nextjs-cms 0.0.1 → 0.5.1

package/dist/auth/lib/client.js

@@ -0,0 +1,46 @@
+'use client';
+import React from 'react';
+import { getCsrfToken } from '../react';
+export async function fetchData(path, req = {}) {
+    const url = `/api/auth/${path}`;
+    try {
+        const options = {
+            headers: {
+                // If there is a body, add the x-csrf-token header
+                ...(req?.body ? { 'x-csrf-token': await getCsrfToken() } : {}),
+                'Content-Type': 'application/json',
+                ...(req?.headers?.cookie ? { cookie: req.headers.cookie } : {}),
+            },
+        };
+        if (req?.body) {
+            options.body = JSON.stringify(req.body);
+            options.method = 'POST';
+        }
+        const res = await fetch(url, options);
+        const data = await res.json();
+        if (!res.ok)
+            throw data;
+        return data;
+    }
+    catch (error) {
+        console.error(error.message);
+        return null;
+    }
+}
+export function now() {
+    return Math.floor(Date.now() / 1000);
+}
+export function useOnline() {
+    const [isOnline, setIsOnline] = React.useState(typeof navigator !== 'undefined' ? navigator.onLine : false);
+    const setOnline = () => setIsOnline(true);
+    const setOffline = () => setIsOnline(false);
+    React.useEffect(() => {
+        window.addEventListener('online', setOnline);
+        window.addEventListener('offline', setOffline);
+        return () => {
+            window.removeEventListener('online', setOnline);
+            window.removeEventListener('offline', setOffline);
+        };
+    }, []);
+    return isOnline;
+}

package/dist/auth/lib/index.d.ts

@@ -0,0 +1,3 @@
+export { deleteSession, login, authRefresh } from './actions';
+export { createCSRFToken, validateCSRFToken } from '../csrf';
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/lib/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/auth/lib/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,WAAW,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA"}

package/dist/auth/lib/index.js

@@ -0,0 +1,2 @@
+export { deleteSession, login, authRefresh } from './actions';
+export { createCSRFToken, validateCSRFToken } from '../csrf';

package/dist/auth/react.d.ts

@@ -0,0 +1,106 @@
+/**
+ * @module react
+ */
+import * as React from 'react';
+import type { Session } from './index';
+import useAxiosPrivate from './hooks/useAxiosPrivate';
+import useRefreshToken from './hooks/useRefreshToken';
+export type UpdateSession = (data?: any) => Promise<Session | null>;
+export interface SessionProviderProps {
+    children: React.ReactNode;
+    session?: Session | null;
+    /**
+     * A time interval (in seconds) after which the session will be re-fetched.
+     * If set to `0` (default), the session is not polled.
+     */
+    refetchInterval?: number;
+    /**
+     * `SessionProvider` automatically re-fetches the session when the user switches between windows.
+     * This option activates this behaviour if set to `true` (default).
+     */
+    refetchOnWindowFocus?: boolean;
+    /**
+     * Set to `false` to stop polling when the device has no internet access offline (determined by `navigator.onLine`)
+     *
+     * [`navigator.onLine` documentation](https://developer.mozilla.org/en-US/docs/Web/API/NavigatorOnLine/onLine)
+     */
+    refetchWhenOffline?: false;
+}
+export interface UseSessionOptions<R extends boolean> {
+    required: R;
+    /** Defaults to `signIn` */
+    onUnauthenticated?: () => void;
+}
+export interface GetSessionParams {
+    event?: 'storage' | 'timer' | 'hidden' | string;
+    triggerEvent?: boolean;
+    broadcast?: boolean;
+}
+export interface AuthClientConfig {
+    _session?: Session | null | undefined;
+    /** Used for timestamp since last synced (in seconds) */
+    _lastSync: number;
+    /**
+     * Stores the `SessionProvider`'s session update method to be able to
+     * trigger session updates from places like `signIn` or `signOut`
+     */
+    _getSession: (...args: any[]) => any;
+}
+export declare const __AUTH: AuthClientConfig;
+export declare function logout(options?: {
+    deleteCookies?: boolean;
+}): Promise<void>;
+export declare function login({ username, password }: {
+    username: string;
+    password: string;
+}): Promise<void>;
+export declare function refreshSession(): Promise<void>;
+/**
+ * Returns the current CSRF token.
+ * required to make requests that changes state.
+ *
+ * [CSRF Prevention: Double Submit Cookie](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie)
+ */
+export declare function getCsrfToken(): Promise<string>;
+export declare function getSession(params?: GetSessionParams): Promise<Session | null>;
+export type SessionContextValue<R extends boolean = false> = R extends true ? {
+    update: UpdateSession;
+    data: Session;
+    status: 'authenticated';
+} | {
+    update: UpdateSession;
+    data: null;
+    status: 'loading';
+} : {
+    update: UpdateSession;
+    data: Session;
+    status: 'authenticated';
+} | {
+    update: UpdateSession;
+    data: null;
+    status: 'unauthenticated' | 'loading';
+};
+export declare const SessionContext: React.Context<{
+    update: UpdateSession;
+    data: Session;
+    status: "authenticated";
+} | {
+    update: UpdateSession;
+    data: null;
+    status: "unauthenticated" | "loading";
+} | undefined>;
+export declare function useSession<R extends boolean>(options?: UseSessionOptions<R>): SessionContextValue<R>;
+/**
+ * [React Context](https://react.dev/learn/passing-data-deeply-with-context) provider to wrap the app (`pages/`) to make session data available anywhere.
+ *
+ * When used, the session state is automatically synchronized across all open tabs/windows and they are all updated whenever they gain or lose focus
+ * or the state changes (e.g. a user signs in or out) when {@link SessionProviderProps.refetchOnWindowFocus} is `true`.
+ *
+ * :::info
+ * `SessionProvider` is for client-side use only and when using [Next.js App Router (`app/`)](https://nextjs.org/blog/next-13-4#nextjs-app-router) you should prefer the `auth()` export.
+ * :::
+ */
+export declare function SessionProvider(props: SessionProviderProps): React.JSX.Element;
+export { useAxiosPrivate, useRefreshToken };
+export { refreshTokenLink } from './trpc';
+//# sourceMappingURL=react.d.ts.map

package/dist/auth/react.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"react.d.ts","sourceRoot":"","sources":["../../src/auth/react.tsx"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,KAAK,MAAM,OAAO,CAAA;AAE9B,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAEtC,OAAO,eAAe,MAAM,yBAAyB,CAAA;AACrD,OAAO,eAAe,MAAM,yBAAyB,CAAA;AAGrD,MAAM,MAAM,aAAa,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAA;AACnE,MAAM,WAAW,oBAAoB;IACjC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAA;IACzB,OAAO,CAAC,EAAE,OAAO,GAAG,IAAI,CAAA;IACxB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB;;;OAGG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAA;CAC7B;AAED,MAAM,WAAW,iBAAiB,CAAC,CAAC,SAAS,OAAO;IAChD,QAAQ,EAAE,CAAC,CAAA;IACX,2BAA2B;IAC3B,iBAAiB,CAAC,EAAE,MAAM,IAAI,CAAA;CACjC;AAED,MAAM,WAAW,gBAAgB;IAC7B,KAAK,CAAC,EAAE,SAAS,GAAG,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAA;IAC/C,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,SAAS,CAAC,EAAE,OAAO,CAAA;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC7B,QAAQ,CAAC,EAAE,OAAO,GAAG,IAAI,GAAG,SAAS,CAAA;IACrC,wDAAwD;IACxD,SAAS,EAAE,MAAM,CAAA;IACjB;;;OAGG;IACH,WAAW,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,GAAG,CAAA;CACvC;AAED,eAAO,MAAM,MAAM,EAAE,gBAIpB,CAAA;AAED,wBAAsB,MAAM,CAAC,OAAO,CAAC,EAAE;IAAE,aAAa,CAAC,EAAE,OAAO,CAAA;CAAE,iBA2BjE;AAED,wBAAsB,KAAK,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,iBAyBzF;AAED,wBAAsB,cAAc,kBAWnC;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,oBAGjC;AAwBD,wBAAsB,UAAU,CAAC,MAAM,CAAC,EAAE,gBAAgB,2BAWzD;AAED,MAAM,MAAM,mBAAmB,CAAC,CAAC,SAAS,OAAO,GAAG,KAAK,IAAI,CAAC,SAAS,IAAI,GAE/D;IAAE,MAAM,EAAE,aAAa,CAAC;IAAC,IAAI,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,eAAe,CAAA;CAAE,GACjE;IAAE,MAAM,EAAE,aAAa,CAAC;IAAC,IAAI,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,SAAS,CAAA;CAAE,GAExD;IAAE,MAAM,EAAE,aAAa,CAAC;IAAC,IAAI,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,eAAe,CAAA;CAAE,GACjE;IACI,MAAM,EAAE,aAAa,CAAA;IACrB,IAAI,EAAE,IAAI,CAAA;IACV,MAAM,EAAE,iBAAiB,GAAG,SAAS,CAAA;CACxC,CAAA;AAEb,eAAO,MAAM,cAAc;YAPL,aAAa;UAAQ,OAAO;YAAU,eAAe;;YAEnD,aAAa;UACf,IAAI;YACF,iBAAiB,GAAG,SAAS;cAG0C,CAAA;AAE/F,wBAAgB,UAAU,CAAC,CAAC,SAAS,OAAO,EAAE,OAAO,CAAC,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,mBAAmB,CAAC,CAAC,CAAC,CA6BpG;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,oBAAoB,qBAiN1D;AAED,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,CAAA;AAC3C,OAAO,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA"}

package/dist/auth/react.js

@@ -0,0 +1,347 @@
+/**
+ * @module react
+ */
+'use client';
+import * as React from 'react';
+import { fetchData, now, useOnline } from './lib/client';
+import { useRouter } from 'next/navigation';
+import useAxiosPrivate from './hooks/useAxiosPrivate';
+import useRefreshToken from './hooks/useRefreshToken';
+export const __AUTH = {
+    _lastSync: 0,
+    _session: undefined,
+    _getSession: () => { },
+};
+export async function logout(options) {
+    const { deleteCookies = true } = options ?? {};
+    if (deleteCookies) {
+        /**
+         * Send a request to the server to remove the session.
+         * This will delete the cookies.
+         * It will also delete the session from the database if auth() is not null.
+         */
+        await fetch('/api/auth', {
+            method: 'DELETE',
+            headers: {
+                'Content-Type': 'application/json',
+                'x-csrf-token': await getCsrfToken(),
+            },
+        });
+    }
+    /**
+     * Broadcast a message to all other tabs/windows to tell them the user has logged out.
+     * This is to ensure all tabs/windows trigger a session update.
+     */
+    broadcast().postMessage({ event: 'session', data: { trigger: 'logout' } });
+    /**
+     * Remove the session in the current tab/window.
+     */
+    await __AUTH._getSession({ event: 'logout' });
+}
+export async function login({ username, password }) {
+    const response = await fetch('/api/auth', {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'x-csrf-token': await getCsrfToken(),
+        },
+        body: JSON.stringify({ username, password }),
+    });
+    if (!response.ok) {
+        const error = await response.json();
+        throw new Error(error.error);
+    }
+    /**
+     * Broadcast a message to all other tabs/windows to tell them the user has logged in.
+     * This is to ensure all tabs/windows trigger a session update.
+     */
+    broadcast().postMessage({ event: 'session', data: { trigger: 'login' } });
+    /**
+     * Update the session in the current tab/window.
+     */
+    await __AUTH._getSession({ event: 'storage' });
+}
+export async function refreshSession() {
+    /**
+     * Broadcast a message to all other tabs/windows to tell them the session has been updated.
+     * This is to ensure all tabs/windows trigger a session update.
+     */
+    broadcast().postMessage({ event: 'session', data: { trigger: 'refresh' } });
+    /**
+     * Update the session in the current tab/window.
+     */
+    await __AUTH._getSession({ event: 'storage' });
+}
+/**
+ * Returns the current CSRF token.
+ * required to make requests that changes state.
+ *
+ * [CSRF Prevention: Double Submit Cookie](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie)
+ */
+export async function getCsrfToken() {
+    const response = await fetchData('csrf');
+    return response?.csrfToken ?? '';
+}
+let broadcastChannel = null;
+function getNewBroadcastChannel() {
+    return new BroadcastChannel('lzcms-auth');
+}
+function broadcast() {
+    if (typeof BroadcastChannel === 'undefined') {
+        return {
+            postMessage: () => { },
+            addEventListener: () => { },
+            removeEventListener: () => { },
+        };
+    }
+    if (broadcastChannel === null) {
+        broadcastChannel = getNewBroadcastChannel();
+    }
+    return broadcastChannel;
+}
+export async function getSession(params) {
+    const session = await fetchData('session', params);
+    if (params?.broadcast ?? true) {
+        const broadcastChannel = getNewBroadcastChannel();
+        broadcastChannel.postMessage({
+            event: 'session',
+            data: { trigger: 'getSession' },
+        });
+    }
+    return session;
+}
+export const SessionContext = React.createContext?.(undefined);
+export function useSession(options) {
+    const router = useRouter();
+    if (!SessionContext) {
+        throw new Error('React Context is unavailable in Server Components');
+    }
+    // @ts-expect-error Satisfy TS if branch on line below
+    const value = React.useContext(SessionContext);
+    if (!value && process.env.NODE_ENV !== 'production') {
+        throw new Error('[next-auth]: `useSession` must be wrapped in a <SessionProvider />');
+    }
+    const { required, onUnauthenticated } = options ?? {};
+    const requiredAndNotLoading = required && value.status === 'unauthenticated';
+    React.useEffect(() => {
+        if (requiredAndNotLoading) {
+            const url = `/auth/login?${new URLSearchParams({
+                callbackUrl: window.location.href,
+            })}`;
+            if (onUnauthenticated)
+                onUnauthenticated();
+            else
+                router.push(url);
+        }
+    }, [requiredAndNotLoading, onUnauthenticated]);
+    if (requiredAndNotLoading) {
+        return {
+            data: value.data,
+            update: value.update,
+            status: 'loading',
+        };
+    }
+    return value;
+}
+/**
+ * [React Context](https://react.dev/learn/passing-data-deeply-with-context) provider to wrap the app (`pages/`) to make session data available anywhere.
+ *
+ * When used, the session state is automatically synchronized across all open tabs/windows and they are all updated whenever they gain or lose focus
+ * or the state changes (e.g. a user signs in or out) when {@link SessionProviderProps.refetchOnWindowFocus} is `true`.
+ *
+ * :::info
+ * `SessionProvider` is for client-side use only and when using [Next.js App Router (`app/`)](https://nextjs.org/blog/next-13-4#nextjs-app-router) you should prefer the `auth()` export.
+ * :::
+ */
+export function SessionProvider(props) {
+    if (!SessionContext) {
+        throw new Error('React Context is unavailable in Server Components');
+    }
+    const axiosPrivate = useAxiosPrivate({
+        refreshTokenOn: 404,
+    });
+    const { children, refetchInterval, refetchWhenOffline } = props;
+    /**
+     * If session was `null`, there was an attempt to fetch it,
+     * but it failed, but we still treat it as a valid initial value.
+     */
+    const hasInitialSession = props.session !== undefined;
+    /** If session was passed, initialize as already synced */
+    __AUTH._lastSync = hasInitialSession ? now() : 0;
+    const [session, setSession] = React.useState(() => {
+        if (hasInitialSession)
+            __AUTH._session = props.session;
+        return props.session;
+    });
+    /** If session was passed, initialize as not loading */
+    const [loading, setLoading] = React.useState(!hasInitialSession);
+    React.useEffect(() => {
+        async function generateInitialSession() {
+            /**
+             * Use the `axiosPrivate` instance to make a request to `/api/auth/session` to get the
+             * first session data. The reason for using `axiosPrivate` is to make sure that the client
+             * will initiate a refresh token process (with the refresh token cookie) if the access
+             * token cookie is expired. (TRPC custom refresh link can be used as well)
+             */
+            try {
+                const response = await axiosPrivate.get('/auth/session');
+                return response.data;
+            }
+            catch (error) {
+                return null;
+            }
+        }
+        async function init() {
+            /**
+             * Make sure the session is created at the start of the app.
+             * Is session is not set, this means this is the first time
+             * the app is being loaded.
+             */
+            if (__AUTH._session === undefined) {
+                const session = await generateInitialSession();
+                __AUTH._lastSync = now();
+                return session;
+            }
+            return __AUTH._session;
+        }
+        /**
+         * Initialize the session.
+         */
+        init()
+            .then(async (session) => {
+            if (session) {
+                __AUTH._session = session;
+                setSession(session);
+            }
+            else {
+                /**
+                 * It's not necessary to log out the user and broadcast the logout event,
+                 * because there are no cookies set to delete.
+                 * But it's a good practice to do so.
+                 */
+                // await logout()
+            }
+        })
+            .then(() => {
+            __AUTH._getSession = async ({ event } = {}) => {
+                try {
+                    /**
+                     * If the event is a logout event, we should clear the session and return early.
+                     */
+                    if (event === 'logout') {
+                        __AUTH._lastSync = now();
+                        __AUTH._session = null;
+                        setSession(null);
+                        return;
+                    }
+                    /**
+                     * If the event is a storage event, we should update the session and not broadcast the event.
+                     * Storage events can also be triggered when a broadcast message is sent from another
+                     * tab/window. (see below)
+                     */
+                    if (event === 'storage') {
+                        __AUTH._lastSync = now();
+                        __AUTH._session = await getSession({
+                            broadcast: false,
+                        });
+                        setSession(__AUTH._session);
+                        return;
+                    }
+                    if (
+                    // If there is no time defined for when a session should be considered
+                    // stale, then it's okay to use the value we have until an event is
+                    // triggered which updates it
+                    !event ||
+                        // If the client doesn't have a session then we don't need to call
+                        // the server to check if it does (if they have signed in via another
+                        // tab or window that will come through as a "storage" event anyway)
+                        __AUTH._session === null ||
+                        // Bail out early if the client session is not stale yet
+                        now() < __AUTH._lastSync) {
+                        return;
+                    }
+                    // An event or session staleness occurred, update the client session.
+                    __AUTH._lastSync = now();
+                    __AUTH._session = await getSession();
+                    setSession(__AUTH._session);
+                }
+                catch (error) {
+                    __AUTH._lastSync = now();
+                    __AUTH._session = null;
+                    setSession(null);
+                    // console.error('Error fetching session', error)
+                }
+                finally {
+                    setLoading(false);
+                }
+            };
+        })
+            .finally(() => setLoading(false));
+        return () => {
+            __AUTH._lastSync = 0;
+            __AUTH._session = undefined;
+            __AUTH._getSession = () => { };
+        };
+    }, []);
+    React.useEffect(() => {
+        const handle = () => __AUTH._getSession({ event: 'storage' });
+        // Listen for storage events and update session if event fired from
+        // another window (but suppress firing another event to avoid a loop)
+        // Fetch new session data but tell it not to fire another event to
+        // avoid an infinite loop.
+        // Note: We could pass session data through and do something like
+        // `setData(message.data)` but that can cause problems depending
+        // on how the session object is being used in the client; it is
+        // more robust to have each window/tab fetch it's own copy of the
+        // session object rather than share it across instances.
+        broadcast().addEventListener('message', handle);
+        return () => broadcast().removeEventListener('message', handle);
+    }, []);
+    React.useEffect(() => {
+        const { refetchOnWindowFocus = true } = props;
+        // Listen for when the page is visible, if the user switches tabs
+        // and makes our tab visible again, re-fetch the session, but only if
+        // this feature is not disabled.
+        const visibilityHandler = () => {
+            if (refetchOnWindowFocus && document.visibilityState === 'visible')
+                __AUTH._getSession({ event: 'visibilitychange' });
+        };
+        document.addEventListener('visibilitychange', visibilityHandler, false);
+        return () => document.removeEventListener('visibilitychange', visibilityHandler, false);
+    }, [props.refetchOnWindowFocus]);
+    const isOnline = useOnline();
+    // TODO: Flip this behavior in next major version
+    const shouldRefetch = refetchWhenOffline !== false || isOnline;
+    React.useEffect(() => {
+        if (refetchInterval && shouldRefetch) {
+            const refetchIntervalTimer = setInterval(() => {
+                if (__AUTH._session) {
+                    __AUTH._getSession({ event: 'poll' });
+                }
+            }, refetchInterval * 1000);
+            return () => clearInterval(refetchIntervalTimer);
+        }
+    }, [refetchInterval, shouldRefetch]);
+    const value = React.useMemo(() => ({
+        data: session,
+        status: loading ? 'loading' : session ? 'authenticated' : 'unauthenticated',
+        async update(data) {
+            if (loading)
+                return;
+            setLoading(true);
+            const newSession = await fetchData('session', typeof data === 'undefined' ? undefined : { body: { data } });
+            setLoading(false);
+            if (newSession) {
+                setSession(newSession);
+                broadcast().postMessage({
+                    event: 'session',
+                    data: { trigger: 'getSession' },
+                });
+            }
+            return newSession;
+        },
+    }), [session, loading]);
+    return React.createElement(SessionContext.Provider, { value: value }, children);
+}
+export { useAxiosPrivate, useRefreshToken };
+export { refreshTokenLink } from './trpc';

package/dist/auth/trpc.d.ts

@@ -0,0 +1,6 @@
+import type { TRPCLink } from '@trpc/client';
+/**
+ * tRPC link that refreshes the token if it's expired
+ */
+export declare const refreshTokenLink: () => TRPCLink</*AppRouter*/ any>;
+//# sourceMappingURL=trpc.d.ts.map

package/dist/auth/trpc.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trpc.d.ts","sourceRoot":"","sources":["../../src/auth/trpc.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAA;AAM5C;;GAEG;AACH,eAAO,MAAM,gBAAgB,QAAO,QAAQ,CAAC,aAAa,CAAA,GAAG,CA4E5D,CAAA"}

package/dist/auth/trpc.js

@@ -0,0 +1,81 @@
+import { observable } from '@trpc/server/observable';
+// import type { AppRouter } from '../api'
+import { logout, refreshSession } from './react';
+/**
+ * tRPC link that refreshes the token if it's expired
+ */
+export const refreshTokenLink = () => {
+    /**
+     * Add a lock state to prevent multiple refreshes at the same time
+     */
+    let isRefreshing = false;
+    let refreshPromise = null;
+    return () => {
+        return ({ next, op }) => {
+            return observable((observer) => {
+                let next$ = null;
+                let shouldRetry = true; // Flag to control the retry
+                function attempt() {
+                    next$?.unsubscribe();
+                    next$ = next(op).subscribe({
+                        async error(err) {
+                            if (err.data?.code === 'UNAUTHORIZED' && shouldRetry) {
+                                if (!isRefreshing) {
+                                    isRefreshing = true;
+                                    refreshPromise = (async () => {
+                                        try {
+                                            const response = await fetch('/api/auth/refresh');
+                                            if (response.status !== 200) {
+                                                await logout({
+                                                    /**
+                                                     * No need to delete the cookies, because they are both invalid.
+                                                     */
+                                                    deleteCookies: false,
+                                                });
+                                                return;
+                                            }
+                                            await refreshSession();
+                                        }
+                                        catch (e) {
+                                            await logout({
+                                                /**
+                                                 * No need to delete the cookies, because they are both invalid.
+                                                 */
+                                                deleteCookies: false,
+                                            });
+                                            throw e;
+                                        }
+                                        finally {
+                                            isRefreshing = false;
+                                            refreshPromise = null;
+                                        }
+                                    })();
+                                }
+                                try {
+                                    await refreshPromise;
+                                    shouldRetry = false;
+                                    attempt();
+                                    return;
+                                }
+                                catch (e) {
+                                    // Don't throw under-the-hood refresh flow's errors
+                                }
+                            }
+                            observer.error(err);
+                        },
+                        next(value) {
+                            observer.next(value);
+                        },
+                        complete() {
+                            observer.complete();
+                        },
+                    });
+                }
+                attempt();
+                return () => {
+                    next$?.unsubscribe();
+                };
+            });
+        };
+    };
+};