@anysoftinc/anydb-sdk 0.1.2 → 0.4.0

package/dist/nextauth-adapter.d.ts

@@ -1,5 +1,10 @@
 import type { Adapter } from "next-auth/adapters";
-import type { DatomicDatabase } from "./client";
+import type { AnyDBClient } from "./client";
+/**
+ * Creates NextAuth cookie configuration with proper security settings
+ * Uses __Host- prefix and secure cookies in production, regular cookies in development
+ */
+export declare function createNextAuthCookies(cookieIdentifier: string): Record<string, any>;
 /**
  * Creates a NextAuth.js adapter for AnyDB/Datomic
  *
@@ -19,5 +24,5 @@ import type { DatomicDatabase } from "./client";
  * });
  * ```
  */
-export declare function AnyDBAdapter(db: DatomicDatabase): Adapter;
+export declare function AnyDBAdapter(db: AnyDBClient): Adapter;
 //# sourceMappingURL=nextauth-adapter.d.ts.map

package/dist/nextauth-adapter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"nextauth-adapter.d.ts","sourceRoot":"","sources":["../src/nextauth-adapter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAkB,MAAM,oBAAoB,CAAC;AAClE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAmHhD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,YAAY,CAAC,EAAE,EAAE,eAAe,GAAG,OAAO,CA4PzD"}
+{"version":3,"file":"nextauth-adapter.d.ts","sourceRoot":"","sources":["../src/nextauth-adapter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAkB,MAAM,oBAAoB,CAAC;AAClE,OAAO,KAAK,EAAE,WAAW,EAAiB,MAAM,UAAU,CAAC;AAI3D;;;GAGG;AACH,wBAAgB,qBAAqB,CACnC,gBAAgB,EAAE,MAAM,GACvB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAkCrB;AA2DD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,YAAY,CAAC,EAAE,EAAE,WAAW,GAAG,OAAO,CA6WrD"}

package/dist/nextauth-adapter.js

@@ -1,100 +1,90 @@
-import { SchemaBuilder, DatomicUtils, kw, sym, uuid as uuidEdn } from "./client";
+import { kw, sym, uuid as uuidEdn } from "./client";
+import { v4 as uuidv4 } from "uuid";
+/**
+ * Creates NextAuth cookie configuration with proper security settings
+ * Uses __Host- prefix and secure cookies in production, regular cookies in development
+ */
+export function createNextAuthCookies(cookieIdentifier) {
+    const isProduction = process.env.NODE_ENV === "production";
+    const prefix = isProduction ? "__Host-" : "";
+    const secure = isProduction;
+    return {
+        sessionToken: {
+            name: `${prefix}${cookieIdentifier}.session-token`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure,
+            },
+        },
+        callbackUrl: {
+            name: `${prefix}${cookieIdentifier}.callback-url`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure,
+            },
+        },
+        csrfToken: {
+            name: `${prefix}${cookieIdentifier}.csrf-token`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure,
+            },
+        },
+    };
+}
 // Datomic schema idents
 const USER = {
-    id: ":auth.user.v1/id", // uuid identity
-    name: ":auth.user.v1/name",
-    email: ":auth.user.v1/email",
-    emailVerified: ":auth.user.v1/email-verified",
-    image: ":auth.user.v1/image",
+    id: "anydb.auth.user.v1/id", // uuid identity
+    name: "anydb.auth.user.v1/name",
+    email: "anydb.auth.user.v1/email",
+    emailVerified: "anydb.auth.user.v1/email-verified",
+    image: "anydb.auth.user.v1/image",
 };
 const ACCOUNT = {
-    id: ":auth.account.v1/id", // uuid identity
-    userId: ":auth.account.v1/user-id", // uuid ref by value
-    type: ":auth.account.v1/type",
-    provider: ":auth.account.v1/provider",
-    providerAccountId: ":auth.account.v1/provider-account-id",
-    refreshToken: ":auth.account.v1/refresh-token",
-    accessToken: ":auth.account.v1/access-token",
-    expiresAt: ":auth.account.v1/expires-at",
-    tokenType: ":auth.account.v1/token-type",
-    scope: ":auth.account.v1/scope",
-    idToken: ":auth.account.v1/id-token",
-    sessionState: ":auth.account.v1/session-state",
+    id: "anydb.auth.account.v1/id", // uuid identity
+    userId: "anydb.auth.account.v1/user-id", // uuid ref by value
+    type: "anydb.auth.account.v1/type",
+    provider: "anydb.auth.account.v1/provider",
+    providerAccountId: "anydb.auth.account.v1/provider-account-id",
+    refreshToken: "anydb.auth.account.v1/refresh-token",
+    accessToken: "anydb.auth.account.v1/access-token",
+    expiresAt: "anydb.auth.account.v1/expires-at",
+    tokenType: "anydb.auth.account.v1/token-type",
+    scope: "anydb.auth.account.v1/scope",
+    idToken: "anydb.auth.account.v1/id-token",
+    sessionState: "anydb.auth.account.v1/session-state",
 };
 const SESSION = {
-    id: ":auth.session.v1/id", // uuid identity
-    sessionToken: ":auth.session.v1/session-token",
-    userId: ":auth.session.v1/user-id",
-    expires: ":auth.session.v1/expires",
+    id: "anydb.auth.session.v1/id", // uuid identity
+    sessionToken: "anydb.auth.session.v1/session-token",
+    userId: "anydb.auth.session.v1/user-id",
+    expires: "anydb.auth.session.v1/expires",
 };
 const VTOKEN = {
-    id: ":auth.vtoken.v1/id", // uuid identity
-    identifier: ":auth.vtoken.v1/identifier",
-    token: ":auth.vtoken.v1/token",
-    expires: ":auth.vtoken.v1/expires",
+    id: "anydb.auth.vtoken.v1/id", // uuid identity
+    identifier: "anydb.auth.vtoken.v1/identifier",
+    token: "anydb.auth.vtoken.v1/token",
+    expires: "anydb.auth.vtoken.v1/expires",
 };
-async function ensureAuthSchema(db) {
-    const defs = [];
-    // Helper to conditionally add attribute definitions
-    const addAttr = async (ident, vt, card, opts = {}) => {
-        const exists = await db.querySymbolic({ find: [sym("?e")], where: [[sym("?e"), kw(":db/ident"), kw(ident)]] });
-        if (!exists || (Array.isArray(exists) && exists.length === 0)) {
-            defs.push(SchemaBuilder.attribute({ ":db/ident": ident, ":db/valueType": vt, ":db/cardinality": card, ...opts }));
-        }
-    };
-    // User attributes
-    await addAttr(USER.id, ":db.type/uuid", ":db.cardinality/one", { ":db/unique": ":db.unique/identity", ":db/index": true });
-    await addAttr(USER.name, ":db.type/string", ":db.cardinality/one");
-    // Make email an identity attribute so we can upsert users by email
-    await addAttr(USER.email, ":db.type/string", ":db.cardinality/one", { ":db/unique": ":db.unique/identity", ":db/index": true });
-    await addAttr(USER.emailVerified, ":db.type/instant", ":db.cardinality/one");
-    await addAttr(USER.image, ":db.type/string", ":db.cardinality/one");
-    // Account attributes
-    await addAttr(ACCOUNT.id, ":db.type/uuid", ":db.cardinality/one", { ":db/unique": ":db.unique/identity", ":db/index": true });
-    await addAttr(ACCOUNT.userId, ":db.type/uuid", ":db.cardinality/one", { ":db/index": true });
-    await addAttr(ACCOUNT.type, ":db.type/string", ":db.cardinality/one");
-    await addAttr(ACCOUNT.provider, ":db.type/string", ":db.cardinality/one", { ":db/index": true });
-    await addAttr(ACCOUNT.providerAccountId, ":db.type/string", ":db.cardinality/one", { ":db/index": true });
-    await addAttr(ACCOUNT.refreshToken, ":db.type/string", ":db.cardinality/one");
-    await addAttr(ACCOUNT.accessToken, ":db.type/string", ":db.cardinality/one");
-    await addAttr(ACCOUNT.expiresAt, ":db.type/long", ":db.cardinality/one");
-    await addAttr(ACCOUNT.tokenType, ":db.type/string", ":db.cardinality/one");
-    await addAttr(ACCOUNT.scope, ":db.type/string", ":db.cardinality/one");
-    await addAttr(ACCOUNT.idToken, ":db.type/string", ":db.cardinality/one");
-    await addAttr(ACCOUNT.sessionState, ":db.type/string", ":db.cardinality/one");
-    // Session attributes
-    await addAttr(SESSION.id, ":db.type/uuid", ":db.cardinality/one", { ":db/unique": ":db.unique/identity", ":db/index": true });
-    await addAttr(SESSION.userId, ":db.type/uuid", ":db.cardinality/one", { ":db/index": true });
-    await addAttr(SESSION.sessionToken, ":db.type/string", ":db.cardinality/one", { ":db/unique": ":db.unique/identity", ":db/index": true });
-    await addAttr(SESSION.expires, ":db.type/instant", ":db.cardinality/one");
-    // Verification token attributes
-    await addAttr(VTOKEN.id, ":db.type/uuid", ":db.cardinality/one", { ":db/unique": ":db.unique/identity", ":db/index": true });
-    await addAttr(VTOKEN.identifier, ":db.type/string", ":db.cardinality/one", { ":db/index": true });
-    await addAttr(VTOKEN.token, ":db.type/string", ":db.cardinality/one", { ":db/unique": ":db.unique/identity", ":db/index": true });
-    await addAttr(VTOKEN.expires, ":db.type/instant", ":db.cardinality/one");
-    // Install schema if there are new definitions
-    if (defs.length) {
-        try {
-            await db.transact(defs);
-        }
-        catch (e) {
-            // Schema attributes may already exist, which is fine
-        }
-    }
-}
 function toUser(m) {
     const get = (k) => m && (m[k] ?? m[`:${k}`]);
     // USER.id is ":auth.user.v1/id", so slice(1) gives "auth.user.v1/id"
-    const idKey = USER.id.slice(1); // "auth.user.v1/id"  
+    const idKey = USER.id; // "auth.user.v1/id"
     const idVal = get(idKey);
-    const id = typeof idVal === 'string' ? idVal : idVal?.value ?? String(idVal);
-    const emailVerified = get(USER.emailVerified.slice(1));
+    const id = typeof idVal === "string" ? idVal : idVal?.value ?? String(idVal);
+    const emailVerified = get(USER.emailVerified);
     return {
         id,
-        name: get(USER.name.slice(1)) || null,
-        email: get(USER.email.slice(1)) || null,
+        name: get(USER.name) || null,
+        email: get(USER.email) || null,
         emailVerified: emailVerified ? new Date(emailVerified) : null,
-        image: get(USER.image.slice(1)) || null,
+        image: get(USER.image) || null,
     };
 }
 /**
@@ -118,15 +108,44 @@ function toUser(m) {
  */
 export function AnyDBAdapter(db) {
     async function getUserByEmail(email) {
-        await ensureAuthSchema(db);
-        const q = `[:find (pull ?e [${USER.id} ${USER.name} ${USER.email} ${USER.emailVerified} ${USER.image}]) :where [?e ${USER.email} "${email}"]]`;
+        const norm = typeof email === "string" ? email.toLowerCase() : email;
+        const q = {
+            find: [
+                [
+                    sym("pull"),
+                    sym("?e"),
+                    [
+                        kw(USER.id),
+                        kw(USER.name),
+                        kw(USER.email),
+                        kw(USER.emailVerified),
+                        kw(USER.image),
+                    ],
+                ],
+            ],
+            where: [[sym("?e"), kw(USER.email), norm]],
+        };
         const res = await db.query(q);
         const rows = Array.isArray(res) ? res : [];
         return rows.length ? toUser(rows[0][0]) : null;
     }
     async function getUser(id) {
-        await ensureAuthSchema(db);
-        const q = `[:find (pull ?e [${USER.id} ${USER.name} ${USER.email} ${USER.emailVerified} ${USER.image}]) :where [?e ${USER.id} #uuid "${id}"]]`;
+        const q = {
+            find: [
+                [
+                    sym("pull"),
+                    sym("?e"),
+                    [
+                        kw(USER.id),
+                        kw(USER.name),
+                        kw(USER.email),
+                        kw(USER.emailVerified),
+                        kw(USER.image),
+                    ],
+                ],
+            ],
+            where: [[sym("?e"), kw(USER.id), uuidEdn(id)]],
+        };
         const res = await db.query(q);
         const rows = Array.isArray(res) ? res : [];
         if (!rows.length)
@@ -136,7 +155,6 @@ export function AnyDBAdapter(db) {
     return {
         // Users
         async createUser(data) {
-            await ensureAuthSchema(db);
             // Check if user already exists by email
             if (data.email) {
                 const existing = await getUserByEmail(data.email);
@@ -144,47 +162,65 @@ export function AnyDBAdapter(db) {
                     return existing;
                 }
             }
-            const id = globalThis.crypto?.randomUUID?.() || (await import("crypto")).randomUUID();
+            const id = uuidv4();
             const tx = {
-                'db/id': DatomicUtils.tempId(),
                 [USER.id]: uuidEdn(id),
                 ...(data.name ? { [USER.name]: data.name } : {}),
-                ...(data.email ? { [USER.email]: data.email } : {}),
-                ...(data.emailVerified ? { [USER.emailVerified]: data.emailVerified } : {}),
+                ...(data.email ? { [USER.email]: String(data.email).toLowerCase() } : {}),
+                ...(data.emailVerified
+                    ? { [USER.emailVerified]: data.emailVerified }
+                    : {}),
                 ...(data.image ? { [USER.image]: data.image } : {}),
             };
             await db.transact([tx]);
             return {
                 id,
                 name: data.name ?? null,
-                email: data.email ?? null,
+                email: (data.email ? String(data.email).toLowerCase() : null),
                 emailVerified: data.emailVerified ?? null,
-                image: data.image ?? null
+                image: data.image ?? null,
             };
         },
         getUser,
         getUserByEmail,
         async getUserByAccount({ provider, providerAccountId }) {
-            await ensureAuthSchema(db);
-            const q = `[:find (pull ?u [${USER.id} ${USER.name} ${USER.email} ${USER.emailVerified} ${USER.image}])
-                 :where [?a ${ACCOUNT.provider} "${provider}"]
-                        [?a ${ACCOUNT.providerAccountId} "${providerAccountId}"]
-                        [?a ${ACCOUNT.userId} ?uid]
-                        [?u ${USER.id} ?uid]]`;
+            const q = {
+                find: [
+                    [
+                        sym("pull"),
+                        sym("?u"),
+                        [
+                            kw(USER.id),
+                            kw(USER.name),
+                            kw(USER.email),
+                            kw(USER.emailVerified),
+                            kw(USER.image),
+                        ],
+                    ],
+                ],
+                where: [
+                    [sym("?a"), kw(ACCOUNT.provider), provider],
+                    [sym("?a"), kw(ACCOUNT.providerAccountId), providerAccountId],
+                    [sym("?a"), kw(ACCOUNT.userId), sym("?uid")],
+                    [sym("?u"), kw(USER.id), sym("?uid")],
+                ],
+            };
             const res = await db.query(q);
             const rows = Array.isArray(res) ? res : [];
             return rows.length ? toUser(rows[0][0]) : null;
         },
         async updateUser(data) {
-            await ensureAuthSchema(db);
             if (!data.id)
                 throw new Error("updateUser requires id");
             const tx = {
-                'db/id': DatomicUtils.tempId(),
                 [USER.id]: uuidEdn(data.id),
                 ...(data.name !== undefined ? { [USER.name]: data.name } : {}),
-                ...(data.email !== undefined ? { [USER.email]: data.email } : {}),
-                ...(data.emailVerified !== undefined ? { [USER.emailVerified]: data.emailVerified } : {}),
+                ...(data.email !== undefined
+                    ? { [USER.email]: data.email ? String(data.email).toLowerCase() : null }
+                    : {}),
+                ...(data.emailVerified !== undefined
+                    ? { [USER.emailVerified]: data.emailVerified }
+                    : {}),
                 ...(data.image !== undefined ? { [USER.image]: data.image } : {}),
             };
             await db.transact([tx]);
@@ -192,58 +228,72 @@ export function AnyDBAdapter(db) {
             return u;
         },
         async deleteUser(id) {
-            await ensureAuthSchema(db);
-            await db.transact([[":db/retractEntity", [USER.id], uuidEdn(id)]]);
+            await db.transact([[kw("db/retractEntity"), [USER.id], uuidEdn(id)]]);
             return null;
         },
         // Accounts
         async linkAccount(account) {
-            await ensureAuthSchema(db);
-            const id = globalThis.crypto?.randomUUID?.() || (await import("crypto")).randomUUID();
+            const id = uuidv4();
             const tx = {
-                'db/id': DatomicUtils.tempId(),
                 [ACCOUNT.id]: uuidEdn(id),
                 [ACCOUNT.userId]: uuidEdn(account.userId),
                 [ACCOUNT.type]: account.type,
                 [ACCOUNT.provider]: account.provider,
                 [ACCOUNT.providerAccountId]: account.providerAccountId,
-                ...(account.refresh_token ? { [ACCOUNT.refreshToken]: account.refresh_token } : {}),
-                ...(account.access_token ? { [ACCOUNT.accessToken]: account.access_token } : {}),
-                ...(account.expires_at ? { [ACCOUNT.expiresAt]: account.expires_at } : {}),
-                ...(account.token_type ? { [ACCOUNT.tokenType]: account.token_type } : {}),
+                ...(account.refresh_token
+                    ? { [ACCOUNT.refreshToken]: account.refresh_token }
+                    : {}),
+                ...(account.access_token
+                    ? { [ACCOUNT.accessToken]: account.access_token }
+                    : {}),
+                ...(account.expires_at
+                    ? { [ACCOUNT.expiresAt]: account.expires_at }
+                    : {}),
+                ...(account.token_type
+                    ? { [ACCOUNT.tokenType]: account.token_type }
+                    : {}),
                 ...(account.scope ? { [ACCOUNT.scope]: account.scope } : {}),
                 ...(account.id_token ? { [ACCOUNT.idToken]: account.id_token } : {}),
-                ...(account.session_state ? { [ACCOUNT.sessionState]: account.session_state } : {}),
+                ...(account.session_state
+                    ? { [ACCOUNT.sessionState]: account.session_state }
+                    : {}),
             };
             await db.transact([tx]);
             return account;
         },
         async unlinkAccount({ provider, providerAccountId }) {
-            await ensureAuthSchema(db);
-            const q = `[:find ?id :where [?a ${ACCOUNT.provider} "${provider}"] [?a ${ACCOUNT.providerAccountId} "${providerAccountId}"] [?a ${ACCOUNT.id} ?id]]`;
+            const q = {
+                find: [sym("?id")],
+                where: [
+                    [sym("?a"), kw(ACCOUNT.provider), provider],
+                    [sym("?a"), kw(ACCOUNT.providerAccountId), providerAccountId],
+                    [sym("?a"), kw(ACCOUNT.id), sym("?id")],
+                ],
+            };
             const res = await db.query(q);
             const id = Array.isArray(res) && res[0]?.[0];
             if (id) {
-                await db.transact([[":db/retractEntity", [ACCOUNT.id], id]]);
+                await db.transact([[kw("db/retractEntity"), [ACCOUNT.id], id]]);
             }
         },
         // Sessions
         async createSession(session) {
-            await ensureAuthSchema(db);
-            const id = globalThis.crypto?.randomUUID?.() || (await import("crypto")).randomUUID();
+            const id = uuidv4();
             let expiresDate;
-            if (session.expires instanceof Date && !isNaN(session.expires.getTime())) {
+            if (session.expires instanceof Date &&
+                !isNaN(session.expires.getTime())) {
                 expiresDate = session.expires;
             }
             else if (session.expires) {
                 const d = new Date(session.expires);
-                expiresDate = isNaN(d.getTime()) ? new Date(Date.now() + 30 * 24 * 60 * 60 * 1000) : d;
+                expiresDate = isNaN(d.getTime())
+                    ? new Date(Date.now() + 30 * 24 * 60 * 60 * 1000)
+                    : d;
             }
             else {
                 expiresDate = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000);
             }
             const tx = {
-                'db/id': DatomicUtils.tempId(),
                 [SESSION.id]: uuidEdn(id),
                 [SESSION.userId]: uuidEdn(session.userId),
                 [SESSION.sessionToken]: session.sessionToken,
@@ -253,11 +303,36 @@ export function AnyDBAdapter(db) {
             return { ...session, expires: expiresDate };
         },
         async getSessionAndUser(sessionToken) {
-            await ensureAuthSchema(db);
-            const q = `[:find (pull ?s [${SESSION.id} ${SESSION.sessionToken} ${SESSION.userId} ${SESSION.expires}]) (pull ?u [${USER.id} ${USER.name} ${USER.email} ${USER.emailVerified} ${USER.image}])
-                 :where [?s ${SESSION.sessionToken} "${sessionToken}"]
-                        [?s ${SESSION.userId} ?uid]
-                        [?u ${USER.id} ?uid]]`;
+            const q = {
+                find: [
+                    [
+                        sym("pull"),
+                        sym("?s"),
+                        [
+                            kw(SESSION.id),
+                            kw(SESSION.sessionToken),
+                            kw(SESSION.userId),
+                            kw(SESSION.expires),
+                        ],
+                    ],
+                    [
+                        sym("pull"),
+                        sym("?u"),
+                        [
+                            kw(USER.id),
+                            kw(USER.name),
+                            kw(USER.email),
+                            kw(USER.emailVerified),
+                            kw(USER.image),
+                        ],
+                    ],
+                ],
+                where: [
+                    [sym("?s"), kw(SESSION.sessionToken), sessionToken],
+                    [sym("?s"), kw(SESSION.userId), sym("?uid")],
+                    [sym("?u"), kw(USER.id), sym("?uid")],
+                ],
+            };
             const res = await db.query(q);
             const row = Array.isArray(res) ? res[0] : null;
             if (!row)
@@ -265,49 +340,62 @@ export function AnyDBAdapter(db) {
             const s = row[0];
             const u = row[1];
             const getS = (k) => s && (s[k] ?? s[`:${k}`]);
-            const expiresRaw = getS(SESSION.expires.slice(1));
+            const expiresRaw = getS(SESSION.expires);
             const expires = expiresRaw instanceof Date ? expiresRaw : new Date(expiresRaw);
             const sessionResult = {
-                sessionToken: getS(SESSION.sessionToken.slice(1)),
-                userId: (getS(SESSION.userId.slice(1))?.value ?? getS(SESSION.userId.slice(1))),
+                sessionToken: getS(SESSION.sessionToken),
+                userId: (getS(SESSION.userId)?.value ?? getS(SESSION.userId)),
                 expires,
             };
             return { session: sessionResult, user: toUser(u) };
         },
         async updateSession(partial) {
-            await ensureAuthSchema(db);
             let expiresDate;
             if (partial.expires instanceof Date) {
-                expiresDate = isNaN(partial.expires.getTime()) ? undefined : partial.expires;
+                expiresDate = isNaN(partial.expires.getTime())
+                    ? undefined
+                    : partial.expires;
             }
             else if (partial.expires) {
                 const d = new Date(partial.expires);
                 expiresDate = isNaN(d.getTime()) ? undefined : d;
             }
+            if (!partial.sessionToken) {
+                throw new Error("updateSession requires sessionToken to upsert by identity");
+            }
             const tx = {
-                'db/id': DatomicUtils.tempId(),
-                ...(partial.sessionToken ? { [SESSION.sessionToken]: partial.sessionToken } : {}),
-                ...(partial.userId ? { [SESSION.userId]: uuidEdn(partial.userId) } : {}),
+                ...(partial.sessionToken
+                    ? { [SESSION.sessionToken]: partial.sessionToken }
+                    : {}),
+                ...(partial.userId
+                    ? { [SESSION.userId]: uuidEdn(partial.userId) }
+                    : {}),
                 ...(expiresDate ? { [SESSION.expires]: expiresDate } : {}),
             };
             await db.transact([tx]);
-            return { ...partial, ...(expiresDate ? { expires: expiresDate } : {}) };
+            return {
+                ...partial,
+                ...(expiresDate ? { expires: expiresDate } : {}),
+            };
         },
         async deleteSession(sessionToken) {
-            await ensureAuthSchema(db);
-            const q = `[:find ?id :where [?s ${SESSION.sessionToken} "${sessionToken}"] [?s ${SESSION.id} ?id]]`;
+            const q = {
+                find: [sym("?id")],
+                where: [
+                    [sym("?s"), kw(SESSION.sessionToken), sessionToken],
+                    [sym("?s"), kw(SESSION.id), sym("?id")],
+                ],
+            };
             const res = await db.query(q);
             const id = Array.isArray(res) && res[0]?.[0];
             if (id) {
-                await db.transact([[":db/retractEntity", [SESSION.id], id]]);
+                await db.transact([[kw("db/retractEntity"), [SESSION.id], id]]);
             }
         },
         // Verification tokens (email sign-in, passwordless)
         async createVerificationToken(token) {
-            await ensureAuthSchema(db);
-            const id = globalThis.crypto?.randomUUID?.() || (await import("crypto")).randomUUID();
+            const id = uuidv4();
             const tx = {
-                'db/id': DatomicUtils.tempId(),
                 [VTOKEN.id]: uuidEdn(id),
                 [VTOKEN.identifier]: token.identifier,
                 [VTOKEN.token]: token.token,
@@ -317,23 +405,37 @@ export function AnyDBAdapter(db) {
             return token;
         },
         async useVerificationToken(params) {
-            await ensureAuthSchema(db);
-            const q = `[:find (pull ?e [${VTOKEN.id} ${VTOKEN.identifier} ${VTOKEN.token} ${VTOKEN.expires}])
-                 :where [?e ${VTOKEN.identifier} "${params.identifier}"]
-                        [?e ${VTOKEN.token} "${params.token}"]]`;
+            const q = {
+                find: [
+                    [
+                        sym("pull"),
+                        sym("?e"),
+                        [
+                            kw(VTOKEN.id),
+                            kw(VTOKEN.identifier),
+                            kw(VTOKEN.token),
+                            kw(VTOKEN.expires),
+                        ],
+                    ],
+                ],
+                where: [
+                    [sym("?e"), kw(VTOKEN.identifier), params.identifier],
+                    [sym("?e"), kw(VTOKEN.token), params.token],
+                ],
+            };
             const res = await db.query(q);
             const rows = Array.isArray(res) ? res : [];
             if (!rows.length)
                 return null;
             const m = rows[0][0];
             const get = (k) => m && (m[k] ?? m[`:${k}`]);
-            const entityId = get(VTOKEN.id.slice(1));
+            const entityId = get(VTOKEN.id);
             // Delete the token after using it
-            await db.transact([[":db/retractEntity", [VTOKEN.id], entityId]]);
+            await db.transact([[kw("db/retractEntity"), entityId]]);
             return {
-                identifier: get(VTOKEN.identifier.slice(1)),
-                token: get(VTOKEN.token.slice(1)),
-                expires: new Date(get(VTOKEN.expires.slice(1))),
+                identifier: get(VTOKEN.identifier),
+                token: get(VTOKEN.token),
+                expires: new Date(get(VTOKEN.expires)),
             };
         },
     };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@anysoftinc/anydb-sdk",
-  "version": "0.1.2",
+  "version": "0.4.0",
   "description": "AnyDB TypeScript SDK for querying and transacting with Datomic databases",
   "main": "dist/client.js",
   "types": "dist/client.d.ts",
@@ -22,16 +22,19 @@
     }
   },
   "scripts": {
-    "build": "tsc",
+    "build": "npm run build:cljs && tsc && node scripts/pack-cljs.js",
+    "build:cljs": "npx shadow-cljs compile datascript",
     "dev": "tsc --watch",
-    "prepublishOnly": "npm run build",
+    "dev:cljs": "npx shadow-cljs watch datascript",
+    "prepublishOnly": "npm run build:cljs && tsc && node scripts/pack-cljs.js",
     "test": "jest",
     "test:watch": "jest --watch",
     "test:coverage": "jest --coverage",
-    "clean": "rm -rf dist"
+    "clean": "rm -rf dist dist-cljs target"
   },
   "dependencies": {
-    "edn-data": "^1.1.2"
+    "edn-data": "^1.1.2",
+    "uuid": "^9.0.0"
   },
   "peerDependencies": {
     "next-auth": "^4.24.0 || ^5.0.0-beta"
@@ -46,6 +49,7 @@
     "@types/node": "^20",
     "jest": "^29.7.0",
     "next-auth": "^4.24.11",
+    "shadow-cljs": "^2.25.10",
     "ts-jest": "^29.1.4",
     "typescript": "^5"
   },