@akirilyuk/supabase-in-memory-server 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 supabase-in-memory-server contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,240 @@
+# supabase-in-memory-server
+
+npm package **`supabase-in-memory-server`** (formerly **`supabase-jest-mock`**).
+
+In-memory HTTP server that mimics the parts of [Supabase](https://supabase.com/) that `@supabase/supabase-js` talks to: **PostgREST-style REST** (`/rest/v1/...`) and **GoTrue-style auth** (`/auth/v1/...`). Use it in tests or local tooling without a real Supabase project—similar in spirit to an embedded mock, not a separate binary.
+
+The server is implemented as **`MemorySupabaseHttpServer`** (request pipeline, shared `MemoryStore` + `AuthMemory`). **`createMemorySupabaseServer`** starts Node’s `http.Server`, resolves listen address and keys, wires **Winston** logging, and returns a handle you can `close()`.
+
+## Requirements
+
+- Node.js **20.9+** or **22+**
+- Peer dependency: **`@supabase/supabase-js` ^2**
+
+## Install
+
+```bash
+npm install supabase-in-memory-server @supabase/supabase-js
+```
+
+## Quick start (programmatic)
+
+```ts
+import { createClient } from '@supabase/supabase-js';
+import {
+  createMemorySupabaseServer,
+  applyMemorySupabaseEnvToProcess,
+} from 'supabase-in-memory-server';
+
+const srv = await createMemorySupabaseServer({ useEnv: false });
+
+// Optional: expose the same values Supabase apps expect in process.env
+applyMemorySupabaseEnvToProcess(srv);
+
+const anon = createClient(srv.url, srv.anonKey, {
+  auth: { persistSession: false, autoRefreshToken: false },
+});
+
+const { error } = await anon.from('todos').insert({ id: 1, title: 'Buy milk' }).select();
+// ...
+
+await srv.close();
+```
+
+### Convenience: server + anon client
+
+```ts
+import { createTestSupabaseClient } from 'supabase-in-memory-server';
+
+const { client, url, anonKey, serviceRoleKey, store, logger, close } =
+  await createTestSupabaseClient();
+// `client` is already createClient(url, anonKey, { auth: { persistSession: false, ... } })
+
+await close();
+```
+
+### Service role (admin) client
+
+Use the **service role** key for `auth.admin` (e.g. `listUsers`). Never expose this key in browser bundles.
+
+```ts
+import { createClient } from '@supabase/supabase-js';
+import { createMemorySupabaseServer } from 'supabase-in-memory-server';
+
+const srv = await createMemorySupabaseServer({ useEnv: false });
+const admin = createClient(srv.url, srv.serviceRoleKey, {
+  auth: { persistSession: false, autoRefreshToken: false },
+});
+
+const { data, error } = await admin.auth.admin.listUsers({ perPage: 50 });
+await srv.close();
+```
+
+## What you get back from the server
+
+`createMemorySupabaseServer` / `startInMemorySupabaseServer` resolve to an object with:
+
+| Field                | Description                                                                                            |
+| -------------------- | ------------------------------------------------------------------------------------------------------ |
+| **`url`**            | Base URL, e.g. `http://127.0.0.1:<port>`                                                               |
+| **`anonKey`**        | Anon API key (maps to `SUPABASE_ANON_KEY`)                                                             |
+| **`serviceRoleKey`** | Service role / admin key (maps to `SUPABASE_SERVICE_ROLE_KEY`)                                         |
+| **`supabaseKey`**    | Same as `anonKey` (legacy name)                                                                        |
+| **`store`**          | `MemoryStore` — in-memory tables for REST                                                              |
+| **`auth`**           | `AuthMemory` — in-memory users and sessions                                                            |
+| **`server`**         | Node `http.Server`                                                                                     |
+| **`logger`**         | Winston `Logger` — lifecycle + per-request logs (see **Logging** below)                                |
+| **`close()`**        | Stops the server and clears auth state (tables are **not** cleared unless you call `store.clearAll()`) |
+
+## Logging and debug mode
+
+Logging uses **Winston**. Each HTTP request gets a **10-character hex `requestId`**. In **debug** mode you will see:
+
+- **`Incoming request`** — `{ requestId, method, path, query }` when the request enters the pipeline (including **OPTIONS**).
+- **`Request finished`** — `{ requestId, method, path }` in a **`finally`** block when handling completes (success, early return, or error).
+- Handler-level **`debug`** lines for auth and REST (correlated via a **child logger** that carries `requestId` on every line).
+
+**Options**
+
+| Setting                             | Effect                                                                                                                      |
+| ----------------------------------- | --------------------------------------------------------------------------------------------------------------------------- |
+| **`debug: true`** in server options | Root log level `debug`: full request/handler detail.                                                                        |
+| **`debug: false`** (default)        | Level `info`: listen/close and **`error`** / **`warn`**; routine traffic stays at `debug` (hidden unless you enable debug). |
+| **`SUPABASE_JEST_MOCK_DEBUG`**      | If `1`, `true`, or `yes`, sets `debug` when `useEnv` is not `false`.                                                        |
+
+```ts
+await createMemorySupabaseServer({ useEnv: false, debug: true });
+```
+
+To silence logs in noisy tests: **`srv.logger.silent = true`**.
+
+You can also build a matching logger with **`createMemorySupabaseLogger(debug)`** if you construct **`MemorySupabaseHttpServer`** yourself (advanced).
+
+## Environment variables
+
+By default (**`useEnv` is not `false`**), options are merged with the environment: env first, then explicit options override.
+
+| Variable                        | Purpose                                                                                              |
+| ------------------------------- | ---------------------------------------------------------------------------------------------------- |
+| **`SUPABASE_URL`**              | If set, **host** and **port** for listening are taken from this URL (e.g. `http://127.0.0.1:54321`). |
+| **`SUPABASE_JEST_MOCK_HOST`**   | Overrides listen hostname after URL parsing.                                                         |
+| **`SUPABASE_JEST_MOCK_PORT`**   | Overrides listen port after URL parsing. Use `0` for an ephemeral port.                              |
+| **`SUPABASE_ANON_KEY`**         | Anon key used as the `apikey` header for the public client.                                          |
+| **`SUPABASE_SERVICE_ROLE_KEY`** | Service role key for admin operations.                                                               |
+| **`SUPABASE_JEST_MOCK_DEBUG`**  | Enables verbose **`debug`** logging (`1`, `true`, or `yes`).                                         |
+
+After the server is running, you can sync **`process.env`** to the **actual** URL and keys (recommended for apps that only read env):
+
+```ts
+import {
+  createMemorySupabaseServer,
+  applyMemorySupabaseEnvToProcess,
+} from 'supabase-in-memory-server';
+
+const srv = await createMemorySupabaseServer();
+applyMemorySupabaseEnvToProcess(srv);
+// process.env.SUPABASE_URL, SUPABASE_ANON_KEY, SUPABASE_SERVICE_ROLE_KEY
+```
+
+## CLI
+
+From the package install:
+
+```bash
+npx supabase-in-memory-server
+```
+
+- Starts the in-memory server (honors the same env vars as above).
+- Writes `SUPABASE_URL`, `SUPABASE_ANON_KEY`, and `SUPABASE_SERVICE_ROLE_KEY` into **`process.env`**.
+- Prints a JSON object with those three keys to **stdout**.
+- Logs the listen URL to **stderr** (and Winston lifecycle lines unless silenced).
+- Exit with **Ctrl+C** (SIGINT) or SIGTERM.
+
+## Authentication and API keys
+
+- Every request must include header **`apikey`** equal to either **`anonKey`** or **`serviceRoleKey`**. Missing or wrong key → **401**.
+- **`GET /auth/v1/admin/users`** requires the **service role** key (or `Authorization: Bearer <serviceRoleKey>`).
+
+Implemented auth routes include: **signup** (email or phone), **token** (`grant_type=password` and `refresh_token`), **logout**, **get user** (`GET /auth/v1/user`), and **admin list users** (paginated). JWTs used by the mock are **unsigned** test tokens—do not use for real security.
+
+## REST (PostgREST-shaped)
+
+Supported on **`/rest/v1/:table`**: insert, upsert (via `Prefer: resolution=merge-duplicates` / `ignore-duplicates`), select with common filters (`eq`, `neq`, `gt`, `gte`, `lt`, `lte`, `is`, `in`), `order`, `limit` / `offset`, update, delete, `Prefer: return=representation`, `Prefer: count=…`, and `Accept: application/vnd.pgrst.object+json` for `.single()` / `.maybeSingle()`-style behavior.
+
+With **`Prefer: return=representation`**, **PATCH** returns the updated rows in the body: one row as a single JSON **object**, multiple rows as a JSON **array** (same convention as **POST** insert).
+
+There is **no** RLS, **no** Realtime WebSocket, **no** Storage, **no** Edge Functions, **no** `/rest/v1/rpc/...`, and **no** full PostgREST operator set (see **TODO** below).
+
+## API reference (exports)
+
+The main entry is **`supabase-in-memory-server`** (`dist/index.js`). Notable exports:
+
+- **`createMemorySupabaseServer`**, **`startInMemorySupabaseServer`** — start the HTTP server.
+- **`createTestSupabaseClient`** — server + `SupabaseClient` with anon key.
+- **`applyMemorySupabaseEnvToProcess`** — set `SUPABASE_*` env from a running server.
+- **`MemorySupabaseHttpServer`** — HTTP app class (advanced: custom lifecycle, tests).
+- **`createMemorySupabaseLogger`** — Winston factory aligned with the server’s log format.
+- **`readMemorySupabaseServerEnv`**, **`resolveMemorySupabaseServerOptions`**, **`generateDefaultProjectKeys`**, **`MemorySupabaseServerInputOptions`** — configuration helpers.
+- **`MemorySupabaseServer`**, **`MemorySupabaseServerOptions`**, **`MemoryStore`**, **`AuthMemory`**, **`JsonRecord`**, etc.
+
+See TSDoc on those symbols in the source for details.
+
+## TODO (toward a fuller in-memory Supabase mock)
+
+This package intentionally covers a **small, test-friendly** slice of Supabase. A **full** in-memory mock would still need (non-exhaustive):
+
+### Auth (GoTrue)
+
+- [ ] OAuth / SSO providers, **magic links**, **OTP**, and phone SMS flows.
+- [ ] Additional **`auth.admin`** APIs: `deleteUser`, `updateUserById`, `inviteUserByEmail`, `generateLink`, etc.
+- [ ] **MFA** (TOTP, WebAuthn) and step-up semantics.
+- [ ] **Session management**: list/revoke sessions, refresh rotation edge cases matching production.
+- [ ] **Password recovery** / email change / user verification flows.
+- [ ] Stricter alignment with GoTrue error payloads, status codes, and headers.
+- [ ] Optional **JWT signing/verification** matching real projects (currently test-oriented tokens).
+
+### REST / PostgREST
+
+- [ ] **RPC**: `POST /rest/v1/rpc/:function` (and client `.rpc()`).
+- [ ] **Embedded resources** / foreign-table `select` shapes (`profiles(*)`).
+- [ ] More **filter operators** (`like`, `ilike`, `fts`, `cs`, `cd`, `@>`, `range`, `or`, `and`, `not`, etc.).
+- [ ] **`columns=`**, default values, generated columns behavior (as far as in-memory JSON allows).
+- [ ] **Schemas** / multiple schemas, views, and table exposure rules.
+- [ ] **Row Level Security** simulation (policies per role / JWT claims).
+- [ ] **Transactions** or batch semantics if clients rely on them.
+- [ ] Closer **error codes** and **Prefer** / **Content-Range** behavior vs real PostgREST.
+
+### Realtime
+
+- [ ] **WebSocket** server and **`postgres_changes`** (and channel/auth parity with Supabase Realtime).
+
+### Storage
+
+- [ ] **S3-compatible** or Supabase Storage REST: buckets, objects, signed URLs, MIME limits.
+
+### Edge Functions & platform
+
+- [ ] **Edge Functions** invoke path or local stub.
+- [ ] **Database webhooks**, **pg_cron**, and other backend-only features (usually out of scope for a pure HTTP mock).
+
+### Developer experience
+
+- [ ] Optional **OpenAPI** / schema endpoint mimicking PostgREST.
+- [ ] **Snapshot / fixture** helpers for common test scenarios.
+
+Contributions that close items above are welcome; keep the default footprint small so Jest/CI stays fast.
+
+## Development
+
+```bash
+npm install
+npm run build      # emit dist/
+npm run typecheck
+npm run lint
+npm run format:check
+npm test           # integration + e2e tests
+```
+
+## License
+
+[MIT](LICENSE)

package/dist/cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":""}

package/dist/cli.js

@@ -0,0 +1,28 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * CLI entry (`supabase-in-memory-server` bin): starts the in-memory server, applies `SUPABASE_*` to `process.env`,
+ * prints JSON keys to stdout, and keeps the process alive until SIGINT/SIGTERM.
+ */
+const index_js_1 = require("./index.js");
+async function main() {
+    const srv = await (0, index_js_1.startInMemorySupabaseServer)();
+    (0, index_js_1.applyMemorySupabaseEnvToProcess)(srv);
+    console.log(JSON.stringify({
+        SUPABASE_URL: srv.url,
+        SUPABASE_ANON_KEY: srv.anonKey,
+        SUPABASE_SERVICE_ROLE_KEY: srv.serviceRoleKey,
+    }, null, 2));
+    console.error(`In-memory Supabase listening on ${srv.url} (Ctrl+C to stop)`);
+    const shutdown = () => {
+        void srv.close().then(() => process.exit(0), () => process.exit(1));
+    };
+    process.on('SIGINT', shutdown);
+    process.on('SIGTERM', shutdown);
+}
+void main().catch((e) => {
+    console.error(e);
+    process.exit(1);
+});
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;AACA;;;GAGG;AACH,yCAA0F;AAE1F,KAAK,UAAU,IAAI;IACjB,MAAM,GAAG,GAAG,MAAM,IAAA,sCAA2B,GAAE,CAAC;IAChD,IAAA,0CAA+B,EAAC,GAAG,CAAC,CAAC;IACrC,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ;QACE,YAAY,EAAE,GAAG,CAAC,GAAG;QACrB,iBAAiB,EAAE,GAAG,CAAC,OAAO;QAC9B,yBAAyB,EAAE,GAAG,CAAC,cAAc;KAC9C,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;IACF,OAAO,CAAC,KAAK,CAAC,mCAAmC,GAAG,CAAC,GAAG,mBAAmB,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,GAAS,EAAE;QAC1B,KAAK,GAAG,CAAC,KAAK,EAAE,CAAC,IAAI,CACnB,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EACrB,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CACtB,CAAC;IACJ,CAAC,CAAC;IACF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC;AAED,KAAK,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAU,EAAE,EAAE;IAC/B,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACjB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Public entry for **supabase-in-memory-server**: in-memory Supabase-shaped HTTP server and test helpers.
+ *
+ * @packageDocumentation
+ */
+import { type SupabaseClient } from '@supabase/supabase-js';
+import { createMemorySupabaseServer, MemorySupabaseHttpServer, type MemorySupabaseServer, type MemorySupabaseServerOptions } from './memory-server/index.js';
+export { AuthMemory, type MemorySession, type MemoryUser } from './lib/auth-memory.js';
+export { getIncomingHeader } from './lib/http-headers.js';
+export { MemoryStore } from './lib/memory-store.js';
+export { createMemorySupabaseLogger } from './lib/server-logger.js';
+export { generateDefaultProjectKeys, type MemorySupabaseServerInputOptions, readMemorySupabaseServerEnv, resolveMemorySupabaseServerOptions, } from './lib/server-options.js';
+export type { JsonRecord } from './lib/types.js';
+export { createMemorySupabaseServer, MemorySupabaseHttpServer, type MemorySupabaseServer, type MemorySupabaseServerOptions, };
+/** Running server handle plus a {@link SupabaseClient} configured with the anon key. */
+export type TestSupabaseBundle = MemorySupabaseServer & {
+    client: SupabaseClient;
+};
+/**
+ * Writes the running server URL and keys into `process.env` so tools that read
+ * `SUPABASE_URL`, `SUPABASE_ANON_KEY`, and `SUPABASE_SERVICE_ROLE_KEY` pick them up.
+ *
+ * @param srv - A server returned from {@link createMemorySupabaseServer} or {@link startInMemorySupabaseServer}.
+ */
+export declare function applyMemorySupabaseEnvToProcess(srv: MemorySupabaseServer): void;
+/**
+ * Starts the in-memory HTTP server (merging env via `readMemorySupabaseServerEnv` unless `useEnv: false`).
+ * Alias for {@link createMemorySupabaseServer}.
+ */
+export declare function startInMemorySupabaseServer(options?: MemorySupabaseServerOptions): Promise<MemorySupabaseServer>;
+/**
+ * Starts the in-memory HTTP server and returns a real `SupabaseClient` using the **anon** key.
+ * Disables auth persistence and token auto-refresh (typical for tests).
+ *
+ * @param options - Same as {@link createMemorySupabaseServer}.
+ * @returns Server fields plus `client`.
+ */
+export declare function createTestSupabaseClient(options?: MemorySupabaseServerOptions): Promise<TestSupabaseBundle>;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAgB,KAAK,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAE1E,OAAO,EACL,0BAA0B,EAC1B,wBAAwB,EACxB,KAAK,oBAAoB,EACzB,KAAK,2BAA2B,EACjC,MAAM,0BAA0B,CAAC;AAElC,OAAO,EAAE,UAAU,EAAE,KAAK,aAAa,EAAE,KAAK,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACvF,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,0BAA0B,EAAE,MAAM,wBAAwB,CAAC;AACpE,OAAO,EACL,0BAA0B,EAC1B,KAAK,gCAAgC,EACrC,2BAA2B,EAC3B,kCAAkC,GACnC,MAAM,yBAAyB,CAAC;AACjC,YAAY,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EACL,0BAA0B,EAC1B,wBAAwB,EACxB,KAAK,oBAAoB,EACzB,KAAK,2BAA2B,GACjC,CAAC;AAEF,wFAAwF;AACxF,MAAM,MAAM,kBAAkB,GAAG,oBAAoB,GAAG;IACtD,MAAM,EAAE,cAAc,CAAC;CACxB,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,+BAA+B,CAAC,GAAG,EAAE,oBAAoB,GAAG,IAAI,CAI/E;AAED;;;GAGG;AACH,wBAAsB,2BAA2B,CAC/C,OAAO,CAAC,EAAE,2BAA2B,GACpC,OAAO,CAAC,oBAAoB,CAAC,CAE/B;AAED;;;;;;GAMG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,CAAC,EAAE,2BAA2B,GACpC,OAAO,CAAC,kBAAkB,CAAC,CAS7B"}

package/dist/index.js

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MemorySupabaseHttpServer = exports.createMemorySupabaseServer = exports.resolveMemorySupabaseServerOptions = exports.readMemorySupabaseServerEnv = exports.generateDefaultProjectKeys = exports.createMemorySupabaseLogger = exports.MemoryStore = exports.getIncomingHeader = exports.AuthMemory = void 0;
+exports.applyMemorySupabaseEnvToProcess = applyMemorySupabaseEnvToProcess;
+exports.startInMemorySupabaseServer = startInMemorySupabaseServer;
+exports.createTestSupabaseClient = createTestSupabaseClient;
+/**
+ * Public entry for **supabase-in-memory-server**: in-memory Supabase-shaped HTTP server and test helpers.
+ *
+ * @packageDocumentation
+ */
+const supabase_js_1 = require("@supabase/supabase-js");
+const index_js_1 = require("./memory-server/index.js");
+Object.defineProperty(exports, "createMemorySupabaseServer", { enumerable: true, get: function () { return index_js_1.createMemorySupabaseServer; } });
+Object.defineProperty(exports, "MemorySupabaseHttpServer", { enumerable: true, get: function () { return index_js_1.MemorySupabaseHttpServer; } });
+var auth_memory_js_1 = require("./lib/auth-memory.js");
+Object.defineProperty(exports, "AuthMemory", { enumerable: true, get: function () { return auth_memory_js_1.AuthMemory; } });
+var http_headers_js_1 = require("./lib/http-headers.js");
+Object.defineProperty(exports, "getIncomingHeader", { enumerable: true, get: function () { return http_headers_js_1.getIncomingHeader; } });
+var memory_store_js_1 = require("./lib/memory-store.js");
+Object.defineProperty(exports, "MemoryStore", { enumerable: true, get: function () { return memory_store_js_1.MemoryStore; } });
+var server_logger_js_1 = require("./lib/server-logger.js");
+Object.defineProperty(exports, "createMemorySupabaseLogger", { enumerable: true, get: function () { return server_logger_js_1.createMemorySupabaseLogger; } });
+var server_options_js_1 = require("./lib/server-options.js");
+Object.defineProperty(exports, "generateDefaultProjectKeys", { enumerable: true, get: function () { return server_options_js_1.generateDefaultProjectKeys; } });
+Object.defineProperty(exports, "readMemorySupabaseServerEnv", { enumerable: true, get: function () { return server_options_js_1.readMemorySupabaseServerEnv; } });
+Object.defineProperty(exports, "resolveMemorySupabaseServerOptions", { enumerable: true, get: function () { return server_options_js_1.resolveMemorySupabaseServerOptions; } });
+/**
+ * Writes the running server URL and keys into `process.env` so tools that read
+ * `SUPABASE_URL`, `SUPABASE_ANON_KEY`, and `SUPABASE_SERVICE_ROLE_KEY` pick them up.
+ *
+ * @param srv - A server returned from {@link createMemorySupabaseServer} or {@link startInMemorySupabaseServer}.
+ */
+function applyMemorySupabaseEnvToProcess(srv) {
+    process.env.SUPABASE_URL = srv.url;
+    process.env.SUPABASE_ANON_KEY = srv.anonKey;
+    process.env.SUPABASE_SERVICE_ROLE_KEY = srv.serviceRoleKey;
+}
+/**
+ * Starts the in-memory HTTP server (merging env via `readMemorySupabaseServerEnv` unless `useEnv: false`).
+ * Alias for {@link createMemorySupabaseServer}.
+ */
+async function startInMemorySupabaseServer(options) {
+    return (0, index_js_1.createMemorySupabaseServer)(options);
+}
+/**
+ * Starts the in-memory HTTP server and returns a real `SupabaseClient` using the **anon** key.
+ * Disables auth persistence and token auto-refresh (typical for tests).
+ *
+ * @param options - Same as {@link createMemorySupabaseServer}.
+ * @returns Server fields plus `client`.
+ */
+async function createTestSupabaseClient(options) {
+    const srv = await (0, index_js_1.createMemorySupabaseServer)(options);
+    const client = (0, supabase_js_1.createClient)(srv.url, srv.anonKey, {
+        auth: {
+            persistSession: false,
+            autoRefreshToken: false,
+        },
+    });
+    return { ...srv, client };
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AA2CA,0EAIC;AAMD,kEAIC;AASD,4DAWC;AA7ED;;;;GAIG;AACH,uDAA0E;AAE1E,uDAKkC;AAchC,2GAlBA,qCAA0B,OAkBA;AAC1B,yGAlBA,mCAAwB,OAkBA;AAb1B,uDAAuF;AAA9E,4GAAA,UAAU,OAAA;AACnB,yDAA0D;AAAjD,oHAAA,iBAAiB,OAAA;AAC1B,yDAAoD;AAA3C,8GAAA,WAAW,OAAA;AACpB,2DAAoE;AAA3D,8HAAA,0BAA0B,OAAA;AACnC,6DAKiC;AAJ/B,+HAAA,0BAA0B,OAAA;AAE1B,gIAAA,2BAA2B,OAAA;AAC3B,uIAAA,kCAAkC,OAAA;AAepC;;;;;GAKG;AACH,SAAgB,+BAA+B,CAAC,GAAyB;IACvE,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,GAAG,CAAC,GAAG,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,GAAG,CAAC,OAAO,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,yBAAyB,GAAG,GAAG,CAAC,cAAc,CAAC;AAC7D,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,2BAA2B,CAC/C,OAAqC;IAErC,OAAO,IAAA,qCAA0B,EAAC,OAAO,CAAC,CAAC;AAC7C,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,wBAAwB,CAC5C,OAAqC;IAErC,MAAM,GAAG,GAAG,MAAM,IAAA,qCAA0B,EAAC,OAAO,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,IAAA,0BAAY,EAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE;QAChD,IAAI,EAAE;YACJ,cAAc,EAAE,KAAK;YACrB,gBAAgB,EAAE,KAAK;SACxB;KACF,CAAC,CAAC;IACH,OAAO,EAAE,GAAG,GAAG,EAAE,MAAM,EAAE,CAAC;AAC5B,CAAC"}

package/dist/lib/auth-memory.d.ts

@@ -0,0 +1,40 @@
+export interface MemoryUser {
+    id: string;
+    aud: string;
+    role: string;
+    email?: string;
+    phone?: string;
+    email_confirmed_at?: string;
+    phone_confirmed_at?: string;
+    app_metadata?: Record<string, unknown>;
+    user_metadata?: Record<string, unknown>;
+}
+export interface MemorySession {
+    access_token: string;
+    refresh_token: string;
+    token_type: string;
+    expires_in: number;
+    expires_at: number;
+    user: MemoryUser;
+}
+/**
+ * In-memory auth backing store: email/phone sign-up and sign-in, refresh tokens, JWT-shaped access tokens,
+ * and a user list for admin APIs. Not persisted; cleared when the HTTP server closes.
+ */
+export declare class AuthMemory {
+    private readonly byEmail;
+    private readonly byPhone;
+    private readonly refreshToUserId;
+    private sessionTokens;
+    signUpEmail(email: string, password: string, metadata: Record<string, unknown>): MemorySession;
+    signInEmail(email: string, password: string): MemorySession;
+    signUpPhone(phone: string, password: string, metadata: Record<string, unknown>): MemorySession;
+    signInPhone(phone: string, password: string): MemorySession;
+    refreshSession(refreshToken: string): MemorySession;
+    getUserFromAccessToken(accessToken: string): MemoryUser;
+    private findUserById;
+    /** All registered users (for admin list). */
+    listUsers(): MemoryUser[];
+    clear(): void;
+}
+//# sourceMappingURL=auth-memory.d.ts.map

package/dist/lib/auth-memory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-memory.d.ts","sourceRoot":"","sources":["../../src/lib/auth-memory.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACzC;AAED,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,UAAU,CAAC;CAClB;AAOD;;;GAGG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAiC;IACzD,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAiC;IACzD,OAAO,CAAC,QAAQ,CAAC,eAAe,CAA6B;IAE7D,OAAO,CAAC,aAAa;IAsBrB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,aAAa;IAqB9F,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa;IAa3D,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,aAAa;IAoB9F,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa;IAY3D,cAAc,CAAC,YAAY,EAAE,MAAM,GAAG,aAAa;IAmBnD,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,UAAU;IAiBvD,OAAO,CAAC,YAAY;IAUpB,6CAA6C;IAC7C,SAAS,IAAI,UAAU,EAAE;IAgBzB,KAAK,IAAI,IAAI;CAKd"}

package/dist/lib/auth-memory.js

@@ -0,0 +1,167 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthMemory = void 0;
+const node_crypto_1 = require("node:crypto");
+const jwt_js_1 = require("./jwt.js");
+/**
+ * In-memory auth backing store: email/phone sign-up and sign-in, refresh tokens, JWT-shaped access tokens,
+ * and a user list for admin APIs. Not persisted; cleared when the HTTP server closes.
+ */
+class AuthMemory {
+    byEmail = new Map();
+    byPhone = new Map();
+    refreshToUserId = new Map();
+    sessionTokens(user, refreshToken) {
+        const now = Math.floor(Date.now() / 1000);
+        const expiresIn = 3600;
+        const access_token = (0, jwt_js_1.encodeMemoryJwt)({
+            sub: user.id,
+            email: user.email,
+            phone: user.phone,
+            role: user.role,
+            aud: user.aud,
+            exp: now + expiresIn,
+            iat: now,
+        });
+        return {
+            access_token,
+            refresh_token: refreshToken,
+            token_type: 'bearer',
+            expires_in: expiresIn,
+            expires_at: now + expiresIn,
+            user,
+        };
+    }
+    signUpEmail(email, password, metadata) {
+        const key = email.toLowerCase();
+        if (this.byEmail.has(key)) {
+            const err = new Error('User already registered');
+            err.status = 422;
+            throw err;
+        }
+        const user = {
+            id: (0, node_crypto_1.randomUUID)(),
+            aud: 'authenticated',
+            role: 'authenticated',
+            email,
+            email_confirmed_at: new Date().toISOString(),
+            user_metadata: metadata,
+        };
+        this.byEmail.set(key, { user, password });
+        const refresh = (0, jwt_js_1.randomToken)();
+        this.refreshToUserId.set(refresh, user.id);
+        return this.sessionTokens({ ...user }, refresh);
+    }
+    signInEmail(email, password) {
+        const key = email.toLowerCase();
+        const rec = this.byEmail.get(key);
+        if (rec?.password !== password) {
+            const err = new Error('Invalid login credentials');
+            err.status = 400;
+            throw err;
+        }
+        const refresh = (0, jwt_js_1.randomToken)();
+        this.refreshToUserId.set(refresh, rec.user.id);
+        return this.sessionTokens({ ...rec.user }, refresh);
+    }
+    signUpPhone(phone, password, metadata) {
+        if (this.byPhone.has(phone)) {
+            const err = new Error('User already registered');
+            err.status = 422;
+            throw err;
+        }
+        const user = {
+            id: (0, node_crypto_1.randomUUID)(),
+            aud: 'authenticated',
+            role: 'authenticated',
+            phone,
+            phone_confirmed_at: new Date().toISOString(),
+            user_metadata: metadata,
+        };
+        this.byPhone.set(phone, { user, password });
+        const refresh = (0, jwt_js_1.randomToken)();
+        this.refreshToUserId.set(refresh, user.id);
+        return this.sessionTokens({ ...user }, refresh);
+    }
+    signInPhone(phone, password) {
+        const rec = this.byPhone.get(phone);
+        if (rec?.password !== password) {
+            const err = new Error('Invalid login credentials');
+            err.status = 400;
+            throw err;
+        }
+        const refresh = (0, jwt_js_1.randomToken)();
+        this.refreshToUserId.set(refresh, rec.user.id);
+        return this.sessionTokens({ ...rec.user }, refresh);
+    }
+    refreshSession(refreshToken) {
+        const userId = this.refreshToUserId.get(refreshToken);
+        if (!userId) {
+            const err = new Error('Invalid refresh token');
+            err.status = 400;
+            throw err;
+        }
+        this.refreshToUserId.delete(refreshToken);
+        const user = this.findUserById(userId);
+        if (!user) {
+            const err = new Error('User not found');
+            err.status = 400;
+            throw err;
+        }
+        const refresh = (0, jwt_js_1.randomToken)();
+        this.refreshToUserId.set(refresh, user.id);
+        return this.sessionTokens({ ...user }, refresh);
+    }
+    getUserFromAccessToken(accessToken) {
+        const payload = (0, jwt_js_1.decodeJwtPayload)(accessToken);
+        const sub = payload?.sub;
+        if (typeof sub !== 'string') {
+            const err = new Error('Invalid JWT');
+            err.status = 403;
+            throw err;
+        }
+        const user = this.findUserById(sub);
+        if (!user) {
+            const err = new Error('User not found');
+            err.status = 403;
+            throw err;
+        }
+        return { ...user };
+    }
+    findUserById(id) {
+        for (const { user } of this.byEmail.values()) {
+            if (user.id === id)
+                return user;
+        }
+        for (const { user } of this.byPhone.values()) {
+            if (user.id === id)
+                return user;
+        }
+        return undefined;
+    }
+    /** All registered users (for admin list). */
+    listUsers() {
+        const seen = new Set();
+        const out = [];
+        for (const { user } of this.byEmail.values()) {
+            if (seen.has(user.id))
+                continue;
+            seen.add(user.id);
+            out.push({ ...user });
+        }
+        for (const { user } of this.byPhone.values()) {
+            if (seen.has(user.id))
+                continue;
+            seen.add(user.id);
+            out.push({ ...user });
+        }
+        return out;
+    }
+    clear() {
+        this.byEmail.clear();
+        this.byPhone.clear();
+        this.refreshToUserId.clear();
+    }
+}
+exports.AuthMemory = AuthMemory;
+//# sourceMappingURL=auth-memory.js.map

package/dist/lib/auth-memory.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-memory.js","sourceRoot":"","sources":["../../src/lib/auth-memory.ts"],"names":[],"mappings":";;;AAAA,6CAAyC;AAEzC,qCAA0E;AA4B1E;;;GAGG;AACH,MAAa,UAAU;IACJ,OAAO,GAAG,IAAI,GAAG,EAAsB,CAAC;IACxC,OAAO,GAAG,IAAI,GAAG,EAAsB,CAAC;IACxC,eAAe,GAAG,IAAI,GAAG,EAAkB,CAAC;IAErD,aAAa,CAAC,IAAgB,EAAE,YAAoB;QAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,IAAI,CAAC;QACvB,MAAM,YAAY,GAAG,IAAA,wBAAe,EAAC;YACnC,GAAG,EAAE,IAAI,CAAC,EAAE;YACZ,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,GAAG,EAAE,GAAG,GAAG,SAAS;YACpB,GAAG,EAAE,GAAG;SACT,CAAC,CAAC;QACH,OAAO;YACL,YAAY;YACZ,aAAa,EAAE,YAAY;YAC3B,UAAU,EAAE,QAAQ;YACpB,UAAU,EAAE,SAAS;YACrB,UAAU,EAAE,GAAG,GAAG,SAAS;YAC3B,IAAI;SACL,CAAC;IACJ,CAAC;IAED,WAAW,CAAC,KAAa,EAAE,QAAgB,EAAE,QAAiC;QAC5E,MAAM,GAAG,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QAChC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAChD,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,IAAI,GAAe;YACvB,EAAE,EAAE,IAAA,wBAAU,GAAE;YAChB,GAAG,EAAE,eAAe;YACpB,IAAI,EAAE,eAAe;YACrB,KAAK;YACL,kBAAkB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5C,aAAa,EAAE,QAAQ;SACxB,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAA,oBAAW,GAAE,CAAC;QAC9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,WAAW,CAAC,KAAa,EAAE,QAAgB;QACzC,MAAM,GAAG,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,GAAG,EAAE,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAClD,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,OAAO,GAAG,IAAA,oBAAW,GAAE,CAAC;QAC9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/C,OAAO,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,GAAG,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,WAAW,CAAC,KAAa,EAAE,QAAgB,EAAE,QAAiC;QAC5E,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAChD,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,IAAI,GAAe;YACvB,EAAE,EAAE,IAAA,wBAAU,GAAE;YAChB,GAAG,EAAE,eAAe;YACpB,IAAI,EAAE,eAAe;YACrB,KAAK;YACL,kBAAkB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5C,aAAa,EAAE,QAAQ;SACxB,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,IAAA,oBAAW,GAAE,CAAC;QAC9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,WAAW,CAAC,KAAa,EAAE,QAAgB;QACzC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpC,IAAI,GAAG,EAAE,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAClD,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,OAAO,GAAG,IAAA,oBAAW,GAAE,CAAC;QAC9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/C,OAAO,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,GAAG,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,cAAc,CAAC,YAAoB;QACjC,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;YAC9C,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACvC,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,OAAO,GAAG,IAAA,oBAAW,GAAE,CAAC;QAC9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,sBAAsB,CAAC,WAAmB;QACxC,MAAM,OAAO,GAAG,IAAA,yBAAgB,EAAC,WAAW,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,OAAO,EAAE,GAAG,CAAC;QACzB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YACpC,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACvC,GAAkC,CAAC,MAAM,GAAG,GAAG,CAAC;YACjD,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC;IACrB,CAAC;IAEO,YAAY,CAAC,EAAU;QAC7B,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;YAC7C,IAAI,IAAI,CAAC,EAAE,KAAK,EAAE;gBAAE,OAAO,IAAI,CAAC;QAClC,CAAC;QACD,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;YAC7C,IAAI,IAAI,CAAC,EAAE,KAAK,EAAE;gBAAE,OAAO,IAAI,CAAC;QAClC,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,6CAA6C;IAC7C,SAAS;QACP,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;QAC/B,MAAM,GAAG,GAAiB,EAAE,CAAC;QAC7B,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;YAC7C,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBAAE,SAAS;YAChC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAClB,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;YAC7C,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBAAE,SAAS;YAChC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAClB,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;QACxB,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK;QACH,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACrB,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACrB,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;IAC/B,CAAC;CACF;AAjKD,gCAiKC"}

package/dist/lib/http-headers.d.ts

@@ -0,0 +1,6 @@
+import type { IncomingMessage } from 'node:http';
+/**
+ * Reads a request header case-insensitively; if multiple values exist, returns the first.
+ */
+export declare function getIncomingHeader(req: IncomingMessage, name: string): string | undefined;
+//# sourceMappingURL=http-headers.d.ts.map

package/dist/lib/http-headers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-headers.d.ts","sourceRoot":"","sources":["../../src/lib/http-headers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEjD;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAKxF"}