Bug: 405 method not allowed - Middleware + handler don't handle non-GET requests gracefully

[Thinkscape]

Prerequisites

• [X] I have searched the repository’s issues and Kinde community to ensure my issue isn’t a duplicate
• [X] I have checked the latest version of the library to replicate my issue
• [X] I have read the contributing guidelines
• [X] I agree to the terms within the code of conduct

Describe the issue

Steps

1. Have an app with the default kinde middleware protecting most routes.
2. After session is expired
3. Front-end code sends a POST request to one of the api routes (or invoked a server action)
4. Middleware redirects to POST /api/auth/login

Expected

The handler redirects to login, or better yet, allows to handle it otherwise to inform the front-end that session has expired and user needs to be logged in again.

Actual

🔴/api/auth/login?post_login_redirect_url=... 405 Method Not Allowed

Library URL

https://github.com/kinde-oss/kinde-auth-react

Library version

2.2.10

Operating system(s)

macOS

Operating system version(s)

23E224

Further environment details

No response

Reproducible test case URL

No response

Additional information

No response

[Thinkscape]

Poor-man's workaround, which doesn't work well with server actions but might be useful when used with other fetch() wrappers and POST-ing into api routes behind auth middleware.

// /src/app/api/auth/[kindeAuth]/route.ts
import { handleAuth } from "@kinde-oss/kinde-auth-nextjs/server";
import { NextResponse } from "next/server";

export const GET = handleAuth();
export const POST = () =>
  NextResponse.json(
    {
      error: {
        name: "unauthorized",
        message: "Logged out",
        status: 401,
      },
    },
    {
      status: 401,
    },
  );