Next 15 compatibility (#119)

* Next 15 compatibility

* Add version bump

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@workos-inc/authkit-nextjs",
-  "version": "0.12.3",
+  "version": "0.13.0",
   "description": "Authentication and session helpers for using WorkOS & AuthKit with Next.js",
   "sideEffects": false,
   "type": "module",
@@ -21,15 +21,15 @@
     "test": "echo \"Error: no test specified\" && exit 1"
   },
   "dependencies": {
-    "@workos-inc/node": "^7.27.5",
+    "@workos-inc/node": "^7.29.0",
     "iron-session": "^8.0.1",
     "jose": "^5.2.3",
     "path-to-regexp": "^6.2.2"
   },
   "peerDependencies": {
-    "next": "^13.5.4 || ^14.0.3",
-    "react": "^18.0",
-    "react-dom": "^18.0"
+    "next": "^13.5.4 || ^14.0.3 || ^15.0.0",
+    "react": "^18.0 || ^19.0.0",
+    "react-dom": "^18.0 || ^19.0.0"
   },
   "devDependencies": {
     "@types/node": "^20.11.28",

src/auth.ts

@@ -18,7 +18,9 @@ async function signOut() {
     name: WORKOS_COOKIE_NAME || 'wos-session',
   };
   if (WORKOS_COOKIE_DOMAIN) cookie.domain = WORKOS_COOKIE_DOMAIN;
-  cookies().delete(cookie);
+
+  const nextCookies = await cookies();
+  nextCookies.delete(cookie);
   await terminateSession();
 }
 

src/authkit-callback-route.ts

@@ -51,8 +51,9 @@ export function handleAuth(options: HandleAuthOptions = {}) {
         // Alternatively you could persist the refresh token in a backend database
         const session = await encryptSession({ accessToken, refreshToken, user, impersonator });
         const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
+        const nextCookies = await cookies();
 
-        cookies().set(cookieName, session, getCookieOptions(request.url));
+        nextCookies.set(cookieName, session, getCookieOptions(request.url));
 
         return response;
       } catch (error) {

src/get-authorization-url.ts

@@ -4,7 +4,8 @@ import { GetAuthURLOptions } from './interfaces.js';
 import { headers } from 'next/headers';
 
 async function getAuthorizationUrl(options: GetAuthURLOptions = {}) {
-  const { returnPathname, screenHint, organizationId, redirectUri = headers().get('x-redirect-uri') } = options;
+  const headersList = await headers();
+  const { returnPathname, screenHint, organizationId, redirectUri = headersList.get('x-redirect-uri') } = options;
 
   return workos.userManagement.getAuthorizationUrl({
     provider: 'authkit',

src/session.ts

@@ -79,7 +79,7 @@ async function updateSession(
 
   // If the user is logged out and this path isn't on the allowlist for logged out paths, redirect to AuthKit.
   if (middlewareAuth.enabled && matchedPaths.length === 0 && !session) {
-    if (debug) console.log('Unauthenticated user on protected route, redirecting to AuthKit');
+    if (debug) console.log(`Unauthenticated user on protected route ${request.url}, redirecting to AuthKit`);
 
     return NextResponse.redirect(
       await getAuthorizationUrl({
@@ -99,10 +99,12 @@ async function updateSession(
   const hasValidSession = await verifyAccessToken(session.accessToken);
   const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
 
+  const nextCookies = await cookies();
+
   if (hasValidSession) {
     if (debug) console.log('Session is valid');
     // set the x-workos-session header according to the current cookie value
-    newRequestHeaders.set(sessionHeaderName, cookies().get(cookieName)!.value);
+    newRequestHeaders.set(sessionHeaderName, nextCookies.get(cookieName)!.value);
     return NextResponse.next({
       request: { headers: newRequestHeaders },
     });
@@ -185,9 +187,12 @@ async function refreshSession({
   });
 
   const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
-  const url = headers().get('x-url');
 
-  cookies().set(cookieName, encryptedSession, getCookieOptions(url));
+  const headersList = await headers();
+  const url = headersList.get('x-url');
+
+  const nextCookies = await cookies();
+  nextCookies.set(cookieName, encryptedSession, getCookieOptions(url));
 
   const { sid: sessionId, org_id: organizationId, role, permissions } = decodeJwt<AccessToken>(accessToken);
 
@@ -221,7 +226,8 @@ function getMiddlewareAuthPathRegex(pathGlob: string) {
 }
 
 async function redirectToSignIn() {
-  const url = headers().get('x-url');
+  const headersList = await headers();
+  const url = headersList.get('x-url');
   const returnPathname = url ? getReturnPathname(url) : undefined;
 
   redirect(await getAuthorizationUrl({ returnPathname }));
@@ -264,14 +270,15 @@ async function verifyAccessToken(accessToken: string) {
   try {
     await jwtVerify(accessToken, JWKS);
     return true;
-  } catch (e) {
+  } catch {
     return false;
   }
 }
 
 async function getSessionFromCookie(response?: NextResponse) {
   const cookieName = WORKOS_COOKIE_NAME || 'wos-session';
-  const cookie = response ? response.cookies.get(cookieName) : cookies().get(cookieName);
+  const nextCookies = await cookies();
+  const cookie = response ? response.cookies.get(cookieName) : nextCookies.get(cookieName);
 
   if (cookie) {
     return unsealData<Session>(cookie.value, {
@@ -306,15 +313,16 @@ async function getSession(response?: NextResponse) {
 }
 
 async function getSessionFromHeader(): Promise<Session | undefined> {
-  const hasMiddleware = Boolean(headers().get(middlewareHeaderName));
+  const headersList = await headers();
+  const hasMiddleware = Boolean(headersList.get(middlewareHeaderName));
 
   if (!hasMiddleware) {
     throw new Error(
       "You are calling 'withAuth' on a path that isn’t covered by the AuthKit middleware. Make sure it is running on all paths you are calling withAuth from by updating your middleware config in `middleware.(js|ts)`.",
     );
   }
 
-  const authHeader = headers().get(sessionHeaderName);
+  const authHeader = headersList.get(sessionHeaderName);
   if (!authHeader) return;
 
   return unsealData<Session>(authHeader, { password: WORKOS_COOKIE_PASSWORD });

src/workos.ts

@@ -1,7 +1,7 @@
 import { WorkOS } from '@workos-inc/node';
 import { WORKOS_API_HOSTNAME, WORKOS_API_KEY, WORKOS_API_HTTPS, WORKOS_API_PORT } from './env-variables.js';
 
-export const VERSION = '0.12.3';
+export const VERSION = '0.13.0';
 
 const options = {
   apiHostname: WORKOS_API_HOSTNAME,