorizationUrl({ returnPathname, screenHint }));
 }
 async function withAuth(options?: { ensureSignedIn: false }): Promise<UserInfo | NoUserInfo>;
+// @ts-expect-error - TS complains about the overload signature when we have more than 2 optional properties
 async function withAuth(options: { ensureSignedIn: true }): Promise<UserInfo>;
 async function withAuth({ ensureSignedIn = false } = {}) {
   const session = await getSessionFromHeader();
@@ -263,6 +280,7 @@ async function withAuth({ ensureSignedIn = false } = {}) {
     role,
     permissions,
     impersonator: session.impersonator,
+    oauthTokens: session.oauthTokens,
     accessToken: session.accessToken,
   };
 }
@@ -344,4 +362,20 @@ function getReturnPathname(url: string): string {
   return `${newUrl.pathname}${newUrl.searchParams.size > 0 ? '?' + newUrl.searchParams.toString() : ''}`;
 }
+function getScreenHint(signUpPaths: string[] | string | undefined, pathname: string) {
+  if (!signUpPaths) return 'sign-in';
+  if (!Array.isArray(signUpPaths)) {
+    const pathRegex = getMiddlewareAuthPathRegex(signUpPaths);
+    return pathRegex.exec(pathname) ? 'sign-up' : 'sign-in';
+  }
+  const screenHintPaths: string[] = signUpPaths.filter((pathGlob) => {
+    const pathRegex = getMiddlewareAuthPathRegex(pathGlob);
+    return pathRegex.exec(pathname);
+  });
+  return screenHintPaths.length > 0 ? 'sign-up' : 'sign-in';
+}
 export { encryptSession, withAuth, refreshSession, terminateSession, updateSession, getSession };

package/src/workos.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { WorkOS } from '@workos-inc/node';
 import { WORKOS_API_HOSTNAME, WORKOS_API_KEY, WORKOS_API_HTTPS, WORKOS_API_PORT } from './env-variables.js';
-export const VERSION = '0.13.2';
+export const VERSION = '0.15.0';
 const options = {
   apiHostname: WORKOS_API_HOSTNAME,