azirid-react 0.13.2 → 0.14.1

package/dist/next.js

@@ -1,170 +0,0 @@
-import { NextResponse } from 'next/server';
-
-// src/server.ts
-function createSessionSyncHandler(options) {
-  const name = options?.cookieName ?? "__session";
-  const secure = options?.secure ?? false;
-  const maxAge = options?.maxAge ?? 3600;
-  return {
-    async POST(req) {
-      const { token } = await req.json();
-      if (!token || typeof token !== "string") {
-        return new Response(JSON.stringify({ error: "Missing token" }), {
-          status: 400,
-          headers: { "Content-Type": "application/json" }
-        });
-      }
-      const parts = [`${name}=${token}`, "Path=/", "HttpOnly", "SameSite=Lax", `Max-Age=${maxAge}`];
-      if (secure) parts.push("Secure");
-      return new Response(JSON.stringify({ ok: true }), {
-        headers: {
-          "Content-Type": "application/json",
-          "Set-Cookie": parts.join("; ")
-        }
-      });
-    },
-    async DELETE() {
-      const parts = [`${name}=`, "Path=/", "HttpOnly", "SameSite=Lax", "Max-Age=0"];
-      if (secure) parts.push("Secure");
-      return new Response(JSON.stringify({ ok: true }), {
-        headers: {
-          "Content-Type": "application/json",
-          "Set-Cookie": parts.join("; ")
-        }
-      });
-    }
-  };
-}
-
-// src/next-handlers.ts
-var AZIRID_API_URL = process.env.AZIRID_API_URL ?? "https://api.azirid.com";
-function createHandler(options) {
-  const destination = (options?.apiUrl ?? AZIRID_API_URL).replace(/\/$/, "");
-  const debug = options?.debug ?? false;
-  return async function handler(request, context) {
-    const resolvedParams = context.params instanceof Promise ? await context.params : context.params;
-    const path = resolvedParams.path.join("/");
-    const targetUrl = `${destination}/v1/users/auth/${path}`;
-    if (debug) {
-      console.log(`[azirid-proxy] ${request.method} /api/auth/${path} \u2192 ${targetUrl}`);
-      console.log(`[azirid-proxy] Cookies:`, request.headers.get("cookie") ?? "(none)");
-    }
-    const forwardHeaders = new Headers();
-    request.headers.forEach((value, key) => {
-      const lower = key.toLowerCase();
-      if (lower !== "host" && lower !== "connection") {
-        forwardHeaders.set(key, value);
-      }
-    });
-    const body = request.method !== "GET" && request.method !== "HEAD" ? await request.text() : void 0;
-    const apiResponse = await fetch(targetUrl, {
-      method: request.method,
-      headers: forwardHeaders,
-      body
-    });
-    const responseHeaders = new Headers();
-    apiResponse.headers.forEach((value, key) => {
-      if (key.toLowerCase() !== "set-cookie") {
-        responseHeaders.set(key, value);
-      }
-    });
-    const isSecure = request.headers.get("x-forwarded-proto") === "https" || new URL(request.url).protocol === "https:";
-    const setCookies = typeof apiResponse.headers.getSetCookie === "function" ? apiResponse.headers.getSetCookie() : splitSetCookieHeader(apiResponse.headers.get("set-cookie") ?? "");
-    for (const cookie of setCookies) {
-      let fixed = cookie.replace(/;\s*[Dd]omain=[^;]*/g, "").replace(/;\s*[Pp]ath=[^;]*/g, "").replace(/[Ss]ame[Ss]ite=[Nn]one/g, "SameSite=Lax");
-      fixed += "; Path=/";
-      if (!isSecure) {
-        fixed = fixed.replace(/;\s*[Ss]ecure/g, "");
-      }
-      responseHeaders.append("set-cookie", fixed);
-    }
-    if (debug) {
-      console.log(`[azirid-proxy] API responded: ${apiResponse.status}`);
-      const responseCookies = [];
-      responseHeaders.forEach((value, key) => {
-        if (key.toLowerCase() === "set-cookie") responseCookies.push(value);
-      });
-      if (responseCookies.length > 0) {
-        console.log(`[azirid-proxy] Set-Cookie:`, responseCookies);
-      }
-    }
-    return new Response(apiResponse.body, {
-      status: apiResponse.status,
-      statusText: apiResponse.statusText,
-      headers: responseHeaders
-    });
-  };
-}
-function splitSetCookieHeader(header) {
-  if (!header) return [];
-  const cookies = [];
-  let current = "";
-  for (const part of header.split(", ")) {
-    if (current && /^[a-zA-Z0-9_\-.]+=/.test(part)) {
-      cookies.push(current);
-      current = part;
-    } else {
-      current = current ? `${current}, ${part}` : part;
-    }
-  }
-  if (current) cookies.push(current);
-  return cookies;
-}
-function createAziridRouteHandlers(options) {
-  const handler = createHandler(options);
-  return {
-    GET: handler,
-    POST: handler,
-    PUT: handler,
-    PATCH: handler,
-    DELETE: handler
-  };
-}
-var defaultHandlers = createAziridRouteHandlers();
-var GET = defaultHandlers.GET;
-var POST = defaultHandlers.POST;
-var PUT = defaultHandlers.PUT;
-var PATCH = defaultHandlers.PATCH;
-var DELETE = defaultHandlers.DELETE;
-function createAziridProxyHandler(apiUrl = AZIRID_API_URL) {
-  return createHandler({ apiUrl });
-}
-function withAziridProxy(apiUrl = AZIRID_API_URL) {
-  return (nextConfig = {}) => ({
-    ...nextConfig
-  });
-}
-function createRequestInterceptor(options) {
-  const cookieName = options?.cookieName ?? "__session";
-  const loginUrl = options?.loginUrl ?? "/login";
-  const defaultPublic = ["/login", "/signup", "/auth/handoff"];
-  const publicRoutes = options?.publicRoutes ? [.../* @__PURE__ */ new Set([...options.publicRoutes, "/auth/handoff"])] : defaultPublic;
-  const protectedRoutes = options?.protectedRoutes;
-  return function handler(request) {
-    const { pathname } = request.nextUrl;
-    const token = request.cookies.get(cookieName)?.value;
-    const response = NextResponse.next();
-    if (token) {
-      response.headers.set("x-azirid-token", token);
-    }
-    if (protectedRoutes) {
-      const isPublic = publicRoutes.some((r) => pathname.startsWith(r));
-      const isProtected = protectedRoutes.some((r) => pathname.startsWith(r));
-      if (isProtected && !isPublic && !token) {
-        const url = request.nextUrl.clone();
-        url.pathname = loginUrl;
-        url.searchParams.set("redirect", pathname);
-        return NextResponse.redirect(url);
-      }
-    }
-    return response;
-  };
-}
-function createAziridProxy(options) {
-  return createRequestInterceptor(options);
-}
-var aziridProxy = createAziridProxy();
-
-export { DELETE, GET, PATCH, POST, PUT, aziridProxy, createAziridProxy, createAziridProxyHandler, createAziridRouteHandlers, createSessionSyncHandler, withAziridProxy };
-//# sourceMappingURL=next.js.map
-//# sourceMappingURL=next.js.map

package/dist/next.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server.ts","../src/next-handlers.ts","../src/next-proxy.ts"],"names":[],"mappings":";;;AA2HO,SAAS,yBAAyB,OAAA,EAA8B;AACrE,EAAA,MAAM,IAAA,GAAO,SAAS,UAAA,IAAc,WAAA;AACpC,EAAA,MAAM,MAAA,GAAS,SAAS,MAAA,IAAU,KAAA;AAClC,EAAA,MAAM,MAAA,GAAS,SAAS,MAAA,IAAU,IAAA;AAElC,EAAA,OAAO;AAAA,IACL,MAAM,KAAK,GAAA,EAAc;AACvB,MAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAM,IAAI,IAAA,EAAK;AACjC,MAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,EAAU;AACvC,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,eAAA,EAAiB,CAAA,EAAG;AAAA,UAC9D,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AACA,MAAA,MAAM,KAAA,GAAQ,CAAC,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA,EAAI,QAAA,EAAU,UAAA,EAAY,cAAA,EAAgB,CAAA,QAAA,EAAW,MAAM,CAAA,CAAE,CAAA;AAC5F,MAAA,IAAI,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,QAAQ,CAAA;AAC/B,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,EAAA,EAAI,IAAA,EAAM,CAAA,EAAG;AAAA,QAChD,OAAA,EAAS;AAAA,UACP,cAAA,EAAgB,kBAAA;AAAA,UAChB,YAAA,EAAc,KAAA,CAAM,IAAA,CAAK,IAAI;AAAA;AAC/B,OACD,CAAA;AAAA,IACH,CAAA;AAAA,IACA,MAAM,MAAA,GAAS;AACb,MAAA,MAAM,KAAA,GAAQ,CAAC,CAAA,EAAG,IAAI,KAAK,QAAA,EAAU,UAAA,EAAY,gBAAgB,WAAW,CAAA;AAC5E,MAAA,IAAI,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,QAAQ,CAAA;AAC/B,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,EAAA,EAAI,IAAA,EAAM,CAAA,EAAG;AAAA,QAChD,OAAA,EAAS;AAAA,UACP,cAAA,EAAgB,kBAAA;AAAA,UAChB,YAAA,EAAc,KAAA,CAAM,IAAA,CAAK,IAAI;AAAA;AAC/B,OACD,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACvHA,IAAM,cAAA,GAAiB,OAAA,CAAQ,GAAA,CAAI,cAAA,IAAkB,wBAAA;AAkBrD,SAAS,cAAc,OAAA,EAAmD;AACxE,EAAA,MAAM,eAAe,OAAA,EAAS,MAAA,IAAU,cAAA,EAAgB,OAAA,CAAQ,OAAO,EAAE,CAAA;AACzE,EAAA,MAAM,KAAA,GAAQ,SAAS,KAAA,IAAS,KAAA;AAEhC,EAAA,OAAO,eAAe,OAAA,CAAQ,OAAA,EAAS,OAAA,EAAS;AAE9C,IAAA,MAAM,iBAAiB,OAAA,CAAQ,MAAA,YAAkB,UAAU,MAAM,OAAA,CAAQ,SAAS,OAAA,CAAQ,MAAA;AAC1F,IAAA,MAAM,IAAA,GAAO,cAAA,CAAe,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AACzC,IAAA,MAAM,SAAA,GAAY,CAAA,EAAG,WAAW,CAAA,eAAA,EAAkB,IAAI,CAAA,CAAA;AAEtD,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,OAAA,CAAQ,GAAA,CAAI,kBAAkB,OAAA,CAAQ,MAAM,cAAc,IAAI,CAAA,QAAA,EAAM,SAAS,CAAA,CAAE,CAAA;AAC/E,MAAA,OAAA,CAAQ,IAAI,CAAA,uBAAA,CAAA,EAA2B,OAAA,CAAQ,QAAQ,GAAA,CAAI,QAAQ,KAAK,QAAQ,CAAA;AAAA,IAClF;AAGA,IAAA,MAAM,cAAA,GAAiB,IAAI,OAAA,EAAQ;AACnC,IAAA,OAAA,CAAQ,OAAA,CAAQ,OAAA,CAAQ,CAAC,KAAA,EAAO,GAAA,KAAQ;AACtC,MAAA,MAAM,KAAA,GAAQ,IAAI,WAAA,EAAY;AAC9B,MAAA,IAAI,KAAA,KAAU,MAAA,IAAU,KAAA,KAAU,YAAA,EAAc;AAC9C,QAAA,cAAA,CAAe,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,MAC/B;AAAA,IACF,CAAC,CAAA;AAGD,IAAA,MAAM,IAAA,GACJ,OAAA,CAAQ,MAAA,KAAW,KAAA,IAAS,OAAA,CAAQ,WAAW,MAAA,GAAS,MAAM,OAAA,CAAQ,IAAA,EAAK,GAAI,MAAA;AAGjF,IAAA,MAAM,WAAA,GAAc,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,MACzC,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAA,EAAS,cAAA;AAAA,MACT;AAAA,KACD,CAAA;AAGD,IAAA,MAAM,eAAA,GAAkB,IAAI,OAAA,EAAQ;AACpC,IAAA,WAAA,CAAY,OAAA,CAAQ,OAAA,CAAQ,CAAC,KAAA,EAAO,GAAA,KAAQ;AAC1C,MAAA,IAAI,GAAA,CAAI,WAAA,EAAY,KAAM,YAAA,EAAc;AACtC,QAAA,eAAA,CAAgB,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,MAChC;AAAA,IACF,CAAC,CAAA;AAGD,IAAA,MAAM,QAAA,GACJ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,KAAM,OAAA,IAC7C,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,KAAa,QAAA;AAEpC,IAAA,MAAM,aACJ,OAAO,WAAA,CAAY,OAAA,CAAQ,YAAA,KAAiB,aACxC,WAAA,CAAY,OAAA,CAAQ,YAAA,EAAa,GACjC,qBAAqB,WAAA,CAAY,OAAA,CAAQ,GAAA,CAAI,YAAY,KAAK,EAAE,CAAA;AAEtE,IAAA,KAAA,MAAW,UAAU,UAAA,EAAY;AAC/B,MAAA,IAAI,KAAA,GAAQ,MAAA,CAET,OAAA,CAAQ,sBAAA,EAAwB,EAAE,CAAA,CAIlC,OAAA,CAAQ,oBAAA,EAAsB,EAAE,CAAA,CAEhC,OAAA,CAAQ,yBAAA,EAA2B,cAAc,CAAA;AAGpD,MAAA,KAAA,IAAS,UAAA;AAGT,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,KAAA,GAAQ,KAAA,CAAM,OAAA,CAAQ,gBAAA,EAAkB,EAAE,CAAA;AAAA,MAC5C;AAEA,MAAA,eAAA,CAAgB,MAAA,CAAO,cAAc,KAAK,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,8BAAA,EAAiC,WAAA,CAAY,MAAM,CAAA,CAAE,CAAA;AACjE,MAAA,MAAM,kBAA4B,EAAC;AACnC,MAAA,eAAA,CAAgB,OAAA,CAAQ,CAAC,KAAA,EAAO,GAAA,KAAQ;AACtC,QAAA,IAAI,IAAI,WAAA,EAAY,KAAM,YAAA,EAAc,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,MACpE,CAAC,CAAA;AACD,MAAA,IAAI,eAAA,CAAgB,SAAS,CAAA,EAAG;AAC9B,QAAA,OAAA,CAAQ,GAAA,CAAI,8BAA8B,eAAe,CAAA;AAAA,MAC3D;AAAA,IACF;AAEA,IAAA,OAAO,IAAI,QAAA,CAAS,WAAA,CAAY,IAAA,EAAM;AAAA,MACpC,QAAQ,WAAA,CAAY,MAAA;AAAA,MACpB,YAAY,WAAA,CAAY,UAAA;AAAA,MACxB,OAAA,EAAS;AAAA,KACV,CAAA;AAAA,EACH,CAAA;AACF;AAGA,SAAS,qBAAqB,MAAA,EAA0B;AACtD,EAAA,IAAI,CAAC,MAAA,EAAQ,OAAO,EAAC;AACrB,EAAA,MAAM,UAAoB,EAAC;AAC3B,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA,EAAG;AACrC,IAAA,IAAI,OAAA,IAAW,oBAAA,CAAqB,IAAA,CAAK,IAAI,CAAA,EAAG;AAC9C,MAAA,OAAA,CAAQ,KAAK,OAAO,CAAA;AACpB,MAAA,OAAA,GAAU,IAAA;AAAA,IACZ,CAAA,MAAO;AACL,MAAA,OAAA,GAAU,OAAA,GAAU,CAAA,EAAG,OAAO,CAAA,EAAA,EAAK,IAAI,CAAA,CAAA,GAAK,IAAA;AAAA,IAC9C;AAAA,EACF;AACA,EAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,IAAA,CAAK,OAAO,CAAA;AACjC,EAAA,OAAO,OAAA;AACT;AA2BO,SAAS,0BAA0B,OAAA,EAMxC;AACA,EAAA,MAAM,OAAA,GAAU,cAAc,OAAO,CAAA;AACrC,EAAA,OAAO;AAAA,IACL,GAAA,EAAK,OAAA;AAAA,IACL,IAAA,EAAM,OAAA;AAAA,IACN,GAAA,EAAK,OAAA;AAAA,IACL,KAAA,EAAO,OAAA;AAAA,IACP,MAAA,EAAQ;AAAA,GACV;AACF;AAaA,IAAM,kBAAkB,yBAAA,EAA0B;AAC3C,IAAM,MAAM,eAAA,CAAgB;AAC5B,IAAM,OAAO,eAAA,CAAgB;AAC7B,IAAM,MAAM,eAAA,CAAgB;AAC5B,IAAM,QAAQ,eAAA,CAAgB;AAC9B,IAAM,SAAS,eAAA,CAAgB;AAU/B,SAAS,wBAAA,CAAyB,SAAiB,cAAA,EAA8B;AACtF,EAAA,OAAO,aAAA,CAAc,EAAE,MAAA,EAAQ,CAAA;AACjC;AAYO,SAAS,eAAA,CAAgB,SAAiB,cAAA,EAAgB;AAG/D,EAAA,OAAO,CAAC,UAAA,GAAsC,EAAC,MAAO;AAAA,IACpD,GAAG;AAAA,GACL,CAAA;AACF;ACrNA,SAAS,yBAAyB,OAAA,EAA8B;AAC9D,EAAA,MAAM,UAAA,GAAa,SAAS,UAAA,IAAc,WAAA;AAC1C,EAAA,MAAM,QAAA,GAAW,SAAS,QAAA,IAAY,QAAA;AACtC,EAAA,MAAM,aAAA,GAAgB,CAAC,QAAA,EAAU,SAAA,EAAW,eAAe,CAAA;AAC3D,EAAA,MAAM,YAAA,GAAe,OAAA,EAAS,YAAA,GAC1B,CAAC,mBAAG,IAAI,GAAA,CAAI,CAAC,GAAG,OAAA,CAAQ,YAAA,EAAc,eAAe,CAAC,CAAC,CAAA,GACvD,aAAA;AACJ,EAAA,MAAM,kBAAkB,OAAA,EAAS,eAAA;AAEjC,EAAA,OAAO,SAAS,QAAQ,OAAA,EAAsB;AAC5C,IAAA,MAAM,EAAE,QAAA,EAAS,GAAI,OAAA,CAAQ,OAAA;AAC7B,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,KAAA;AAE/C,IAAA,MAAM,QAAA,GAAW,aAAa,IAAA,EAAK;AAGnC,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,gBAAA,EAAkB,KAAK,CAAA;AAAA,IAC9C;AAGA,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,MAAM,QAAA,GAAW,aAAa,IAAA,CAAK,CAAC,MAAM,QAAA,CAAS,UAAA,CAAW,CAAC,CAAC,CAAA;AAChE,MAAA,MAAM,WAAA,GAAc,gBAAgB,IAAA,CAAK,CAAC,MAAM,QAAA,CAAS,UAAA,CAAW,CAAC,CAAC,CAAA;AAEtE,MAAA,IAAI,WAAA,IAAe,CAAC,QAAA,IAAY,CAAC,KAAA,EAAO;AACtC,QAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAM;AAClC,QAAA,GAAA,CAAI,QAAA,GAAW,QAAA;AACf,QAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,QAAQ,CAAA;AACzC,QAAA,OAAO,YAAA,CAAa,SAAS,GAAG,CAAA;AAAA,MAClC;AAAA,IACF;AAEA,IAAA,OAAO,QAAA;AAAA,EACT,CAAA;AACF;AAyBO,SAAS,kBAAkB,OAAA,EAA8B;AAC9D,EAAA,OAAO,yBAAyB,OAAO,CAAA;AACzC;AAGO,IAAM,cAAc,iBAAA","file":"next.js","sourcesContent":["/**\n * Server-side utilities for Next.js (App Router).\n *\n * Use this entry point in Server Components, Server Actions, and Route Handlers\n * to read the authenticated user's session token from the httpOnly `__session` cookie.\n *\n * @example\n * ```ts\n * // lib/access-server.ts\n * import { cookies } from \"next/headers\";\n * import { createServerAccess } from \"azirid-react/server\";\n * export const { getSessionToken } = createServerAccess({ cookies });\n * ```\n *\n * ```ts\n * // app/actions/profile.ts\n * \"use server\";\n * import { getSessionToken } from \"@/lib/access-server\";\n *\n * export async function getProfile() {\n *   const token = await getSessionToken();\n *   if (!token) throw new Error(\"Not authenticated\");\n *\n *   const res = await fetch(\"https://api.myapp.com/v1/users/auth/me\", {\n *     headers: { Authorization: `Bearer ${token}` },\n *   });\n *   return res.json();\n * }\n * ```\n *\n * @packageDocumentation\n */\n\n/** Minimal cookie store interface (subset of Next.js ReadonlyRequestCookies) */\ninterface CookieStore {\n  get(name: string): { value: string } | undefined\n}\n\n/** The `cookies` function from `next/headers` */\ntype CookiesFn = () => CookieStore | Promise<CookieStore>\n\nexport interface ServerAccessOptions {\n  /**\n   * The `cookies` function imported from `next/headers`.\n   * Required — pass it explicitly to avoid bundler issues with dynamic imports.\n   *\n   * @example\n   * ```ts\n   * import { cookies } from \"next/headers\";\n   * createServerAccess({ cookies });\n   * ```\n   */\n  cookies: CookiesFn\n\n  /**\n   * Name of the httpOnly cookie that carries the access token.\n   * Must match the cookie set by the Azirid API.\n   * @default \"__session\"\n   */\n  cookieName?: string\n}\n\nexport interface ServerAccess {\n  /**\n   * Read the raw JWT access token from the session cookie.\n   * Returns `null` when no cookie is present or when called\n   * outside a Next.js server context.\n   */\n  getSessionToken: () => Promise<string | null>\n\n  /** Alias for {@link getSessionToken}. */\n  getAccessToken: () => Promise<string | null>\n}\n\n/**\n * Create server-side helpers bound to the session cookie.\n *\n * Call once at module scope, then use the returned functions\n * in any Server Component, Server Action, or Route Handler.\n */\nexport function createServerAccess(options: ServerAccessOptions): ServerAccess {\n  const { cookies, cookieName = '__session' } = options\n\n  async function getSessionToken(): Promise<string | null> {\n    try {\n      const result = cookies()\n      // Next.js 15+: cookies() returns a Promise\n      const cookieStore = result instanceof Promise ? await result : result\n      return cookieStore.get(cookieName)?.value ?? null\n    } catch {\n      return null\n    }\n  }\n\n  return {\n    getSessionToken,\n    getAccessToken: getSessionToken,\n  }\n}\n\n// ─── Session Sync Handler (cross-origin dev support) ─────────\n\nexport interface SessionSyncOptions {\n  /** Cookie name (default: \"__session\") */\n  cookieName?: string\n  /** Set Secure flag on cookie (default: false) */\n  secure?: boolean\n  /** Cookie max age in seconds (default: 3600 = 1h) */\n  maxAge?: number\n}\n\n/**\n * Create a route handler that syncs the access token to a local httpOnly cookie.\n *\n * Use this in a Next.js App Router route to bridge cross-origin sessions:\n *\n * @example\n * ```ts\n * // app/api/auth/session/route.ts\n * import { createSessionSyncHandler } from \"azirid-react/server\";\n * export const { POST, DELETE } = createSessionSyncHandler();\n * ```\n */\nexport function createSessionSyncHandler(options?: SessionSyncOptions) {\n  const name = options?.cookieName ?? '__session'\n  const secure = options?.secure ?? false\n  const maxAge = options?.maxAge ?? 3600\n\n  return {\n    async POST(req: Request) {\n      const { token } = await req.json()\n      if (!token || typeof token !== 'string') {\n        return new Response(JSON.stringify({ error: 'Missing token' }), {\n          status: 400,\n          headers: { 'Content-Type': 'application/json' },\n        })\n      }\n      const parts = [`${name}=${token}`, 'Path=/', 'HttpOnly', 'SameSite=Lax', `Max-Age=${maxAge}`]\n      if (secure) parts.push('Secure')\n      return new Response(JSON.stringify({ ok: true }), {\n        headers: {\n          'Content-Type': 'application/json',\n          'Set-Cookie': parts.join('; '),\n        },\n      })\n    },\n    async DELETE() {\n      const parts = [`${name}=`, 'Path=/', 'HttpOnly', 'SameSite=Lax', 'Max-Age=0']\n      if (secure) parts.push('Secure')\n      return new Response(JSON.stringify({ ok: true }), {\n        headers: {\n          'Content-Type': 'application/json',\n          'Set-Cookie': parts.join('; '),\n        },\n      })\n    },\n  }\n}\n","/**\n * Next.js route handlers for the Azirid auth proxy.\n *\n * This entry point uses **only standard Web APIs** (Request, Response, fetch)\n * and has **zero dependency on `next/server`**. This makes it safe to use in\n * Next.js standalone builds (`output: 'standalone'`) where external `next/server`\n * imports may fail at runtime.\n *\n * @example Route handler (simplest — one line)\n * ```ts\n * // app/api/auth/[...path]/route.ts\n * export { GET, POST, PUT, PATCH, DELETE } from \"azirid-react/next/handlers\";\n * ```\n *\n * @example Route handler (custom API URL)\n * ```ts\n * // app/api/auth/[...path]/route.ts\n * import { createAziridRouteHandlers } from \"azirid-react/next/handlers\";\n * export const { GET, POST, PUT, PATCH, DELETE } = createAziridRouteHandlers({\n *   apiUrl: \"https://my-custom-api.com\",\n *   debug: true,\n * });\n * ```\n *\n * @packageDocumentation\n */\n\n// ─── Constants ───────────────────────────────────────────────\n\n/**\n * Resolve the Azirid API URL.\n *\n * Priority:\n * 1. `AZIRID_API_URL` env var (server-only, recommended)\n * 2. `https://api.azirid.com` (production default)\n *\n * For local development, set `AZIRID_API_URL=http://localhost:3000` in your `.env`.\n */\nconst AZIRID_API_URL = process.env.AZIRID_API_URL ?? 'https://api.azirid.com'\n\n// ─── Types ───────────────────────────────────────────────────\n\ntype RouteHandler = (\n  request: Request,\n  context: { params: Promise<{ path: string[] }> | { path: string[] } },\n) => Promise<Response>\n\nexport interface AziridRouteHandlerOptions {\n  /** Override the Azirid API URL (default: production API) */\n  apiUrl?: string\n  /** Enable debug logging of proxy requests (default: false) */\n  debug?: boolean\n}\n\n// ─── Proxy Route Handler (core logic) ────────────────────────\n\nfunction createHandler(options?: AziridRouteHandlerOptions): RouteHandler {\n  const destination = (options?.apiUrl ?? AZIRID_API_URL).replace(/\\/$/, '')\n  const debug = options?.debug ?? false\n\n  return async function handler(request, context) {\n    // Handle Next.js 14 (sync params), 15 (async params), and 16+ (always async)\n    const resolvedParams = context.params instanceof Promise ? await context.params : context.params\n    const path = resolvedParams.path.join('/')\n    const targetUrl = `${destination}/v1/users/auth/${path}`\n\n    if (debug) {\n      console.log(`[azirid-proxy] ${request.method} /api/auth/${path} → ${targetUrl}`)\n      console.log(`[azirid-proxy] Cookies:`, request.headers.get('cookie') ?? '(none)')\n    }\n\n    // Forward request headers (strip host so the API sees its own host)\n    const forwardHeaders = new Headers()\n    request.headers.forEach((value, key) => {\n      const lower = key.toLowerCase()\n      if (lower !== 'host' && lower !== 'connection') {\n        forwardHeaders.set(key, value)\n      }\n    })\n\n    // Forward body for non-GET methods\n    const body =\n      request.method !== 'GET' && request.method !== 'HEAD' ? await request.text() : undefined\n\n    // Proxy request to the Azirid API\n    const apiResponse = await fetch(targetUrl, {\n      method: request.method,\n      headers: forwardHeaders,\n      body,\n    })\n\n    // Build response headers, fixing Set-Cookie for first-party context\n    const responseHeaders = new Headers()\n    apiResponse.headers.forEach((value, key) => {\n      if (key.toLowerCase() !== 'set-cookie') {\n        responseHeaders.set(key, value)\n      }\n    })\n\n    // Fix Set-Cookie headers: strip Domain, adjust SameSite/Secure for proxy\n    const isSecure =\n      request.headers.get('x-forwarded-proto') === 'https' ||\n      new URL(request.url).protocol === 'https:'\n\n    const setCookies: string[] =\n      typeof apiResponse.headers.getSetCookie === 'function'\n        ? apiResponse.headers.getSetCookie()\n        : splitSetCookieHeader(apiResponse.headers.get('set-cookie') ?? '')\n\n    for (const cookie of setCookies) {\n      let fixed = cookie\n        // Strip Domain — cookie will default to the proxy's domain (first-party)\n        .replace(/;\\s*[Dd]omain=[^;]*/g, '')\n        // Normalize Path to \"/\" — the API may set restrictive paths (e.g. /v1/users/auth/login)\n        // which prevents cookies from being sent to other auth endpoints like /refresh or /bootstrap.\n        // In proxy mode all auth cookies must be available on all routes.\n        .replace(/;\\s*[Pp]ath=[^;]*/g, '')\n        // Change SameSite=None to Lax (now same-origin, None is unnecessary)\n        .replace(/[Ss]ame[Ss]ite=[Nn]one/g, 'SameSite=Lax')\n\n      // Always set Path=/ for first-party proxy cookies\n      fixed += '; Path=/'\n\n      // In development (HTTP), remove Secure flag so cookies work on localhost\n      if (!isSecure) {\n        fixed = fixed.replace(/;\\s*[Ss]ecure/g, '')\n      }\n\n      responseHeaders.append('set-cookie', fixed)\n    }\n\n    if (debug) {\n      console.log(`[azirid-proxy] API responded: ${apiResponse.status}`)\n      const responseCookies: string[] = []\n      responseHeaders.forEach((value, key) => {\n        if (key.toLowerCase() === 'set-cookie') responseCookies.push(value)\n      })\n      if (responseCookies.length > 0) {\n        console.log(`[azirid-proxy] Set-Cookie:`, responseCookies)\n      }\n    }\n\n    return new Response(apiResponse.body, {\n      status: apiResponse.status,\n      statusText: apiResponse.statusText,\n      headers: responseHeaders,\n    })\n  }\n}\n\n/** Split a raw Set-Cookie header string into individual cookies */\nfunction splitSetCookieHeader(header: string): string[] {\n  if (!header) return []\n  const cookies: string[] = []\n  let current = ''\n  for (const part of header.split(', ')) {\n    if (current && /^[a-zA-Z0-9_\\-.]+=/.test(part)) {\n      cookies.push(current)\n      current = part\n    } else {\n      current = current ? `${current}, ${part}` : part\n    }\n  }\n  if (current) cookies.push(current)\n  return cookies\n}\n\n// ─── Route Handlers (ready to re-export) ─────────────────────\n\n/**\n * Create all route handlers for the Azirid auth proxy.\n *\n * Returns `{ GET, POST, PUT, PATCH, DELETE }` ready to be re-exported\n * from your `app/api/auth/[...path]/route.ts`.\n *\n * @example Default (zero config)\n * ```ts\n * // app/api/auth/[...path]/route.ts\n * import { createAziridRouteHandlers } from \"azirid-react/next/handlers\";\n * export const { GET, POST, PUT, PATCH, DELETE } = createAziridRouteHandlers();\n * ```\n *\n * @example Custom options\n * ```ts\n * // app/api/auth/[...path]/route.ts\n * import { createAziridRouteHandlers } from \"azirid-react/next/handlers\";\n * export const { GET, POST, PUT, PATCH, DELETE } = createAziridRouteHandlers({\n *   apiUrl: \"https://my-custom-api.com\",\n *   debug: true,\n * });\n * ```\n */\nexport function createAziridRouteHandlers(options?: AziridRouteHandlerOptions): {\n  GET: RouteHandler\n  POST: RouteHandler\n  PUT: RouteHandler\n  PATCH: RouteHandler\n  DELETE: RouteHandler\n} {\n  const handler = createHandler(options)\n  return {\n    GET: handler,\n    POST: handler,\n    PUT: handler,\n    PATCH: handler,\n    DELETE: handler,\n  }\n}\n\n/**\n * Pre-built route handlers with default config.\n *\n * Just re-export these directly — no setup required:\n *\n * @example\n * ```ts\n * // app/api/auth/[...path]/route.ts\n * export { GET, POST, PUT, PATCH, DELETE } from \"azirid-react/next/handlers\";\n * ```\n */\nconst defaultHandlers = createAziridRouteHandlers()\nexport const GET = defaultHandlers.GET\nexport const POST = defaultHandlers.POST\nexport const PUT = defaultHandlers.PUT\nexport const PATCH = defaultHandlers.PATCH\nexport const DELETE = defaultHandlers.DELETE\n\n/**\n * Create a single Next.js route handler function.\n *\n * Use this if you need a single handler reference (advanced use).\n * For most cases, prefer `createAziridRouteHandlers()` or the pre-built exports.\n *\n * @deprecated Use `createAziridRouteHandlers()` instead.\n */\nexport function createAziridProxyHandler(apiUrl: string = AZIRID_API_URL): RouteHandler {\n  return createHandler({ apiUrl })\n}\n\n// ─── Config Helper ───────────────────────────────────────────\n\n/**\n * Wrap your Next.js config with Azirid settings.\n *\n * In Next.js 16+ with Turbopack, `transpilePackages` is no longer needed.\n * This helper is kept for backward compatibility with Next.js 14/15.\n *\n * @param apiUrl - Override the Azirid API URL (default: production API)\n */\nexport function withAziridProxy(apiUrl: string = AZIRID_API_URL) {\n  void apiUrl\n\n  return (nextConfig: Record<string, unknown> = {}) => ({\n    ...nextConfig,\n  })\n}\n\n// ─── Re-export session sync for backward compat ──────────────\n\nexport { createSessionSyncHandler } from './server'\nexport type { SessionSyncOptions } from './server'\n","/**\n * Next.js proxy and middleware utilities for Azirid Access.\n *\n * This entry point requires `next/server` and provides request interception\n * for route protection and token forwarding.\n *\n * @example Next.js 16+ (proxy.ts)\n * ```ts\n * // proxy.ts\n * export { aziridProxy as proxy } from \"azirid-react/next/proxy\";\n * export const config = { matcher: [\"/((?!_next|favicon.ico|api/).*)\"] };\n * ```\n *\n * @example Next.js 16+ with custom options\n * ```ts\n * // proxy.ts\n * import { createAziridProxy } from \"azirid-react/next/proxy\";\n * export const proxy = createAziridProxy({ protectedRoutes: [\"/dashboard\"] });\n * export const config = { matcher: [\"/((?!_next|favicon.ico|api/).*)\"] };\n * ```\n *\n * @packageDocumentation\n */\n\nimport { NextResponse, type NextRequest } from 'next/server'\n\n// ─── Proxy / Middleware Options ──────────────────────────────\n\nexport interface AziridProxyOptions {\n  /** Cookie name (default: \"__session\") */\n  cookieName?: string\n  /** Routes that require authentication (glob patterns via startsWith) */\n  protectedRoutes?: string[]\n  /** Route to redirect to when not authenticated (default: \"/login\") */\n  loginUrl?: string\n  /** Routes that are always public (default: [\"/login\", \"/signup\"]) */\n  publicRoutes?: string[]\n}\n\n\n// ─── Shared proxy/middleware logic ───────────────────────────\n\nfunction createRequestInterceptor(options?: AziridProxyOptions) {\n  const cookieName = options?.cookieName ?? '__session'\n  const loginUrl = options?.loginUrl ?? '/login'\n  const defaultPublic = ['/login', '/signup', '/auth/handoff']\n  const publicRoutes = options?.publicRoutes\n    ? [...new Set([...options.publicRoutes, '/auth/handoff'])]\n    : defaultPublic\n  const protectedRoutes = options?.protectedRoutes\n\n  return function handler(request: NextRequest) {\n    const { pathname } = request.nextUrl\n    const token = request.cookies.get(cookieName)?.value\n\n    const response = NextResponse.next()\n\n    // Expose token as internal header for server components\n    if (token) {\n      response.headers.set('x-azirid-token', token)\n    }\n\n    // Route protection (only when protectedRoutes is configured)\n    if (protectedRoutes) {\n      const isPublic = publicRoutes.some((r) => pathname.startsWith(r))\n      const isProtected = protectedRoutes.some((r) => pathname.startsWith(r))\n\n      if (isProtected && !isPublic && !token) {\n        const url = request.nextUrl.clone()\n        url.pathname = loginUrl\n        url.searchParams.set('redirect', pathname)\n        return NextResponse.redirect(url)\n      }\n    }\n\n    return response\n  }\n}\n\n// ─── Proxy (Next.js 16+) ────────────────────────────────────\n\n/**\n * Create a customized Azirid proxy for Next.js 16+.\n *\n * In Next.js 16, `middleware.ts` is renamed to `proxy.ts` and the\n * exported function must be named `proxy`.\n *\n * @example Default (one line)\n * ```ts\n * // proxy.ts\n * export { aziridProxy as proxy } from \"azirid-react/next/proxy\";\n * export const config = { matcher: [\"/((?!_next|favicon.ico|api/).*)\"] };\n * ```\n *\n * @example Custom options\n * ```ts\n * // proxy.ts\n * import { createAziridProxy } from \"azirid-react/next/proxy\";\n * export const proxy = createAziridProxy({ protectedRoutes: [\"/dashboard\"] });\n * export const config = { matcher: [\"/((?!_next|favicon.ico|api/).*)\"] };\n * ```\n */\nexport function createAziridProxy(options?: AziridProxyOptions) {\n  return createRequestInterceptor(options)\n}\n\n/** Default proxy export for Next.js 16+ (no route protection, only forwards token) */\nexport const aziridProxy = createAziridProxy()\n\n"]}