Permit signUpWithCredential in non-browser environments

2026-06-13 21:01:21 +08:00 · 2025-02-27 15:29:03 -08:00 · 2025-02-27 15:29:03 -08:00 · a052f94976
commit a052f94976
parent c82068288c
3 changed files with 19 additions and 24 deletions
--- a/packages/template/src/lib/cookie.ts
+++ b/packages/template/src/lib/cookie.ts
@ -21,15 +21,13 @@ export type CookieHelper = {
  delete: (name: string, options: DeleteCookieOptions) => void,
 };

-export async function createEmptyCookieHelper(): Promise<CookieHelper> {
-  function throwError() {
-    throw new StackAssertionError("Empty cookie helper is just a placeholder. This should never be called");
+const placeholderCookieHelperIdentity = { "placeholder cookie helper identity": true };
+export async function createPlaceholderCookieHelper(): Promise<CookieHelper> {
+  function throwError(): never {
+    throw new StackAssertionError("Throwing cookie helper is just a placeholder. This should never be called");
  }
  return {
-    get: () => {
-      throwError();
-      return null;
-    },
+    get: throwError,
    set: throwError,
    setOrDelete: throwError,
    delete: throwError,
@ -46,7 +44,7 @@ export async function createCookieHelper(): Promise<CookieHelper> {
      await rscHeaders(),
    );
    // ELSE_PLATFORM
-    return await createEmptyCookieHelper();
+    return await createPlaceholderCookieHelper();
    // END_PLATFORM
  }
 }
@ -76,7 +74,7 @@ function handleCookieError(e: unknown, options: DeleteCookieOptions | SetCookieO
 function createNextCookieHelper(
  rscCookiesAwaited: Awaited<ReturnType<typeof rscCookies>>,
  rscHeadersAwaited: Awaited<ReturnType<typeof rscHeaders>>,
-) {
+): CookieHelper {
  const cookieHelper = {
    get: (name: string) => {
      // set a helper cookie, see comment in `NextCookieHelper.set` below
--- a/packages/template/src/lib/stack-app.ts
+++ b/packages/template/src/lib/stack-app.ts
@ -36,7 +36,7 @@ import * as NextNavigationUnscrambled from "next/navigation"; // import the enti
 import React, { useCallback, useMemo } from "react";
 import { constructRedirectUrl } from "../utils/url";
 import { addNewOAuthProviderOrScope, callOAuthCallback, signInWithOAuth } from "./auth";
-import { CookieHelper, createBrowserCookieHelper, createCookieHelper, createEmptyCookieHelper, deleteCookieClient, getCookieClient, setOrDeleteCookie, setOrDeleteCookieClient } from "./cookie";
+import { CookieHelper, createBrowserCookieHelper, createCookieHelper, createPlaceholderCookieHelper, deleteCookieClient, getCookieClient, setOrDeleteCookie, setOrDeleteCookieClient } from "./cookie";

 let isReactServer = false;
 // IF_PLATFORM next
@ -426,7 +426,7 @@ class _StackClientAppImpl<HasTokenStore extends boolean, ProjectId extends strin
    if (this._tokenStoreInit === 'nextjs-cookie' || this._tokenStoreInit === 'cookie') {
      return await createCookieHelper();
    } else {
-      return await createEmptyCookieHelper();
+      return await createPlaceholderCookieHelper();
    }
  }

@ -571,6 +571,7 @@ class _StackClientAppImpl<HasTokenStore extends boolean, ProjectId extends strin
  }

  protected _memoryTokenStore = createEmptyTokenStore();
+  protected _nextServerCookiesTokenStores = new WeakMap<object, Store<TokenObject>>();
  protected _requestTokenStores = new WeakMap<RequestLike, Store<TokenObject>>();
  protected _storedBrowserCookieTokenStore: Store<TokenObject> | null = null;
  protected get _refreshTokenCookieName() {
@ -1558,10 +1559,11 @@ class _StackClientAppImpl<HasTokenStore extends boolean, ProjectId extends strin
    email: string,
    password: string,
    noRedirect?: boolean,
+    verificationCallbackUrl?: string,
  }): Promise<Result<undefined, KnownErrors["UserEmailAlreadyExists"] | KnownErrors['PasswordRequirementsNotMet']>> {
    this._ensurePersistentTokenStore();
    const session = await this._getSession();
-    const emailVerificationRedirectUrl = constructRedirectUrl(this.urls.emailVerification);
+    const emailVerificationRedirectUrl = options.verificationCallbackUrl ?? constructRedirectUrl(this.urls.emailVerification);
    const result = await this._interface.signUpWithCredential(
      options.email,
      options.password,
--- a/packages/template/src/utils/url.ts
+++ b/packages/template/src/utils/url.ts
@ -1,17 +1,12 @@
-export function autoRedirect() {
-  const url = new URL(window.location.href);
-  const redirectUrl = url.searchParams.get("auto-redirect-url");
-  if (redirectUrl) {
-    const urlObject = new URL(redirectUrl);
-    if (urlObject.origin !== window.location.origin) {
-      throw new Error("auto-redirect-url is not same origin (" + urlObject.origin + " !== " + window.location.origin + ")");
-    }
-    url.searchParams.delete("auto-redirect-url");
-    window.location.replace(urlObject.href);
-  }
-}
+import { StackAssertionError } from "@stackframe/stack-shared/dist/utils/errors";
+

 export function constructRedirectUrl(redirectUrl: URL | string | undefined) {
+  // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
+  if (typeof window === 'undefined' || !window.location) {
+    throw new StackAssertionError("Attempted to call constructRedirectUrl in a non-browser environment. You may be able to fix this by passing the `callbackUrl` option with your function call.", { redirectUrl });
+  }
+
  const retainedQueryParams = ["after_auth_return_to"];
  const currentUrl = new URL(window.location.href);
  const url = redirectUrl ? new URL(redirectUrl, window.location.href) : new URL(window.location.href);