mailsentry-auth 0.1.5 → 0.1.6

package/dist/utils/cookie-utils.d.ts

@@ -0,0 +1,86 @@
+/**
+ * Cookie utility for managing authentication tokens with automatic SSR and client-side support
+ * Automatically chooses the right method based on environment
+ */
+declare class CookieUtils {
+    /**
+     * Get the access token cookie key
+     */
+    static getAccessTokenKey(): string;
+    /**
+     * Get the refresh token cookie key
+     */
+    static getRefreshTokenKey(): string;
+    /**
+     * Get root domain for subdomain support
+     * Must match the domain used by backend when setting cookies
+     */
+    private static getRootDomain;
+    private static readonly COOKIE_DOMAIN;
+    /**
+     * Get common cookie options
+     */
+    private static getCookieOptions;
+    /**
+     * Check if running on client side
+     */
+    private static isClientSide;
+    /**
+     * Check if running on server side
+     */
+    private static isServerSide;
+    /**
+     * Dynamically import server action for server-side operations
+     */
+    private static getServerTokens;
+    /**
+     * Set access token in cookie (client-side only)
+     */
+    static setAccessToken(token: string): void;
+    /**
+     * Set refresh token in cookie (client-side only)
+     */
+    static setRefreshToken(token: string): void;
+    /**
+     * Get access token - automatically handles client/server side
+     */
+    static getAccessToken(): Promise<string | null>;
+    /**
+     * Get refresh token - automatically handles client/server side
+     */
+    static getRefreshToken(): Promise<string | null>;
+    /**
+     * Get both tokens - automatically handles client/server side
+     */
+    static getTokens(): Promise<{
+        accessToken: string | null;
+        refreshToken: string | null;
+    }>;
+    /**
+     * Clear all authentication cookies (client-side only)
+     * Clears cookies from both current domain and root domain
+     */
+    static clearAuthCookies(): void;
+    /**
+     * Check if cookies are supported/enabled (client-side only)
+     */
+    static areCookiesEnabled(): boolean;
+    /**
+     * Get all authentication cookies - automatically handles client/server side
+     */
+    static getAllAuthCookies(): Promise<Record<string, string>>;
+    /**
+     * Set multiple tokens at once (client-side only)
+     */
+    static setTokens(accessToken: string, refreshToken: string): void;
+    /**
+     * Check if user has valid tokens - automatically handles client/server side
+     */
+    static hasValidTokens(): Promise<boolean>;
+    /**
+     * Get current domain information for debugging
+     */
+    static getDomainInfo(): Record<string, string>;
+}
+
+export { CookieUtils };

package/dist/utils/cookie-utils.js

@@ -1,17 +1,108 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } } function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }// src/services/utils/cookie-utils.ts
 var _jscookie = require('js-cookie'); var _jscookie2 = _interopRequireDefault(_jscookie);
+
+// src/config/middleware.ts
+var _MiddlewareConfig = class _MiddlewareConfig {
+  /**
+   * Get the base domain from environment or use default
+   */
+  static getBaseDomain() {
+    return process.env.NEXT_PUBLIC_BASE_DOMAIN;
+  }
+  /**
+   * Get the protocol based on environment
+   */
+  static getProtocol() {
+    return process.env.NODE_ENV === "production" ? "https" : "http";
+  }
+};
+// Common constants
+_MiddlewareConfig.CONSTANTS = {
+  LOGIN_PATH: "/login",
+  DASHBOARD_SUBDOMAIN: "dashboard",
+  PUBLIC_PATH: "/public",
+  PUBLIC_API_PATH: "/api/public"
+};
+// Route Protection Configuration
+// PATTERNS_TO_PROTECT: Routes that require authentication (whitelist approach recommended for security)
+// PATTERNS_TO_EXCLUDE: Routes to explicitly exclude from protection (e.g., login page, public assets)
+_MiddlewareConfig.PROTECTED_ROUTES = {
+  // Routes that MUST be protected
+  INCLUDE: [
+    "/"
+    // Protect everything by default (since dashboard.cutly.io/ is the root)
+  ],
+  // Routes that should NEVER be protected (public)
+  EXCLUDE: [
+    _MiddlewareConfig.CONSTANTS.LOGIN_PATH,
+    _MiddlewareConfig.CONSTANTS.PUBLIC_PATH,
+    _MiddlewareConfig.CONSTANTS.PUBLIC_API_PATH
+  ]
+};
+// HTTP methods to process
+_MiddlewareConfig.ALLOWED_METHODS = ["GET", "HEAD"];
+// Query parameters
+_MiddlewareConfig.QUERY_PARAMS = {
+  LOGIN_REQUIRED: "sign_in_required",
+  AUTH_CHECKED: "auth_checked",
+  REDIRECT_URL: "redirect_url"
+};
+// Query parameter values
+_MiddlewareConfig.QUERY_VALUES = {
+  LOGIN_REQUIRED: "true",
+  AUTH_CHECKED: "1"
+};
+var MiddlewareConfig = _MiddlewareConfig;
+
+// src/services/utils/url-utils.ts
+var UrlUtils = class {
+  /**
+   * Extract subdomain from hostname
+   * Example: "dashboard.cutly.io" -> "dashboard"
+   */
+  static getSubdomain(hostname) {
+    if (!hostname || /^\d{1,3}(\.\d{1,3}){3}/.test(hostname) || hostname.startsWith(MiddlewareConfig.getBaseDomain())) {
+      return null;
+    }
+    const parts = hostname.split(".");
+    return parts.length >= 2 ? parts[0] : null;
+  }
+  /**
+   * Get root domain for cookie scope
+   * Example: "dashboard.cutly.io" -> ".cutly.io"
+   * Example: "cutly.io" -> ".cutly.io"
+   */
+  static getRootDomain(hostname) {
+    if (!hostname || /^\d+\.\d+\.\d+\.\d+$/.test(hostname)) {
+      return null;
+    }
+    const parts = hostname.split(".");
+    if (parts.length >= 2) {
+      return `.${parts.slice(-2).join(".")}`;
+    }
+    return null;
+  }
+  /**
+   * Check if URL has auth-related query parameters
+   */
+  static hasAuthParams(url) {
+    return url.includes(MiddlewareConfig.QUERY_PARAMS.AUTH_CHECKED);
+  }
+};
+
+// src/services/utils/cookie-utils.ts
 var _CookieUtils = class _CookieUtils {
   /**
-   * Get the access token cookie key from environment variables
+   * Get the access token cookie key
    */
   static getAccessTokenKey() {
-    return process.env.AUTH_ACCESS_TOKEN_KEY || "auth_access_token";
+    return "auth_access_token";
   }
   /**
-   * Get the refresh token cookie key from environment variables
+   * Get the refresh token cookie key
    */
   static getRefreshTokenKey() {
-    return process.env.AUTH_REFRESH_TOKEN_KEY || "auth_refresh_token";
+    return "auth_refresh_token";
   }
   /**
    * Get root domain for subdomain support
@@ -19,26 +110,10 @@ var _CookieUtils = class _CookieUtils {
    */
   static getRootDomain() {
     if (typeof window === "undefined") {
-      const baseDomain = process.env.NEXT_PUBLIC_BASE_DOMAIN;
-      if (baseDomain && process.env.NODE_ENV === "production") {
-        return `.${baseDomain}`;
-      }
-      return void 0;
-    }
-    const hostname = window.location.hostname;
-    if (hostname === "localhost" || hostname === "127.0.0.1") {
-      return void 0;
-    }
-    if (/^\d+\.\d+\.\d+\.\d+$/.test(hostname)) {
       return void 0;
     }
-    const parts = hostname.split(".");
-    if (parts.length >= 2) {
-      return `.${parts.slice(-2).join(".")}`;
-    }
-    return void 0;
+    return UrlUtils.getRootDomain(window.location.hostname) || void 0;
   }
-  // Use current domain in development
   /**
    * Get common cookie options
    */
@@ -237,7 +312,7 @@ var _CookieUtils = class _CookieUtils {
   }
 };
 // Domain configuration - computed once
-_CookieUtils.COOKIE_DOMAIN = process.env.NODE_ENV === "production" ? _CookieUtils.getRootDomain() : void 0;
+_CookieUtils.COOKIE_DOMAIN = _CookieUtils.getRootDomain();
 var CookieUtils = _CookieUtils;
 
 

package/dist/utils/cookie-utils.mjs

@@ -1,17 +1,108 @@
 // src/services/utils/cookie-utils.ts
 import Cookies from "js-cookie";
+
+// src/config/middleware.ts
+var _MiddlewareConfig = class _MiddlewareConfig {
+  /**
+   * Get the base domain from environment or use default
+   */
+  static getBaseDomain() {
+    return process.env.NEXT_PUBLIC_BASE_DOMAIN;
+  }
+  /**
+   * Get the protocol based on environment
+   */
+  static getProtocol() {
+    return process.env.NODE_ENV === "production" ? "https" : "http";
+  }
+};
+// Common constants
+_MiddlewareConfig.CONSTANTS = {
+  LOGIN_PATH: "/login",
+  DASHBOARD_SUBDOMAIN: "dashboard",
+  PUBLIC_PATH: "/public",
+  PUBLIC_API_PATH: "/api/public"
+};
+// Route Protection Configuration
+// PATTERNS_TO_PROTECT: Routes that require authentication (whitelist approach recommended for security)
+// PATTERNS_TO_EXCLUDE: Routes to explicitly exclude from protection (e.g., login page, public assets)
+_MiddlewareConfig.PROTECTED_ROUTES = {
+  // Routes that MUST be protected
+  INCLUDE: [
+    "/"
+    // Protect everything by default (since dashboard.cutly.io/ is the root)
+  ],
+  // Routes that should NEVER be protected (public)
+  EXCLUDE: [
+    _MiddlewareConfig.CONSTANTS.LOGIN_PATH,
+    _MiddlewareConfig.CONSTANTS.PUBLIC_PATH,
+    _MiddlewareConfig.CONSTANTS.PUBLIC_API_PATH
+  ]
+};
+// HTTP methods to process
+_MiddlewareConfig.ALLOWED_METHODS = ["GET", "HEAD"];
+// Query parameters
+_MiddlewareConfig.QUERY_PARAMS = {
+  LOGIN_REQUIRED: "sign_in_required",
+  AUTH_CHECKED: "auth_checked",
+  REDIRECT_URL: "redirect_url"
+};
+// Query parameter values
+_MiddlewareConfig.QUERY_VALUES = {
+  LOGIN_REQUIRED: "true",
+  AUTH_CHECKED: "1"
+};
+var MiddlewareConfig = _MiddlewareConfig;
+
+// src/services/utils/url-utils.ts
+var UrlUtils = class {
+  /**
+   * Extract subdomain from hostname
+   * Example: "dashboard.cutly.io" -> "dashboard"
+   */
+  static getSubdomain(hostname) {
+    if (!hostname || /^\d{1,3}(\.\d{1,3}){3}/.test(hostname) || hostname.startsWith(MiddlewareConfig.getBaseDomain())) {
+      return null;
+    }
+    const parts = hostname.split(".");
+    return parts.length >= 2 ? parts[0] : null;
+  }
+  /**
+   * Get root domain for cookie scope
+   * Example: "dashboard.cutly.io" -> ".cutly.io"
+   * Example: "cutly.io" -> ".cutly.io"
+   */
+  static getRootDomain(hostname) {
+    if (!hostname || /^\d+\.\d+\.\d+\.\d+$/.test(hostname)) {
+      return null;
+    }
+    const parts = hostname.split(".");
+    if (parts.length >= 2) {
+      return `.${parts.slice(-2).join(".")}`;
+    }
+    return null;
+  }
+  /**
+   * Check if URL has auth-related query parameters
+   */
+  static hasAuthParams(url) {
+    return url.includes(MiddlewareConfig.QUERY_PARAMS.AUTH_CHECKED);
+  }
+};
+
+// src/services/utils/cookie-utils.ts
 var _CookieUtils = class _CookieUtils {
   /**
-   * Get the access token cookie key from environment variables
+   * Get the access token cookie key
    */
   static getAccessTokenKey() {
-    return process.env.AUTH_ACCESS_TOKEN_KEY || "auth_access_token";
+    return "auth_access_token";
   }
   /**
-   * Get the refresh token cookie key from environment variables
+   * Get the refresh token cookie key
    */
   static getRefreshTokenKey() {
-    return process.env.AUTH_REFRESH_TOKEN_KEY || "auth_refresh_token";
+    return "auth_refresh_token";
   }
   /**
    * Get root domain for subdomain support
@@ -19,26 +110,10 @@ var _CookieUtils = class _CookieUtils {
    */
   static getRootDomain() {
     if (typeof window === "undefined") {
-      const baseDomain = process.env.NEXT_PUBLIC_BASE_DOMAIN;
-      if (baseDomain && process.env.NODE_ENV === "production") {
-        return `.${baseDomain}`;
-      }
-      return void 0;
-    }
-    const hostname = window.location.hostname;
-    if (hostname === "localhost" || hostname === "127.0.0.1") {
-      return void 0;
-    }
-    if (/^\d+\.\d+\.\d+\.\d+$/.test(hostname)) {
       return void 0;
     }
-    const parts = hostname.split(".");
-    if (parts.length >= 2) {
-      return `.${parts.slice(-2).join(".")}`;
-    }
-    return void 0;
+    return UrlUtils.getRootDomain(window.location.hostname) || void 0;
   }
-  // Use current domain in development
   /**
    * Get common cookie options
    */
@@ -237,7 +312,7 @@ var _CookieUtils = class _CookieUtils {
   }
 };
 // Domain configuration - computed once
-_CookieUtils.COOKIE_DOMAIN = process.env.NODE_ENV === "production" ? _CookieUtils.getRootDomain() : void 0;
+_CookieUtils.COOKIE_DOMAIN = _CookieUtils.getRootDomain();
 var CookieUtils = _CookieUtils;
 export {
   CookieUtils

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mailsentry-auth",
-  "version": "0.1.5",
+  "version": "0.1.6",
   "description": "Next.js 15 authentication package with multi-step auth flow, cross-tab sync, and Zustand state management",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -22,11 +22,11 @@
     },
     "./utils": {
       "import": {
-        "types": "./dist/index.d.ts",
+        "types": "./dist/utils/cookie-utils.d.ts",
         "default": "./dist/utils/cookie-utils.mjs"
       },
       "require": {
-        "types": "./dist/index.d.ts",
+        "types": "./dist/utils/cookie-utils.d.ts",
         "default": "./dist/utils/cookie-utils.js"
       }
     }