diff --git a/README.md b/README.md index 7bb0665..3183c0b 100644 --- a/README.md +++ b/README.md @@ -462,6 +462,20 @@ export default async function middleware(request: NextRequest) { export const config = { matcher: ['/', '/account/:path*'] }; ``` +### After auth functions + +If you do not want to run your own middleware with `authkit` and instead want to run a function after a user is authenticated, you can use the `afterAuth` option on `authkitMiddleware`. + +```ts + +export default authkitMiddleware({ + // Run after the user is authenticated + afterAuth: async (userInfo, req) => { + ErrorClient.setUser(userInfo); + }, +}); +``` + ### Signing out Use the `signOut` method to sign out the current logged in user and redirect to your app's default Logout URI. The Logout URI is set in your WorkOS dashboard settings under "Redirect". diff --git a/src/interfaces.ts b/src/interfaces.ts index 8dc5284..0c01189 100644 --- a/src/interfaces.ts +++ b/src/interfaces.ts @@ -71,11 +71,14 @@ export interface AuthkitMiddlewareAuth { unauthenticatedPaths: string[]; } +export type AfterAuthFunction = (userInfo: UserInfo, req: NextRequest) => void | Promise; + export interface AuthkitMiddlewareOptions { debug?: boolean; middlewareAuth?: AuthkitMiddlewareAuth; redirectUri?: string; signUpPaths?: string[]; + afterAuth?: AfterAuthFunction; } export interface AuthkitOptions { diff --git a/src/middleware.ts b/src/middleware.ts index 633ad38..cd1938c 100644 --- a/src/middleware.ts +++ b/src/middleware.ts @@ -8,9 +8,10 @@ export function authkitMiddleware({ middlewareAuth = { enabled: false, unauthenticatedPaths: [] }, redirectUri = WORKOS_REDIRECT_URI, signUpPaths = [], + afterAuth, }: AuthkitMiddlewareOptions = {}): NextMiddleware { return function (request) { - return updateSessionMiddleware(request, debug, middlewareAuth, redirectUri, signUpPaths); + return updateSessionMiddleware({ request, debug, middlewareAuth, redirectUri, signUpPaths, afterAuth }); }; } diff --git a/src/session.ts b/src/session.ts index 42626f6..6587db6 100644 --- a/src/session.ts +++ b/src/session.ts @@ -10,6 +10,7 @@ import { WORKOS_CLIENT_ID, WORKOS_COOKIE_NAME, WORKOS_COOKIE_PASSWORD, WORKOS_RE import { getAuthorizationUrl } from './get-authorization-url.js'; import { AccessToken, + AfterAuthFunction, AuthkitMiddlewareAuth, AuthkitOptions, AuthkitResponse, @@ -36,13 +37,21 @@ async function encryptSession(session: Session) { }); } -async function updateSessionMiddleware( - request: NextRequest, - debug: boolean, - middlewareAuth: AuthkitMiddlewareAuth, - redirectUri: string, - signUpPaths: string[], -) { +async function updateSessionMiddleware({ + request, + debug, + middlewareAuth, + redirectUri, + signUpPaths, + afterAuth, +}: { + request: NextRequest; + debug: boolean; + middlewareAuth: AuthkitMiddlewareAuth; + redirectUri: string; + signUpPaths: string[]; + afterAuth?: AfterAuthFunction; +}) { if (!redirectUri && !WORKOS_REDIRECT_URI) { throw new Error('You must provide a redirect URI in the AuthKit middleware or in the environment variables.'); } @@ -102,6 +111,10 @@ async function updateSessionMiddleware( headers.set(signUpPathsHeaderName, signUpPaths.join(',')); } + if (afterAuth && session.user) { + await afterAuth(session, request); + } + return NextResponse.next({ headers, });