transactional-auth-next 0.1.0

package/README.md

@@ -0,0 +1,312 @@
+# transactional-auth-next
+
+Next.js SDK for Transactional Auth - OpenID Connect authentication with full support for App Router, Server Components, and Middleware.
+
+## Installation
+
+```bash
+npm install transactional-auth-next
+# or
+yarn add transactional-auth-next
+# or
+pnpm add transactional-auth-next
+```
+
+## Quick Start
+
+### 1. Set Environment Variables
+
+```env
+TRANSACTIONAL_AUTH_DOMAIN=auth.usetransactional.com
+TRANSACTIONAL_AUTH_CLIENT_ID=your-client-id
+TRANSACTIONAL_AUTH_CLIENT_SECRET=your-client-secret
+TRANSACTIONAL_AUTH_BASE_URL=http://localhost:3000
+```
+
+### 2. Create API Routes
+
+Create a catch-all route handler for authentication:
+
+```ts
+// app/api/auth/[...auth]/route.ts
+import {
+  handleLogin,
+  handleCallback,
+  handleLogout,
+  handleSession,
+} from 'transactional-auth-next/server';
+import { NextRequest } from 'next/server';
+
+export async function GET(
+  request: NextRequest,
+  { params }: { params: { auth: string[] } }
+) {
+  const route = params.auth[0];
+
+  switch (route) {
+    case 'login':
+      return handleLogin()(request);
+    case 'callback':
+      return handleCallback()(request);
+    case 'logout':
+      return handleLogout()(request);
+    case 'session':
+      return handleSession()(request);
+    default:
+      return new Response('Not found', { status: 404 });
+  }
+}
+```
+
+### 3. Add Provider to Layout
+
+```tsx
+// app/layout.tsx
+import { TransactionalAuthProvider } from 'transactional-auth-next/client';
+
+export default function RootLayout({
+  children,
+}: {
+  children: React.ReactNode;
+}) {
+  return (
+    <html lang="en">
+      <body>
+        <TransactionalAuthProvider>{children}</TransactionalAuthProvider>
+      </body>
+    </html>
+  );
+}
+```
+
+### 4. Use in Components
+
+**Server Component:**
+
+```tsx
+// app/page.tsx
+import { getSession, getUser } from 'transactional-auth-next/server';
+
+export default async function Page() {
+  const session = await getSession();
+
+  if (!session) {
+    return <p>Not logged in</p>;
+  }
+
+  return (
+    <div>
+      <h1>Welcome, {session.user.name}</h1>
+      <p>Email: {session.user.email}</p>
+    </div>
+  );
+}
+```
+
+**Client Component:**
+
+```tsx
+// components/login-button.tsx
+'use client';
+
+import { useAuth } from 'transactional-auth-next/client';
+
+export function LoginButton() {
+  const { user, isLoading, login, logout } = useAuth();
+
+  if (isLoading) {
+    return <div>Loading...</div>;
+  }
+
+  if (user) {
+    return (
+      <div>
+        <span>Hello, {user.name}</span>
+        <button onClick={() => logout()}>Logout</button>
+      </div>
+    );
+  }
+
+  return <button onClick={() => login()}>Login</button>;
+}
+```
+
+## Protecting Routes with Middleware
+
+```ts
+// middleware.ts
+import { createAuthMiddleware } from 'transactional-auth-next/middleware';
+
+export default createAuthMiddleware({
+  protectedPaths: ['/dashboard/*', '/settings/*', '/api/protected/*'],
+  publicPaths: ['/', '/about', '/api/public/*'],
+});
+
+export const config = {
+  matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
+};
+```
+
+## Protecting API Routes
+
+```ts
+// app/api/protected/route.ts
+import { withAuth } from 'transactional-auth-next/middleware';
+import { NextRequest } from 'next/server';
+
+export const GET = withAuth(async (request, session) => {
+  return Response.json({
+    message: 'This is protected data',
+    user: session.user,
+  });
+});
+```
+
+## API Reference
+
+### Server Functions (`transactional-auth-next/server`)
+
+#### `getSession()`
+
+Get the current session in a Server Component.
+
+```tsx
+const session = await getSession();
+// session?.user, session?.accessToken, session?.expiresAt
+```
+
+#### `getUser()`
+
+Get the current user in a Server Component.
+
+```tsx
+const user = await getUser();
+// user?.sub, user?.email, user?.name
+```
+
+#### `getAccessToken()`
+
+Get the access token for API calls.
+
+```tsx
+const token = await getAccessToken();
+```
+
+#### `isAuthenticated()`
+
+Check if user is authenticated.
+
+```tsx
+const authenticated = await isAuthenticated();
+```
+
+#### Route Handlers
+
+- `handleLogin(options?)` - Redirects to auth server
+- `handleCallback()` - Handles OAuth callback
+- `handleLogout(options?)` - Logs out user
+- `handleSession()` - Returns current session as JSON
+
+### Client Functions (`transactional-auth-next/client`)
+
+#### `TransactionalAuthProvider`
+
+Wrap your app to provide auth context.
+
+```tsx
+<TransactionalAuthProvider initialSession={session}>
+  {children}
+</TransactionalAuthProvider>
+```
+
+#### `useAuth()`
+
+Hook for auth state and methods.
+
+```tsx
+const { user, isLoading, isAuthenticated, login, logout, refreshSession } = useAuth();
+```
+
+#### `useUser()`
+
+Hook for just user data.
+
+```tsx
+const { user, isLoading } = useUser();
+```
+
+### Middleware (`transactional-auth-next/middleware`)
+
+#### `createAuthMiddleware(config)`
+
+Create Next.js middleware for route protection.
+
+```ts
+createAuthMiddleware({
+  protectedPaths: ['/dashboard/*'],
+  publicPaths: ['/'],
+  loginUrl: '/api/auth/login',
+  onUnauthorized: (request) => NextResponse.redirect('/login'),
+});
+```
+
+#### `withAuth(handler, options?)`
+
+Protect individual API routes.
+
+```ts
+export const GET = withAuth(async (request, session) => {
+  // session is guaranteed to exist
+  return Response.json({ user: session.user });
+});
+```
+
+## Configuration
+
+### Environment Variables
+
+| Variable | Required | Description |
+|----------|----------|-------------|
+| `TRANSACTIONAL_AUTH_DOMAIN` | Yes | Auth domain |
+| `TRANSACTIONAL_AUTH_CLIENT_ID` | Yes | Client ID |
+| `TRANSACTIONAL_AUTH_CLIENT_SECRET` | Server-side | Client secret |
+| `TRANSACTIONAL_AUTH_BASE_URL` | Yes | Your app URL |
+
+### Programmatic Configuration
+
+```ts
+import { initTransactionalAuth } from 'transactional-auth-next';
+
+initTransactionalAuth({
+  domain: 'auth.usetransactional.com',
+  clientId: 'your-client-id',
+  clientSecret: 'your-client-secret',
+  baseUrl: 'http://localhost:3000',
+  scope: 'openid profile email',
+  audience: 'https://api.example.com',
+  cookieName: 'my_session',
+  cookieOptions: {
+    secure: true,
+    sameSite: 'lax',
+    maxAge: 7 * 24 * 60 * 60,
+  },
+});
+```
+
+## TypeScript
+
+Full TypeScript support with exported types:
+
+```ts
+import type {
+  TransactionalAuthConfig,
+  TransactionalAuthUser,
+  Session,
+  LoginOptions,
+  LogoutOptions,
+} from 'transactional-auth-next';
+```
+
+## License
+
+MIT

package/dist/chunk-4S34DQOR.mjs

@@ -0,0 +1,52 @@
+// src/config.ts
+var globalConfig = null;
+function initTransactionalAuth(config) {
+  globalConfig = {
+    ...config,
+    scope: config.scope || "openid profile email",
+    cookieName: config.cookieName || "transactional_session",
+    cookieOptions: {
+      secure: config.cookieOptions?.secure ?? process.env.NODE_ENV === "production",
+      sameSite: config.cookieOptions?.sameSite ?? "lax",
+      maxAge: config.cookieOptions?.maxAge ?? 7 * 24 * 60 * 60
+      // 7 days
+    }
+  };
+}
+function getConfig() {
+  if (!globalConfig) {
+    const domain = process.env.TRANSACTIONAL_AUTH_DOMAIN || process.env.NEXT_PUBLIC_TRANSACTIONAL_AUTH_DOMAIN;
+    const clientId = process.env.TRANSACTIONAL_AUTH_CLIENT_ID || process.env.NEXT_PUBLIC_TRANSACTIONAL_AUTH_CLIENT_ID;
+    const clientSecret = process.env.TRANSACTIONAL_AUTH_CLIENT_SECRET;
+    const baseUrl = process.env.TRANSACTIONAL_AUTH_BASE_URL || process.env.NEXT_PUBLIC_APP_URL;
+    if (domain && clientId) {
+      globalConfig = {
+        domain,
+        clientId,
+        clientSecret,
+        baseUrl,
+        scope: "openid profile email",
+        cookieName: "transactional_session",
+        cookieOptions: {
+          secure: process.env.NODE_ENV === "production",
+          sameSite: "lax",
+          maxAge: 7 * 24 * 60 * 60
+        }
+      };
+      return globalConfig;
+    }
+    throw new Error(
+      "Transactional Auth not initialized. Call initTransactionalAuth() or set environment variables."
+    );
+  }
+  return globalConfig;
+}
+function isInitialized() {
+  return globalConfig !== null;
+}
+
+export {
+  initTransactionalAuth,
+  getConfig,
+  isInitialized
+};

package/dist/client/index.d.mts

@@ -0,0 +1,73 @@
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import * as React from 'react';
+import { a as TransactionalAuthUser } from '../types-D3JPYyLl.mjs';
+
+interface AuthContextValue {
+    user: TransactionalAuthUser | null;
+    isLoading: boolean;
+    isAuthenticated: boolean;
+    login: (returnTo?: string) => void;
+    logout: (returnTo?: string) => void;
+    refreshSession: () => Promise<void>;
+}
+interface TransactionalAuthProviderProps {
+    children: React.ReactNode;
+    /** Initial session from server (optional) */
+    initialSession?: {
+        user: TransactionalAuthUser;
+        expiresAt: number;
+    } | null;
+}
+/**
+ * Client-side auth provider for Next.js.
+ *
+ * @example
+ * ```tsx
+ * // app/layout.tsx
+ * import { TransactionalAuthProvider } from 'transactional-auth-next/client';
+ *
+ * export default function RootLayout({ children }) {
+ *   return (
+ *     <html>
+ *       <body>
+ *         <TransactionalAuthProvider>
+ *           {children}
+ *         </TransactionalAuthProvider>
+ *       </body>
+ *     </html>
+ *   );
+ * }
+ * ```
+ */
+declare function TransactionalAuthProvider({ children, initialSession, }: TransactionalAuthProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * Hook to access auth state and methods in Client Components.
+ *
+ * @example
+ * ```tsx
+ * 'use client';
+ * import { useAuth } from 'transactional-auth-next/client';
+ *
+ * export function LoginButton() {
+ *   const { user, isLoading, login, logout } = useAuth();
+ *
+ *   if (isLoading) return <div>Loading...</div>;
+ *
+ *   if (user) {
+ *     return <button onClick={() => logout()}>Logout</button>;
+ *   }
+ *
+ *   return <button onClick={() => login()}>Login</button>;
+ * }
+ * ```
+ */
+declare function useAuth(): AuthContextValue;
+/**
+ * Hook to get the current user in Client Components.
+ */
+declare function useUser(): {
+    user: TransactionalAuthUser | null;
+    isLoading: boolean;
+};
+
+export { TransactionalAuthProvider, useAuth, useUser };

package/dist/client/index.d.ts

@@ -0,0 +1,73 @@
+import * as react_jsx_runtime from 'react/jsx-runtime';
+import * as React from 'react';
+import { a as TransactionalAuthUser } from '../types-D3JPYyLl.js';
+
+interface AuthContextValue {
+    user: TransactionalAuthUser | null;
+    isLoading: boolean;
+    isAuthenticated: boolean;
+    login: (returnTo?: string) => void;
+    logout: (returnTo?: string) => void;
+    refreshSession: () => Promise<void>;
+}
+interface TransactionalAuthProviderProps {
+    children: React.ReactNode;
+    /** Initial session from server (optional) */
+    initialSession?: {
+        user: TransactionalAuthUser;
+        expiresAt: number;
+    } | null;
+}
+/**
+ * Client-side auth provider for Next.js.
+ *
+ * @example
+ * ```tsx
+ * // app/layout.tsx
+ * import { TransactionalAuthProvider } from 'transactional-auth-next/client';
+ *
+ * export default function RootLayout({ children }) {
+ *   return (
+ *     <html>
+ *       <body>
+ *         <TransactionalAuthProvider>
+ *           {children}
+ *         </TransactionalAuthProvider>
+ *       </body>
+ *     </html>
+ *   );
+ * }
+ * ```
+ */
+declare function TransactionalAuthProvider({ children, initialSession, }: TransactionalAuthProviderProps): react_jsx_runtime.JSX.Element;
+/**
+ * Hook to access auth state and methods in Client Components.
+ *
+ * @example
+ * ```tsx
+ * 'use client';
+ * import { useAuth } from 'transactional-auth-next/client';
+ *
+ * export function LoginButton() {
+ *   const { user, isLoading, login, logout } = useAuth();
+ *
+ *   if (isLoading) return <div>Loading...</div>;
+ *
+ *   if (user) {
+ *     return <button onClick={() => logout()}>Logout</button>;
+ *   }
+ *
+ *   return <button onClick={() => login()}>Login</button>;
+ * }
+ * ```
+ */
+declare function useAuth(): AuthContextValue;
+/**
+ * Hook to get the current user in Client Components.
+ */
+declare function useUser(): {
+    user: TransactionalAuthUser | null;
+    isLoading: boolean;
+};
+
+export { TransactionalAuthProvider, useAuth, useUser };

package/dist/client/index.js

@@ -0,0 +1,110 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/client/index.ts
+var client_exports = {};
+__export(client_exports, {
+  TransactionalAuthProvider: () => TransactionalAuthProvider,
+  useAuth: () => useAuth,
+  useUser: () => useUser
+});
+module.exports = __toCommonJS(client_exports);
+
+// src/client/provider.tsx
+var React = __toESM(require("react"));
+var import_jsx_runtime = require("react/jsx-runtime");
+var AuthContext = React.createContext(null);
+function TransactionalAuthProvider({
+  children,
+  initialSession
+}) {
+  const [user, setUser] = React.useState(
+    initialSession?.user || null
+  );
+  const [isLoading, setIsLoading] = React.useState(!initialSession);
+  React.useEffect(() => {
+    if (!initialSession) {
+      fetchSession();
+    }
+  }, [initialSession]);
+  const fetchSession = async () => {
+    try {
+      const response = await fetch("/api/auth/session");
+      const data = await response.json();
+      setUser(data.session?.user || null);
+    } catch {
+      setUser(null);
+    } finally {
+      setIsLoading(false);
+    }
+  };
+  const login = (returnTo) => {
+    const url = new URL("/api/auth/login", window.location.origin);
+    if (returnTo) {
+      url.searchParams.set("returnTo", returnTo);
+    }
+    window.location.href = url.toString();
+  };
+  const logout = (returnTo) => {
+    const url = new URL("/api/auth/logout", window.location.origin);
+    if (returnTo) {
+      url.searchParams.set("returnTo", returnTo);
+    }
+    window.location.href = url.toString();
+  };
+  const refreshSession = async () => {
+    await fetchSession();
+  };
+  const value = {
+    user,
+    isLoading,
+    isAuthenticated: !!user,
+    login,
+    logout,
+    refreshSession
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(AuthContext.Provider, { value, children });
+}
+function useAuth() {
+  const context = React.useContext(AuthContext);
+  if (!context) {
+    throw new Error("useAuth must be used within a TransactionalAuthProvider");
+  }
+  return context;
+}
+function useUser() {
+  const { user, isLoading } = useAuth();
+  return { user, isLoading };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  TransactionalAuthProvider,
+  useAuth,
+  useUser
+});

package/dist/client/index.mjs

@@ -0,0 +1,71 @@
+// src/client/provider.tsx
+import * as React from "react";
+import { jsx } from "react/jsx-runtime";
+var AuthContext = React.createContext(null);
+function TransactionalAuthProvider({
+  children,
+  initialSession
+}) {
+  const [user, setUser] = React.useState(
+    initialSession?.user || null
+  );
+  const [isLoading, setIsLoading] = React.useState(!initialSession);
+  React.useEffect(() => {
+    if (!initialSession) {
+      fetchSession();
+    }
+  }, [initialSession]);
+  const fetchSession = async () => {
+    try {
+      const response = await fetch("/api/auth/session");
+      const data = await response.json();
+      setUser(data.session?.user || null);
+    } catch {
+      setUser(null);
+    } finally {
+      setIsLoading(false);
+    }
+  };
+  const login = (returnTo) => {
+    const url = new URL("/api/auth/login", window.location.origin);
+    if (returnTo) {
+      url.searchParams.set("returnTo", returnTo);
+    }
+    window.location.href = url.toString();
+  };
+  const logout = (returnTo) => {
+    const url = new URL("/api/auth/logout", window.location.origin);
+    if (returnTo) {
+      url.searchParams.set("returnTo", returnTo);
+    }
+    window.location.href = url.toString();
+  };
+  const refreshSession = async () => {
+    await fetchSession();
+  };
+  const value = {
+    user,
+    isLoading,
+    isAuthenticated: !!user,
+    login,
+    logout,
+    refreshSession
+  };
+  return /* @__PURE__ */ jsx(AuthContext.Provider, { value, children });
+}
+function useAuth() {
+  const context = React.useContext(AuthContext);
+  if (!context) {
+    throw new Error("useAuth must be used within a TransactionalAuthProvider");
+  }
+  return context;
+}
+function useUser() {
+  const { user, isLoading } = useAuth();
+  return { user, isLoading };
+}
+export {
+  TransactionalAuthProvider,
+  useAuth,
+  useUser
+};

package/dist/index.d.mts

@@ -0,0 +1,23 @@
+import { T as TransactionalAuthConfig } from './types-D3JPYyLl.mjs';
+export { L as LoginOptions, b as LogoutOptions, S as Session, a as TransactionalAuthUser } from './types-D3JPYyLl.mjs';
+
+/**
+ * Transactional Auth Next - Configuration
+ */
+
+/**
+ * Initialize the Transactional Auth SDK with your configuration.
+ * Call this once in your application, typically in a layout or middleware.
+ */
+declare function initTransactionalAuth(config: TransactionalAuthConfig): void;
+/**
+ * Get the current configuration.
+ * Throws if not initialized.
+ */
+declare function getConfig(): TransactionalAuthConfig;
+/**
+ * Check if the SDK is initialized.
+ */
+declare function isInitialized(): boolean;
+
+export { TransactionalAuthConfig, getConfig, initTransactionalAuth, isInitialized };