@adakrpos/auth 0.0.1

package/dist/index.js

@@ -0,0 +1,118 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  clearApiKeyCache: () => clearApiKeyCache,
+  createAdakrposAuth: () => createAdakrposAuth,
+  getCachedApiKeyValidity: () => getCachedApiKeyValidity,
+  setCachedApiKeyValidity: () => setCachedApiKeyValidity
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/cache.ts
+var cache = /* @__PURE__ */ new Map();
+var DEFAULT_CACHE_TTL_MS = 3e4;
+function getCachedApiKeyValidity(apiKey) {
+  const entry = cache.get(apiKey);
+  if (!entry) {
+    return null;
+  }
+  if (Date.now() > entry.expiresAt) {
+    cache.delete(apiKey);
+    return null;
+  }
+  return entry.valid;
+}
+function setCachedApiKeyValidity(apiKey, valid, ttlMs = DEFAULT_CACHE_TTL_MS) {
+  cache.set(apiKey, {
+    valid,
+    expiresAt: Date.now() + ttlMs
+  });
+}
+function clearApiKeyCache() {
+  cache.clear();
+}
+
+// src/client.ts
+var DEFAULT_AUTH_URL = "https://ada-kr-pos.com";
+function createUrl(baseUrl, path) {
+  return new URL(path, baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`).toString();
+}
+async function parseJson(response) {
+  return await response.json();
+}
+function createAdakrposAuth(config) {
+  const baseUrl = config.authUrl ?? DEFAULT_AUTH_URL;
+  const apiKey = config.apiKey;
+  async function request(path, init, options = {}) {
+    if (getCachedApiKeyValidity(apiKey) === false) {
+      return null;
+    }
+    const response = await fetch(createUrl(baseUrl, path), {
+      ...init,
+      headers: {
+        Authorization: `Bearer ${apiKey}`,
+        ...init.body ? { "Content-Type": "application/json" } : {},
+        ...init.headers
+      }
+    });
+    if (response.status === 401 || response.status === 403) {
+      setCachedApiKeyValidity(apiKey, false);
+      return null;
+    }
+    setCachedApiKeyValidity(apiKey, true);
+    if (response.status === 404 && options.returnNullOnNotFound) {
+      return null;
+    }
+    if (!response.ok) {
+      throw new Error(`Adakrpos auth request failed with status ${response.status}`);
+    }
+    return parseJson(response);
+  }
+  return {
+    async verifySession(sessionId) {
+      return request(
+        "/api/sdk/verify-session",
+        {
+          method: "POST",
+          body: JSON.stringify({ sessionId })
+        },
+        { returnNullOnNotFound: true }
+      );
+    },
+    async getUser(userId) {
+      return request(`/api/sdk/users/${encodeURIComponent(userId)}`, {
+        method: "GET"
+      }, { returnNullOnNotFound: true });
+    },
+    async getCurrentUser(sessionId) {
+      const result = await this.verifySession(sessionId);
+      return result?.user ?? null;
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  clearApiKeyCache,
+  createAdakrposAuth,
+  getCachedApiKeyValidity,
+  setCachedApiKeyValidity
+});

package/dist/index.mjs

@@ -0,0 +1,88 @@
+// src/cache.ts
+var cache = /* @__PURE__ */ new Map();
+var DEFAULT_CACHE_TTL_MS = 3e4;
+function getCachedApiKeyValidity(apiKey) {
+  const entry = cache.get(apiKey);
+  if (!entry) {
+    return null;
+  }
+  if (Date.now() > entry.expiresAt) {
+    cache.delete(apiKey);
+    return null;
+  }
+  return entry.valid;
+}
+function setCachedApiKeyValidity(apiKey, valid, ttlMs = DEFAULT_CACHE_TTL_MS) {
+  cache.set(apiKey, {
+    valid,
+    expiresAt: Date.now() + ttlMs
+  });
+}
+function clearApiKeyCache() {
+  cache.clear();
+}
+
+// src/client.ts
+var DEFAULT_AUTH_URL = "https://ada-kr-pos.com";
+function createUrl(baseUrl, path) {
+  return new URL(path, baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`).toString();
+}
+async function parseJson(response) {
+  return await response.json();
+}
+function createAdakrposAuth(config) {
+  const baseUrl = config.authUrl ?? DEFAULT_AUTH_URL;
+  const apiKey = config.apiKey;
+  async function request(path, init, options = {}) {
+    if (getCachedApiKeyValidity(apiKey) === false) {
+      return null;
+    }
+    const response = await fetch(createUrl(baseUrl, path), {
+      ...init,
+      headers: {
+        Authorization: `Bearer ${apiKey}`,
+        ...init.body ? { "Content-Type": "application/json" } : {},
+        ...init.headers
+      }
+    });
+    if (response.status === 401 || response.status === 403) {
+      setCachedApiKeyValidity(apiKey, false);
+      return null;
+    }
+    setCachedApiKeyValidity(apiKey, true);
+    if (response.status === 404 && options.returnNullOnNotFound) {
+      return null;
+    }
+    if (!response.ok) {
+      throw new Error(`Adakrpos auth request failed with status ${response.status}`);
+    }
+    return parseJson(response);
+  }
+  return {
+    async verifySession(sessionId) {
+      return request(
+        "/api/sdk/verify-session",
+        {
+          method: "POST",
+          body: JSON.stringify({ sessionId })
+        },
+        { returnNullOnNotFound: true }
+      );
+    },
+    async getUser(userId) {
+      return request(`/api/sdk/users/${encodeURIComponent(userId)}`, {
+        method: "GET"
+      }, { returnNullOnNotFound: true });
+    },
+    async getCurrentUser(sessionId) {
+      const result = await this.verifySession(sessionId);
+      return result?.user ?? null;
+    }
+  };
+}
+export {
+  clearApiKeyCache,
+  createAdakrposAuth,
+  getCachedApiKeyValidity,
+  setCachedApiKeyValidity
+};

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "@adakrpos/auth",
+  "version": "0.0.1",
+  "type": "commonjs",
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js",
+      "default": "./dist/index.mjs"
+    },
+    "./hono": {
+      "types": "./dist/hono.d.ts",
+      "import": "./dist/hono.mjs",
+      "require": "./dist/hono.js",
+      "default": "./dist/hono.mjs"
+    },
+    "./express": {
+      "types": "./dist/express.d.ts",
+      "import": "./dist/express.mjs",
+      "require": "./dist/express.js",
+      "default": "./dist/express.mjs"
+    },
+    "./generic": {
+      "types": "./dist/generic.d.ts",
+      "import": "./dist/generic.mjs",
+      "require": "./dist/generic.js",
+      "default": "./dist/generic.mjs"
+    }
+  },
+  "scripts": {
+    "build": "tsup",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run"
+  },
+  "devDependencies": {
+    "hono": "^4.12.7",
+    "tsup": "^8.4.0",
+    "typescript": "^5.7.3",
+    "vitest": "^3.0.5"
+  },
+  "peerDependencies": {
+    "hono": ">=4.0.0"
+  }
+}

package/src/cache.ts

@@ -0,0 +1,38 @@
+interface CacheEntry {
+  valid: boolean;
+  expiresAt: number;
+}
+
+const cache = new Map<string, CacheEntry>();
+
+export const DEFAULT_CACHE_TTL_MS = 30_000;
+
+export function getCachedApiKeyValidity(apiKey: string): boolean | null {
+  const entry = cache.get(apiKey);
+
+  if (!entry) {
+    return null;
+  }
+
+  if (Date.now() > entry.expiresAt) {
+    cache.delete(apiKey);
+    return null;
+  }
+
+  return entry.valid;
+}
+
+export function setCachedApiKeyValidity(
+  apiKey: string,
+  valid: boolean,
+  ttlMs: number = DEFAULT_CACHE_TTL_MS,
+): void {
+  cache.set(apiKey, {
+    valid,
+    expiresAt: Date.now() + ttlMs,
+  });
+}
+
+export function clearApiKeyCache(): void {
+  cache.clear();
+}

package/src/client.ts

@@ -0,0 +1,93 @@
+import {
+  getCachedApiKeyValidity,
+  setCachedApiKeyValidity,
+} from "./cache";
+import type { AdakrposSession, AdakrposUser } from "./types";
+
+const DEFAULT_AUTH_URL = "https://ada-kr-pos.com";
+
+export interface AdakrposAuthConfig {
+  apiKey: string;
+  authUrl?: string;
+}
+
+export interface AdakrposAuthClient {
+  verifySession(
+    sessionId: string,
+  ): Promise<{ user: AdakrposUser; session: AdakrposSession } | null>;
+  getUser(userId: string): Promise<AdakrposUser | null>;
+  getCurrentUser(sessionId: string): Promise<AdakrposUser | null>;
+}
+
+function createUrl(baseUrl: string, path: string): string {
+  return new URL(path, baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`).toString();
+}
+
+async function parseJson<T>(response: Response): Promise<T> {
+  return (await response.json()) as T;
+}
+
+export function createAdakrposAuth(config: AdakrposAuthConfig): AdakrposAuthClient {
+  const baseUrl = config.authUrl ?? DEFAULT_AUTH_URL;
+  const apiKey = config.apiKey;
+
+  async function request<T>(
+    path: string,
+    init: RequestInit,
+    options: { returnNullOnNotFound?: boolean } = {},
+  ): Promise<T | null> {
+    if (getCachedApiKeyValidity(apiKey) === false) {
+      return null;
+    }
+
+    const response = await fetch(createUrl(baseUrl, path), {
+      ...init,
+      headers: {
+        Authorization: `Bearer ${apiKey}`,
+        ...(init.body ? { "Content-Type": "application/json" } : {}),
+        ...init.headers,
+      },
+    });
+
+    if (response.status === 401 || response.status === 403) {
+      setCachedApiKeyValidity(apiKey, false);
+      return null;
+    }
+
+    setCachedApiKeyValidity(apiKey, true);
+
+    if (response.status === 404 && options.returnNullOnNotFound) {
+      return null;
+    }
+
+    if (!response.ok) {
+      throw new Error(`Adakrpos auth request failed with status ${response.status}`);
+    }
+
+    return parseJson<T>(response);
+  }
+
+  return {
+    async verifySession(sessionId: string) {
+      return request<{ user: AdakrposUser; session: AdakrposSession }>(
+        "/api/sdk/verify-session",
+        {
+          method: "POST",
+          body: JSON.stringify({ sessionId }),
+        },
+        { returnNullOnNotFound: true },
+      );
+    },
+
+    async getUser(userId: string) {
+      return request<AdakrposUser>(`/api/sdk/users/${encodeURIComponent(userId)}`, {
+        method: "GET",
+      }, { returnNullOnNotFound: true });
+    },
+
+    async getCurrentUser(sessionId: string) {
+      const result = await this.verifySession(sessionId);
+      return result?.user ?? null;
+    },
+  };
+}

package/src/express.ts

@@ -0,0 +1,94 @@
+import { createAdakrposAuth } from "./client";
+import type { AdakrposAuthConfig } from "./client";
+import type { AuthContext, AdakrposAuthContext, AdakrposUnauthContext } from "./types";
+
+// Augment Express Request type
+declare global {
+  namespace Express {
+    interface Request {
+      auth?: () => Promise<AuthContext>;
+    }
+  }
+}
+
+const UNAUTH_CONTEXT: AdakrposUnauthContext = {
+  user: null,
+  session: null,
+  isAuthenticated: false,
+};
+
+function getSessionId(cookieHeader: string): string | null {
+  const sessionMatch = cookieHeader.match(/(?:^|;\s*)adakrpos_session=([^;]+)/);
+
+  if (!sessionMatch) {
+    return null;
+  }
+
+  try {
+    return decodeURIComponent(sessionMatch[1]);
+  } catch {
+    return sessionMatch[1];
+  }
+}
+
+function createAuthFn(client: any, sessionId: string | null): () => Promise<AuthContext> {
+  let authPromise: Promise<AuthContext> | undefined;
+
+  return async () => {
+    if (!authPromise) {
+      authPromise = (async () => {
+        if (!sessionId) {
+          return UNAUTH_CONTEXT;
+        }
+
+        const result = await client.verifySession(sessionId);
+
+        if (!result) {
+          return UNAUTH_CONTEXT;
+        }
+
+        return {
+          user: result.user,
+          session: result.session,
+          isAuthenticated: true,
+        } satisfies AdakrposAuthContext;
+      })();
+    }
+
+    return authPromise;
+  };
+}
+
+// Express middleware — attaches lazy auth function to req
+export function adakrposAuthExpress(config: AdakrposAuthConfig) {
+  const client = createAdakrposAuth(config);
+
+  return async (req: any, res: any, next: any) => {
+    const cookieHeader = req.headers?.cookie ?? "";
+    const sessionId = getSessionId(cookieHeader);
+
+    // Lazy function — only calls server when invoked
+    req.auth = createAuthFn(client, sessionId);
+
+    next();
+  };
+}
+
+// Express middleware that requires authentication
+export function requireAuthExpress(config: AdakrposAuthConfig) {
+  const client = createAdakrposAuth(config);
+
+  return async (req: any, res: any, next: any) => {
+    const cookieHeader = req.headers?.cookie ?? "";
+    const sessionId = getSessionId(cookieHeader);
+
+    req.auth = createAuthFn(client, sessionId);
+
+    const auth = await req.auth();
+    if (!auth?.isAuthenticated) {
+      return res.status(401).json({ error: "Unauthorized" });
+    }
+
+    next();
+  };
+}

package/src/generic.ts

@@ -0,0 +1,50 @@
+import { createAdakrposAuth } from "./client";
+import type { AdakrposAuthConfig } from "./client";
+import type { AuthContext, AdakrposAuthContext, AdakrposUnauthContext } from "./types";
+
+const UNAUTH_CONTEXT: AdakrposUnauthContext = {
+  user: null,
+  session: null,
+  isAuthenticated: false,
+};
+
+function getSessionId(cookieHeader: string): string | null {
+  const sessionMatch = cookieHeader.match(/(?:^|;\s*)adakrpos_session=([^;]+)/);
+
+  if (!sessionMatch) {
+    return null;
+  }
+
+  try {
+    return decodeURIComponent(sessionMatch[1]);
+  } catch {
+    return sessionMatch[1];
+  }
+}
+
+// Framework-agnostic helper using Web standard Request
+// Works with CF Workers, Deno, Bun, and any Web standard environment
+export async function verifyRequest(
+  request: Request,
+  config: AdakrposAuthConfig,
+): Promise<AuthContext> {
+  const client = createAdakrposAuth(config);
+
+  const cookieHeader = request.headers.get("Cookie") ?? "";
+  const sessionId = getSessionId(cookieHeader);
+
+  if (!sessionId) {
+    return UNAUTH_CONTEXT;
+  }
+
+  const result = await client.verifySession(sessionId);
+  if (!result) {
+    return UNAUTH_CONTEXT;
+  }
+
+  return {
+    user: result.user,
+    session: result.session,
+    isAuthenticated: true,
+  } satisfies AdakrposAuthContext;
+}

package/src/hono.ts

@@ -0,0 +1,100 @@
+import type { Context } from "hono";
+import { createMiddleware } from "hono/factory";
+
+import { createAdakrposAuth } from "./client";
+import type { AdakrposAuthClient, AdakrposAuthConfig } from "./client";
+import type { AdakrposAuthContext, AuthContext, AdakrposUnauthContext } from "./types";
+
+type AuthFn = () => Promise<AuthContext>;
+
+declare module "hono" {
+  interface ContextVariableMap {
+    auth: AuthFn;
+  }
+}
+
+const UNAUTH_CONTEXT: AdakrposUnauthContext = {
+  user: null,
+  session: null,
+  isAuthenticated: false,
+};
+
+function getSessionId(cookieHeader: string): string | null {
+  const sessionMatch = cookieHeader.match(/(?:^|;\s*)adakrpos_session=([^;]+)/);
+
+  if (!sessionMatch) {
+    return null;
+  }
+
+  try {
+    return decodeURIComponent(sessionMatch[1]);
+  } catch {
+    return sessionMatch[1];
+  }
+}
+
+function createAuthFn(client: AdakrposAuthClient, sessionId: string | null): AuthFn {
+  let authPromise: Promise<AuthContext> | undefined;
+
+  return async () => {
+    if (!authPromise) {
+      authPromise = (async () => {
+        if (!sessionId) {
+          return UNAUTH_CONTEXT;
+        }
+
+        const result = await client.verifySession(sessionId);
+
+        if (!result) {
+          return UNAUTH_CONTEXT;
+        }
+
+        return {
+          user: result.user,
+          session: result.session,
+          isAuthenticated: true,
+        } satisfies AdakrposAuthContext;
+      })();
+    }
+
+    return authPromise;
+  };
+}
+
+function setAuthContext(c: Context, client: AdakrposAuthClient): void {
+  const cookieHeader = c.req.header("Cookie") ?? "";
+  c.set("auth", createAuthFn(client, getSessionId(cookieHeader)));
+}
+
+export function adakrposAuth(config: AdakrposAuthConfig) {
+  const client = createAdakrposAuth(config);
+
+  return createMiddleware(async (c, next) => {
+    setAuthContext(c, client);
+    await next();
+  });
+}
+
+export async function getAuth(c: Context): Promise<AuthContext> {
+  const authFn = c.get("auth") as AuthFn | undefined;
+
+  if (!authFn) {
+    return UNAUTH_CONTEXT;
+  }
+
+  return authFn();
+}
+
+export function requireAuth(config: AdakrposAuthConfig) {
+  const client = createAdakrposAuth(config);
+
+  return createMiddleware(async (c, next) => {
+    setAuthContext(c, client);
+
+    if (!(await getAuth(c)).isAuthenticated) {
+      return c.json({ error: "Unauthorized" }, 401);
+    }
+
+    await next();
+  });
+}

package/src/index.ts

@@ -0,0 +1,8 @@
+export * from "./types";
+export { createAdakrposAuth } from "./client";
+export type { AdakrposAuthClient, AdakrposAuthConfig } from "./client";
+export {
+  clearApiKeyCache,
+  getCachedApiKeyValidity,
+  setCachedApiKeyValidity,
+} from "./cache";

package/src/types.ts

@@ -0,0 +1,54 @@
+export interface AdakrposUser {
+  id: string;
+  email: string | null;         // Apple email (apple_email column)
+  verifiedEmail: string | null; // pos.idserve.net verified email
+  nickname: string | null;
+  name: string | null;
+  profilePhotoUrl: string | null;
+  bio: string | null;
+  contact: string | null;
+  snsLinks: Record<string, string>;
+  isVerified: boolean;          // true if pos.idserve.net email verified
+  createdAt: number;            // Unix timestamp (milliseconds)
+  updatedAt: number;            // Unix timestamp (milliseconds)
+}
+
+export interface AdakrposSession {
+  id: string;
+  userId: string;
+  expiresAt: number;  // Unix timestamp (milliseconds)
+  createdAt: number;  // Unix timestamp (milliseconds)
+}
+
+export interface AdakrposAuthContext {
+  user: AdakrposUser;
+  session: AdakrposSession;
+  isAuthenticated: true;
+}
+
+export interface AdakrposUnauthContext {
+  user: null;
+  session: null;
+  isAuthenticated: false;
+}
+
+export type AuthContext = AdakrposAuthContext | AdakrposUnauthContext;
+
+export interface DeveloperApp {
+  id: string;
+  userId: string;
+  name: string;
+  description: string | null;
+  apiKeyPrefix: string;  // First 8 chars only (NEVER full key)
+  redirectUrls: string[];
+  isActive: boolean;
+  createdAt: number;
+  updatedAt: number;
+}
+
+export interface ApiKeyInfo {
+  appId: string;
+  userId: string;
+  prefix: string;
+  isActive: boolean;
+}