Account for pages directory in the function implementation

Author: bcbogdan

lib/ts/framework/index.ts

@@ -0,0 +1,27 @@
+import SuperTokensReact from "../";
+import type { SuperTokensConfig } from "../types";
+
+const NextjsRouter = {
+    pathName: "",
+};
+
+type SuperTokensNextjsConfig = {
+    routing: "app-directory" | "pages-directory";
+} & SuperTokensConfig;
+
+export function init(config: SuperTokensConfig) {
+    if (typeof window !== "undefined") {
+        SuperTokensReact.init({
+            ...config,
+            windowHandler: (original) => ({
+                ...original,
+                location: {
+                    ...original.location,
+                    getPathName: () => NextjsRouter.pathName,
+                },
+            }),
+        });
+    }
+}
+
+export function SuperTokensProvider(props) {}

lib/ts/framework/nextjs.ts

@@ -0,0 +1,144 @@
+import jose from "jose";
+
+import SuperTokens from "../../../superTokens";
+
+import type { AccessTokenPayload, LoadedSessionContext } from "../types";
+
+const COOKIE_ACCESS_TOKEN_NAME = "sAccessToken";
+const HEADER_ACCESS_TOKEN_NAME = "st-access-token";
+const FRONT_TOKEN_NAME = "sFrontToken";
+
+type CookiesStore = {
+    get: (name: string) => { value: string };
+};
+
+function isCookiesStore(obj: unknown): obj is CookiesStore {
+    return typeof obj === "object" && obj !== null && "get" in obj && typeof (obj as CookiesStore).get === "function";
+}
+
+type CookiesObject = Record<string, string>;
+
+type GetServerSidePropsRedirect = {
+    redirect: { destination: string; permanent: boolean };
+};
+type GetServerSidePropsReturnValue =
+    | {
+          props: { session: LoadedSessionContext };
+      }
+    | GetServerSidePropsRedirect;
+
+type SSRSessionState =
+    | "front-token-not-found"
+    | "front-token-expired"
+    | "access-token-not-found"
+    | "tokens-do-not-match"
+    | "tokens-match";
+
+export async function getSSRSession(
+    cookies: CookiesStore,
+    redirect: (url: string) => never
+): Promise<LoadedSessionContext>;
+export async function getSSRSession(cookies: CookiesObject): Promise<GetServerSidePropsReturnValue>;
+export async function getSSRSession(
+    cookies: CookiesObject | CookiesStore,
+    redirect?: (url: string) => never
+): Promise<LoadedSessionContext | GetServerSidePropsReturnValue> {
+    if (isCookiesStore(cookies)) {
+        if (!redirect) {
+            throw new Error("Undefined redirect function");
+        }
+    }
+
+    const { state, session } = await getSSRSessionState(cookies);
+    switch (state) {
+        case "front-token-not-found":
+            if (!redirect) {
+                return { redirect: { destination: getWebsiteBasePath(), permanent: false } };
+            } else {
+                return redirect(getWebsiteBasePath());
+            }
+        case "front-token-expired":
+        case "access-token-not-found":
+        case "tokens-do-not-match":
+            if (!redirect) {
+                return { redirect: { destination: `${getApiBasePath()}/refresh`, permanent: false } };
+            } else {
+                return redirect(`${getApiBasePath()}/refresh`);
+            }
+        case "tokens-match":
+            if (!redirect) {
+                return { props: { session: session as LoadedSessionContext } };
+            }
+            return session as LoadedSessionContext;
+        default:
+            // This is here just to prevent typescript from complaining
+            // about the function not returning a value
+            throw new Error(`Unknown state: ${state}`);
+    }
+}
+
+function getCookieValue(cookieStore: CookiesStore | CookiesObject, name: string): string | undefined {
+    if (isCookiesStore(cookieStore)) {
+        return cookieStore.get(name)?.value;
+    }
+    return cookieStore[name];
+}
+
+async function getSSRSessionState(
+    cookies: CookiesObject | CookiesStore
+): Promise<{ state: SSRSessionState; session?: LoadedSessionContext }> {
+    const frontToken = getCookieValue(cookies, FRONT_TOKEN_NAME);
+    if (!frontToken) {
+        return { state: "front-token-not-found" };
+    }
+
+    const parsedFrontToken = parseFrontToken(frontToken);
+    if (parsedFrontToken.up?.exp && parsedFrontToken.up.exp < Date.now()) {
+        return { state: "front-token-expired" };
+    }
+
+    const accessToken =
+        getCookieValue(cookies, COOKIE_ACCESS_TOKEN_NAME) || getCookieValue(cookies, HEADER_ACCESS_TOKEN_NAME);
+    if (!accessToken) {
+        return { state: "access-token-not-found" };
+    }
+
+    const parsedAccessToken = await parseAccessToken(accessToken);
+    if (!comparePayloads(parsedFrontToken, parsedAccessToken)) {
+        return { state: "tokens-do-not-match" };
+    }
+
+    return {
+        state: "tokens-match",
+        session: {
+            userId: parsedAccessToken.up.sub,
+            accessTokenPayload: parsedAccessToken,
+            doesSessionExist: true,
+            loading: false,
+            invalidClaims: [],
+            accessDeniedValidatorError: undefined,
+        },
+    };
+}
+
+const getApiBasePath = () => {
+    return SuperTokens.getInstanceOrThrow().appInfo.apiBasePath.getAsStringDangerous();
+};
+
+const getWebsiteBasePath = () => {
+    return SuperTokens.getInstanceOrThrow().appInfo.websiteBasePath.getAsStringDangerous();
+};
+
+function parseFrontToken(frontToken: string): AccessTokenPayload {
+    return JSON.parse(decodeURIComponent(escape(atob(frontToken))));
+}
+
+async function parseAccessToken(token: string): Promise<AccessTokenPayload> {
+    const JWKS = jose.createRemoteJWKSet(new URL(`${getApiBasePath()}/authjwt/jwks.json`));
+    const { payload } = await jose.jwtVerify(token, JWKS);
+    return payload;
+}
+
+function comparePayloads(payload1: AccessTokenPayload, payload2: AccessTokenPayload): boolean {
+    return JSON.stringify(payload1) === JSON.stringify(payload2);
+}

lib/ts/recipe/session/framework/index.ts

@@ -1,20 +1,18 @@
 import jose from "jose";
-import { cookies, headers } from "next/headers";
+import { cookies } from "next/headers";
 import { redirect } from "next/navigation";
 
 import SuperTokens from "../../../superTokens";
 
 import type { AccessTokenPayload, LoadedSessionContext } from "../types";
 
-// const ACCESS_TOKEN_NAME = "st-access-token";
 const COOKIE_ACCESS_TOKEN_NAME = "sAccessToken";
 const HEADER_ACCESS_TOKEN_NAME = "st-access-token";
 const FRONT_TOKEN_NAME = "sFrontToken";
 
 // TODO:
 // - Add error handling
 export async function getSessionOrRedirect(): Promise<LoadedSessionContext> {
-    // const headersList = await headers();
     const cookieStore = await cookies();
     const frontToken = cookieStore.get(FRONT_TOKEN_NAME)?.value;
     const authPagePage = getWebsiteBasePath();
@@ -28,7 +26,6 @@ export async function getSessionOrRedirect(): Promise<LoadedSessionContext> {
         redirect(refreshTokenPath);
     }
 
-    // Apparently both end up in cookies.
     const accessToken =
         cookieStore.get(COOKIE_ACCESS_TOKEN_NAME)?.value || cookieStore.get(HEADER_ACCESS_TOKEN_NAME)?.value;
     if (!accessToken) {
@@ -70,19 +67,5 @@ async function parseAccessToken(token: string): Promise<AccessTokenPayload> {
 }
 
 function comparePayloads(payload1: AccessTokenPayload, payload2: AccessTokenPayload): boolean {
-    return (
-        payload1.uid === payload2.uid &&
-        payload1.ate === payload2.ate &&
-        payload1.up.sub === payload2.up.sub &&
-        payload1.up.tId === payload2.up.tId &&
-        payload1.up.sessionHandle === payload2.up.sessionHandle &&
-        payload1.up.refrehTokenHash1 === payload2.up.refrehTokenHash1 &&
-        payload1.up.parentRefereshTokenHash1 === payload2.up.parentRefereshTokenHash1 &&
-        payload1.up.antiCsrfToken === payload2.up.antiCsrfToken &&
-        payload1.up.iss === payload2.up.iss &&
-        payload1.up["st-role"].v === payload2.up["st-role"].v &&
-        payload1.up["st-role"].t.toString() === payload2.up["st-role"].t.toString() &&
-        payload1.up["st-perm"].v.toString() === payload2.up["st-perm"].v.toString() &&
-        payload1.up["st-perm"].t === payload2.up["st-perm"].t
-    );
+    return JSON.stringify(payload1) === JSON.stringify(payload2);
 }