@workos-inc/authkit-nextjs 0.17.2 → 1.0.0

package/README.md

@@ -143,10 +143,10 @@ Custom redirect URIs will be used over a redirect URI configured in the environm
 
 ### Wrap your app in `AuthKitProvider`
 
-Use `AuthKitProvider` to wrap your app layout, which adds some protections for auth edge cases.
+Use `AuthKitProvider` to wrap your app layout, which provides client side auth methods adds protections for auth edge cases.
 
 ```jsx
-import { AuthKitProvider } from '@workos-inc/authkit-nextjs';
+import { AuthKitProvider } from '@workos-inc/authkit-nextjs/components';
 
 export default function RootLayout({ children }: { children: React.ReactNode }) {
   return (
@@ -159,9 +159,9 @@ export default function RootLayout({ children }: { children: React.ReactNode })
 }
 ```
 
-### Get the current user
+### Get the current user in a server component
 
-For pages where you want to display a signed-in and signed-out view, use `withAuth` to retrieve the user profile from WorkOS.
+For pages where you want to display a signed-in and signed-out view, use `withAuth` to retrieve the user session from WorkOS.
 
 ```jsx
 import Link from 'next/link';
@@ -200,16 +200,84 @@ export default async function HomePage() {
 }
 ```
 
+### Get the current user in a client component
+
+For client components, use the `useAuth` hook to get the current user session.
+
+```jsx
+// Note the updated import path
+import { useAuth } from '@workos-inc/authkit-nextjs/components';
+
+export default function MyComponent() {
+  // Retrieves the user from the session or returns `null` if no user is signed in
+  const { user, loading } = useAuth();
+
+  if (loading) {
+    return <div>Loading...</div>;
+  }
+
+  return <div>{user?.firstName}</div>;
+}
+```
+
 ### Requiring auth
 
 For pages where a signed-in user is mandatory, you can use the `ensureSignedIn` option:
 
 ```jsx
+// Server component
 const { user } = await withAuth({ ensureSignedIn: true });
+
+// Client component
+const { user, loading } = useAuth({ ensureSignedIn: true });
 ```
 
 Enabling `ensureSignedIn` will redirect users to AuthKit if they attempt to access the page without being authenticated.
 
+### Refreshing the session
+
+Use the `refreshSession` method in a server action or route handler to fetch the latest session details, including any changes to the user's roles or permissions.
+
+The `organizationId` parameter can be passed to `refreshSession` in order to switch the session to a different organization. If the current session is not authorized for the next organization, an appropriate [authentication error](https://workos.com/docs/reference/user-management/authentication-errors) will be returned.
+
+In client components, you can refresh the session with the `refreshAuth` hook.
+
+```tsx
+'use client';
+
+import { useAuth } from '@workos-inc/authkit-nextjs/components';
+import React, { useEffect } from 'react';
+
+export function SwitchOrganizationButton() {
+  const { user, organizationId, loading, refreshAuth } = useAuth();
+
+  useEffect(() => {
+    // This will log out the new organizationId after refreshing the session
+    console.log('organizationId', organizationId);
+  }, [organizationId]);
+
+  if (loading) {
+    return <div>Loading...</div>;
+  }
+
+  const handleRefreshSession = async () => {
+    const result = await refreshAuth({
+      // Provide the organizationId to switch to
+      organizationId: 'org_123',
+    });
+    if (result?.error) {
+      console.log('Error refreshing session:', result.error);
+    }
+  };
+
+  if (user) {
+    return <button onClick={handleRefreshSession}>Refresh session</button>;
+  } else {
+    return <div>Not signed in</div>;
+  }
+}
+```
+
 ### Middleware auth
 
 The default behavior of this library is to request authentication via the `withAuth` method on a per-page basis. There are some use cases where you don't want to call `withAuth` (e.g. you don't need user data for your page) or if you'd prefer a "secure by default" approach where every route defined in your middleware matcher is protected unless specified otherwise. In those cases you can opt-in to use middleware auth instead:
@@ -233,27 +301,36 @@ In the above example the `/admin` page will require a user to be signed in, wher
 
 `unauthenticatedPaths` uses the same glob logic as the [Next.js matcher](https://nextjs.org/docs/pages/building-your-application/routing/middleware#matcher).
 
-### Retrieve session in middleware
+### Composing middleware
 
-Sometimes it's useful to check the user session if you want to compose custom middleware. The `getSession` helper method will retrieve the session from the cookie and verify the access token.
+If you don't want to use `authkitMiddleware` and instead want to compose your own middleware, you can use the `authkit` method. In this mode you are responsible to handling what to do when there's no session on a protected route.
 
 ```ts
-import { authkitMiddleware, getSession } from '@workos-inc/authkit-nextjs';
-import { NextRequest, NextFetchEvent } from 'next/server';
+export default async function middleware(request: NextRequest) {
+  // Perform logic before or after AuthKit
 
-export default async function middleware(request: NextRequest, event: NextFetchEvent) {
-  // authkitMiddleware will handle refreshing the session if the access token has expired
-  const response = await authkitMiddleware()(request, event);
+  // Auth object contains the session, response headers and an auhorization URL in the case that the session isn't valid
+  // This method will automatically handle setting the cookie and refreshing the session
+  const { session, headers, authorizationUrl } = await authkit(request, {
+    debug: true,
+  });
 
-  // If session is undefined, the user is not authenticated
-  const session = await getSession(response);
+  // Control of what to do when there's no session on a protected route is left to the developer
+  if (request.url.includes('/account') && !session.user) {
+    console.log('No session on protected path');
+    return NextResponse.redirect(authorizationUrl);
 
-  // ...add additional middleware logic here
+    // Alternatively you could redirect to your own login page, for example if you want to use your own UI instead of hosted AuthKit
+    return NextResponse.redirect('/login');
+  }
 
-  return response;
+  // Headers from the authkit response need to be included in every non-redirect response to ensure that `withAuth` works as expected
+  return NextResponse.next({
+    headers: headers,
+  });
 }
 
-// Match against pages that require auth
+// Match against the pages
 export const config = { matcher: ['/', '/account/:path*'] };
 ```
 
@@ -267,13 +344,15 @@ Render the `Impersonation` component in your app so that it is clear when someon
 The component will display a frame with some information about the impersonated user, as well as a button to stop impersonating.
 
 ```jsx
-import { Impersonation } from '@workos-inc/authkit-nextjs';
+import { Impersonation, AuthKitProvider } from '@workos-inc/authkit-nextjs/components';
 
 export default function App() {
   return (
     <div>
-      <Impersonation />
-      {/* Your app content */}
+      <AuthKitProvider>
+        <Impersonation />
+        {/* Your app content */}
+      </AuthKitProvider>
     </div>
   );
 }
@@ -303,12 +382,6 @@ export default async function HomePage() {
 }
 ```
 
-### Refreshing the session
-
-Use the `refreshSession` method in a server action or route handler to fetch the latest session details, including any changes to the user's roles or permissions.
-
-The `organizationId` parameter can be passed to `refreshSession` in order to switch the session to a different organization. If the current session is not authorized for the next organization, an appropriate [authentication error](https://workos.com/docs/reference/user-management/authentication-errors) will be returned.
-
 ### Sign up paths
 
 The `signUpPaths` option can be passed to `authkitMiddleware` to specify paths that should use the 'sign-up' screen hint when redirecting to AuthKit. This is useful for cases where you want a path that mandates authentication to be treated as a sign up page.
@@ -336,3 +409,7 @@ export default authkitMiddleware({ debug: true });
 #### NEXT_REDIRECT error when using try/catch blocks
 
 Wrapping a `withAuth({ ensureSignedIn: true })` call in a try/catch block will cause a `NEXT_REDIRECT` error. This is because `withAuth` will attempt to redirect the user to AuthKit if no session is detected and redirects in Next must be [called outside a try/catch](https://nextjs.org/docs/app/building-your-application/data-fetching/server-actions-and-mutations#redirecting).
+
+#### Module build failed: UnhandledSchemeError: Reading from "node:crypto" is not handled by plugins (Unhandled scheme).
+
+You may encounter this error if you attempt to import server side code from authkit-nextjs into a client component. Likely you are using `withAuth` in a client component instead of the `useAuth` hook. Either move the code to a server component or use the `useAuth` hook.

package/dist/esm/actions.js

@@ -1,5 +1,7 @@
 'use server';
 import { signOut } from './auth.js';
+import { refreshSession, withAuth } from './session.js';
+import { workos } from './workos.js';
 /**
  * This action is only accessible to authenticated users,
  * there is no need to check the session here as the middleware will
@@ -11,4 +13,13 @@ export const checkSessionAction = async () => {
 export const handleSignOutAction = async () => {
     await signOut();
 };
+export const getOrganizationAction = async (organizationId) => {
+    return await workos.organizations.getOrganization(organizationId);
+};
+export const getAuthAction = async (ensureSignedIn) => {
+    return await withAuth({ ensureSignedIn: ensureSignedIn });
+};
+export const refreshAuthAction = async ({ ensureSignedIn, organizationId, }) => {
+    return await refreshSession({ ensureSignedIn, organizationId });
+};
 //# sourceMappingURL=actions.js.map

package/dist/esm/actions.js.map

@@ -1 +1 @@
-{"version":3,"file":"actions.js","sourceRoot":"","sources":["../../src/actions.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC;;;;GAIG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,IAAI,EAAE;IAC3C,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,IAAI,EAAE;IAC5C,MAAM,OAAO,EAAE,CAAC;AAClB,CAAC,CAAC"}
+{"version":3,"file":"actions.js","sourceRoot":"","sources":["../../src/actions.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC;;;;GAIG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,IAAI,EAAE;IAC3C,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,IAAI,EAAE;IAC5C,MAAM,OAAO,EAAE,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EAAE,cAAsB,EAAE,EAAE;IACpE,OAAO,MAAM,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;AACpE,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAAE,cAAwB,EAAE,EAAE;IAC9D,OAAO,MAAM,QAAQ,CAAC,EAAE,cAAc,EAAE,cAAuB,EAAE,CAAC,CAAC;AACrE,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EAAE,EACtC,cAAc,EACd,cAAc,GAIf,EAAE,EAAE;IACH,OAAO,MAAM,cAAc,CAAC,EAAE,cAAc,EAAE,cAAc,EAAE,CAAC,CAAC;AAClE,CAAC,CAAC"}

package/dist/esm/components/authkit-provider.js

@@ -0,0 +1,128 @@
+'use client';
+import React, { createContext, useContext, useEffect, useState } from 'react';
+import { checkSessionAction, getAuthAction, refreshAuthAction } from '../actions.js';
+const AuthContext = createContext(undefined);
+export const AuthKitProvider = ({ children, onSessionExpired }) => {
+    const [user, setUser] = useState(null);
+    const [sessionId, setSessionId] = useState(undefined);
+    const [organizationId, setOrganizationId] = useState(undefined);
+    const [role, setRole] = useState(undefined);
+    const [permissions, setPermissions] = useState(undefined);
+    const [entitlements, setEntitlements] = useState(undefined);
+    const [impersonator, setImpersonator] = useState(undefined);
+    const [accessToken, setAccessToken] = useState(undefined);
+    const [loading, setLoading] = useState(true);
+    const getAuth = async ({ ensureSignedIn = false } = {}) => {
+        try {
+            const auth = await getAuthAction(ensureSignedIn);
+            setUser(auth.user);
+            setSessionId(auth.sessionId);
+            setOrganizationId(auth.organizationId);
+            setRole(auth.role);
+            setPermissions(auth.permissions);
+            setEntitlements(auth.entitlements);
+            setImpersonator(auth.impersonator);
+            setAccessToken(auth.accessToken);
+        }
+        catch (error) {
+            setUser(null);
+            setSessionId(undefined);
+            setOrganizationId(undefined);
+            setRole(undefined);
+            setPermissions(undefined);
+            setEntitlements(undefined);
+            setImpersonator(undefined);
+            setAccessToken(undefined);
+        }
+        finally {
+            setLoading(false);
+        }
+    };
+    const refreshAuth = async ({ ensureSignedIn = false, organizationId, } = {}) => {
+        try {
+            setLoading(true);
+            const auth = await refreshAuthAction({ ensureSignedIn, organizationId });
+            setUser(auth.user);
+            setSessionId(auth.sessionId);
+            setOrganizationId(auth.organizationId);
+            setRole(auth.role);
+            setPermissions(auth.permissions);
+            setEntitlements(auth.entitlements);
+            setImpersonator(auth.impersonator);
+            setAccessToken(auth.accessToken);
+        }
+        catch (error) {
+            return error instanceof Error ? { error: error.message } : { error: String(error) };
+        }
+        finally {
+            setLoading(false);
+        }
+    };
+    useEffect(() => {
+        getAuth();
+        // Return early if the session expired checks are disabled.
+        if (onSessionExpired === false) {
+            return;
+        }
+        let visibilityChangedCalled = false;
+        const handleVisibilityChange = async () => {
+            if (visibilityChangedCalled) {
+                return;
+            }
+            // In the case where we're using middleware auth mode, a user that has signed out in a different tab
+            // will run into an issue if they attempt to hit a server action in the original tab.
+            // This will force a refresh of the page in that case, which will redirect them to the sign-in page.
+            if (document.visibilityState === 'visible') {
+                visibilityChangedCalled = true;
+                try {
+                    const hasSession = await checkSessionAction();
+                    if (!hasSession) {
+                        throw new Error('Session expired');
+                    }
+                }
+                catch (error) {
+                    // 'Failed to fetch' is the error we are looking for if the action fails
+                    // If any other error happens, for other reasons, we should not reload the page
+                    if (error instanceof Error && error.message.includes('Failed to fetch')) {
+                        if (onSessionExpired) {
+                            onSessionExpired();
+                        }
+                        else {
+                            window.location.reload();
+                        }
+                    }
+                }
+                finally {
+                    visibilityChangedCalled = false;
+                }
+            }
+        };
+        window.addEventListener('visibilitychange', handleVisibilityChange);
+        window.addEventListener('focus', handleVisibilityChange);
+        return () => {
+            window.removeEventListener('focus', handleVisibilityChange);
+            window.removeEventListener('visibilitychange', handleVisibilityChange);
+        };
+    }, [onSessionExpired]);
+    return (React.createElement(AuthContext.Provider, { value: {
+            user,
+            sessionId,
+            organizationId,
+            role,
+            permissions,
+            entitlements,
+            impersonator,
+            accessToken,
+            loading,
+            getAuth,
+            refreshAuth,
+        } }, children));
+};
+export function useAuth() {
+    const context = useContext(AuthContext);
+    if (!context) {
+        throw new Error('useAuth must be used within an AuthKitProvider');
+    }
+    return context;
+}
+//# sourceMappingURL=authkit-provider.js.map

package/dist/esm/components/authkit-provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authkit-provider.js","sourceRoot":"","sources":["../../../src/components/authkit-provider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAa,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACzF,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAiBrF,MAAM,WAAW,GAAG,aAAa,CAA8B,SAAS,CAAC,CAAC;AAW1E,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,EAAE,QAAQ,EAAE,gBAAgB,EAAwB,EAAE,EAAE;IACtF,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAc,IAAI,CAAC,CAAC;IACpD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAqB,SAAS,CAAC,CAAC;IAC1E,MAAM,CAAC,cAAc,EAAE,iBAAiB,CAAC,GAAG,QAAQ,CAAqB,SAAS,CAAC,CAAC;IACpF,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAqB,SAAS,CAAC,CAAC;IAChE,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAuB,SAAS,CAAC,CAAC;IAChF,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAuB,SAAS,CAAC,CAAC;IAClF,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAA2B,SAAS,CAAC,CAAC;IACtF,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAqB,SAAS,CAAC,CAAC;IAC9E,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAE7C,MAAM,OAAO,GAAG,KAAK,EAAE,EAAE,cAAc,GAAG,KAAK,KAAmC,EAAE,EAAE,EAAE;QACtF,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,CAAC;YACjD,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnB,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC7B,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YACvC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnB,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjC,eAAe,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACnC,eAAe,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACnC,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC;YACd,YAAY,CAAC,SAAS,CAAC,CAAC;YACxB,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAC7B,OAAO,CAAC,SAAS,CAAC,CAAC;YACnB,cAAc,CAAC,SAAS,CAAC,CAAC;YAC1B,eAAe,CAAC,SAAS,CAAC,CAAC;YAC3B,eAAe,CAAC,SAAS,CAAC,CAAC;YAC3B,cAAc,CAAC,SAAS,CAAC,CAAC;QAC5B,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;IACH,CAAC,CAAC;IAEF,MAAM,WAAW,GAAG,KAAK,EAAE,EACzB,cAAc,GAAG,KAAK,EACtB,cAAc,MAC2C,EAAE,EAAE,EAAE;QAC/D,IAAI,CAAC;YACH,UAAU,CAAC,IAAI,CAAC,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,iBAAiB,CAAC,EAAE,cAAc,EAAE,cAAc,EAAE,CAAC,CAAC;YAEzE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnB,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC7B,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YACvC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnB,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjC,eAAe,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACnC,eAAe,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACnC,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QACtF,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;IACH,CAAC,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,EAAE,CAAC;QAEV,2DAA2D;QAC3D,IAAI,gBAAgB,KAAK,KAAK,EAAE,CAAC;YAC/B,OAAO;QACT,CAAC;QAED,IAAI,uBAAuB,GAAG,KAAK,CAAC;QAEpC,MAAM,sBAAsB,GAAG,KAAK,IAAI,EAAE;YACxC,IAAI,uBAAuB,EAAE,CAAC;gBAC5B,OAAO;YACT,CAAC;YAED,oGAAoG;YACpG,qFAAqF;YACrF,oGAAoG;YACpG,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;gBAC3C,uBAAuB,GAAG,IAAI,CAAC;gBAE/B,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,MAAM,kBAAkB,EAAE,CAAC;oBAC9C,IAAI,CAAC,UAAU,EAAE,CAAC;wBAChB,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;oBACrC,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,wEAAwE;oBACxE,+EAA+E;oBAC/E,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;wBACxE,IAAI,gBAAgB,EAAE,CAAC;4BACrB,gBAAgB,EAAE,CAAC;wBACrB,CAAC;6BAAM,CAAC;4BACN,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;wBAC3B,CAAC;oBACH,CAAC;gBACH,CAAC;wBAAS,CAAC;oBACT,uBAAuB,GAAG,KAAK,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,sBAAsB,CAAC,CAAC;QACpE,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;QAEzD,OAAO,GAAG,EAAE;YACV,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;YAC5D,MAAM,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,sBAAsB,CAAC,CAAC;QACzE,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAEvB,OAAO,CACL,oBAAC,WAAW,CAAC,QAAQ,IACnB,KAAK,EAAE;YACL,IAAI;YACJ,SAAS;YACT,cAAc;YACd,IAAI;YACJ,WAAW;YACX,YAAY;YACZ,YAAY;YACZ,WAAW;YACX,OAAO;YACP,OAAO;YACP,WAAW;SACZ,IAEA,QAAQ,CACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,UAAU,OAAO;IACrB,MAAM,OAAO,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;IACxC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/esm/components/button.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"button.js","sourceRoot":"","sources":["../../../src/components/button.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAE/B,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAA8D,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE;IACnH,OAAO,CACL,gCACE,GAAG,EAAE,YAAY,EACjB,IAAI,EAAC,QAAQ,KACT,KAAK,EACT,KAAK,EAAE;YACL,OAAO,EAAE,aAAa;YACtB,UAAU,EAAE,QAAQ;YACpB,cAAc,EAAE,QAAQ;YACxB,UAAU,EAAE,CAAC;YACb,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,SAAS;YAElB,UAAU,EAAE,SAAS;YACrB,QAAQ,EAAE,SAAS;YACnB,YAAY,EAAE,6CAA6C;YAC3D,MAAM,EAAE,MAAM;YACd,eAAe,EAAE,aAAa;YAC9B,KAAK,EAAE,OAAO;YAEd,GAAG,KAAK,CAAC,KAAK;SACf,GACD,CACH,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,WAAW,GAAG,QAAQ,CAAC;AAE9B,OAAO,EAAE,MAAM,EAAE,CAAC"}

package/dist/esm/{impersonation.js → components/impersonation.js}

@@ -1,14 +1,19 @@
+'use client';
 import * as React from 'react';
-import { withAuth } from './session.js';
-import { workos } from './workos.js';
 import { Button } from './button.js';
 import { MinMaxButton } from './min-max-button.js';
-import { handleSignOutAction } from './actions.js';
-export async function Impersonation({ side = 'bottom', ...props }) {
-    const { impersonator, user, organizationId } = await withAuth();
-    if (!impersonator)
+import { getOrganizationAction, handleSignOutAction } from '../actions.js';
+import { useAuth } from './authkit-provider.js';
+export function Impersonation({ side = 'bottom', ...props }) {
+    const { user, impersonator, organizationId, loading } = useAuth();
+    const [organization, setOrganization] = React.useState(null);
+    React.useEffect(() => {
+        if (!organizationId)
+            return;
+        getOrganizationAction(organizationId).then(setOrganization);
+    }, [organizationId]);
+    if (loading || !impersonator || !user)
         return null;
-    const organization = organizationId ? await workos.organizations.getOrganization(organizationId) : null;
     return (React.createElement("div", { ...props, "data-workos-impersonation-root": "", style: {
             'position': 'fixed',
             'inset': 0,

package/dist/esm/components/impersonation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"impersonation.js","sourceRoot":"","sources":["../../../src/components/impersonation.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAC/B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAE3E,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAMhD,MAAM,UAAU,aAAa,CAAC,EAAE,IAAI,GAAG,QAAQ,EAAE,GAAG,KAAK,EAAsB;IAC7E,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,CAAC;IAElE,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAsB,IAAI,CAAC,CAAC;IAElF,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE;QACnB,IAAI,CAAC,cAAc;YAAE,OAAO;QAC5B,qBAAqB,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC9D,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC;IAErB,IAAI,OAAO,IAAI,CAAC,YAAY,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEnD,OAAO,CACL,gCACM,KAAK,oCACsB,EAAE,EACjC,KAAK,EAAE;YACL,UAAU,EAAE,OAAO;YACnB,OAAO,EAAE,CAAC;YACV,eAAe,EAAE,MAAM;YACvB,QAAQ,EAAE,IAAI;YAEd,2DAA2D;YAC3D,gBAAgB,EAAE,GAAG;YACrB,QAAQ,EAAE,4DAA4D;YACtE,UAAU,EAAE,uDAAuD;YACnE,QAAQ,EAAE,4CAA4C;YACtD,SAAS,EAAE,mDAAmD;YAC9D,SAAS,EAAE,+CAA+C;YAE1D,GAAG,KAAK,CAAC,KAAK;SACf;QAED,6BACE,KAAK,EAAE;gBACL,iBAAiB,EAAE,yFAAyF;gBAC5G,UAAU,EAAE,UAAU;gBACtB,OAAO,EAAE,iCAAiC;gBAC1C,cAAc,EAAE,gCAAgC;gBAChD,WAAW,EAAE;;;MAGjB;gBACI,YAAY,EAAE,yCAAyC;aACxD,GACD;QAEF,6BACE,KAAK,EAAE;gBACL,OAAO,EAAE,MAAM;gBACf,cAAc,EAAE,QAAQ;gBAExB,QAAQ,EAAE,OAAO;gBACjB,IAAI,EAAE,CAAC;gBACP,KAAK,EAAE,CAAC;gBACR,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC;gBAC7C,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;gBAEnD,UAAU,EACR,wIAAwI;gBAC1I,QAAQ,EAAE,gCAAgC;gBAC1C,UAAU,EAAE,KAAK;aAClB;YAED,8BACE,QAAQ,EAAE,mBAAmB,EAC7B,KAAK,EAAE;oBACL,OAAO,EAAE,MAAM;oBACf,UAAU,EAAE,UAAU;oBACtB,WAAW,EAAE,aAAa;oBAC1B,YAAY,EAAE,aAAa;oBAE3B,QAAQ,EAAE,UAAU;oBACpB,UAAU,EAAE,uBAAuB;oBACnC,WAAW,EAAE,uBAAuB;oBAEpC,aAAa,EAAE,MAAM;oBACrB,eAAe,EAAE,eAAe;oBAChC,WAAW,EAAE,OAAO;oBACpB,WAAW,EAAE,cAAc;oBAC3B,eAAe,EAAE,cAAc;oBAC/B,gBAAgB,EAAE,cAAc;oBAEhC,UAAU,EAAE,yCAAyC;oBACrD,SAAS,EAAE,iEAAiE;oBAC5E,OAAO,EAAE,+BAA+B;oBACxC,MAAM,EAAE,+BAA+B;oBAEvC,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI;wBACpB,UAAU,EAAE,CAAC;wBACb,aAAa,EAAE,aAAa;wBAC5B,cAAc,EAAE,CAAC;wBACjB,iBAAiB,EAAE,cAAc;wBACjC,sBAAsB,EAAE,aAAa;wBACrC,uBAAuB,EAAE,aAAa;qBACvC,CAAC;oBAEF,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI;wBACvB,UAAU,EAAE,aAAa;wBACzB,aAAa,EAAE,CAAC;wBAChB,cAAc,EAAE,cAAc;wBAC9B,iBAAiB,EAAE,CAAC;wBACpB,mBAAmB,EAAE,aAAa;wBAClC,oBAAoB,EAAE,aAAa;qBACpC,CAAC;iBACH;gBAED,2BAAG,KAAK,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE;;oBACxE,+BAAI,IAAI,CAAC,KAAK,CAAK;oBAAC,GAAG;oBAC5C,YAAY,KAAK,IAAI,IAAI,CACxB;;wBACa,+BAAI,YAAY,CAAC,IAAI,CAAK;wCACpC,CACJ,CACC;gBACJ,oBAAC,MAAM,IAAC,IAAI,EAAC,QAAQ,EAAC,KAAK,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE,WAAW,EAAE,aAAa,EAAE,WAEvF;gBACT,oBAAC,YAAY,IAAC,cAAc,EAAC,GAAG,IAAE,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAgB,CACvE;YAEP,6BACE,KAAK,EAAE;oBACL,OAAO,EAAE,aAAa;oBAEtB,QAAQ,EAAE,OAAO;oBACjB,KAAK,EAAE,aAAa;oBAEpB,aAAa,EAAE,MAAM;oBACrB,eAAe,EAAE,eAAe;oBAChC,MAAM,EAAE,iCAAiC;oBACzC,YAAY,EAAE,aAAa;oBAE3B,UAAU,EAAE,yCAAyC;oBACrD,SAAS,EAAE,gEAAgE;oBAC3E,OAAO,EAAE,qBAAqB;oBAC9B,MAAM,EAAE,qBAAqB;oBAE7B,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC;oBAC7C,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;iBACpD;gBAED,oBAAC,YAAY,IAAC,cAAc,EAAC,GAAG,IAAE,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAgB,CACxE,CACF,CACF,CACP,CAAC;AACJ,CAAC"}

package/dist/esm/components/index.js

@@ -0,0 +1,4 @@
+import { Impersonation } from './impersonation.js';
+import { AuthKitProvider, useAuth } from './authkit-provider.js';
+export { Impersonation, AuthKitProvider, useAuth };
+//# sourceMappingURL=index.js.map

package/dist/esm/components/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/components/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAEjE,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,OAAO,EAAE,CAAC"}

package/dist/esm/components/min-max-button.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"min-max-button.js","sourceRoot":"","sources":["../../../src/components/min-max-button.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAC/B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAOrC,MAAM,UAAU,YAAY,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAqB;IAC1E,OAAO,CACL,oBAAC,MAAM,IACL,OAAO,EAAE,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,QAAQ,CAAC,aAAa,CAAC,kCAAkC,CAAuB,CAAC;YAC9F,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK,CAAC,WAAW,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAC5D,CAAC,EACD,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,IAEtC,QAAQ,CACF,CACV,CAAC;AACJ,CAAC"}

package/dist/esm/env-variables.js

@@ -1,15 +1,18 @@
+/* istanbul ignore file */
 var _a, _b, _c, _d;
 function getEnvVariable(name) {
     return process.env[name];
 }
+// Optional env variables
 const WORKOS_API_HOSTNAME = getEnvVariable('WORKOS_API_HOSTNAME');
 const WORKOS_API_HTTPS = getEnvVariable('WORKOS_API_HTTPS');
-const WORKOS_API_KEY = (_a = getEnvVariable('WORKOS_API_KEY')) !== null && _a !== void 0 ? _a : '';
 const WORKOS_API_PORT = getEnvVariable('WORKOS_API_PORT');
-const WORKOS_CLIENT_ID = (_b = getEnvVariable('WORKOS_CLIENT_ID')) !== null && _b !== void 0 ? _b : '';
 const WORKOS_COOKIE_DOMAIN = getEnvVariable('WORKOS_COOKIE_DOMAIN');
 const WORKOS_COOKIE_MAX_AGE = getEnvVariable('WORKOS_COOKIE_MAX_AGE');
 const WORKOS_COOKIE_NAME = getEnvVariable('WORKOS_COOKIE_NAME');
+// Required env variables
+const WORKOS_API_KEY = (_a = getEnvVariable('WORKOS_API_KEY')) !== null && _a !== void 0 ? _a : '';
+const WORKOS_CLIENT_ID = (_b = getEnvVariable('WORKOS_CLIENT_ID')) !== null && _b !== void 0 ? _b : '';
 const WORKOS_COOKIE_PASSWORD = (_c = getEnvVariable('WORKOS_COOKIE_PASSWORD')) !== null && _c !== void 0 ? _c : '';
 const WORKOS_REDIRECT_URI = (_d = process.env.NEXT_PUBLIC_WORKOS_REDIRECT_URI) !== null && _d !== void 0 ? _d : '';
 export { WORKOS_API_HOSTNAME, WORKOS_API_HTTPS, WORKOS_API_KEY, WORKOS_API_PORT, WORKOS_CLIENT_ID, WORKOS_COOKIE_DOMAIN, WORKOS_COOKIE_MAX_AGE, WORKOS_COOKIE_NAME, WORKOS_COOKIE_PASSWORD, WORKOS_REDIRECT_URI, };

package/dist/esm/env-variables.js.map

@@ -1 +1 @@
-{"version":3,"file":"env-variables.js","sourceRoot":"","sources":["../../src/env-variables.ts"],"names":[],"mappings":";AAAA,SAAS,cAAc,CAAC,IAAY;IAClC,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED,MAAM,mBAAmB,GAAG,cAAc,CAAC,qBAAqB,CAAC,CAAC;AAClE,MAAM,gBAAgB,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;AAC5D,MAAM,cAAc,GAAG,MAAA,cAAc,CAAC,gBAAgB,CAAC,mCAAI,EAAE,CAAC;AAC9D,MAAM,eAAe,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;AAC1D,MAAM,gBAAgB,GAAG,MAAA,cAAc,CAAC,kBAAkB,CAAC,mCAAI,EAAE,CAAC;AAClE,MAAM,oBAAoB,GAAG,cAAc,CAAC,sBAAsB,CAAC,CAAC;AACpE,MAAM,qBAAqB,GAAG,cAAc,CAAC,uBAAuB,CAAC,CAAC;AACtE,MAAM,kBAAkB,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;AAChE,MAAM,sBAAsB,GAAG,MAAA,cAAc,CAAC,wBAAwB,CAAC,mCAAI,EAAE,CAAC;AAC9E,MAAM,mBAAmB,GAAG,MAAA,OAAO,CAAC,GAAG,CAAC,+BAA+B,mCAAI,EAAE,CAAC;AAE9E,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,oBAAoB,EACpB,qBAAqB,EACrB,kBAAkB,EAClB,sBAAsB,EACtB,mBAAmB,GACpB,CAAC"}
+{"version":3,"file":"env-variables.js","sourceRoot":"","sources":["../../src/env-variables.ts"],"names":[],"mappings":"AAAA,0BAA0B;;AAE1B,SAAS,cAAc,CAAC,IAAY;IAClC,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED,yBAAyB;AACzB,MAAM,mBAAmB,GAAG,cAAc,CAAC,qBAAqB,CAAC,CAAC;AAClE,MAAM,gBAAgB,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;AAC5D,MAAM,eAAe,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;AAC1D,MAAM,oBAAoB,GAAG,cAAc,CAAC,sBAAsB,CAAC,CAAC;AACpE,MAAM,qBAAqB,GAAG,cAAc,CAAC,uBAAuB,CAAC,CAAC;AACtE,MAAM,kBAAkB,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;AAEhE,yBAAyB;AACzB,MAAM,cAAc,GAAG,MAAA,cAAc,CAAC,gBAAgB,CAAC,mCAAI,EAAE,CAAC;AAC9D,MAAM,gBAAgB,GAAG,MAAA,cAAc,CAAC,kBAAkB,CAAC,mCAAI,EAAE,CAAC;AAClE,MAAM,sBAAsB,GAAG,MAAA,cAAc,CAAC,wBAAwB,CAAC,mCAAI,EAAE,CAAC;AAC9E,MAAM,mBAAmB,GAAG,MAAA,OAAO,CAAC,GAAG,CAAC,+BAA+B,mCAAI,EAAE,CAAC;AAE9E,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,oBAAoB,EACpB,qBAAqB,EACrB,kBAAkB,EAClB,sBAAsB,EACtB,mBAAmB,GACpB,CAAC"}

package/dist/esm/index.js

@@ -1,14 +1,10 @@
 import { handleAuth } from './authkit-callback-route.js';
-import { authkitMiddleware } from './middleware.js';
-import { withAuth, refreshSession, getSession } from './session.js';
+import { authkit, authkitMiddleware } from './middleware.js';
+import { withAuth, refreshSession } from './session.js';
 import { getSignInUrl, getSignUpUrl, signOut } from './auth.js';
-import { Impersonation } from './impersonation.js';
-import { AuthKitProvider } from './authkit-provider.js';
 export { handleAuth, 
 //
-authkitMiddleware, getSession, 
+authkitMiddleware, authkit, 
 //
-getSignInUrl, getSignUpUrl, withAuth, refreshSession, signOut, 
-//
-Impersonation, AuthKitProvider, };
+getSignInUrl, getSignUpUrl, withAuth, refreshSession, signOut, };
 //# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAExD,OAAO,EACL,UAAU;AACV,EAAE;AACF,iBAAiB,EACjB,UAAU;AACV,EAAE;AACF,YAAY,EACZ,YAAY,EACZ,QAAQ,EACR,cAAc,EACd,OAAO;AACP,EAAE;AACF,aAAa,EACb,eAAe,GAChB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEhE,OAAO,EACL,UAAU;AACV,EAAE;AACF,iBAAiB,EACjB,OAAO;AACP,EAAE;AACF,YAAY,EACZ,YAAY,EACZ,QAAQ,EACR,cAAc,EACd,OAAO,GACR,CAAC"}

package/dist/esm/middleware.js

@@ -1,8 +1,11 @@
-import { updateSession } from './session.js';
+import { updateSessionMiddleware, updateSession } from './session.js';
 import { WORKOS_REDIRECT_URI } from './env-variables.js';
 export function authkitMiddleware({ debug = false, middlewareAuth = { enabled: false, unauthenticatedPaths: [] }, redirectUri = WORKOS_REDIRECT_URI, signUpPaths = [], } = {}) {
     return function (request) {
-        return updateSession(request, debug, middlewareAuth, redirectUri, signUpPaths);
+        return updateSessionMiddleware(request, debug, middlewareAuth, redirectUri, signUpPaths);
     };
 }
+export async function authkit(request, options = {}) {
+    return await updateSession(request, options);
+}
 //# sourceMappingURL=middleware.js.map

package/dist/esm/middleware.js.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,MAAM,UAAU,iBAAiB,CAAC,EAChC,KAAK,GAAG,KAAK,EACb,cAAc,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,EAC7D,WAAW,GAAG,mBAAmB,EACjC,WAAW,GAAG,EAAE,MACY,EAAE;IAC9B,OAAO,UAAU,OAAO;QACtB,OAAO,aAAa,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;IACjF,CAAC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,uBAAuB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAEtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,MAAM,UAAU,iBAAiB,CAAC,EAChC,KAAK,GAAG,KAAK,EACb,cAAc,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,EAC7D,WAAW,GAAG,mBAAmB,EACjC,WAAW,GAAG,EAAE,MACY,EAAE;IAC9B,OAAO,UAAU,OAAO;QACtB,OAAO,uBAAuB,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;IAC3F,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,OAAoB,EAAE,UAA0B,EAAE;IAC9E,OAAO,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AAC/C,CAAC"}