@xcript-dev/next 0.1.0

package/dist/chunk-Y6FXYEAI.mjs

@@ -0,0 +1,10 @@
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+
+export {
+  __require
+};

package/dist/client.d.mts

@@ -0,0 +1,37 @@
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import { ReactNode } from 'react';
+
+interface LicenseState {
+    /** Whether the license is valid. */
+    isValid: boolean;
+    /** Whether validation is in progress. */
+    isLoading: boolean;
+    /** Dynamic config from the Xcript dashboard. */
+    config: Record<string, string>;
+    /** Error message if validation failed. */
+    error: string | null;
+}
+interface XcriptProviderProps {
+    children: ReactNode;
+}
+/**
+ * Context provider that reads the license validation state from
+ * the middleware cookie. No client-side API calls needed.
+ *
+ * Wrap your app layout with this provider, then use `useLicense()`
+ * in any client component.
+ */
+declare function XcriptProvider({ children }: XcriptProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * React hook to access the current license state.
+ *
+ * Must be used within a `<XcriptProvider>`.
+ *
+ * @example
+ * ```tsx
+ * const { isValid, config, isLoading } = useLicense()
+ * ```
+ */
+declare function useLicense(): LicenseState;
+
+export { XcriptProvider, useLicense };

package/dist/client.d.ts

@@ -0,0 +1,37 @@
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import { ReactNode } from 'react';
+
+interface LicenseState {
+    /** Whether the license is valid. */
+    isValid: boolean;
+    /** Whether validation is in progress. */
+    isLoading: boolean;
+    /** Dynamic config from the Xcript dashboard. */
+    config: Record<string, string>;
+    /** Error message if validation failed. */
+    error: string | null;
+}
+interface XcriptProviderProps {
+    children: ReactNode;
+}
+/**
+ * Context provider that reads the license validation state from
+ * the middleware cookie. No client-side API calls needed.
+ *
+ * Wrap your app layout with this provider, then use `useLicense()`
+ * in any client component.
+ */
+declare function XcriptProvider({ children }: XcriptProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * React hook to access the current license state.
+ *
+ * Must be used within a `<XcriptProvider>`.
+ *
+ * @example
+ * ```tsx
+ * const { isValid, config, isLoading } = useLicense()
+ * ```
+ */
+declare function useLicense(): LicenseState;
+
+export { XcriptProvider, useLicense };

package/dist/client.js

@@ -0,0 +1,81 @@
+"use strict";
+"use client";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/client.tsx
+var client_exports = {};
+__export(client_exports, {
+  XcriptProvider: () => XcriptProvider,
+  useLicense: () => useLicense
+});
+module.exports = __toCommonJS(client_exports);
+var import_react = require("react");
+var import_jsx_runtime = require("react/jsx-runtime");
+var XcriptContext = (0, import_react.createContext)({
+  isValid: false,
+  isLoading: true,
+  config: {},
+  error: null
+});
+var COOKIE_NAME = "__xcript_status";
+function XcriptProvider({ children }) {
+  const [state, setState] = (0, import_react.useState)({
+    isValid: false,
+    isLoading: true,
+    config: {},
+    error: null
+  });
+  (0, import_react.useEffect)(() => {
+    try {
+      const cookies = document.cookie.split(";").reduce((acc, c) => {
+        const [key, ...rest] = c.trim().split("=");
+        acc[key] = decodeURIComponent(rest.join("="));
+        return acc;
+      }, {});
+      const raw = cookies[COOKIE_NAME];
+      if (raw) {
+        const parsed = JSON.parse(raw);
+        setState({
+          isValid: !!parsed.valid,
+          isLoading: false,
+          config: parsed.config || {},
+          error: null
+        });
+      } else {
+        setState((prev) => ({ ...prev, isLoading: false }));
+      }
+    } catch {
+      setState({
+        isValid: false,
+        isLoading: false,
+        config: {},
+        error: "Failed to read license state"
+      });
+    }
+  }, []);
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(XcriptContext.Provider, { value: state, children });
+}
+function useLicense() {
+  return (0, import_react.useContext)(XcriptContext);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  XcriptProvider,
+  useLicense
+});

package/dist/client.mjs

@@ -0,0 +1,62 @@
+"use client";
+import "./chunk-Y6FXYEAI.mjs";
+
+// src/client.tsx
+import {
+  createContext,
+  useContext,
+  useEffect,
+  useState
+} from "react";
+import { jsx } from "react/jsx-runtime";
+var XcriptContext = createContext({
+  isValid: false,
+  isLoading: true,
+  config: {},
+  error: null
+});
+var COOKIE_NAME = "__xcript_status";
+function XcriptProvider({ children }) {
+  const [state, setState] = useState({
+    isValid: false,
+    isLoading: true,
+    config: {},
+    error: null
+  });
+  useEffect(() => {
+    try {
+      const cookies = document.cookie.split(";").reduce((acc, c) => {
+        const [key, ...rest] = c.trim().split("=");
+        acc[key] = decodeURIComponent(rest.join("="));
+        return acc;
+      }, {});
+      const raw = cookies[COOKIE_NAME];
+      if (raw) {
+        const parsed = JSON.parse(raw);
+        setState({
+          isValid: !!parsed.valid,
+          isLoading: false,
+          config: parsed.config || {},
+          error: null
+        });
+      } else {
+        setState((prev) => ({ ...prev, isLoading: false }));
+      }
+    } catch {
+      setState({
+        isValid: false,
+        isLoading: false,
+        config: {},
+        error: "Failed to read license state"
+      });
+    }
+  }, []);
+  return /* @__PURE__ */ jsx(XcriptContext.Provider, { value: state, children });
+}
+function useLicense() {
+  return useContext(XcriptContext);
+}
+export {
+  XcriptProvider,
+  useLicense
+};

package/dist/index.d.mts

@@ -0,0 +1,56 @@
+import { NextRequest, NextResponse } from 'next/server';
+export { ValidationResponse, XcriptConfig } from '@xcript-dev/sdk';
+
+/**
+ * @xcript/next — Next.js middleware for license validation.
+ *
+ * @example
+ * ```ts
+ * // middleware.ts
+ * import { withXcript } from '@xcript/next'
+ *
+ * export default withXcript({
+ *   apiKey: process.env.XCRIPT_API_KEY!,
+ *   licenseKey: process.env.XCRIPT_LICENSE_KEY!,
+ *   protectedRoutes: ['/dashboard/*', '/api/*'],
+ *   onInvalid: '/license-expired',
+ * })
+ *
+ * export const config = {
+ *   matcher: ['/dashboard/:path*', '/api/:path*'],
+ * }
+ * ```
+ */
+
+interface XcriptMiddlewareConfig {
+    /** Your Xcript API key (starts with "xk_"). */
+    apiKey: string;
+    /** The license key to validate. */
+    licenseKey: string;
+    /** Ed25519 public key for signature verification (hex). Optional. */
+    publicKey?: string;
+    /** API base URL. Defaults to "https://api.xcript.dev". */
+    baseUrl?: string;
+    /**
+     * Glob patterns for routes that require a valid license.
+     * Use '*' as wildcard. Example: ['/dashboard/*', '/api/*']
+     */
+    protectedRoutes?: string[];
+    /** Route to redirect to when the license is invalid. Default: returns 403. */
+    onInvalid?: string;
+    /**
+     * How often to re-validate (in seconds).
+     * During this window, the cached result is trusted.
+     * Default: 300 (5 minutes).
+     */
+    revalidateInterval?: number;
+}
+/**
+ * Create a Next.js middleware that validates the Xcript license.
+ *
+ * The middleware validates once, stores the result in a cookie,
+ * and re-validates after `revalidateInterval` seconds.
+ */
+declare function withXcript(config: XcriptMiddlewareConfig): (request: NextRequest) => Promise<NextResponse<unknown>>;
+
+export { withXcript };

package/dist/index.d.ts

@@ -0,0 +1,56 @@
+import { NextRequest, NextResponse } from 'next/server';
+export { ValidationResponse, XcriptConfig } from '@xcript-dev/sdk';
+
+/**
+ * @xcript/next — Next.js middleware for license validation.
+ *
+ * @example
+ * ```ts
+ * // middleware.ts
+ * import { withXcript } from '@xcript/next'
+ *
+ * export default withXcript({
+ *   apiKey: process.env.XCRIPT_API_KEY!,
+ *   licenseKey: process.env.XCRIPT_LICENSE_KEY!,
+ *   protectedRoutes: ['/dashboard/*', '/api/*'],
+ *   onInvalid: '/license-expired',
+ * })
+ *
+ * export const config = {
+ *   matcher: ['/dashboard/:path*', '/api/:path*'],
+ * }
+ * ```
+ */
+
+interface XcriptMiddlewareConfig {
+    /** Your Xcript API key (starts with "xk_"). */
+    apiKey: string;
+    /** The license key to validate. */
+    licenseKey: string;
+    /** Ed25519 public key for signature verification (hex). Optional. */
+    publicKey?: string;
+    /** API base URL. Defaults to "https://api.xcript.dev". */
+    baseUrl?: string;
+    /**
+     * Glob patterns for routes that require a valid license.
+     * Use '*' as wildcard. Example: ['/dashboard/*', '/api/*']
+     */
+    protectedRoutes?: string[];
+    /** Route to redirect to when the license is invalid. Default: returns 403. */
+    onInvalid?: string;
+    /**
+     * How often to re-validate (in seconds).
+     * During this window, the cached result is trusted.
+     * Default: 300 (5 minutes).
+     */
+    revalidateInterval?: number;
+}
+/**
+ * Create a Next.js middleware that validates the Xcript license.
+ *
+ * The middleware validates once, stores the result in a cookie,
+ * and re-validates after `revalidateInterval` seconds.
+ */
+declare function withXcript(config: XcriptMiddlewareConfig): (request: NextRequest) => Promise<NextResponse<unknown>>;
+
+export { withXcript };

package/dist/index.js

@@ -0,0 +1,128 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  withXcript: () => withXcript
+});
+module.exports = __toCommonJS(index_exports);
+var import_server = require("next/server");
+var COOKIE_NAME = "__xcript_status";
+var DEFAULT_REVALIDATE = 300;
+function withXcript(config) {
+  const baseUrl = (config.baseUrl || "https://api.xcript.dev").replace(/\/+$/, "");
+  const revalidate = config.revalidateInterval ?? DEFAULT_REVALIDATE;
+  return async function middleware(request) {
+    const { pathname } = request.nextUrl;
+    if (config.protectedRoutes && !isProtected(pathname, config.protectedRoutes)) {
+      return import_server.NextResponse.next();
+    }
+    const cached = request.cookies.get(COOKIE_NAME)?.value;
+    if (cached) {
+      try {
+        const parsed = JSON.parse(cached);
+        const age = (Date.now() - parsed.timestamp) / 1e3;
+        if (age < revalidate && parsed.valid) {
+          return import_server.NextResponse.next();
+        }
+      } catch {
+      }
+    }
+    try {
+      const res = await fetch(`${baseUrl}/api/v1/validate`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "X-Api-Key": config.apiKey
+        },
+        body: JSON.stringify({
+          license_key: config.licenseKey,
+          machine_id: `nextjs-${hostname()}`
+        })
+      });
+      if (!res.ok) {
+        return handleInvalid(request, config);
+      }
+      const data = await res.json();
+      if (!data.valid) {
+        return handleInvalid(request, config);
+      }
+      const response = import_server.NextResponse.next();
+      response.cookies.set(COOKIE_NAME, JSON.stringify({
+        valid: true,
+        timestamp: Date.now(),
+        config: data.config || {}
+      }), {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === "production",
+        sameSite: "lax",
+        maxAge: revalidate,
+        path: "/"
+      });
+      return response;
+    } catch {
+      if (cached) {
+        try {
+          const parsed = JSON.parse(cached);
+          if (parsed.valid) {
+            return import_server.NextResponse.next();
+          }
+        } catch {
+        }
+      }
+      return handleInvalid(request, config);
+    }
+  };
+}
+function handleInvalid(request, config) {
+  if (config.onInvalid) {
+    const url = request.nextUrl.clone();
+    url.pathname = config.onInvalid;
+    const response = import_server.NextResponse.redirect(url);
+    response.cookies.delete(COOKIE_NAME);
+    return response;
+  }
+  return new import_server.NextResponse(
+    JSON.stringify({ error: "License validation failed" }),
+    {
+      status: 403,
+      headers: { "Content-Type": "application/json" }
+    }
+  );
+}
+function isProtected(pathname, patterns) {
+  return patterns.some((pattern) => {
+    const regex = new RegExp(
+      "^" + pattern.replace(/\*/g, ".*").replace(/\//g, "\\/") + "$"
+    );
+    return regex.test(pathname);
+  });
+}
+function hostname() {
+  try {
+    return require("os").hostname();
+  } catch {
+    return "unknown";
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  withXcript
+});

package/dist/index.mjs

@@ -0,0 +1,107 @@
+import {
+  __require
+} from "./chunk-Y6FXYEAI.mjs";
+
+// src/index.ts
+import { NextResponse } from "next/server";
+var COOKIE_NAME = "__xcript_status";
+var DEFAULT_REVALIDATE = 300;
+function withXcript(config) {
+  const baseUrl = (config.baseUrl || "https://api.xcript.dev").replace(/\/+$/, "");
+  const revalidate = config.revalidateInterval ?? DEFAULT_REVALIDATE;
+  return async function middleware(request) {
+    const { pathname } = request.nextUrl;
+    if (config.protectedRoutes && !isProtected(pathname, config.protectedRoutes)) {
+      return NextResponse.next();
+    }
+    const cached = request.cookies.get(COOKIE_NAME)?.value;
+    if (cached) {
+      try {
+        const parsed = JSON.parse(cached);
+        const age = (Date.now() - parsed.timestamp) / 1e3;
+        if (age < revalidate && parsed.valid) {
+          return NextResponse.next();
+        }
+      } catch {
+      }
+    }
+    try {
+      const res = await fetch(`${baseUrl}/api/v1/validate`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "X-Api-Key": config.apiKey
+        },
+        body: JSON.stringify({
+          license_key: config.licenseKey,
+          machine_id: `nextjs-${hostname()}`
+        })
+      });
+      if (!res.ok) {
+        return handleInvalid(request, config);
+      }
+      const data = await res.json();
+      if (!data.valid) {
+        return handleInvalid(request, config);
+      }
+      const response = NextResponse.next();
+      response.cookies.set(COOKIE_NAME, JSON.stringify({
+        valid: true,
+        timestamp: Date.now(),
+        config: data.config || {}
+      }), {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === "production",
+        sameSite: "lax",
+        maxAge: revalidate,
+        path: "/"
+      });
+      return response;
+    } catch {
+      if (cached) {
+        try {
+          const parsed = JSON.parse(cached);
+          if (parsed.valid) {
+            return NextResponse.next();
+          }
+        } catch {
+        }
+      }
+      return handleInvalid(request, config);
+    }
+  };
+}
+function handleInvalid(request, config) {
+  if (config.onInvalid) {
+    const url = request.nextUrl.clone();
+    url.pathname = config.onInvalid;
+    const response = NextResponse.redirect(url);
+    response.cookies.delete(COOKIE_NAME);
+    return response;
+  }
+  return new NextResponse(
+    JSON.stringify({ error: "License validation failed" }),
+    {
+      status: 403,
+      headers: { "Content-Type": "application/json" }
+    }
+  );
+}
+function isProtected(pathname, patterns) {
+  return patterns.some((pattern) => {
+    const regex = new RegExp(
+      "^" + pattern.replace(/\*/g, ".*").replace(/\//g, "\\/") + "$"
+    );
+    return regex.test(pathname);
+  });
+}
+function hostname() {
+  try {
+    return __require("os").hostname();
+  } catch {
+    return "unknown";
+  }
+}
+export {
+  withXcript
+};

package/dist/server.d.mts

@@ -0,0 +1,51 @@
+/**
+ * @xcript/next/server — Server-side utilities for license validation.
+ *
+ * @example
+ * ```ts
+ * // Server Action or Route Handler
+ * import { requireLicense, getLicense } from '@xcript/next/server'
+ *
+ * // Throws if license is invalid
+ * export async function POST() {
+ *   const license = await requireLicense()
+ *   // license.config.max_users → "50"
+ * }
+ *
+ * // Returns null if invalid (no throw)
+ * export async function GET() {
+ *   const license = await getLicense()
+ *   if (!license) return Response.json({ error: 'No license' }, { status: 403 })
+ * }
+ * ```
+ */
+interface LicenseData {
+    /** Whether the license is valid. */
+    valid: boolean;
+    /** Dynamic config from the Xcript dashboard. */
+    config: Record<string, string>;
+    /** When the validation was performed (epoch ms). */
+    timestamp: number;
+}
+/**
+ * Get the current license state from the middleware cookie.
+ * Returns null if no valid license is found.
+ *
+ * Use this in Server Components, Server Actions, or Route Handlers.
+ */
+declare function getLicense(): Promise<LicenseData | null>;
+/**
+ * Require a valid license. Throws an error if the license is invalid.
+ *
+ * Use this at the top of protected Server Actions or Route Handlers.
+ *
+ * @throws Error if the license is not valid
+ */
+declare function requireLicense(): Promise<LicenseData>;
+/**
+ * Get a specific config value from the license.
+ * Returns undefined if the license is invalid or the key doesn't exist.
+ */
+declare function getLicenseConfig(key: string): Promise<string | undefined>;
+
+export { getLicense, getLicenseConfig, requireLicense };

package/dist/server.d.ts

@@ -0,0 +1,51 @@
+/**
+ * @xcript/next/server — Server-side utilities for license validation.
+ *
+ * @example
+ * ```ts
+ * // Server Action or Route Handler
+ * import { requireLicense, getLicense } from '@xcript/next/server'
+ *
+ * // Throws if license is invalid
+ * export async function POST() {
+ *   const license = await requireLicense()
+ *   // license.config.max_users → "50"
+ * }
+ *
+ * // Returns null if invalid (no throw)
+ * export async function GET() {
+ *   const license = await getLicense()
+ *   if (!license) return Response.json({ error: 'No license' }, { status: 403 })
+ * }
+ * ```
+ */
+interface LicenseData {
+    /** Whether the license is valid. */
+    valid: boolean;
+    /** Dynamic config from the Xcript dashboard. */
+    config: Record<string, string>;
+    /** When the validation was performed (epoch ms). */
+    timestamp: number;
+}
+/**
+ * Get the current license state from the middleware cookie.
+ * Returns null if no valid license is found.
+ *
+ * Use this in Server Components, Server Actions, or Route Handlers.
+ */
+declare function getLicense(): Promise<LicenseData | null>;
+/**
+ * Require a valid license. Throws an error if the license is invalid.
+ *
+ * Use this at the top of protected Server Actions or Route Handlers.
+ *
+ * @throws Error if the license is not valid
+ */
+declare function requireLicense(): Promise<LicenseData>;
+/**
+ * Get a specific config value from the license.
+ * Returns undefined if the license is invalid or the key doesn't exist.
+ */
+declare function getLicenseConfig(key: string): Promise<string | undefined>;
+
+export { getLicense, getLicenseConfig, requireLicense };

package/dist/server.js

@@ -0,0 +1,60 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/server.ts
+var server_exports = {};
+__export(server_exports, {
+  getLicense: () => getLicense,
+  getLicenseConfig: () => getLicenseConfig,
+  requireLicense: () => requireLicense
+});
+module.exports = __toCommonJS(server_exports);
+var import_headers = require("next/headers");
+var COOKIE_NAME = "__xcript_status";
+async function getLicense() {
+  try {
+    const cookieStore = await (0, import_headers.cookies)();
+    const raw = cookieStore.get(COOKIE_NAME)?.value;
+    if (!raw) return null;
+    const parsed = JSON.parse(raw);
+    if (!parsed.valid) return null;
+    return parsed;
+  } catch {
+    return null;
+  }
+}
+async function requireLicense() {
+  const license = await getLicense();
+  if (!license) {
+    throw new Error(
+      "Xcript: License validation required. Ensure withXcript() middleware is configured."
+    );
+  }
+  return license;
+}
+async function getLicenseConfig(key) {
+  const license = await getLicense();
+  return license?.config[key];
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  getLicense,
+  getLicenseConfig,
+  requireLicense
+});

package/dist/server.mjs

@@ -0,0 +1,35 @@
+import "./chunk-Y6FXYEAI.mjs";
+
+// src/server.ts
+import { cookies } from "next/headers";
+var COOKIE_NAME = "__xcript_status";
+async function getLicense() {
+  try {
+    const cookieStore = await cookies();
+    const raw = cookieStore.get(COOKIE_NAME)?.value;
+    if (!raw) return null;
+    const parsed = JSON.parse(raw);
+    if (!parsed.valid) return null;
+    return parsed;
+  } catch {
+    return null;
+  }
+}
+async function requireLicense() {
+  const license = await getLicense();
+  if (!license) {
+    throw new Error(
+      "Xcript: License validation required. Ensure withXcript() middleware is configured."
+    );
+  }
+  return license;
+}
+async function getLicenseConfig(key) {
+  const license = await getLicense();
+  return license?.config[key];
+}
+export {
+  getLicense,
+  getLicenseConfig,
+  requireLicense
+};

package/package.json

@@ -0,0 +1,63 @@
+{
+    "name": "@xcript-dev/next",
+    "version": "0.1.0",
+    "description": "Next.js integration for Xcript — middleware, hooks, and server utilities for license validation",
+    "main": "./dist/index.js",
+    "module": "./dist/index.mjs",
+    "types": "./dist/index.d.ts",
+    "exports": {
+        ".": {
+            "import": "./dist/index.mjs",
+            "require": "./dist/index.js",
+            "types": "./dist/index.d.ts"
+        },
+        "./client": {
+            "import": "./dist/client.mjs",
+            "require": "./dist/client.js",
+            "types": "./dist/client.d.ts"
+        },
+        "./server": {
+            "import": "./dist/server.mjs",
+            "require": "./dist/server.js",
+            "types": "./dist/server.d.ts"
+        }
+    },
+    "files": [
+        "dist"
+    ],
+    "scripts": {
+        "build": "tsup src/index.ts src/client.tsx src/server.ts --format cjs,esm --dts --clean --external react --external next --external @xcript-dev/sdk",
+        "dev": "tsup src/index.ts src/client.tsx src/server.ts --format cjs,esm --dts --watch --external react --external next --external @xcript-dev/sdk"
+    },
+    "keywords": [
+        "nextjs",
+        "licensing",
+        "xcript",
+        "middleware",
+        "react-hook"
+    ],
+    "license": "MIT",
+    "engines": {
+        "node": ">=18.0.0"
+    },
+    "sideEffects": false,
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/xcript/xcript-js",
+        "directory": "packages/next"
+    },
+    "dependencies": {
+        "@xcript-dev/sdk": "*"
+    },
+    "peerDependencies": {
+        "next": ">=14.0.0",
+        "react": ">=18.0.0"
+    },
+    "devDependencies": {
+        "typescript": "^5.4.0",
+        "tsup": "^8.0.0",
+        "@types/react": "^18.0.0",
+        "next": "^15.0.0",
+        "react": "^18.0.0"
+    }
+}