@alepha/react 0.5.2 → 0.6.1

package/dist/index.cjs

@@ -2,19 +2,316 @@
 
 var core = require('@alepha/core');
 var server = require('@alepha/server');
-var useRouterState = require('./useRouterState-BlKHWZwk.cjs');
+var useAuth = require('./useAuth-DOVx2kqa.cjs');
+var openidClient = require('openid-client');
 var node_fs = require('node:fs');
 var promises = require('node:fs/promises');
 var node_path = require('node:path');
 var server$1 = require('react-dom/server');
-var crypto = require('node:crypto');
-var cache = require('@alepha/cache');
-var security = require('@alepha/security');
-var openidClient = require('openid-client');
+require('react/jsx-runtime');
 require('react');
 require('react-dom/client');
 require('path-to-regexp');
 
+class ReactAuthProvider {
+  log = core.$logger();
+  alepha = core.$inject(core.Alepha);
+  fastifyCookieProvider = core.$inject(server.FastifyCookieProvider);
+  authProviders = [];
+  authorizationCode = server.$cookie({
+    name: "authorizationCode",
+    ttl: { minutes: 15 },
+    httpOnly: true,
+    schema: core.t.object({
+      codeVerifier: core.t.optional(core.t.string({ size: "long" })),
+      redirectUri: core.t.optional(core.t.string({ size: "long" }))
+    })
+  });
+  tokens = server.$cookie({
+    name: "tokens",
+    ttl: { days: 1 },
+    httpOnly: true,
+    compress: true,
+    schema: core.t.object({
+      access_token: core.t.optional(core.t.string({ size: "rich" })),
+      expires_in: core.t.optional(core.t.number()),
+      refresh_token: core.t.optional(core.t.string({ size: "rich" })),
+      id_token: core.t.optional(core.t.string({ size: "rich" })),
+      scope: core.t.optional(core.t.string()),
+      issued_at: core.t.optional(core.t.number())
+    })
+  });
+  user = server.$cookie({
+    name: "user",
+    ttl: { days: 1 },
+    schema: core.t.object({
+      id: core.t.string(),
+      name: core.t.optional(core.t.string()),
+      email: core.t.optional(core.t.string())
+    })
+  });
+  configure = core.$hook({
+    name: "configure",
+    handler: async () => {
+      const auths = this.alepha.getDescriptorValues(useAuth.$auth);
+      for (const auth of auths) {
+        const options = auth.value.options;
+        if (options.oidc) {
+          this.authProviders.push({
+            name: options.name ?? auth.key,
+            redirectUri: options.oidc.redirectUri ?? "/api/_oauth/callback",
+            client: await openidClient.discovery(
+              new URL(options.oidc.issuer),
+              options.oidc.clientId,
+              {
+                client_secret: options.oidc.clientSecret
+              },
+              void 0,
+              {
+                execute: [openidClient.allowInsecureRequests]
+              }
+            )
+          });
+        }
+      }
+    }
+  });
+  /**
+   * Configure Fastify to forward Session Access Token to Header Authorization.
+   */
+  configureFastify = core.$hook({
+    name: "configure:fastify",
+    after: this.fastifyCookieProvider,
+    handler: async (app) => {
+      app.addHook("onRequest", async (req) => {
+        if (req.cookies && !this.isViteFile(req.url) && !!this.authProviders.length) {
+          const tokens = await this.refresh(req.cookies);
+          if (tokens) {
+            req.headers.authorization = `Bearer ${tokens.access_token}`;
+          }
+          if (this.user.get(req.cookies) && !this.tokens.get(req.cookies)) {
+            this.user.del(req.cookies);
+          }
+        }
+      });
+    }
+  });
+  /**
+   *
+   * @param cookies
+   * @protected
+   */
+  async refresh(cookies) {
+    const now = Date.now();
+    const tokens = this.tokens.get(cookies);
+    if (!tokens) {
+      return;
+    }
+    if (tokens.expires_in && tokens.issued_at) {
+      const expiresAt = tokens.issued_at + (tokens.expires_in - 10) * 1e3;
+      if (expiresAt < now) {
+        if (tokens.refresh_token) {
+          try {
+            const newTokens = await openidClient.refreshTokenGrant(
+              this.authProviders[0].client,
+              tokens.refresh_token
+            );
+            this.tokens.set(cookies, {
+              ...newTokens,
+              issued_at: Date.now()
+            });
+            return newTokens;
+          } catch (e) {
+            this.log.warn(e, "Failed to refresh token -");
+          }
+        }
+        this.tokens.del(cookies);
+        this.user.del(cookies);
+        return;
+      }
+    }
+    if (!tokens.issued_at && tokens.access_token) {
+      this.tokens.del(cookies);
+      this.user.del(cookies);
+      return;
+    }
+    return tokens;
+  }
+  /**
+   *
+   */
+  login = server.$route({
+    security: false,
+    internal: true,
+    url: "/_oauth/login",
+    group: "auth",
+    method: "GET",
+    schema: {
+      query: core.t.object({
+        redirect: core.t.optional(core.t.string()),
+        provider: core.t.optional(core.t.string())
+      })
+    },
+    handler: async ({ query, cookies, url }) => {
+      const { client, redirectUri } = this.provider(query.provider);
+      const codeVerifier = openidClient.randomPKCECodeVerifier();
+      const codeChallenge = await openidClient.calculatePKCECodeChallenge(codeVerifier);
+      const scope = "openid profile email";
+      let redirect_uri = redirectUri;
+      if (redirect_uri.startsWith("/")) {
+        redirect_uri = `${url.protocol}//${url.host}${redirect_uri}`;
+      }
+      const parameters = {
+        redirect_uri,
+        scope,
+        code_challenge: codeChallenge,
+        code_challenge_method: "S256"
+      };
+      this.authorizationCode.set(cookies, {
+        codeVerifier,
+        redirectUri: query.redirect ?? "/"
+      });
+      return new Response("", {
+        status: 302,
+        headers: {
+          Location: openidClient.buildAuthorizationUrl(client, parameters).toString()
+        }
+      });
+    }
+  });
+  /**
+   *
+   */
+  callback = server.$route({
+    security: false,
+    internal: true,
+    url: "/_oauth/callback",
+    group: "auth",
+    method: "GET",
+    schema: {
+      query: core.t.object({
+        provider: core.t.optional(core.t.string())
+      })
+    },
+    handler: async ({ url, cookies, query }) => {
+      const { client } = this.provider(query.provider);
+      const authorizationCode = this.authorizationCode.get(cookies);
+      if (!authorizationCode) {
+        throw new server.BadRequestError("Missing code verifier");
+      }
+      const tokens = await openidClient.authorizationCodeGrant(client, url, {
+        pkceCodeVerifier: authorizationCode.codeVerifier
+      });
+      this.authorizationCode.del(cookies);
+      this.tokens.set(cookies, {
+        ...tokens,
+        issued_at: Date.now()
+      });
+      const user = this.userFromAccessToken(tokens.access_token);
+      if (user) {
+        this.user.set(cookies, user);
+      }
+      return Response.redirect(authorizationCode.redirectUri ?? "/");
+    }
+  });
+  /**
+   *
+   * @param accessToken
+   * @protected
+   */
+  userFromAccessToken(accessToken) {
+    try {
+      const parts = accessToken.split(".");
+      if (parts.length !== 3) {
+        return;
+      }
+      const payload = parts[1];
+      const decoded = JSON.parse(atob(payload));
+      if (!decoded.sub) {
+        return;
+      }
+      return {
+        id: decoded.sub,
+        name: decoded.name,
+        email: decoded.email
+        // organization
+        // ...
+      };
+    } catch (e) {
+      this.log.warn(e, "Failed to decode access token");
+    }
+  }
+  /**
+   *
+   */
+  logout = server.$route({
+    security: false,
+    internal: true,
+    url: "/_oauth/logout",
+    group: "auth",
+    method: "GET",
+    schema: {
+      query: core.t.object({
+        redirect: core.t.optional(core.t.string()),
+        provider: core.t.optional(core.t.string())
+      })
+    },
+    handler: async ({ query, cookies }) => {
+      const { client } = this.provider(query.provider);
+      const tokens = this.tokens.get(cookies);
+      const idToken = tokens?.id_token;
+      const redirect = query.redirect ?? "/";
+      const params = new URLSearchParams();
+      params.set("post_logout_redirect_uri", redirect);
+      if (idToken) {
+        params.set("id_token_hint", idToken);
+      }
+      this.tokens.del(cookies);
+      this.user.del(cookies);
+      return Response.redirect(openidClient.buildEndSessionUrl(client, params).toString());
+    }
+  });
+  /**
+   *
+   * @param name
+   * @protected
+   */
+  provider(name) {
+    if (!name) {
+      const client = this.authProviders[0];
+      if (!client) {
+        throw new server.BadRequestError("Client name is required");
+      }
+      return client;
+    }
+    const authProvider = this.authProviders.find(
+      (provider) => provider.name === name
+    );
+    if (!authProvider) {
+      throw new server.BadRequestError(`Client ${name} not found`);
+    }
+    return authProvider;
+  }
+  /**
+   *
+   * @param file
+   * @protected
+   */
+  isViteFile(file) {
+    const [pathname] = file.split("?");
+    if (pathname.startsWith("/docs")) {
+      return false;
+    }
+    if (pathname.match(/\.\w{2,5}$/)) {
+      return true;
+    }
+    if (pathname.startsWith("/@")) {
+      return true;
+    }
+    return false;
+  }
+}
+
 const envSchema$1 = core.t.object({
   REACT_SERVER_DIST: core.t.string({ default: "client" }),
   REACT_SERVER_PREFIX: core.t.string({ default: "" }),
@@ -24,7 +321,7 @@ const envSchema$1 = core.t.object({
 class ReactServerProvider {
   log = core.$logger();
   alepha = core.$inject(core.Alepha);
-  router = core.$inject(useRouterState.Router);
+  router = core.$inject(useAuth.Router);
   server = core.$inject(server.ServerProvider);
   env = core.$inject(envSchema$1);
   configure = core.$hook({
@@ -41,45 +338,67 @@ class ReactServerProvider {
       return;
     }
     if (process.env.VITE_ALEPHA_DEV === "true") {
-      this.log.info("SSR starting in development mode");
-      const templateUrl = `${this.server.hostname}/index.html`;
+      this.log.info("SSR (vite) OK");
+      const templateUrl = `http://${process.env.SERVER_HOST}:${process.env.SERVER_PORT}/index.html`;
       this.log.debug(`Fetch template from ${templateUrl}`);
       const route2 = this.createHandler(
-        () => fetch(templateUrl).then((it) => it.text()).catch(() => void 0)
+        () => fetch(templateUrl).then((it) => it.text()).catch(() => void 0).then((it) => it ? this.checkTemplate(it) : void 0)
       );
       await this.server.route(route2);
       await this.server.route({
-        url: "*",
-        handler: route2.handler
+        ...route2,
+        url: "*"
       });
       return;
     }
-    const maybe = [
-      node_path.join(process.cwd(), this.env.REACT_SERVER_DIST),
-      node_path.join(process.cwd(), "..", this.env.REACT_SERVER_DIST),
-      node_path.join(process.cwd(), "dist", this.env.REACT_SERVER_DIST)
-    ];
     let root = "";
-    for (const it of maybe) {
-      if (node_fs.existsSync(it)) {
-        root = it;
-        break;
+    if (!this.alepha.isServerless()) {
+      const maybe = [
+        node_path.join(process.cwd(), this.env.REACT_SERVER_DIST),
+        node_path.join(process.cwd(), "..", this.env.REACT_SERVER_DIST)
+      ];
+      for (const it of maybe) {
+        if (node_fs.existsSync(it)) {
+          root = it;
+          break;
+        }
       }
+      if (!root) {
+        this.log.warn("Missing static files, SSR will be disabled");
+        return;
+      }
+      await this.server.serve(this.createStaticHandler(root));
     }
-    if (!root) {
-      this.log.warn("Missing static files, SSR will be disabled");
-      return;
-    }
-    await this.server.serve(this.createStaticHandler(root));
-    const template = await promises.readFile(node_path.join(root, "index.html"), "utf-8");
+    const template = this.checkTemplate(
+      this.alepha.state("ReactServerProvider.template") ?? await promises.readFile(node_path.join(root, "index.html"), "utf-8")
+    );
     const route = this.createHandler(async () => template);
     await this.server.route(route);
     await this.server.route({
-      url: "/*",
-      // alias for "not found handler"
-      handler: route.handler
+      ...route,
+      url: "*"
     });
   }
+  /**
+   * Check if the template contains the outlet.
+   *
+   * @param template
+   * @protected
+   */
+  checkTemplate(template) {
+    if (!template.includes(this.env.REACT_SSR_OUTLET)) {
+      if (!template.includes('<div id="root"></div>')) {
+        throw new Error(
+          `Missing React SSR outlet in index.html, please add ${this.env.REACT_SSR_OUTLET} to the index.html file`
+        );
+      }
+      return template.replace(
+        `<div id="root"></div>`,
+        `<div id="root">${this.env.REACT_SSR_OUTLET}</div>`
+      );
+    }
+    return template;
+  }
   /**
    *
    * @param root
@@ -104,22 +423,23 @@ class ReactServerProvider {
    */
   createHandler(templateLoader) {
     return {
+      method: "GET",
       url: "/",
-      handler: async ({ url, user }) => {
+      handler: async (ctx) => {
         const template = await templateLoader();
         if (!template) {
           return new Response("Not found", { status: 404 });
         }
-        const response = this.notFoundHandler(url);
+        const response = this.notFoundHandler(ctx.url);
         if (response) {
           return response;
         }
-        return await this.ssr(url, template, user);
+        return await this.ssr(ctx.url, template, ctx);
       }
     };
   }
   processDescriptors() {
-    const pages = this.alepha.getDescriptorValues(useRouterState.$page);
+    const pages = this.alepha.getDescriptorValues(useAuth.$page);
     for (const { key, instance, value } of pages) {
       instance[key].render = async (options = {}) => {
         const name = value.options.name ?? key;
@@ -135,7 +455,8 @@ class ReactServerProvider {
           this.router.root({
             layers,
             pathname: "",
-            search: ""
+            search: "",
+            context: {}
           })
         );
       };
@@ -147,7 +468,7 @@ class ReactServerProvider {
    * @protected
    */
   notFoundHandler(url) {
-    if (url.match(/\.\w+$/)) {
+    if (url.pathname.match(/\.\w+$/)) {
       return new Response("Not found", { status: 404 });
     }
   }
@@ -155,12 +476,15 @@ class ReactServerProvider {
    *
    * @param url
    * @param template
-   * @param user
+   * @param args
    */
-  async ssr(url, template = this.env.REACT_SSR_OUTLET, user) {
-    const { element, layers, redirect } = await this.router.render(url, {
-      user
-    });
+  async ssr(url, template = this.env.REACT_SSR_OUTLET, args = {}) {
+    const { element, layers, redirect, context } = await this.router.render(
+      url.pathname + url.search,
+      {
+        args
+      }
+    );
     if (redirect) {
       return new Response("", {
         status: 302,
@@ -176,324 +500,77 @@ class ReactServerProvider {
         index: void 0,
         path: void 0,
         element: void 0
-      })),
-      session: {
-        user: user ? {
-          id: user.id,
-          name: user.name
-        } : void 0
-      }
+      }))
     })}<\/script>`;
     const index = template.indexOf("</body>");
     if (index !== -1) {
       template = template.slice(0, index) + script + template.slice(index);
     }
-    return new Response(template.replace(this.env.REACT_SSR_OUTLET, appHtml), {
-      headers: { "Content-Type": "text/html" }
-    });
-  }
-}
-
-const sessionUserSchema = core.t.object({
-  id: core.t.string(),
-  name: core.t.optional(core.t.string())
-});
-const sessionSchema = core.t.object({
-  user: core.t.optional(sessionUserSchema)
-});
-const envSchema = core.t.object({
-  REACT_OIDC_ISSUER: core.t.optional(core.t.string()),
-  REACT_OIDC_CLIENT_ID: core.t.optional(core.t.string()),
-  REACT_OIDC_CLIENT_SECRET: core.t.optional(core.t.string()),
-  REACT_OIDC_REDIRECT_URI: core.t.optional(core.t.string())
-});
-class ReactSessionProvider {
-  SSID = "ssid";
-  log = core.$logger();
-  env = core.$inject(envSchema);
-  serverProvider = core.$inject(server.ServerProvider);
-  securityProvider = core.$inject(security.SecurityProvider);
-  sessions = cache.$cache();
-  clients = [];
-  get redirectUri() {
-    return this.env.REACT_OIDC_REDIRECT_URI ?? `${this.serverProvider.hostname}/api/callback`;
-  }
-  configure = core.$hook({
-    name: "configure",
-    priority: 100,
-    handler: async () => {
-      const issuer = this.env.REACT_OIDC_ISSUER;
-      const clientId = this.env.REACT_OIDC_CLIENT_ID;
-      if (!issuer || !clientId) {
-        return;
-      }
-      const client = await openidClient.discovery(
-        new URL(issuer),
-        clientId,
-        {
-          client_secret: this.env.REACT_OIDC_CLIENT_SECRET
-        },
-        void 0,
-        {
-          execute: [openidClient.allowInsecureRequests]
-        }
-      );
-      this.clients = [client];
+    if (context.helmet) {
+      template = this.renderHelmetContext(template, context.helmet);
     }
-  });
-  /**
-   *
-   * @param sessionId
-   * @param session
-   * @protected
-   */
-  async setSession(sessionId, session) {
-    await this.sessions.set(sessionId, session, {
-      days: 1
+    template = template.replace(this.env.REACT_SSR_OUTLET, appHtml);
+    return new Response(template, {
+      headers: { "Content-Type": "text/html" }
     });
   }
-  /**
-   *
-   * @param sessionId
-   * @protected
-   */
-  async getSession(sessionId) {
-    const session = await this.sessions.get(sessionId);
-    if (!session) {
-      return;
-    }
-    const now = Date.now();
-    if (session.expires_in && session.issued_at) {
-      const expiresAt = session.issued_at + (session.expires_in - 10) * 1e3;
-      if (expiresAt < now) {
-        if (session.refresh_token) {
-          try {
-            const newTokens = await openidClient.refreshTokenGrant(
-              this.clients[0],
-              session.refresh_token
-            );
-            await this.setSession(sessionId, {
-              ...newTokens,
-              issued_at: Date.now()
-            });
-            return newTokens;
-          } catch (e) {
-            this.log.error(e, "Failed to refresh token");
-          }
-        }
-        await this.sessions.invalidate(sessionId);
-        return;
+  renderHelmetContext(template, helmetContext) {
+    if (helmetContext.title) {
+      if (template.includes("<title>")) {
+        template = template.replace(
+          /<title>.*<\/title>/,
+          `<title>${helmetContext.title}</title>`
+        );
+      } else {
+        template = template.replace(
+          "</head>",
+          `<title>${helmetContext.title}</title></head>`
+        );
       }
     }
-    if (!session.issued_at && session.access_token) {
-      await this.sessions.invalidate(sessionId);
-      return;
-    }
-    return session;
+    return template;
   }
-  /**
-   *
-   * @protected
-   */
-  beforeRequest = core.$hook({
-    name: "configure:fastify",
-    priority: 100,
-    handler: async (app) => {
-      app.decorateRequest("session");
-      app.addHook("onRequest", async (req) => {
-        const sessionId = req.cookies[this.SSID];
-        if (sessionId && !isViteFile(req.url)) {
-          const session = await this.getSession(sessionId);
-          if (session) {
-            req.session = session;
-            if (session.access_token) {
-              req.headers.authorization = `Bearer ${session.access_token}`;
-            }
-          }
-        }
-      });
-    }
-  });
-  /**
-   *
-   */
-  login = server.$route({
-    security: false,
-    url: "/login",
-    method: "GET",
-    schema: {
-      query: core.t.object({
-        redirect: core.t.optional(core.t.string())
-      })
-    },
-    handler: async ({ query }) => {
-      const client = this.clients[0];
-      const codeVerifier = openidClient.randomPKCECodeVerifier();
-      const codeChallenge = await openidClient.calculatePKCECodeChallenge(codeVerifier);
-      const scope = "openid profile email";
-      const parameters = {
-        redirect_uri: this.redirectUri,
-        scope,
-        code_challenge: codeChallenge,
-        code_challenge_method: "S256"
-      };
-      const sessionId = crypto.randomUUID();
-      await this.setSession(sessionId, {
-        authorizationCodeGrant: {
-          codeVerifier,
-          redirectUri: query.redirect ?? "/"
-          // TODO: add nonce, max_age, state
-        }
-      });
-      return new Response("", {
-        status: 302,
-        headers: {
-          "Set-Cookie": `${this.SSID}=${sessionId}; HttpOnly; Path=/; SameSite=Lax;`,
-          Location: openidClient.buildAuthorizationUrl(client, parameters).toString()
-        }
-      });
-    }
-  });
-  /**
-   *
-   */
-  callback = server.$route({
-    security: false,
-    url: "/callback",
-    method: "GET",
-    schema: {
-      headers: core.t.record(core.t.string(), core.t.string()),
-      cookies: core.t.object({
-        ssid: core.t.string()
-      })
-    },
-    handler: async ({ cookies, url }) => {
-      const sessionId = cookies.ssid;
-      const session = await this.getSession(sessionId);
-      if (!session) {
-        throw new server.BadRequestError("Missing session");
-      }
-      if (!session.authorizationCodeGrant) {
-        throw new server.BadRequestError("Invalid session - missing code verifier");
-      }
-      const [, search] = url.split("?");
-      const tokens = await openidClient.authorizationCodeGrant(
-        this.clients[0],
-        new URL(`${this.redirectUri}?${search}`),
-        {
-          pkceCodeVerifier: session.authorizationCodeGrant.codeVerifier,
-          expectedNonce: session.authorizationCodeGrant.nonce,
-          expectedState: session.authorizationCodeGrant.state,
-          maxAge: session.authorizationCodeGrant.max_age
-        }
-      );
-      await this.setSession(sessionId, {
-        ...tokens,
-        issued_at: Date.now()
-      });
-      return new Response("", {
-        status: 302,
-        headers: {
-          Location: session.authorizationCodeGrant.redirectUri ?? "/"
-        }
-      });
-    }
-  });
-  logout = server.$route({
-    security: false,
-    url: "/logout",
-    method: "GET",
-    schema: {
-      query: core.t.object({
-        redirect: core.t.optional(core.t.string())
-      }),
-      cookies: core.t.object({
-        ssid: core.t.string()
-      })
-    },
-    handler: async ({ query, cookies }, { fastify }) => {
-      const session = fastify?.req.session;
-      await this.sessions.invalidate(cookies.ssid);
-      const redirect = query.redirect ?? "/";
-      const params = new URLSearchParams();
-      params.set("post_logout_redirect_uri", redirect);
-      if (session?.id_token) {
-        params.set("id_token_hint", session.id_token);
-      }
-      return new Response("", {
-        status: 302,
-        headers: {
-          "Set-Cookie": `${this.SSID}=; HttpOnly; Path=/; SameSite=Lax;`,
-          Location: openidClient.buildEndSessionUrl(this.clients[0], params).toString()
-        }
-      });
-    }
-  });
-  session = server.$route({
-    security: false,
-    url: "/_session",
-    method: "GET",
-    schema: {
-      headers: core.t.object({
-        authorization: core.t.string()
-      }),
-      response: sessionSchema
-    },
-    handler: async ({ headers }) => {
-      try {
-        return {
-          user: await this.securityProvider.createUserFromToken(
-            headers.authorization
-          )
-        };
-      } catch (e) {
-        return {};
-      }
-    }
-  });
 }
-const isViteFile = (file) => {
-  const [pathname] = file.split("?");
-  if (pathname.startsWith("/docs")) {
-    return false;
-  }
-  if (pathname.match(/\.\w{2,5}$/)) {
-    return true;
-  }
-  if (pathname.startsWith("/@")) {
-    return true;
-  }
-  return false;
-};
 
+const envSchema = core.t.object({
+  REACT_AUTH_ENABLED: core.t.boolean({ default: false })
+});
 class ReactModule {
+  env = core.$inject(envSchema);
   alepha = core.$inject(core.Alepha);
   constructor() {
-    this.alepha.with(server.ServerModule).with(server.ServerLinksProvider).with(ReactServerProvider).with(ReactSessionProvider).with(useRouterState.PageDescriptorProvider);
+    this.alepha.with(server.ServerModule).with(server.ServerLinksProvider).with(useAuth.PageDescriptorProvider).with(ReactServerProvider);
+    if (this.env.REACT_AUTH_ENABLED) {
+      this.alepha.with(ReactAuthProvider);
+      this.alepha.with(useAuth.Auth);
+    }
   }
 }
-core.autoInject(useRouterState.$page, ReactModule);
+core.autoInject(useAuth.$page, ReactModule);
+core.autoInject(useAuth.$auth, ReactAuthProvider, useAuth.Auth);
 
-exports.$page = useRouterState.$page;
-exports.NestedView = useRouterState.NestedView;
-exports.PageDescriptorProvider = useRouterState.PageDescriptorProvider;
-exports.ReactBrowserProvider = useRouterState.ReactBrowserProvider;
-exports.RedirectException = useRouterState.RedirectException;
-exports.Router = useRouterState.Router;
-exports.RouterContext = useRouterState.RouterContext;
-exports.RouterHookApi = useRouterState.RouterHookApi;
-exports.RouterLayerContext = useRouterState.RouterLayerContext;
-exports.pageDescriptorKey = useRouterState.pageDescriptorKey;
-exports.useActive = useRouterState.useActive;
-exports.useClient = useRouterState.useClient;
-exports.useInject = useRouterState.useInject;
-exports.useQueryParams = useRouterState.useQueryParams;
-exports.useRouter = useRouterState.useRouter;
-exports.useRouterEvents = useRouterState.useRouterEvents;
-exports.useRouterState = useRouterState.useRouterState;
+exports.$auth = useAuth.$auth;
+exports.$page = useAuth.$page;
+exports.Auth = useAuth.Auth;
+exports.Link = useAuth.Link;
+exports.NestedView = useAuth.NestedView;
+exports.PageDescriptorProvider = useAuth.PageDescriptorProvider;
+exports.ReactBrowserProvider = useAuth.ReactBrowserProvider;
+exports.RedirectionError = useAuth.RedirectionError;
+exports.Router = useAuth.Router;
+exports.RouterContext = useAuth.RouterContext;
+exports.RouterHookApi = useAuth.RouterHookApi;
+exports.RouterLayerContext = useAuth.RouterLayerContext;
+exports.pageDescriptorKey = useAuth.pageDescriptorKey;
+exports.useActive = useAuth.useActive;
+exports.useAuth = useAuth.useAuth;
+exports.useClient = useAuth.useClient;
+exports.useInject = useAuth.useInject;
+exports.useQueryParams = useAuth.useQueryParams;
+exports.useRouter = useAuth.useRouter;
+exports.useRouterEvents = useAuth.useRouterEvents;
+exports.useRouterState = useAuth.useRouterState;
+exports.ReactAuthProvider = ReactAuthProvider;
 exports.ReactModule = ReactModule;
 exports.ReactServerProvider = ReactServerProvider;
-exports.ReactSessionProvider = ReactSessionProvider;
 exports.envSchema = envSchema$1;
-exports.sessionSchema = sessionSchema;
-exports.sessionUserSchema = sessionUserSchema;