transactional-auth-next 0.1.0

package/dist/index.d.ts

@@ -0,0 +1,23 @@
+import { T as TransactionalAuthConfig } from './types-D3JPYyLl.js';
+export { L as LoginOptions, b as LogoutOptions, S as Session, a as TransactionalAuthUser } from './types-D3JPYyLl.js';
+
+/**
+ * Transactional Auth Next - Configuration
+ */
+
+/**
+ * Initialize the Transactional Auth SDK with your configuration.
+ * Call this once in your application, typically in a layout or middleware.
+ */
+declare function initTransactionalAuth(config: TransactionalAuthConfig): void;
+/**
+ * Get the current configuration.
+ * Throws if not initialized.
+ */
+declare function getConfig(): TransactionalAuthConfig;
+/**
+ * Check if the SDK is initialized.
+ */
+declare function isInitialized(): boolean;
+
+export { TransactionalAuthConfig, getConfig, initTransactionalAuth, isInitialized };

package/dist/index.js

@@ -0,0 +1,80 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  getConfig: () => getConfig,
+  initTransactionalAuth: () => initTransactionalAuth,
+  isInitialized: () => isInitialized
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/config.ts
+var globalConfig = null;
+function initTransactionalAuth(config) {
+  globalConfig = {
+    ...config,
+    scope: config.scope || "openid profile email",
+    cookieName: config.cookieName || "transactional_session",
+    cookieOptions: {
+      secure: config.cookieOptions?.secure ?? process.env.NODE_ENV === "production",
+      sameSite: config.cookieOptions?.sameSite ?? "lax",
+      maxAge: config.cookieOptions?.maxAge ?? 7 * 24 * 60 * 60
+      // 7 days
+    }
+  };
+}
+function getConfig() {
+  if (!globalConfig) {
+    const domain = process.env.TRANSACTIONAL_AUTH_DOMAIN || process.env.NEXT_PUBLIC_TRANSACTIONAL_AUTH_DOMAIN;
+    const clientId = process.env.TRANSACTIONAL_AUTH_CLIENT_ID || process.env.NEXT_PUBLIC_TRANSACTIONAL_AUTH_CLIENT_ID;
+    const clientSecret = process.env.TRANSACTIONAL_AUTH_CLIENT_SECRET;
+    const baseUrl = process.env.TRANSACTIONAL_AUTH_BASE_URL || process.env.NEXT_PUBLIC_APP_URL;
+    if (domain && clientId) {
+      globalConfig = {
+        domain,
+        clientId,
+        clientSecret,
+        baseUrl,
+        scope: "openid profile email",
+        cookieName: "transactional_session",
+        cookieOptions: {
+          secure: process.env.NODE_ENV === "production",
+          sameSite: "lax",
+          maxAge: 7 * 24 * 60 * 60
+        }
+      };
+      return globalConfig;
+    }
+    throw new Error(
+      "Transactional Auth not initialized. Call initTransactionalAuth() or set environment variables."
+    );
+  }
+  return globalConfig;
+}
+function isInitialized() {
+  return globalConfig !== null;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  getConfig,
+  initTransactionalAuth,
+  isInitialized
+});

package/dist/index.mjs

@@ -0,0 +1,10 @@
+import {
+  getConfig,
+  initTransactionalAuth,
+  isInitialized
+} from "./chunk-4S34DQOR.mjs";
+export {
+  getConfig,
+  initTransactionalAuth,
+  isInitialized
+};

package/dist/middleware/index.d.mts

@@ -0,0 +1,56 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { S as Session } from '../types-D3JPYyLl.mjs';
+
+/**
+ * Transactional Auth Next - Middleware
+ */
+
+interface AuthMiddlewareConfig {
+    /** Cookie name for session (defaults to 'transactional_session') */
+    cookieName?: string;
+    /** Paths that require authentication (glob patterns) */
+    protectedPaths?: string[];
+    /** Paths that are always public (glob patterns) */
+    publicPaths?: string[];
+    /** Where to redirect unauthenticated users (defaults to '/api/auth/login') */
+    loginUrl?: string;
+    /** Callback to handle unauthorized access */
+    onUnauthorized?: (request: NextRequest) => NextResponse | Promise<NextResponse>;
+}
+/**
+ * Create authentication middleware for Next.js.
+ *
+ * @example
+ * ```ts
+ * // middleware.ts
+ * import { createAuthMiddleware } from 'transactional-auth-next/middleware';
+ *
+ * export default createAuthMiddleware({
+ *   protectedPaths: ['/dashboard/*', '/settings/*'],
+ *   publicPaths: ['/', '/about', '/api/public/*'],
+ * });
+ *
+ * export const config = {
+ *   matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
+ * };
+ * ```
+ */
+declare function createAuthMiddleware(config?: AuthMiddlewareConfig): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Helper to protect API routes.
+ *
+ * @example
+ * ```ts
+ * // app/api/protected/route.ts
+ * import { withAuth } from 'transactional-auth-next/middleware';
+ *
+ * export const GET = withAuth(async (request, session) => {
+ *   return Response.json({ user: session.user });
+ * });
+ * ```
+ */
+declare function withAuth<T extends unknown[]>(handler: (request: NextRequest, session: Session, ...args: T) => Response | Promise<Response>, options?: {
+    cookieName?: string;
+}): (request: NextRequest, ...args: T) => Promise<Response>;
+
+export { type AuthMiddlewareConfig, createAuthMiddleware, withAuth };

package/dist/middleware/index.d.ts

@@ -0,0 +1,56 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { S as Session } from '../types-D3JPYyLl.js';
+
+/**
+ * Transactional Auth Next - Middleware
+ */
+
+interface AuthMiddlewareConfig {
+    /** Cookie name for session (defaults to 'transactional_session') */
+    cookieName?: string;
+    /** Paths that require authentication (glob patterns) */
+    protectedPaths?: string[];
+    /** Paths that are always public (glob patterns) */
+    publicPaths?: string[];
+    /** Where to redirect unauthenticated users (defaults to '/api/auth/login') */
+    loginUrl?: string;
+    /** Callback to handle unauthorized access */
+    onUnauthorized?: (request: NextRequest) => NextResponse | Promise<NextResponse>;
+}
+/**
+ * Create authentication middleware for Next.js.
+ *
+ * @example
+ * ```ts
+ * // middleware.ts
+ * import { createAuthMiddleware } from 'transactional-auth-next/middleware';
+ *
+ * export default createAuthMiddleware({
+ *   protectedPaths: ['/dashboard/*', '/settings/*'],
+ *   publicPaths: ['/', '/about', '/api/public/*'],
+ * });
+ *
+ * export const config = {
+ *   matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
+ * };
+ * ```
+ */
+declare function createAuthMiddleware(config?: AuthMiddlewareConfig): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Helper to protect API routes.
+ *
+ * @example
+ * ```ts
+ * // app/api/protected/route.ts
+ * import { withAuth } from 'transactional-auth-next/middleware';
+ *
+ * export const GET = withAuth(async (request, session) => {
+ *   return Response.json({ user: session.user });
+ * });
+ * ```
+ */
+declare function withAuth<T extends unknown[]>(handler: (request: NextRequest, session: Session, ...args: T) => Response | Promise<Response>, options?: {
+    cookieName?: string;
+}): (request: NextRequest, ...args: T) => Promise<Response>;
+
+export { type AuthMiddlewareConfig, createAuthMiddleware, withAuth };

package/dist/middleware/index.js

@@ -0,0 +1,119 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/middleware/index.ts
+var middleware_exports = {};
+__export(middleware_exports, {
+  createAuthMiddleware: () => createAuthMiddleware,
+  withAuth: () => withAuth
+});
+module.exports = __toCommonJS(middleware_exports);
+var import_server = require("next/server");
+function createAuthMiddleware(config = {}) {
+  const {
+    cookieName = "transactional_session",
+    protectedPaths = [],
+    publicPaths = [],
+    loginUrl = "/api/auth/login",
+    onUnauthorized
+  } = config;
+  return async (request) => {
+    const { pathname } = request.nextUrl;
+    if (isPathMatch(pathname, publicPaths)) {
+      return import_server.NextResponse.next();
+    }
+    const isProtected = protectedPaths.length === 0 || isPathMatch(pathname, protectedPaths);
+    if (!isProtected) {
+      return import_server.NextResponse.next();
+    }
+    const sessionCookie = request.cookies.get(cookieName);
+    if (!sessionCookie?.value) {
+      return handleUnauthorized(request, loginUrl, onUnauthorized);
+    }
+    try {
+      const session = JSON.parse(
+        Buffer.from(sessionCookie.value, "base64").toString("utf-8")
+      );
+      if (session.expiresAt < Date.now() / 1e3) {
+        return handleUnauthorized(request, loginUrl, onUnauthorized);
+      }
+      const requestHeaders = new Headers(request.headers);
+      requestHeaders.set("x-auth-user-id", session.user.sub);
+      if (session.user.email) {
+        requestHeaders.set("x-auth-user-email", session.user.email);
+      }
+      return import_server.NextResponse.next({
+        request: {
+          headers: requestHeaders
+        }
+      });
+    } catch {
+      return handleUnauthorized(request, loginUrl, onUnauthorized);
+    }
+  };
+}
+function isPathMatch(pathname, patterns) {
+  return patterns.some((pattern) => {
+    const regexPattern = pattern.replace(/\*/g, ".*").replace(/\?/g, ".");
+    const regex = new RegExp(`^${regexPattern}$`);
+    return regex.test(pathname);
+  });
+}
+async function handleUnauthorized(request, loginUrl, onUnauthorized) {
+  if (onUnauthorized) {
+    return onUnauthorized(request);
+  }
+  const url = new URL(loginUrl, request.url);
+  url.searchParams.set("returnTo", request.nextUrl.pathname);
+  return import_server.NextResponse.redirect(url);
+}
+function withAuth(handler, options) {
+  const cookieName = options?.cookieName || "transactional_session";
+  return async (request, ...args) => {
+    const sessionCookie = request.cookies.get(cookieName);
+    if (!sessionCookie?.value) {
+      return Response.json(
+        { error: { code: "unauthorized", message: "Not authenticated" } },
+        { status: 401 }
+      );
+    }
+    try {
+      const session = JSON.parse(
+        Buffer.from(sessionCookie.value, "base64").toString("utf-8")
+      );
+      if (session.expiresAt < Date.now() / 1e3) {
+        return Response.json(
+          { error: { code: "unauthorized", message: "Session expired" } },
+          { status: 401 }
+        );
+      }
+      return handler(request, session, ...args);
+    } catch {
+      return Response.json(
+        { error: { code: "unauthorized", message: "Invalid session" } },
+        { status: 401 }
+      );
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createAuthMiddleware,
+  withAuth
+});

package/dist/middleware/index.mjs

@@ -0,0 +1,93 @@
+// src/middleware/index.ts
+import { NextResponse } from "next/server";
+function createAuthMiddleware(config = {}) {
+  const {
+    cookieName = "transactional_session",
+    protectedPaths = [],
+    publicPaths = [],
+    loginUrl = "/api/auth/login",
+    onUnauthorized
+  } = config;
+  return async (request) => {
+    const { pathname } = request.nextUrl;
+    if (isPathMatch(pathname, publicPaths)) {
+      return NextResponse.next();
+    }
+    const isProtected = protectedPaths.length === 0 || isPathMatch(pathname, protectedPaths);
+    if (!isProtected) {
+      return NextResponse.next();
+    }
+    const sessionCookie = request.cookies.get(cookieName);
+    if (!sessionCookie?.value) {
+      return handleUnauthorized(request, loginUrl, onUnauthorized);
+    }
+    try {
+      const session = JSON.parse(
+        Buffer.from(sessionCookie.value, "base64").toString("utf-8")
+      );
+      if (session.expiresAt < Date.now() / 1e3) {
+        return handleUnauthorized(request, loginUrl, onUnauthorized);
+      }
+      const requestHeaders = new Headers(request.headers);
+      requestHeaders.set("x-auth-user-id", session.user.sub);
+      if (session.user.email) {
+        requestHeaders.set("x-auth-user-email", session.user.email);
+      }
+      return NextResponse.next({
+        request: {
+          headers: requestHeaders
+        }
+      });
+    } catch {
+      return handleUnauthorized(request, loginUrl, onUnauthorized);
+    }
+  };
+}
+function isPathMatch(pathname, patterns) {
+  return patterns.some((pattern) => {
+    const regexPattern = pattern.replace(/\*/g, ".*").replace(/\?/g, ".");
+    const regex = new RegExp(`^${regexPattern}$`);
+    return regex.test(pathname);
+  });
+}
+async function handleUnauthorized(request, loginUrl, onUnauthorized) {
+  if (onUnauthorized) {
+    return onUnauthorized(request);
+  }
+  const url = new URL(loginUrl, request.url);
+  url.searchParams.set("returnTo", request.nextUrl.pathname);
+  return NextResponse.redirect(url);
+}
+function withAuth(handler, options) {
+  const cookieName = options?.cookieName || "transactional_session";
+  return async (request, ...args) => {
+    const sessionCookie = request.cookies.get(cookieName);
+    if (!sessionCookie?.value) {
+      return Response.json(
+        { error: { code: "unauthorized", message: "Not authenticated" } },
+        { status: 401 }
+      );
+    }
+    try {
+      const session = JSON.parse(
+        Buffer.from(sessionCookie.value, "base64").toString("utf-8")
+      );
+      if (session.expiresAt < Date.now() / 1e3) {
+        return Response.json(
+          { error: { code: "unauthorized", message: "Session expired" } },
+          { status: 401 }
+        );
+      }
+      return handler(request, session, ...args);
+    } catch {
+      return Response.json(
+        { error: { code: "unauthorized", message: "Invalid session" } },
+        { status: 401 }
+      );
+    }
+  };
+}
+export {
+  createAuthMiddleware,
+  withAuth
+};

package/dist/server/index.d.mts

@@ -0,0 +1,97 @@
+import { S as Session, a as TransactionalAuthUser, L as LoginOptions, b as LogoutOptions } from '../types-D3JPYyLl.mjs';
+import { NextRequest, NextResponse } from 'next/server';
+
+/**
+ * Transactional Auth Next - Server Session Management
+ */
+
+/**
+ * Get the current session from cookies (Server Component).
+ * Returns null if not authenticated.
+ *
+ * @example
+ * ```tsx
+ * // app/page.tsx (Server Component)
+ * import { getSession } from 'transactional-auth-next/server';
+ *
+ * export default async function Page() {
+ *   const session = await getSession();
+ *
+ *   if (!session) {
+ *     return <p>Not logged in</p>;
+ *   }
+ *
+ *   return <p>Hello, {session.user.name}</p>;
+ * }
+ * ```
+ */
+declare function getSession(): Promise<Session | null>;
+/**
+ * Get the current user from the session (Server Component).
+ * Returns null if not authenticated.
+ */
+declare function getUser(): Promise<TransactionalAuthUser | null>;
+/**
+ * Get the access token from the session (Server Component).
+ * Returns null if not authenticated.
+ */
+declare function getAccessToken(): Promise<string | null>;
+/**
+ * Check if the user is authenticated (Server Component).
+ */
+declare function isAuthenticated(): Promise<boolean>;
+
+/**
+ * Transactional Auth Next - Route Handlers
+ */
+
+/**
+ * Handle login request - redirects to auth server.
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/login/route.ts
+ * import { handleLogin } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleLogin;
+ * ```
+ */
+declare function handleLogin(options?: LoginOptions): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Handle callback from auth server - exchanges code for tokens.
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/callback/route.ts
+ * import { handleCallback } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleCallback;
+ * ```
+ */
+declare function handleCallback(): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Handle logout request.
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/logout/route.ts
+ * import { handleLogout } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleLogout;
+ * ```
+ */
+declare function handleLogout(options?: LogoutOptions): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Handle getting current session (API route).
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/session/route.ts
+ * import { handleSession } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleSession;
+ * ```
+ */
+declare function handleSession(): () => Promise<NextResponse>;
+
+export { getAccessToken, getSession, getUser, handleCallback, handleLogin, handleLogout, handleSession, isAuthenticated };

package/dist/server/index.d.ts

@@ -0,0 +1,97 @@
+import { S as Session, a as TransactionalAuthUser, L as LoginOptions, b as LogoutOptions } from '../types-D3JPYyLl.js';
+import { NextRequest, NextResponse } from 'next/server';
+
+/**
+ * Transactional Auth Next - Server Session Management
+ */
+
+/**
+ * Get the current session from cookies (Server Component).
+ * Returns null if not authenticated.
+ *
+ * @example
+ * ```tsx
+ * // app/page.tsx (Server Component)
+ * import { getSession } from 'transactional-auth-next/server';
+ *
+ * export default async function Page() {
+ *   const session = await getSession();
+ *
+ *   if (!session) {
+ *     return <p>Not logged in</p>;
+ *   }
+ *
+ *   return <p>Hello, {session.user.name}</p>;
+ * }
+ * ```
+ */
+declare function getSession(): Promise<Session | null>;
+/**
+ * Get the current user from the session (Server Component).
+ * Returns null if not authenticated.
+ */
+declare function getUser(): Promise<TransactionalAuthUser | null>;
+/**
+ * Get the access token from the session (Server Component).
+ * Returns null if not authenticated.
+ */
+declare function getAccessToken(): Promise<string | null>;
+/**
+ * Check if the user is authenticated (Server Component).
+ */
+declare function isAuthenticated(): Promise<boolean>;
+
+/**
+ * Transactional Auth Next - Route Handlers
+ */
+
+/**
+ * Handle login request - redirects to auth server.
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/login/route.ts
+ * import { handleLogin } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleLogin;
+ * ```
+ */
+declare function handleLogin(options?: LoginOptions): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Handle callback from auth server - exchanges code for tokens.
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/callback/route.ts
+ * import { handleCallback } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleCallback;
+ * ```
+ */
+declare function handleCallback(): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Handle logout request.
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/logout/route.ts
+ * import { handleLogout } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleLogout;
+ * ```
+ */
+declare function handleLogout(options?: LogoutOptions): (request: NextRequest) => Promise<NextResponse>;
+/**
+ * Handle getting current session (API route).
+ *
+ * @example
+ * ```ts
+ * // app/api/auth/session/route.ts
+ * import { handleSession } from 'transactional-auth-next/server';
+ *
+ * export const GET = handleSession;
+ * ```
+ */
+declare function handleSession(): () => Promise<NextResponse>;
+
+export { getAccessToken, getSession, getUser, handleCallback, handleLogin, handleLogout, handleSession, isAuthenticated };