@workos-inc/authkit-nextjs 0.17.2 → 1.0.0

package/dist/esm/session.js

@@ -12,7 +12,6 @@ import { parse, tokensToRegexp } from 'path-to-regexp';
 import { redirectWithFallback } from './utils.js';
 const sessionHeaderName = 'x-workos-session';
 const middlewareHeaderName = 'x-workos-middleware';
-const redirectUriHeaderName = 'x-redirect-uri';
 const signUpPathsHeaderName = 'x-sign-up-paths';
 const JWKS = createRemoteJWKSet(new URL(workos.userManagement.getJwksUrl(WORKOS_CLIENT_ID)));
 async function encryptSession(session) {
@@ -21,35 +20,20 @@ async function encryptSession(session) {
         ttl: 0,
     });
 }
-async function updateSession(request, debug, middlewareAuth, redirectUri, signUpPaths) {
+async function updateSessionMiddleware(request, debug, middlewareAuth, redirectUri, signUpPaths) {
     if (!redirectUri && !WORKOS_REDIRECT_URI) {
         throw new Error('You must provide a redirect URI in the AuthKit middleware or in the environment variables.');
     }
     if (!WORKOS_COOKIE_PASSWORD || WORKOS_COOKIE_PASSWORD.length < 32) {
         throw new Error('You must provide a valid cookie password that is at least 32 characters in the environment variables.');
     }
-    const session = await getSessionFromCookie();
-    const newRequestHeaders = new Headers(request.headers);
-    // We store the current request url in a custom header, so we can always have access to it
-    // This is because on hard navigations we don't have access to `next-url` but need to get the current
-    // `pathname` to be able to return the users where they came from before sign-in
-    newRequestHeaders.set('x-url', request.url);
-    // Record that the request was routed through the middleware so we can check later for DX purposes
-    newRequestHeaders.set(middlewareHeaderName, 'true');
-    // Record the sign up paths so we can use it later
-    if (signUpPaths.length > 0) {
-        newRequestHeaders.set(signUpPathsHeaderName, signUpPaths.join(','));
-    }
     let url;
-    // If the redirect URI is set, store it in the headers so we can use it later
     if (redirectUri) {
-        newRequestHeaders.set(redirectUriHeaderName, redirectUri);
         url = new URL(redirectUri);
     }
     else {
         url = new URL(WORKOS_REDIRECT_URI);
     }
-    newRequestHeaders.delete(sessionHeaderName);
     if (middlewareAuth.enabled &&
         url.pathname === request.nextUrl.pathname &&
         !middlewareAuth.unauthenticatedPaths.includes(url.pathname)) {
@@ -66,72 +50,100 @@ async function updateSession(request, debug, middlewareAuth, redirectUri, signUp
         const pathRegex = getMiddlewareAuthPathRegex(pathGlob);
         return pathRegex.exec(request.nextUrl.pathname);
     });
+    const { session, headers, authorizationUrl } = await updateSession(request, {
+        debug,
+        redirectUri,
+        screenHint: getScreenHint(signUpPaths, request.nextUrl.pathname),
+    });
     // If the user is logged out and this path isn't on the allowlist for logged out paths, redirect to AuthKit.
-    if (middlewareAuth.enabled && matchedPaths.length === 0 && !session) {
-        if (debug)
+    if (middlewareAuth.enabled && matchedPaths.length === 0 && !session.user) {
+        if (debug) {
             console.log(`Unauthenticated user on protected route ${request.url}, redirecting to AuthKit`);
-        const redirectTo = await getAuthorizationUrl({
-            returnPathname: getReturnPathname(request.url),
-            redirectUri: redirectUri,
-            screenHint: getScreenHint(signUpPaths, request.nextUrl.pathname),
-        });
-        return redirectWithFallback(redirectTo);
+        }
+        return redirectWithFallback(authorizationUrl);
+    }
+    // Record the sign up paths so we can use them later
+    if (signUpPaths.length > 0) {
+        headers.set(signUpPathsHeaderName, signUpPaths.join(','));
     }
-    // If no session, just continue
+    return NextResponse.next({
+        request: { headers },
+    });
+}
+async function updateSession(request, options = { debug: false }) {
+    const session = await getSessionFromCookie();
+    const newRequestHeaders = new Headers(request.headers);
+    // Record that the request was routed through the middleware so we can check later for DX purposes
+    newRequestHeaders.set(middlewareHeaderName, 'true');
+    // We store the current request url in a custom header, so we can always have access to it
+    // This is because on hard navigations we don't have access to `next-url` but need to get the current
+    // `pathname` to be able to return the users where they came from before sign-in
+    newRequestHeaders.set('x-url', request.url);
+    newRequestHeaders.delete(sessionHeaderName);
     if (!session) {
-        return NextResponse.next({
-            request: { headers: newRequestHeaders },
-        });
+        if (options.debug) {
+            console.log('No session found from cookie');
+        }
+        return {
+            session: { user: null },
+            headers: newRequestHeaders,
+            authorizationUrl: await getAuthorizationUrl({
+                returnPathname: getReturnPathname(request.url),
+                redirectUri: options.redirectUri || WORKOS_REDIRECT_URI,
+                screenHint: options.screenHint,
+            }),
+        };
     }
     const hasValidSession = await verifyAccessToken(session.accessToken);
     const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
     const nextCookies = await cookies();
-    if (hasValidSession) {
-        if (debug)
-            console.log('Session is valid');
-        // set the x-workos-session header according to the current cookie value
-        newRequestHeaders.set(sessionHeaderName, nextCookies.get(cookieName).value);
-        return NextResponse.next({
-            request: { headers: newRequestHeaders },
-        });
-    }
-    try {
-        if (debug)
+    if (!hasValidSession) {
+        if (options.debug) {
             console.log(`Session invalid. Refreshing access token that ends in ${session.accessToken.slice(-10)}`);
-        const { org_id: organizationId } = decodeJwt(session.accessToken);
-        // If the session is invalid (i.e. the access token has expired) attempt to re-authenticate with the refresh token
-        const { accessToken, refreshToken, user, impersonator } = await workos.userManagement.authenticateWithRefreshToken({
-            clientId: WORKOS_CLIENT_ID,
-            refreshToken: session.refreshToken,
-            organizationId,
-        });
-        if (debug)
-            console.log(`Refresh successful. New access token ends in ${accessToken.slice(-10)}`);
-        // Encrypt session with new access and refresh tokens
-        const encryptedSession = await encryptSession({
-            accessToken,
-            refreshToken,
-            user,
-            impersonator,
-        });
-        newRequestHeaders.set(sessionHeaderName, encryptedSession);
-        const response = NextResponse.next({
-            request: { headers: newRequestHeaders },
-        });
-        // update the cookie
-        response.cookies.set(cookieName, encryptedSession, getCookieOptions(redirectUri));
-        return response;
-    }
-    catch (e) {
-        if (debug)
-            console.log('Failed to refresh. Deleting cookie and redirecting.', e);
-        nextCookies.delete(cookieName);
+        }
+        try {
+            const newSession = await refreshSession({
+                ensureSignedIn: false,
+            });
+            if (options.debug) {
+                console.log('Session successfully refreshed');
+            }
+            newRequestHeaders.set(sessionHeaderName, nextCookies.get(cookieName).value);
+            return {
+                session: newSession,
+                headers: newRequestHeaders,
+            };
+        }
+        catch (e) {
+            if (options.debug) {
+                console.log('Failed to refresh. Deleting cookie.', e);
+            }
+            const nextCookies = await cookies();
+            nextCookies.delete(cookieName);
+            return {
+                session: { user: null },
+                headers: newRequestHeaders,
+                authorizationUrl: await getAuthorizationUrl({
+                    returnPathname: getReturnPathname(request.url),
+                }),
+            };
+        }
     }
-    // If we get here, the session is invalid and the user needs to sign in again.
-    // We redirect to the current URL which will trigger the middleware again.
-    // This is outside of the above block because you cannot redirect in Next.js
-    // from inside a try/catch block.
-    return redirectWithFallback(request.url);
+    newRequestHeaders.set(sessionHeaderName, nextCookies.get(cookieName).value);
+    const { sid: sessionId, org_id: organizationId, role, permissions, entitlements, } = decodeJwt(session.accessToken);
+    return {
+        session: {
+            sessionId,
+            user: session.user,
+            organizationId,
+            role,
+            permissions,
+            entitlements,
+            impersonator: session.impersonator,
+            accessToken: session.accessToken,
+        },
+        headers: newRequestHeaders,
+    };
 }
 /* istanbul ignore next */
 async function refreshSession({ organizationId: nextOrganizationId, ensureSignedIn = false, } = {}) {
@@ -143,11 +155,20 @@ async function refreshSession({ organizationId: nextOrganizationId, ensureSigned
         return { user: null };
     }
     const { org_id: organizationIdFromAccessToken } = decodeJwt(session.accessToken);
-    const { accessToken, refreshToken, user, impersonator } = await workos.userManagement.authenticateWithRefreshToken({
-        clientId: WORKOS_CLIENT_ID,
-        refreshToken: session.refreshToken,
-        organizationId: nextOrganizationId !== null && nextOrganizationId !== void 0 ? nextOrganizationId : organizationIdFromAccessToken,
-    });
+    let refreshResult;
+    try {
+        refreshResult = await workos.userManagement.authenticateWithRefreshToken({
+            clientId: WORKOS_CLIENT_ID,
+            refreshToken: session.refreshToken,
+            organizationId: nextOrganizationId !== null && nextOrganizationId !== void 0 ? nextOrganizationId : organizationIdFromAccessToken,
+        });
+    }
+    catch (error) {
+        throw new Error(`Failed to refresh session: ${error instanceof Error ? error.message : String(error)}`, {
+            cause: error,
+        });
+    }
+    const { accessToken, refreshToken, user, impersonator } = refreshResult;
     // Encrypt session with new access and refresh tokens
     const encryptedSession = await encryptSession({
         accessToken,
@@ -238,46 +259,22 @@ async function verifyAccessToken(accessToken) {
         return false;
     }
 }
-async function getSessionFromCookie(response) {
-    var _a;
+async function getSessionFromCookie() {
     const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
     const nextCookies = await cookies();
-    const cookie = response ? response.cookies.get(cookieName) : nextCookies.get(cookieName);
+    const cookie = nextCookies.get(cookieName);
     if (cookie) {
-        return unsealData((_a = cookie.value) !== null && _a !== void 0 ? _a : cookie, {
+        return unsealData(cookie.value, {
             password: WORKOS_COOKIE_PASSWORD,
         });
     }
 }
-/**
- * Retrieves the session from the cookie. Meant for use in the middleware, for client side use `withAuth` instead.
- *
- * @returns UserInfo | NoUserInfo
- */
-async function getSession(response) {
-    const session = await getSessionFromCookie(response);
-    if (!session)
-        return { user: null };
-    if (await verifyAccessToken(session.accessToken)) {
-        const { sid: sessionId, org_id: organizationId, role, permissions, entitlements, } = decodeJwt(session.accessToken);
-        return {
-            sessionId,
-            user: session.user,
-            organizationId,
-            role,
-            permissions,
-            entitlements,
-            impersonator: session.impersonator,
-            accessToken: session.accessToken,
-        };
-    }
-}
 async function getSessionFromHeader() {
     const headersList = await headers();
     const hasMiddleware = Boolean(headersList.get(middlewareHeaderName));
     if (!hasMiddleware) {
         const url = headersList.get('x-url');
-        throw new Error(`You are calling 'withAuth' on ${url} that isn’t covered by the AuthKit middleware. Make sure it is running on all paths you are calling 'withAuth' from by updating your middleware config in 'middleware.(js|ts)'.`);
+        throw new Error(`You are calling 'withAuth' on ${url !== null && url !== void 0 ? url : 'a route'} that isn’t covered by the AuthKit middleware. Make sure it is running on all paths you are calling 'withAuth' from by updating your middleware config in 'middleware.(js|ts)'.`);
     }
     const authHeader = headersList.get(sessionHeaderName);
     if (!authHeader)
@@ -297,5 +294,5 @@ function getScreenHint(signUpPaths, pathname) {
     });
     return screenHintPaths.length > 0 ? 'sign-up' : 'sign-in';
 }
-export { encryptSession, withAuth, refreshSession, terminateSession, updateSession, getSession };
+export { encryptSession, withAuth, refreshSession, terminateSession, updateSessionMiddleware, updateSession };
 //# sourceMappingURL=session.js.map

package/dist/esm/session.js.map

@@ -1 +1 @@
-{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/session.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAChE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACvH,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAGjE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAElD,MAAM,iBAAiB,GAAG,kBAAkB,CAAC;AAC7C,MAAM,oBAAoB,GAAG,qBAAqB,CAAC;AACnD,MAAM,qBAAqB,GAAG,gBAAgB,CAAC;AAC/C,MAAM,qBAAqB,GAAG,iBAAiB,CAAC;AAEhD,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;AAE7F,KAAK,UAAU,cAAc,CAAC,OAAgB;IAC5C,OAAO,QAAQ,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,sBAAsB;QAChC,GAAG,EAAE,CAAC;KACP,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,aAAa,CAC1B,OAAoB,EACpB,KAAc,EACd,cAAqC,EACrC,WAAmB,EACnB,WAAqB;IAErB,IAAI,CAAC,WAAW,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;IAChH,CAAC;IAED,IAAI,CAAC,sBAAsB,IAAI,sBAAsB,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAClE,MAAM,IAAI,KAAK,CACb,uGAAuG,CACxG,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,MAAM,iBAAiB,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAEvD,0FAA0F;IAC1F,qGAAqG;IACrG,gFAAgF;IAChF,iBAAiB,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAE5C,kGAAkG;IAClG,iBAAiB,CAAC,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAEpD,kDAAkD;IAClD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,iBAAiB,CAAC,GAAG,CAAC,qBAAqB,EAAE,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,GAAG,CAAC;IAER,6EAA6E;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,iBAAiB,CAAC,GAAG,CAAC,qBAAqB,EAAE,WAAW,CAAC,CAAC;QAC1D,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACrC,CAAC;IAED,iBAAiB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAE5C,IACE,cAAc,CAAC,OAAO;QACtB,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,QAAQ;QACzC,CAAC,cAAc,CAAC,oBAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAC3D,CAAC;QACD,qBAAqB;QACrB,qCAAqC;QACrC,kDAAkD;QAClD,6DAA6D;QAC7D,EAAE;QACF,mGAAmG;QACnG,4GAA4G;QAC5G,cAAc,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,YAAY,GAAa,cAAc,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QACrF,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QAEvD,OAAO,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,4GAA4G;IAC5G,IAAI,cAAc,CAAC,OAAO,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QACpE,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,2CAA2C,OAAO,CAAC,GAAG,0BAA0B,CAAC,CAAC;QAEzG,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC;YAC3C,cAAc,EAAE,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC;YAC9C,WAAW,EAAE,WAAW;YACxB,UAAU,EAAE,aAAa,CAAC,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;SACjE,CAAC,CAAC;QAEH,OAAO,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,YAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACrE,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IAEvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IAEpC,IAAI,eAAe,EAAE,CAAC;QACpB,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAC3C,wEAAwE;QACxE,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC,KAAK,CAAC,CAAC;QAC7E,OAAO,YAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC;QACH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,yDAAyD,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAElH,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;QAE/E,kHAAkH;QAClH,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;YACjH,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,cAAc;SACf,CAAC,CAAC;QAEH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,gDAAgD,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAEjG,qDAAqD;QACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;YAC5C,WAAW;YACX,YAAY;YACZ,IAAI;YACJ,YAAY;SACb,CAAC,CAAC;QAEH,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;QACH,oBAAoB;QACpB,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC;QAClF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,qDAAqD,EAAE,CAAC,CAAC,CAAC;QAEjF,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACjC,CAAC;IAED,8EAA8E;IAC9E,0EAA0E;IAC1E,4EAA4E;IAC5E,iCAAiC;IACjC,OAAO,oBAAoB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AAC3C,CAAC;AAOD,0BAA0B;AAC1B,KAAK,UAAU,cAAc,CAAC,EAC5B,cAAc,EAAE,kBAAkB,EAClC,cAAc,GAAG,KAAK,MAIpB,EAAE;IACJ,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,6BAA6B,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAE9F,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;QACjH,QAAQ,EAAE,gBAAgB;QAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,cAAc,EAAE,kBAAkB,aAAlB,kBAAkB,cAAlB,kBAAkB,GAAI,6BAA6B;KACpE,CAAC,CAAC;IAEH,qDAAqD;IACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;QAC5C,WAAW;QACX,YAAY;QACZ,IAAI;QACJ,YAAY;KACb,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IAEvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAErE,MAAM,EACJ,GAAG,EAAE,SAAS,EACd,MAAM,EAAE,cAAc,EACtB,IAAI,EACJ,WAAW,EACX,YAAY,GACb,GAAG,SAAS,CAAc,WAAW,CAAC,CAAC;IAExC,OAAO;QACL,SAAS;QACT,IAAI;QACJ,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,YAAY;QACZ,WAAW;KACZ,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CAAC,QAAgB;IAClD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,GAAG,CAAC,QAAS,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAEjD,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAE5C,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAEjE,MAAM,IAAI,KAAK,CAAC,qDAAqD,OAAO,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,gBAAgB;;IAC7B,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IAED,yDAAyD;IACzD,MAAM,WAAW,GAAG,MAAA,WAAW,CAAC,GAAG,CAAC,qBAAqB,CAAC,0CAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IAEvE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IACvC,MAAM,UAAU,GAAG,aAAa,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAExD,MAAM,cAAc,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAE9C,QAAQ,CAAC,MAAM,mBAAmB,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;AACtE,CAAC;AAKD,KAAK,UAAU,QAAQ,CAAC,EAAE,cAAc,GAAG,KAAK,EAAE,GAAG,EAAE;IACrD,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAE7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EACJ,GAAG,EAAE,SAAS,EACd,MAAM,EAAE,cAAc,EACtB,IAAI,EACJ,WAAW,EACX,YAAY,GACb,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAEhD,OAAO;QACL,SAAS;QACT,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB;IAC7B,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,QAAQ,EAAE,CAAC;IACvC,IAAI,SAAS,EAAE,CAAC;QACd,QAAQ,CAAC,MAAM,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAC9D,CAAC;SAAM,CAAC;QACN,QAAQ,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,WAAmB;IAClD,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB,CAAC,QAAuB;;IACzD,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IACvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAEzF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,UAAU,CAAU,MAAA,MAAM,CAAC,KAAK,mCAAI,MAAM,EAAE;YACjD,QAAQ,EAAE,sBAAsB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,UAAU,CAAC,QAAuB;IAC/C,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAErD,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAEpC,IAAI,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QACjD,MAAM,EACJ,GAAG,EAAE,SAAS,EACd,MAAM,EAAE,cAAc,EACtB,IAAI,EACJ,WAAW,EACX,YAAY,GACb,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;QAEhD,OAAO;YACL,SAAS;YACT,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,cAAc;YACd,IAAI;YACJ,WAAW;YACX,YAAY;YACZ,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,aAAa,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAErE,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,iLAAiL,CACtN,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACtD,IAAI,CAAC,UAAU;QAAE,OAAO;IAExB,OAAO,UAAU,CAAU,UAAU,EAAE,EAAE,QAAQ,EAAE,sBAAsB,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAE5B,OAAO,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACzG,CAAC;AAED,SAAS,aAAa,CAAC,WAAiC,EAAE,QAAgB;IACxE,IAAI,CAAC,WAAW;QAAE,OAAO,SAAS,CAAC;IAEnC,MAAM,eAAe,GAAa,WAAW,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QAChE,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QACvD,OAAO,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;AAC5D,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,cAAc,EAAE,gBAAgB,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC"}
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/session.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAChE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACvH,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAWjE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAElD,MAAM,iBAAiB,GAAG,kBAAkB,CAAC;AAC7C,MAAM,oBAAoB,GAAG,qBAAqB,CAAC;AACnD,MAAM,qBAAqB,GAAG,iBAAiB,CAAC;AAEhD,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;AAE7F,KAAK,UAAU,cAAc,CAAC,OAAgB;IAC5C,OAAO,QAAQ,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,sBAAsB;QAChC,GAAG,EAAE,CAAC;KACP,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,uBAAuB,CACpC,OAAoB,EACpB,KAAc,EACd,cAAqC,EACrC,WAAmB,EACnB,WAAqB;IAErB,IAAI,CAAC,WAAW,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;IAChH,CAAC;IAED,IAAI,CAAC,sBAAsB,IAAI,sBAAsB,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAClE,MAAM,IAAI,KAAK,CACb,uGAAuG,CACxG,CAAC;IACJ,CAAC;IAED,IAAI,GAAG,CAAC;IAER,IAAI,WAAW,EAAE,CAAC;QAChB,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACrC,CAAC;IAED,IACE,cAAc,CAAC,OAAO;QACtB,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,QAAQ;QACzC,CAAC,cAAc,CAAC,oBAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAC3D,CAAC;QACD,qBAAqB;QACrB,qCAAqC;QACrC,kDAAkD;QAClD,6DAA6D;QAC7D,EAAE;QACF,mGAAmG;QACnG,4GAA4G;QAC5G,cAAc,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,YAAY,GAAa,cAAc,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QACrF,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QAEvD,OAAO,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE;QAC1E,KAAK;QACL,WAAW;QACX,UAAU,EAAE,aAAa,CAAC,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;KACjE,CAAC,CAAC;IAEH,4GAA4G;IAC5G,IAAI,cAAc,CAAC,OAAO,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACzE,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,2CAA2C,OAAO,CAAC,GAAG,0BAA0B,CAAC,CAAC;QAChG,CAAC;QAED,OAAO,oBAAoB,CAAC,gBAA0B,CAAC,CAAC;IAC1D,CAAC;IAED,oDAAoD;IACpD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO,YAAY,CAAC,IAAI,CAAC;QACvB,OAAO,EAAE,EAAE,OAAO,EAAE;KACrB,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,aAAa,CAC1B,OAAoB,EACpB,UAA0B,EAAE,KAAK,EAAE,KAAK,EAAE;IAE1C,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAE7C,MAAM,iBAAiB,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAEvD,kGAAkG;IAClG,iBAAiB,CAAC,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAEpD,0FAA0F;IAC1F,qGAAqG;IACrG,gFAAgF;IAChF,iBAAiB,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAE5C,iBAAiB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAE5C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO;YACL,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;YACvB,OAAO,EAAE,iBAAiB;YAC1B,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;gBAC1C,cAAc,EAAE,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC;gBAC9C,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,mBAAmB;gBACvD,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAErE,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IACvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IAEpC,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,yDAAyD,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACzG,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC;gBACtC,cAAc,EAAE,KAAK;aACtB,CAAC,CAAC;YAEH,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;gBAClB,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;YAChD,CAAC;YAED,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC,KAAK,CAAC,CAAC;YAE7E,OAAO;gBACL,OAAO,EAAE,UAAU;gBACnB,OAAO,EAAE,iBAAiB;aAC3B,CAAC;QACJ,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;gBAClB,OAAO,CAAC,GAAG,CAAC,qCAAqC,EAAE,CAAC,CAAC,CAAC;YACxD,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;YACpC,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAE/B,OAAO;gBACL,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;gBACvB,OAAO,EAAE,iBAAiB;gBAC1B,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;oBAC1C,cAAc,EAAE,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC;iBAC/C,CAAC;aACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC,KAAK,CAAC,CAAC;IAE7E,MAAM,EACJ,GAAG,EAAE,SAAS,EACd,MAAM,EAAE,cAAc,EACtB,IAAI,EACJ,WAAW,EACX,YAAY,GACb,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAEhD,OAAO;QACL,OAAO,EAAE;YACP,SAAS;YACT,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,cAAc;YACd,IAAI;YACJ,WAAW;YACX,YAAY;YACZ,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC;QACD,OAAO,EAAE,iBAAiB;KAC3B,CAAC;AACJ,CAAC;AAOD,0BAA0B;AAC1B,KAAK,UAAU,cAAc,CAAC,EAC5B,cAAc,EAAE,kBAAkB,EAClC,cAAc,GAAG,KAAK,MAIpB,EAAE;IACJ,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,6BAA6B,EAAE,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAE9F,IAAI,aAAa,CAAC;IAElB,IAAI,CAAC;QACH,aAAa,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;YACvE,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,cAAc,EAAE,kBAAkB,aAAlB,kBAAkB,cAAlB,kBAAkB,GAAI,6BAA6B;SACpE,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE;YACtG,KAAK,EAAE,KAAK;SACb,CAAC,CAAC;IACL,CAAC;IAED,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,aAAa,CAAC;IACxE,qDAAqD;IACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;QAC5C,WAAW;QACX,YAAY;QACZ,IAAI;QACJ,YAAY;KACb,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IAEvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAErE,MAAM,EACJ,GAAG,EAAE,SAAS,EACd,MAAM,EAAE,cAAc,EACtB,IAAI,EACJ,WAAW,EACX,YAAY,GACb,GAAG,SAAS,CAAc,WAAW,CAAC,CAAC;IAExC,OAAO;QACL,SAAS;QACT,IAAI;QACJ,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,YAAY;QACZ,WAAW;KACZ,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CAAC,QAAgB;IAClD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,GAAG,CAAC,QAAS,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAEjD,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAE5C,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAEjE,MAAM,IAAI,KAAK,CAAC,qDAAqD,OAAO,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,gBAAgB;;IAC7B,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IAED,yDAAyD;IACzD,MAAM,WAAW,GAAG,MAAA,WAAW,CAAC,GAAG,CAAC,qBAAqB,CAAC,0CAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IAEvE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IACvC,MAAM,UAAU,GAAG,aAAa,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAExD,MAAM,cAAc,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAE9C,QAAQ,CAAC,MAAM,mBAAmB,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;AACtE,CAAC;AAID,KAAK,UAAU,QAAQ,CAAC,EAAE,cAAc,GAAG,KAAK,EAAE,GAAG,EAAE;IACrD,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAE7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,gBAAgB,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EACJ,GAAG,EAAE,SAAS,EACd,MAAM,EAAE,cAAc,EACtB,IAAI,EACJ,WAAW,EACX,YAAY,GACb,GAAG,SAAS,CAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAEhD,OAAO;QACL,SAAS;QACT,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,cAAc;QACd,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB;IAC7B,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,QAAQ,EAAE,CAAC;IACvC,IAAI,SAAS,EAAE,CAAC;QACd,QAAQ,CAAC,MAAM,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAC9D,CAAC;SAAM,CAAC;QACN,QAAQ,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,WAAmB;IAClD,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,MAAM,UAAU,GAAG,kBAAkB,IAAI,aAAa,CAAC;IACvD,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAE3C,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,UAAU,CAAU,MAAM,CAAC,KAAK,EAAE;YACvC,QAAQ,EAAE,sBAAsB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;IACpC,MAAM,aAAa,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAErE,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,aAAH,GAAG,cAAH,GAAG,GAAI,SAAS,iLAAiL,CACnO,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACtD,IAAI,CAAC,UAAU;QAAE,OAAO;IAExB,OAAO,UAAU,CAAU,UAAU,EAAE,EAAE,QAAQ,EAAE,sBAAsB,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAE5B,OAAO,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACzG,CAAC;AAED,SAAS,aAAa,CAAC,WAAiC,EAAE,QAAgB;IACxE,IAAI,CAAC,WAAW;QAAE,OAAO,SAAS,CAAC;IAEnC,MAAM,eAAe,GAAa,WAAW,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QAChE,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QACvD,OAAO,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;AAC5D,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,cAAc,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,aAAa,EAAE,CAAC"}

package/dist/esm/types/actions.d.ts

@@ -5,3 +5,9 @@
  */
 export declare const checkSessionAction: () => Promise<boolean>;
 export declare const handleSignOutAction: () => Promise<void>;
+export declare const getOrganizationAction: (organizationId: string) => Promise<import("@workos-inc/node").Organization>;
+export declare const getAuthAction: (ensureSignedIn?: boolean) => Promise<import("./interfaces.js").UserInfo | import("./interfaces.js").NoUserInfo>;
+export declare const refreshAuthAction: ({ ensureSignedIn, organizationId, }: {
+    ensureSignedIn?: boolean | undefined;
+    organizationId?: string | undefined;
+}) => Promise<import("./interfaces.js").UserInfo | import("./interfaces.js").NoUserInfo>;

package/dist/esm/types/components/authkit-provider.d.ts

@@ -0,0 +1,33 @@
+import React, { ReactNode } from 'react';
+import type { Impersonator, User } from '@workos-inc/node';
+type AuthContextType = {
+    user: User | null;
+    sessionId: string | undefined;
+    organizationId: string | undefined;
+    role: string | undefined;
+    permissions: string[] | undefined;
+    entitlements: string[] | undefined;
+    impersonator: Impersonator | undefined;
+    accessToken: string | undefined;
+    loading: boolean;
+    getAuth: (options?: {
+        ensureSignedIn?: boolean;
+    }) => Promise<void>;
+    refreshAuth: (options?: {
+        ensureSignedIn?: boolean;
+        organizationId?: string;
+    }) => Promise<void | {
+        error: string;
+    }>;
+};
+interface AuthKitProviderProps {
+    children: ReactNode;
+    /**
+     * Customize what happens when a session is expired. By default,the entire page will be reloaded.
+     * You can also pass this as `false` to disable the expired session checks.
+     */
+    onSessionExpired?: false | (() => void);
+}
+export declare const AuthKitProvider: ({ children, onSessionExpired }: AuthKitProviderProps) => React.JSX.Element;
+export declare function useAuth(): AuthContextType;
+export {};

package/dist/esm/types/{impersonation.d.ts → components/impersonation.d.ts}

@@ -2,5 +2,5 @@ import * as React from 'react';
 interface ImpersonationProps extends React.ComponentPropsWithoutRef<'div'> {
     side?: 'top' | 'bottom';
 }
-export declare function Impersonation({ side, ...props }: ImpersonationProps): Promise<React.JSX.Element | null>;
+export declare function Impersonation({ side, ...props }: ImpersonationProps): React.JSX.Element | null;
 export {};

package/dist/esm/types/components/index.d.ts

@@ -0,0 +1,3 @@
+import { Impersonation } from './impersonation.js';
+import { AuthKitProvider, useAuth } from './authkit-provider.js';
+export { Impersonation, AuthKitProvider, useAuth };

package/dist/esm/types/env-variables.d.ts

@@ -1,11 +1,11 @@
 declare const WORKOS_API_HOSTNAME: string | undefined;
 declare const WORKOS_API_HTTPS: string | undefined;
-declare const WORKOS_API_KEY: string;
 declare const WORKOS_API_PORT: string | undefined;
-declare const WORKOS_CLIENT_ID: string;
 declare const WORKOS_COOKIE_DOMAIN: string | undefined;
 declare const WORKOS_COOKIE_MAX_AGE: string | undefined;
 declare const WORKOS_COOKIE_NAME: string | undefined;
+declare const WORKOS_API_KEY: string;
+declare const WORKOS_CLIENT_ID: string;
 declare const WORKOS_COOKIE_PASSWORD: string;
 declare const WORKOS_REDIRECT_URI: string;
 export { WORKOS_API_HOSTNAME, WORKOS_API_HTTPS, WORKOS_API_KEY, WORKOS_API_PORT, WORKOS_CLIENT_ID, WORKOS_COOKIE_DOMAIN, WORKOS_COOKIE_MAX_AGE, WORKOS_COOKIE_NAME, WORKOS_COOKIE_PASSWORD, WORKOS_REDIRECT_URI, };

package/dist/esm/types/index.d.ts

@@ -1,7 +1,5 @@
 import { handleAuth } from './authkit-callback-route.js';
-import { authkitMiddleware } from './middleware.js';
-import { withAuth, refreshSession, getSession } from './session.js';
+import { authkit, authkitMiddleware } from './middleware.js';
+import { withAuth, refreshSession } from './session.js';
 import { getSignInUrl, getSignUpUrl, signOut } from './auth.js';
-import { Impersonation } from './impersonation.js';
-import { AuthKitProvider } from './authkit-provider.js';
-export { handleAuth, authkitMiddleware, getSession, getSignInUrl, getSignUpUrl, withAuth, refreshSession, signOut, Impersonation, AuthKitProvider, };
+export { handleAuth, authkitMiddleware, authkit, getSignInUrl, getSignUpUrl, withAuth, refreshSession, signOut, };

package/dist/esm/types/interfaces.d.ts

@@ -33,6 +33,7 @@ export interface NoUserInfo {
     organizationId?: undefined;
     role?: undefined;
     permissions?: undefined;
+    entitlements?: undefined;
     impersonator?: undefined;
     accessToken?: undefined;
 }
@@ -59,6 +60,16 @@ export interface AuthkitMiddlewareOptions {
     redirectUri?: string;
     signUpPaths?: string[];
 }
+export interface AuthkitOptions {
+    debug?: boolean;
+    redirectUri?: string;
+    screenHint?: 'sign-up' | 'sign-in';
+}
+export interface AuthkitResponse {
+    session: UserInfo | NoUserInfo;
+    headers: Headers;
+    authorizationUrl?: string;
+}
 export interface CookieOptions {
     path: '/';
     httpOnly: true;

package/dist/esm/types/middleware.d.ts

@@ -1,3 +1,4 @@
-import { NextMiddleware } from 'next/server';
-import { AuthkitMiddlewareOptions } from './interfaces.js';
+import { NextMiddleware, NextRequest } from 'next/server';
+import { AuthkitMiddlewareOptions, AuthkitOptions, AuthkitResponse } from './interfaces.js';
 export declare function authkitMiddleware({ debug, middlewareAuth, redirectUri, signUpPaths, }?: AuthkitMiddlewareOptions): NextMiddleware;
+export declare function authkit(request: NextRequest, options?: AuthkitOptions): Promise<AuthkitResponse>;

package/dist/esm/types/session.d.ts

@@ -1,7 +1,8 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { AuthkitMiddlewareAuth, NoUserInfo, Session, UserInfo } from './interfaces.js';
+import { NextRequest } from 'next/server';
+import { AuthkitMiddlewareAuth, AuthkitOptions, AuthkitResponse, NoUserInfo, Session, UserInfo } from './interfaces.js';
 declare function encryptSession(session: Session): Promise<string>;
-declare function updateSession(request: NextRequest, debug: boolean, middlewareAuth: AuthkitMiddlewareAuth, redirectUri: string, signUpPaths: string[]): Promise<Response>;
+declare function updateSessionMiddleware(request: NextRequest, debug: boolean, middlewareAuth: AuthkitMiddlewareAuth, redirectUri: string, signUpPaths: string[]): Promise<Response>;
+declare function updateSession(request: NextRequest, options?: AuthkitOptions): Promise<AuthkitResponse>;
 declare function refreshSession(options: {
     organizationId?: string;
     ensureSignedIn?: boolean;
@@ -13,28 +14,4 @@ declare function withAuth(options: {
     ensureSignedIn: true;
 }): Promise<UserInfo>;
 declare function terminateSession(): Promise<void>;
-/**
- * Retrieves the session from the cookie. Meant for use in the middleware, for client side use `withAuth` instead.
- *
- * @returns UserInfo | NoUserInfo
- */
-declare function getSession(response?: NextResponse): Promise<{
-    user: null;
-    sessionId?: undefined;
-    organizationId?: undefined;
-    role?: undefined;
-    permissions?: undefined;
-    entitlements?: undefined;
-    impersonator?: undefined;
-    accessToken?: undefined;
-} | {
-    sessionId: string;
-    user: import("@workos-inc/node").User;
-    organizationId: string | undefined;
-    role: string | undefined;
-    permissions: string[] | undefined;
-    entitlements: string[] | undefined;
-    impersonator: import("./interfaces.js").Impersonator | undefined;
-    accessToken: string;
-} | undefined>;
-export { encryptSession, withAuth, refreshSession, terminateSession, updateSession, getSession };
+export { encryptSession, withAuth, refreshSession, terminateSession, updateSessionMiddleware, updateSession };

package/dist/esm/types/workos.d.ts

@@ -1,4 +1,4 @@
 import { WorkOS } from '@workos-inc/node';
-export declare const VERSION = "0.17.2";
+export declare const VERSION = "1.0.0";
 declare const workos: WorkOS;
 export { workos };

package/dist/esm/workos.js

@@ -1,6 +1,6 @@
 import { WorkOS } from '@workos-inc/node';
 import { WORKOS_API_HOSTNAME, WORKOS_API_KEY, WORKOS_API_HTTPS, WORKOS_API_PORT } from './env-variables.js';
-export const VERSION = '0.17.2';
+export const VERSION = '1.0.0';
 const options = {
     apiHostname: WORKOS_API_HOSTNAME,
     https: WORKOS_API_HTTPS ? WORKOS_API_HTTPS === 'true' : true,

package/dist/esm/workos.js.map

@@ -1 +1 @@
-{"version":3,"file":"workos.js","sourceRoot":"","sources":["../../src/workos.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAE5G,MAAM,CAAC,MAAM,OAAO,GAAG,QAAQ,CAAC;AAEhC,MAAM,OAAO,GAAG;IACd,WAAW,EAAE,mBAAmB;IAChC,KAAK,EAAE,gBAAgB,CAAC,CAAC,CAAC,gBAAgB,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI;IAC5D,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,SAAS;IAC7D,OAAO,EAAE;QACP,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;KACjB;CACF,CAAC;AAEF,+BAA+B;AAC/B,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;AAEnD,OAAO,EAAE,MAAM,EAAE,CAAC"}
+{"version":3,"file":"workos.js","sourceRoot":"","sources":["../../src/workos.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAE5G,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B,MAAM,OAAO,GAAG;IACd,WAAW,EAAE,mBAAmB;IAChC,KAAK,EAAE,gBAAgB,CAAC,CAAC,CAAC,gBAAgB,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI;IAC5D,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,SAAS;IAC7D,OAAO,EAAE;QACP,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;KACjB;CACF,CAAC;AAEF,+BAA+B;AAC/B,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;AAEnD,OAAO,EAAE,MAAM,EAAE,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@workos-inc/authkit-nextjs",
-  "version": "0.17.2",
+  "version": "1.0.0",
   "description": "Authentication and session helpers for using WorkOS & AuthKit with Next.js",
   "sideEffects": false,
   "type": "module",
@@ -12,6 +12,16 @@
     "LICENSE",
     "README.md"
   ],
+  "exports": {
+    "./components": {
+      "types": "./dist/esm/types/components/index.d.ts",
+      "import": "./dist/esm/components/index.js"
+    },
+    ".": {
+      "types": "./dist/esm/types/index.d.ts",
+      "import": "./dist/esm/index.js"
+    }
+  },
   "scripts": {
     "clean": "rm -rf dist",
     "prebuild": "npm run clean",

package/src/actions.ts

@@ -1,6 +1,8 @@
 'use server';
 
 import { signOut } from './auth.js';
+import { refreshSession, withAuth } from './session.js';
+import { workos } from './workos.js';
 
 /**
  * This action is only accessible to authenticated users,
@@ -14,3 +16,21 @@ export const checkSessionAction = async () => {
 export const handleSignOutAction = async () => {
   await signOut();
 };
+
+export const getOrganizationAction = async (organizationId: string) => {
+  return await workos.organizations.getOrganization(organizationId);
+};
+
+export const getAuthAction = async (ensureSignedIn?: boolean) => {
+  return await withAuth({ ensureSignedIn: ensureSignedIn as false });
+};
+
+export const refreshAuthAction = async ({
+  ensureSignedIn,
+  organizationId,
+}: {
+  ensureSignedIn?: boolean;
+  organizationId?: string;
+}) => {
+  return await refreshSession({ ensureSignedIn, organizationId });
+};