feat(auth-next): add default auth without examples changes (#2795)

Co-authored-by: Cursor <cursoragent@cursor.com>

Author: rodrigo-fournier-immutable

.syncpackrc

@@ -13,6 +13,13 @@
       "dependencyTypes": ["peer"],
       "packages": ["@imtbl/auth-next-server", "@imtbl/auth-next-client", "@imtbl/sdk"],
       "isIgnored": true
+    },
+    {
+      "label": "Allow Next.js version flexibility in auth-next devDependencies",
+      "dependencies": ["next"],
+      "dependencyTypes": ["dev"],
+      "packages": ["@imtbl/auth-next-server", "@imtbl/auth-next-client"],
+      "isIgnored": true
     }
   ]
 }

packages/auth-next-client/README.md

@@ -27,6 +27,10 @@ npm install @imtbl/auth-next-client @imtbl/auth-next-server next-auth@5
 - `next` >= 14.0.0
 - `next-auth` >= 5.0.0-beta.25
 
+### Next.js 14 Compatibility
+
+This package is compatible with both Next.js 14 and 15. It uses only standard APIs available in both versions (`next/navigation` for `useRouter`, `next-auth/react`). No Next.js 15-only APIs are used.
+
 ## Quick Start
 
 ### 1. Set Up Server-Side Auth
@@ -100,6 +104,42 @@ export default function Callback() {
 }
 ```
 
+### Default Auth (Zero Config)
+
+When using `createAuthConfig()` with no args on the server, you can call login/logout with no config—sandbox clientId and redirectUri are used:
+
+```tsx
+// With default auth - no config needed
+function LoginButton() {
+  const { isAuthenticated } = useImmutableSession();
+  const { loginWithPopup, isLoggingIn, error } = useLogin();
+
+  if (isAuthenticated) return <p>You are logged in!</p>;
+
+  return (
+    <button onClick={() => loginWithPopup()} disabled={isLoggingIn}>
+      {isLoggingIn ? "Signing in..." : "Sign In"}
+    </button>
+  );
+}
+```
+
+Or with custom config (pass full LoginConfig/LogoutConfig when overriding):
+
+```tsx
+// With custom config - pass complete config
+loginWithPopup({
+  clientId: process.env.NEXT_PUBLIC_IMMUTABLE_CLIENT_ID!,
+  redirectUri: `${window.location.origin}/callback`,
+});
+logout({
+  clientId: process.env.NEXT_PUBLIC_IMMUTABLE_CLIENT_ID!,
+  logoutRedirectUri: process.env.NEXT_PUBLIC_BASE_URL!,
+});
+```
+
+See the [wallets-connect-with-nextjs](../../examples/passport/wallets-connect-with-nextjs) example for a full integration with `@imtbl/wallet`.
+
 ### 5. Add Login Button
 
 Use the `useLogin` hook for login flows with built-in state management:

packages/auth-next-client/package.json

@@ -40,7 +40,7 @@
     "@imtbl/auth-next-server": "workspace:*"
   },
   "peerDependencies": {
-    "next": "^15.0.0",
+    "next": "^14.0.0 || ^15.0.0",
     "next-auth": "^5.0.0-beta.25",
     "react": "^18.2.0 || ^19.0.0"
   },
@@ -65,7 +65,7 @@
     "@types/react": "^18.3.5",
     "eslint": "^8.56.0",
     "jest": "^29.7.0",
-    "next": "^15.1.6",
+    "next": "^15.2.6",
     "next-auth": "^5.0.0-beta.30",
     "react": "^18.2.0",
     "tsup": "^8.3.0",

packages/auth-next-client/src/constants.ts

@@ -1,45 +1,16 @@
 /**
- * Shared constants for @imtbl/auth-next-client
+ * Client-side constants for @imtbl/auth-next-client.
+ * Defined locally to avoid importing from auth-next-server (which uses next/server).
+ * Values must stay in sync with auth-next-server constants.
  */
 
-/**
- * Default Immutable authentication domain
- */
 export const DEFAULT_AUTH_DOMAIN = 'https://auth.immutable.com';
-
-/**
- * Default OAuth audience
- */
 export const DEFAULT_AUDIENCE = 'platform_api';
-
-/**
- * Default OAuth scopes
- */
 export const DEFAULT_SCOPE = 'openid profile email offline_access transact';
-
-/**
- * NextAuth credentials provider ID for Immutable
- */
 export const IMMUTABLE_PROVIDER_ID = 'immutable';
-
-/**
- * Default NextAuth API base path
- */
 export const DEFAULT_NEXTAUTH_BASE_PATH = '/api/auth';
-
-/**
- * Default token expiry in seconds (15 minutes)
- * Used as fallback when exp claim cannot be extracted from JWT
- */
-export const DEFAULT_TOKEN_EXPIRY_SECONDS = 900;
-
-/**
- * Default token expiry in milliseconds
- */
-export const DEFAULT_TOKEN_EXPIRY_MS = DEFAULT_TOKEN_EXPIRY_SECONDS * 1000;
-
-/**
- * Buffer time in milliseconds before token expiry to trigger refresh.
- * Matches TOKEN_EXPIRY_BUFFER_SECONDS (60s) in @imtbl/auth-next-server.
- */
-export const TOKEN_EXPIRY_BUFFER_MS = 60 * 1000;
+export const DEFAULT_SANDBOX_CLIENT_ID = 'mjtCL8mt06BtbxSkp2vbrYStKWnXVZfo';
+export const DEFAULT_REDIRECT_URI_PATH = '/callback';
+export const DEFAULT_LOGOUT_REDIRECT_URI_PATH = '/';
+export const DEFAULT_TOKEN_EXPIRY_MS = 900_000;
+export const TOKEN_EXPIRY_BUFFER_MS = 60_000;

packages/auth-next-client/src/defaultConfig.ts

@@ -0,0 +1,19 @@
+/**
+ * Sandbox default redirect URI for zero-config mode.
+ * Defined locally to avoid importing from auth-next-server (which uses next/server).
+ * OAuth requires an absolute URL; this runs in the browser when login is invoked.
+ *
+ * @internal
+ */
+
+import { DEFAULT_REDIRECT_URI_PATH } from './constants';
+
+export function deriveDefaultRedirectUri(): string {
+  if (typeof window === 'undefined') {
+    throw new Error(
+      '[auth-next-client] deriveDefaultRedirectUri requires window. '
+      + 'Login hooks run in the browser when the user triggers login.',
+    );
+  }
+  return `${window.location.origin}${DEFAULT_REDIRECT_URI_PATH}`;
+}

packages/auth-next-client/src/hooks.test.tsx

@@ -23,6 +23,10 @@ jest.mock('@imtbl/auth', () => ({
   logoutWithRedirect: jest.fn(),
 }));
 
+jest.mock('./defaultConfig', () => ({
+  deriveDefaultRedirectUri: jest.fn(() => 'http://localhost:3000/callback'),
+}));
+
 import { useImmutableSession } from './hooks';
 
 // ---------------------------------------------------------------------------