@adakrpos/auth 0.0.1

package/__tests__/hono.test.ts

@@ -0,0 +1,173 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+import { Hono } from "hono";
+
+import { clearApiKeyCache } from "../src/cache";
+import { adakrposAuth, getAuth, requireAuth } from "../src/hono";
+
+const config = {
+  apiKey: "ak_test",
+  authUrl: "https://example.com",
+};
+
+const validSession = {
+  user: {
+    id: "user_123",
+    email: "user@example.com",
+    verifiedEmail: "verified@example.com",
+    nickname: "ada",
+    name: "Ada Lovelace",
+    profilePhotoUrl: null,
+    bio: null,
+    contact: null,
+    snsLinks: {},
+    isVerified: true,
+    createdAt: 1,
+    updatedAt: 2,
+  },
+  session: {
+    id: "session_123",
+    userId: "user_123",
+    expiresAt: 10,
+    createdAt: 5,
+  },
+};
+
+describe("Hono middleware", () => {
+  beforeEach(() => {
+    clearApiKeyCache();
+  });
+
+  afterEach(() => {
+    clearApiKeyCache();
+    vi.restoreAllMocks();
+  });
+
+  it("sets the auth function on context", async () => {
+    const app = new Hono();
+
+    app.use("*", adakrposAuth(config));
+    app.get("/", (c) => c.json({ hasAuth: typeof c.get("auth") === "function" }));
+
+    const response = await app.request("http://localhost/");
+
+    expect(response.status).toBe(200);
+    expect(await response.json()).toEqual({ hasAuth: true });
+  });
+
+  it("returns an unauthenticated context when no session cookie is present", async () => {
+    const fetchSpy = vi.spyOn(global, "fetch");
+    const app = new Hono();
+
+    app.use("*", adakrposAuth(config));
+    app.get("/", async (c) => c.json(await getAuth(c)));
+
+    const response = await app.request("http://localhost/");
+
+    expect(response.status).toBe(200);
+    expect(await response.json()).toEqual({
+      user: null,
+      session: null,
+      isAuthenticated: false,
+    });
+    expect(fetchSpy).not.toHaveBeenCalled();
+  });
+
+  it("returns an authenticated context when the session is valid", async () => {
+    const fetchSpy = vi.spyOn(global, "fetch").mockResolvedValue(
+      new Response(JSON.stringify(validSession), { status: 200 }),
+    );
+    const app = new Hono();
+
+    app.use("*", adakrposAuth(config));
+    app.get("/", async (c) => c.json(await getAuth(c)));
+
+    const response = await app.request("http://localhost/", {
+      headers: { Cookie: "adakrpos_session=session_123" },
+    });
+
+    expect(response.status).toBe(200);
+    expect(await response.json()).toEqual({
+      ...validSession,
+      isAuthenticated: true,
+    });
+    expect(fetchSpy).toHaveBeenCalledWith(
+      "https://example.com/api/sdk/verify-session",
+      expect.objectContaining({
+        method: "POST",
+        body: JSON.stringify({ sessionId: "session_123" }),
+      }),
+    );
+  });
+
+  it("returns 401 when auth is required and no session exists", async () => {
+    const app = new Hono();
+
+    app.use("*", requireAuth(config));
+    app.get("/", (c) => c.text("ok"));
+
+    const response = await app.request("http://localhost/");
+
+    expect(response.status).toBe(401);
+    expect(await response.json()).toEqual({ error: "Unauthorized" });
+  });
+
+  it("allows authenticated requests through requireAuth", async () => {
+    const fetchSpy = vi.spyOn(global, "fetch").mockResolvedValue(
+      new Response(JSON.stringify(validSession), { status: 200 }),
+    );
+    const app = new Hono();
+
+    app.use("*", requireAuth(config));
+    app.get("/", async (c) => c.json(await getAuth(c)));
+
+    const response = await app.request("http://localhost/", {
+      headers: { Cookie: "adakrpos_session=session_123" },
+    });
+
+    expect(response.status).toBe(200);
+    expect(await response.json()).toEqual({
+      ...validSession,
+      isAuthenticated: true,
+    });
+    expect(fetchSpy).toHaveBeenCalledTimes(1);
+  });
+
+  it("does not call the auth server until getAuth is invoked", async () => {
+    const fetchSpy = vi.spyOn(global, "fetch").mockResolvedValue(
+      new Response(JSON.stringify(validSession), { status: 200 }),
+    );
+    const app = new Hono();
+
+    app.use("*", adakrposAuth(config));
+    app.get("/", (c) => c.text("ok"));
+
+    const response = await app.request("http://localhost/", {
+      headers: { Cookie: "adakrpos_session=session_123" },
+    });
+
+    expect(response.status).toBe(200);
+    expect(await response.text()).toBe("ok");
+    expect(fetchSpy).not.toHaveBeenCalled();
+  });
+
+  it("calls the auth server when getAuth is invoked", async () => {
+    const fetchSpy = vi.spyOn(global, "fetch").mockResolvedValue(
+      new Response(JSON.stringify(validSession), { status: 200 }),
+    );
+    const app = new Hono();
+
+    app.use("*", adakrposAuth(config));
+    app.get("/", async (c) => {
+      await getAuth(c);
+      return c.text("ok");
+    });
+
+    const response = await app.request("http://localhost/", {
+      headers: { Cookie: "adakrpos_session=session_123" },
+    });
+
+    expect(response.status).toBe(200);
+    expect(await response.text()).toBe("ok");
+    expect(fetchSpy).toHaveBeenCalledTimes(1);
+  });
+});

package/dist/client-Dd5DjxzG.d.mts

@@ -0,0 +1,64 @@
+interface AdakrposUser {
+    id: string;
+    email: string | null;
+    verifiedEmail: string | null;
+    nickname: string | null;
+    name: string | null;
+    profilePhotoUrl: string | null;
+    bio: string | null;
+    contact: string | null;
+    snsLinks: Record<string, string>;
+    isVerified: boolean;
+    createdAt: number;
+    updatedAt: number;
+}
+interface AdakrposSession {
+    id: string;
+    userId: string;
+    expiresAt: number;
+    createdAt: number;
+}
+interface AdakrposAuthContext {
+    user: AdakrposUser;
+    session: AdakrposSession;
+    isAuthenticated: true;
+}
+interface AdakrposUnauthContext {
+    user: null;
+    session: null;
+    isAuthenticated: false;
+}
+type AuthContext = AdakrposAuthContext | AdakrposUnauthContext;
+interface DeveloperApp {
+    id: string;
+    userId: string;
+    name: string;
+    description: string | null;
+    apiKeyPrefix: string;
+    redirectUrls: string[];
+    isActive: boolean;
+    createdAt: number;
+    updatedAt: number;
+}
+interface ApiKeyInfo {
+    appId: string;
+    userId: string;
+    prefix: string;
+    isActive: boolean;
+}
+
+interface AdakrposAuthConfig {
+    apiKey: string;
+    authUrl?: string;
+}
+interface AdakrposAuthClient {
+    verifySession(sessionId: string): Promise<{
+        user: AdakrposUser;
+        session: AdakrposSession;
+    } | null>;
+    getUser(userId: string): Promise<AdakrposUser | null>;
+    getCurrentUser(sessionId: string): Promise<AdakrposUser | null>;
+}
+declare function createAdakrposAuth(config: AdakrposAuthConfig): AdakrposAuthClient;
+
+export { type AuthContext as A, type DeveloperApp as D, type AdakrposAuthConfig as a, type AdakrposAuthClient as b, type AdakrposAuthContext as c, type AdakrposSession as d, type AdakrposUnauthContext as e, type AdakrposUser as f, type ApiKeyInfo as g, createAdakrposAuth as h };

package/dist/client-Dd5DjxzG.d.ts

@@ -0,0 +1,64 @@
+interface AdakrposUser {
+    id: string;
+    email: string | null;
+    verifiedEmail: string | null;
+    nickname: string | null;
+    name: string | null;
+    profilePhotoUrl: string | null;
+    bio: string | null;
+    contact: string | null;
+    snsLinks: Record<string, string>;
+    isVerified: boolean;
+    createdAt: number;
+    updatedAt: number;
+}
+interface AdakrposSession {
+    id: string;
+    userId: string;
+    expiresAt: number;
+    createdAt: number;
+}
+interface AdakrposAuthContext {
+    user: AdakrposUser;
+    session: AdakrposSession;
+    isAuthenticated: true;
+}
+interface AdakrposUnauthContext {
+    user: null;
+    session: null;
+    isAuthenticated: false;
+}
+type AuthContext = AdakrposAuthContext | AdakrposUnauthContext;
+interface DeveloperApp {
+    id: string;
+    userId: string;
+    name: string;
+    description: string | null;
+    apiKeyPrefix: string;
+    redirectUrls: string[];
+    isActive: boolean;
+    createdAt: number;
+    updatedAt: number;
+}
+interface ApiKeyInfo {
+    appId: string;
+    userId: string;
+    prefix: string;
+    isActive: boolean;
+}
+
+interface AdakrposAuthConfig {
+    apiKey: string;
+    authUrl?: string;
+}
+interface AdakrposAuthClient {
+    verifySession(sessionId: string): Promise<{
+        user: AdakrposUser;
+        session: AdakrposSession;
+    } | null>;
+    getUser(userId: string): Promise<AdakrposUser | null>;
+    getCurrentUser(sessionId: string): Promise<AdakrposUser | null>;
+}
+declare function createAdakrposAuth(config: AdakrposAuthConfig): AdakrposAuthClient;
+
+export { type AuthContext as A, type DeveloperApp as D, type AdakrposAuthConfig as a, type AdakrposAuthClient as b, type AdakrposAuthContext as c, type AdakrposSession as d, type AdakrposUnauthContext as e, type AdakrposUser as f, type ApiKeyInfo as g, createAdakrposAuth as h };

package/dist/express.d.mts

@@ -0,0 +1,13 @@
+import { A as AuthContext, a as AdakrposAuthConfig } from './client-Dd5DjxzG.mjs';
+
+declare global {
+    namespace Express {
+        interface Request {
+            auth?: () => Promise<AuthContext>;
+        }
+    }
+}
+declare function adakrposAuthExpress(config: AdakrposAuthConfig): (req: any, res: any, next: any) => Promise<void>;
+declare function requireAuthExpress(config: AdakrposAuthConfig): (req: any, res: any, next: any) => Promise<any>;
+
+export { adakrposAuthExpress, requireAuthExpress };

package/dist/express.d.ts

@@ -0,0 +1,13 @@
+import { A as AuthContext, a as AdakrposAuthConfig } from './client-Dd5DjxzG.js';
+
+declare global {
+    namespace Express {
+        interface Request {
+            auth?: () => Promise<AuthContext>;
+        }
+    }
+}
+declare function adakrposAuthExpress(config: AdakrposAuthConfig): (req: any, res: any, next: any) => Promise<void>;
+declare function requireAuthExpress(config: AdakrposAuthConfig): (req: any, res: any, next: any) => Promise<any>;
+
+export { adakrposAuthExpress, requireAuthExpress };

package/dist/express.js

@@ -0,0 +1,173 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/express.ts
+var express_exports = {};
+__export(express_exports, {
+  adakrposAuthExpress: () => adakrposAuthExpress,
+  requireAuthExpress: () => requireAuthExpress
+});
+module.exports = __toCommonJS(express_exports);
+
+// src/cache.ts
+var cache = /* @__PURE__ */ new Map();
+var DEFAULT_CACHE_TTL_MS = 3e4;
+function getCachedApiKeyValidity(apiKey) {
+  const entry = cache.get(apiKey);
+  if (!entry) {
+    return null;
+  }
+  if (Date.now() > entry.expiresAt) {
+    cache.delete(apiKey);
+    return null;
+  }
+  return entry.valid;
+}
+function setCachedApiKeyValidity(apiKey, valid, ttlMs = DEFAULT_CACHE_TTL_MS) {
+  cache.set(apiKey, {
+    valid,
+    expiresAt: Date.now() + ttlMs
+  });
+}
+
+// src/client.ts
+var DEFAULT_AUTH_URL = "https://ada-kr-pos.com";
+function createUrl(baseUrl, path) {
+  return new URL(path, baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`).toString();
+}
+async function parseJson(response) {
+  return await response.json();
+}
+function createAdakrposAuth(config) {
+  const baseUrl = config.authUrl ?? DEFAULT_AUTH_URL;
+  const apiKey = config.apiKey;
+  async function request(path, init, options = {}) {
+    if (getCachedApiKeyValidity(apiKey) === false) {
+      return null;
+    }
+    const response = await fetch(createUrl(baseUrl, path), {
+      ...init,
+      headers: {
+        Authorization: `Bearer ${apiKey}`,
+        ...init.body ? { "Content-Type": "application/json" } : {},
+        ...init.headers
+      }
+    });
+    if (response.status === 401 || response.status === 403) {
+      setCachedApiKeyValidity(apiKey, false);
+      return null;
+    }
+    setCachedApiKeyValidity(apiKey, true);
+    if (response.status === 404 && options.returnNullOnNotFound) {
+      return null;
+    }
+    if (!response.ok) {
+      throw new Error(`Adakrpos auth request failed with status ${response.status}`);
+    }
+    return parseJson(response);
+  }
+  return {
+    async verifySession(sessionId) {
+      return request(
+        "/api/sdk/verify-session",
+        {
+          method: "POST",
+          body: JSON.stringify({ sessionId })
+        },
+        { returnNullOnNotFound: true }
+      );
+    },
+    async getUser(userId) {
+      return request(`/api/sdk/users/${encodeURIComponent(userId)}`, {
+        method: "GET"
+      }, { returnNullOnNotFound: true });
+    },
+    async getCurrentUser(sessionId) {
+      const result = await this.verifySession(sessionId);
+      return result?.user ?? null;
+    }
+  };
+}
+
+// src/express.ts
+var UNAUTH_CONTEXT = {
+  user: null,
+  session: null,
+  isAuthenticated: false
+};
+function getSessionId(cookieHeader) {
+  const sessionMatch = cookieHeader.match(/(?:^|;\s*)adakrpos_session=([^;]+)/);
+  if (!sessionMatch) {
+    return null;
+  }
+  try {
+    return decodeURIComponent(sessionMatch[1]);
+  } catch {
+    return sessionMatch[1];
+  }
+}
+function createAuthFn(client, sessionId) {
+  let authPromise;
+  return async () => {
+    if (!authPromise) {
+      authPromise = (async () => {
+        if (!sessionId) {
+          return UNAUTH_CONTEXT;
+        }
+        const result = await client.verifySession(sessionId);
+        if (!result) {
+          return UNAUTH_CONTEXT;
+        }
+        return {
+          user: result.user,
+          session: result.session,
+          isAuthenticated: true
+        };
+      })();
+    }
+    return authPromise;
+  };
+}
+function adakrposAuthExpress(config) {
+  const client = createAdakrposAuth(config);
+  return async (req, res, next) => {
+    const cookieHeader = req.headers?.cookie ?? "";
+    const sessionId = getSessionId(cookieHeader);
+    req.auth = createAuthFn(client, sessionId);
+    next();
+  };
+}
+function requireAuthExpress(config) {
+  const client = createAdakrposAuth(config);
+  return async (req, res, next) => {
+    const cookieHeader = req.headers?.cookie ?? "";
+    const sessionId = getSessionId(cookieHeader);
+    req.auth = createAuthFn(client, sessionId);
+    const auth = await req.auth();
+    if (!auth?.isAuthenticated) {
+      return res.status(401).json({ error: "Unauthorized" });
+    }
+    next();
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  adakrposAuthExpress,
+  requireAuthExpress
+});

package/dist/express.mjs

@@ -0,0 +1,145 @@
+// src/cache.ts
+var cache = /* @__PURE__ */ new Map();
+var DEFAULT_CACHE_TTL_MS = 3e4;
+function getCachedApiKeyValidity(apiKey) {
+  const entry = cache.get(apiKey);
+  if (!entry) {
+    return null;
+  }
+  if (Date.now() > entry.expiresAt) {
+    cache.delete(apiKey);
+    return null;
+  }
+  return entry.valid;
+}
+function setCachedApiKeyValidity(apiKey, valid, ttlMs = DEFAULT_CACHE_TTL_MS) {
+  cache.set(apiKey, {
+    valid,
+    expiresAt: Date.now() + ttlMs
+  });
+}
+
+// src/client.ts
+var DEFAULT_AUTH_URL = "https://ada-kr-pos.com";
+function createUrl(baseUrl, path) {
+  return new URL(path, baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`).toString();
+}
+async function parseJson(response) {
+  return await response.json();
+}
+function createAdakrposAuth(config) {
+  const baseUrl = config.authUrl ?? DEFAULT_AUTH_URL;
+  const apiKey = config.apiKey;
+  async function request(path, init, options = {}) {
+    if (getCachedApiKeyValidity(apiKey) === false) {
+      return null;
+    }
+    const response = await fetch(createUrl(baseUrl, path), {
+      ...init,
+      headers: {
+        Authorization: `Bearer ${apiKey}`,
+        ...init.body ? { "Content-Type": "application/json" } : {},
+        ...init.headers
+      }
+    });
+    if (response.status === 401 || response.status === 403) {
+      setCachedApiKeyValidity(apiKey, false);
+      return null;
+    }
+    setCachedApiKeyValidity(apiKey, true);
+    if (response.status === 404 && options.returnNullOnNotFound) {
+      return null;
+    }
+    if (!response.ok) {
+      throw new Error(`Adakrpos auth request failed with status ${response.status}`);
+    }
+    return parseJson(response);
+  }
+  return {
+    async verifySession(sessionId) {
+      return request(
+        "/api/sdk/verify-session",
+        {
+          method: "POST",
+          body: JSON.stringify({ sessionId })
+        },
+        { returnNullOnNotFound: true }
+      );
+    },
+    async getUser(userId) {
+      return request(`/api/sdk/users/${encodeURIComponent(userId)}`, {
+        method: "GET"
+      }, { returnNullOnNotFound: true });
+    },
+    async getCurrentUser(sessionId) {
+      const result = await this.verifySession(sessionId);
+      return result?.user ?? null;
+    }
+  };
+}
+
+// src/express.ts
+var UNAUTH_CONTEXT = {
+  user: null,
+  session: null,
+  isAuthenticated: false
+};
+function getSessionId(cookieHeader) {
+  const sessionMatch = cookieHeader.match(/(?:^|;\s*)adakrpos_session=([^;]+)/);
+  if (!sessionMatch) {
+    return null;
+  }
+  try {
+    return decodeURIComponent(sessionMatch[1]);
+  } catch {
+    return sessionMatch[1];
+  }
+}
+function createAuthFn(client, sessionId) {
+  let authPromise;
+  return async () => {
+    if (!authPromise) {
+      authPromise = (async () => {
+        if (!sessionId) {
+          return UNAUTH_CONTEXT;
+        }
+        const result = await client.verifySession(sessionId);
+        if (!result) {
+          return UNAUTH_CONTEXT;
+        }
+        return {
+          user: result.user,
+          session: result.session,
+          isAuthenticated: true
+        };
+      })();
+    }
+    return authPromise;
+  };
+}
+function adakrposAuthExpress(config) {
+  const client = createAdakrposAuth(config);
+  return async (req, res, next) => {
+    const cookieHeader = req.headers?.cookie ?? "";
+    const sessionId = getSessionId(cookieHeader);
+    req.auth = createAuthFn(client, sessionId);
+    next();
+  };
+}
+function requireAuthExpress(config) {
+  const client = createAdakrposAuth(config);
+  return async (req, res, next) => {
+    const cookieHeader = req.headers?.cookie ?? "";
+    const sessionId = getSessionId(cookieHeader);
+    req.auth = createAuthFn(client, sessionId);
+    const auth = await req.auth();
+    if (!auth?.isAuthenticated) {
+      return res.status(401).json({ error: "Unauthorized" });
+    }
+    next();
+  };
+}
+export {
+  adakrposAuthExpress,
+  requireAuthExpress
+};

package/dist/generic.d.mts

@@ -0,0 +1,5 @@
+import { a as AdakrposAuthConfig, A as AuthContext } from './client-Dd5DjxzG.mjs';
+
+declare function verifyRequest(request: Request, config: AdakrposAuthConfig): Promise<AuthContext>;
+
+export { verifyRequest };

package/dist/generic.d.ts

@@ -0,0 +1,5 @@
+import { a as AdakrposAuthConfig, A as AuthContext } from './client-Dd5DjxzG.js';
+
+declare function verifyRequest(request: Request, config: AdakrposAuthConfig): Promise<AuthContext>;
+
+export { verifyRequest };