feat: allow configurable tokens in nextjs app example (#666)

* feat: allow configurable tokens in nextjs app example

* added example for using TokenScopes functions to get token permissions

* update default token scope for nextjs app

* created separate line in the config example comment

* fix: small wording change

examples/web/nextjs-chat/README.md

@@ -18,6 +18,10 @@ First, create a new file called `.env.local` that looks like:
 MOMENTO_AUTH_TOKEN=<Put your token here>
 ```
 
+Second, go to the [config.ts file](./src/app/api/momento/token/config.ts) and configure the scope of permissions and the expiry duration for the tokens that the nextjs app will use to talk to the Momento service. 
+
+For example, you can restrict the permissions for these browser tokens so that they have read-only access or read-write access, and you can also restrict them to specific caches or topics.
+
 Then, run the development server:
 
 ```bash

examples/web/nextjs-chat/package.json

@@ -9,8 +9,8 @@
     "lint": "next lint"
   },
   "dependencies": {
-    "@gomomento/sdk": "^1.26.3",
-    "@gomomento/sdk-web": "^1.26.3",
+    "@gomomento/sdk": "^1.28.0",
+    "@gomomento/sdk-web": "^1.28.0",
     "autoprefixer": "10.4.14",
     "next": "13.4.8",
     "react": "18.2.0",

examples/web/nextjs-chat/src/app/api/momento/token/config.ts

@@ -0,0 +1,49 @@
+import {
+  AllDataReadWrite,
+  ExpiresIn,
+  TopicRole, 
+  CacheRole, 
+  TokenScope, 
+  AllTopics, 
+  AllCaches,
+  TokenScopes
+} from "@gomomento/sdk";
+
+/**
+ * First, set the scope of permissions for your tokens. 
+ * 
+ * AllDataReadWrite provides read and write permissions to all of your caches:
+ *    export const tokenPermissions: TokenScope =  AllDataReadWrite;
+ * 
+ * TokenScopes provides several functions that will return the permissions you
+ * request for a given cache and topic name.
+ *    export const tokenPermissions: TokenScope = TokenScopes.topicPublishSubscribe("your-cache-name", AllTopics);
+ * 
+ * You can also set it to allow subscriptions to topics in all caches if you prefer:
+ *    export const tokenPermissions: TokenScope = TokenScopes.topicPublishSubscribe(AllCaches, AllTopics);
+ * 
+ * You may also provide a bespoke list of permissions for each cache and topic that you have:
+ *    export const tokenPermissions: TokenScope =  {
+ *      permissions: [
+ *        {
+ *          role: CacheRole.ReadWrite | CacheRole.ReadOnly, 
+ *          cache: AllCaches | "your-cache-name"
+ *        },
+ *        {
+ *          role: TopicRole.PublishSubscribe | TopicRole.SubscribeOnly, 
+ *          cache: AllCaches | "your-cache-name",
+ *          topic: AllTopics | "your-topic-name"
+ *        }
+ *      ]
+ *    };
+ * 
+ * More information here: https://docs.momentohq.com/develop/api-reference/auth-tokens#tokenscope-objects
+ */
+export const tokenPermissions: TokenScope = TokenScopes.topicPublishSubscribe(AllCaches, AllTopics);
+
+/**
+ * Second, set the TTL for your tokens in terms of seconds, minutes, hours,  
+ * days, or using epoch format. You may also set tokens to never expire.
+ * More information here: https://docs.momentohq.com/develop/api-reference/auth-tokens#generateauthtoken-api
+ */
+export const tokenExpiresIn: ExpiresIn = ExpiresIn.minutes(30);

examples/web/nextjs-chat/src/app/api/momento/token/route.ts

@@ -1,10 +1,9 @@
 import {
-  AllDataReadWrite,
   AuthClient,
   CredentialProvider,
-  ExpiresIn,
   GenerateAuthToken,
 } from "@gomomento/sdk";
+import { tokenPermissions, tokenExpiresIn } from "./config";
 
 const authClient = new AuthClient({
   credentialProvider: CredentialProvider.fromString({
@@ -15,8 +14,8 @@ const authClient = new AuthClient({
 export const revalidate = 0;
 export async function GET(_request: Request) {
   const generateAuthTokenResponse = await authClient.generateAuthToken(
-    AllDataReadWrite,
-    ExpiresIn.minutes(30),
+    tokenPermissions,
+    tokenExpiresIn,
   );
 
   if (generateAuthTokenResponse instanceof GenerateAuthToken.Success) {