UNPKG

@auth0/nextjs-auth0

Version:

Auth0 Next.js SDK

github.com/auth0/nextjs-auth0

auth0/nextjs-auth0

84 lines (83 loc) 4.36 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
import { NextResponse } from "next/server.js"; import { RequestCookies, ResponseCookies } from "@edge-runtime/cookies"; import * as jose from "jose"; export declare function encrypt(payload: jose.JWTPayload, secret: string, expiration: number, additionalHeaders?: { iat: number; uat: number; exp: number; }): Promise<string>; export declare function decrypt<T>(cookieValue: string, secret: string, options?: jose.JWTDecryptOptions): Promise<jose.JWTDecryptResult<T> | null>; /** * Verify a signed cookie. If the cookie is valid, the value is returned. Otherwise, undefined is returned. * This method is used solely to migrate signed, legacy cookies to the new encrypted cookie format (v4+). */ export declare function verifySigned(k: string, v: string, secret: string): Promise<string | undefined>; /** * Sign a cookie value using a secret. * This method is used solely to migrate signed, legacy cookies to the new encrypted cookie format (v4+). */ export declare function sign(name: string, value: string, secret: string): Promise<string>; export interface CookieOptions { httpOnly: boolean; sameSite: "lax" | "strict" | "none"; secure: boolean; path: string; maxAge?: number; domain?: string; transient?: boolean; } export type ReadonlyRequestCookies = Omit<RequestCookies, "set" | "clear" | "delete"> & Pick<ResponseCookies, "set" | "delete">; export { ResponseCookies }; export { RequestCookies }; /** * Sets a cookie with the given name and value, splitting it into chunks if necessary. * * If the value exceeds the maximum chunk size, it will be split into multiple cookies * with names suffixed by a chunk index. * * @param name - The name of the cookie. * @param value - The value to be stored in the cookie. * @param options - Options for setting the cookie. * @param reqCookies - The request cookies object, used to enable read-after-write in the same request for middleware. * @param resCookies - The response cookies object, used to set the cookies in the response. */ export declare function setChunkedCookie(name: string, value: string, options: CookieOptions, reqCookies: RequestCookies, resCookies: ResponseCookies): void; /** * Retrieves a chunked cookie by its name from the request cookies. * If a regular cookie with the given name exists, it returns its value. * Otherwise, it attempts to retrieve and combine all chunks of the cookie. * * @param name - The name of the cookie to retrieve. * @param reqCookies - The request cookies object. * @returns The combined value of the chunked cookie, or `undefined` if the cookie does not exist or is incomplete. */ export declare function getChunkedCookie(name: string, reqCookies: RequestCookies, isLegacyCookie?: boolean): string | undefined; /** * Deletes a chunked cookie and all its associated chunks from the response cookies. * * @param name - The name of the main cookie to delete. * @param reqCookies - The request cookies object containing all cookies from the request. * @param resCookies - The response cookies object to manipulate the cookies in the response. * @param isLegacyCookie - Whether to handle legacy cookie format. * @param options - Options for cookie deletion including domain and path. */ export declare function deleteChunkedCookie(name: string, reqCookies: RequestCookies, resCookies: ResponseCookies, isLegacyCookie?: boolean, options?: Pick<CookieOptions, "domain" | "path">): void; /** * Unconditionally adds strict cache-control headers to the response. * * This ensures the response is not cached by CDNs or other shared caches. * It is now the caller's responsibility to decide when to call this function. * * Usage: * Call this function whenever a `Set-Cookie` header is being written * for session management or any other sensitive data that must not be cached. */ export declare function addCacheControlHeadersForSession(res: NextResponse): void; /** * Deletes a cookie from the response with optional domain and path specifications. * * @param resCookies - The response cookies object to manipulate. * @param name - The name of the cookie to delete. * @param options - Optional domain and path settings for cookie deletion. */ export declare function deleteCookie(resCookies: ResponseCookies, name: string, options?: Pick<CookieOptions, "domain" | "path">): void;