@arikajs/session 0.0.5

package/README.md

@@ -0,0 +1,429 @@
+## Arika Session
+
+`@arikajs/session` provides a powerful, secure, and driver-based session management system for the ArikaJS framework.
+
+It answers one critical question: **"How do we persist user state across requests?"**
+
+```ts
+req.session.set('user_id', 42);
+req.session.get('user_id'); // 42
+```
+
+---
+
+### Status
+
+- **Stage**: Experimental / v0.x
+- **Scope**:
+  - Driver-based session storage (file, memory, redis, database)
+  - Flash session data (one-request messages)
+  - Cookie-based session identifiers
+  - Automatic session lifecycle middleware
+  - Session regeneration for security
+  - Lazy session loading
+  - Write optimization
+  - Session locking for concurrency protection
+
+- **Design**:
+  - Framework-agnostic session manager
+  - Pluggable storage drivers
+  - Middleware-driven lifecycle
+  - Config-driven architecture
+  - Environment variable support
+
+---
+
+## ✨ Purpose
+
+HTTP is stateless by design.
+Sessions provide a mechanism to persist data across requests.
+
+Typical use cases include:
+- Authentication state
+- Flash messages
+- Shopping carts
+- CSRF tokens
+- Multi-step forms
+- User preferences
+
+`@arikajs/session` provides a centralized and scalable session system for modern Node.js applications.
+
+---
+
+## 🚀 Features
+
+- **Driver-based storage** — Switch between file, memory, Redis, or database drivers.
+- **Flash session support** — Store temporary messages for the next request.
+- **Automatic middleware lifecycle** — Sessions start and persist automatically.
+- **Cookie-based session IDs** — Lightweight and secure.
+- **Session locking** — Prevent race conditions in concurrent requests.
+- **Lazy session loading** — Sessions load only when accessed.
+- **Write optimization** — Avoid unnecessary storage writes.
+- **Session regeneration** — Protect against session fixation attacks.
+- **Environment configuration** — Configure using `.env`.
+
+---
+
+## 📦 Installation
+
+```bash
+npm install @arikajs/session
+```
+
+---
+
+## 🧠 Core Concepts
+
+### 1️⃣ Sessions
+
+A session is a key-value store associated with a user request.
+
+```ts
+req.session.set('name', 'Prakash');
+req.session.set('role', 'admin');
+
+req.session.get('name'); // "Prakash"
+```
+
+Session data persists between requests using a session ID stored in cookies.
+
+### 2️⃣ Flash Data
+
+Flash data exists for one request only.
+Commonly used for UI notifications such as login success messages.
+
+```ts
+req.session.flash('success', 'Login successful');
+```
+
+Next request:
+```ts
+req.session.get('success'); // "Login successful"
+```
+After the response completes, the flash data is automatically removed.
+
+### 3️⃣ Session Regeneration
+
+Session IDs should be regenerated after authentication.
+
+```ts
+await req.session.regenerate();
+```
+This prevents session fixation attacks.
+
+---
+
+## ⚙️ Configuration
+
+Sessions are configured via `config/session.ts`.
+
+```ts
+export default {
+  driver: process.env.SESSION_DRIVER || 'file',
+  lifetime: Number(process.env.SESSION_LIFETIME) || 120,
+  cookie: process.env.SESSION_COOKIE || 'arika_session',
+  path: process.env.SESSION_PATH || './storage/sessions',
+  secure: false,
+  httpOnly: true,
+  locking: true,
+  lockTimeout: 10
+};
+```
+
+### Environment Variables
+
+```env
+SESSION_DRIVER=file
+SESSION_LIFETIME=120
+SESSION_COOKIE=arika_session
+SESSION_PATH=./storage/sessions
+SESSION_LOCKING=true
+```
+
+---
+
+## 🧩 Middleware Support
+
+Sessions are automatically initialized via middleware.
+
+```ts
+import { StartSession } from '@arikajs/session';
+
+app.use(StartSession);
+```
+
+The middleware:
+1. Reads session ID from cookies
+2. Loads session data from the configured driver
+3. Attaches session to the request
+4. Persists changes after response
+
+---
+
+## 🗂 Session API
+
+**Set Value**
+```ts
+req.session.set('cart_items', 3);
+```
+
+**Get Value**
+```ts
+req.session.get('cart_items');
+```
+
+**Check Existence**
+```ts
+req.session.has('cart_items');
+```
+
+**Remove Value**
+```ts
+req.session.forget('cart_items');
+```
+
+**Destroy Session**
+```ts
+await req.session.destroy();
+```
+
+---
+
+## 💾 Storage Drivers
+
+`@arikajs/session` supports multiple storage drivers.
+
+| Driver | Description |
+| :--- | :--- |
+| `memory` | In-memory storage (development only) |
+| `file` | Filesystem-based sessions |
+| `redis` | Redis distributed session storage |
+| `database` | SQL-based session storage |
+
+Example configuration:
+```ts
+export default {
+  driver: 'redis'
+}
+```
+
+Drivers implement a common interface:
+```ts
+interface SessionDriver {
+  load(sessionId: string): Promise<any>;
+  save(sessionId: string, data: any): Promise<void>;
+  destroy(sessionId: string): Promise<void>;
+}
+```
+
+---
+
+## 🔐 Session Locking (Concurrency Protection)
+
+Modern applications may issue multiple concurrent requests from the same user.
+
+Example:
+```text
+Browser
+ ├─ Request A → update-profile
+ └─ Request B → add-to-cart
+```
+Without protection, both requests may overwrite session data.
+
+Session locking ensures:
+1. Request A → acquires lock
+2. Request B → waits
+3. Request A → releases lock
+4. Request B → proceeds
+
+Configuration:
+```ts
+export default {
+  locking: true,
+  lockTimeout: 10
+}
+```
+
+Recommended drivers:
+
+| Driver | Locking Support |
+| :--- | :--- |
+| Redis | Excellent |
+| Database | Good |
+| File | Basic |
+| Memory | Not recommended |
+
+---
+
+## ⚡ Lazy Session Loading
+
+Sessions load only when accessed.
+
+Example:
+```ts
+GET /health → session NOT loaded
+GET /dashboard → session loaded
+req.session.get('user_id');
+```
+
+Benefits:
+- Reduced I/O
+- Faster responses
+- Lower memory usage
+
+---
+
+## 🧾 Write Optimization
+
+Session storage writes occur only when data changes.
+
+Example:
+```text
+Request → session accessed
+        → no changes
+        → skip write
+```
+
+But when modified:
+```ts
+req.session.set('cart', items)
+```
+Then storage write occurs.
+
+Benefits:
+- Reduced Redis calls
+- Reduced disk writes
+- Better scalability
+
+---
+
+## 🧠 Automatic Garbage Collection
+
+Expired sessions must be periodically cleaned.
+
+Example strategies:
+
+| Driver | Cleanup |
+| :--- | :--- |
+| File | Directory cleanup |
+| Redis | Native TTL |
+| Database | Scheduled cleanup |
+
+Configuration:
+```ts
+export default {
+  gcProbability: 0.01
+}
+```
+Meaning 1% of requests trigger cleanup.
+
+---
+
+## 🔁 Session ID Rotation
+
+Session IDs can be rotated for additional security.
+
+```ts
+await req.session.regenerate();
+```
+
+Use cases:
+- After login
+- After role escalation
+- After sensitive actions
+
+---
+
+## 🧩 Custom Drivers
+
+Developers can implement custom session drivers.
+
+```ts
+class MongoSessionDriver {
+  async load(id) { }
+  async save(id, data) { }
+  async destroy(id) { }
+}
+```
+
+Register driver:
+```ts
+SessionManager.extend('mongo', () => new MongoSessionDriver());
+```
+
+---
+
+## ⚡ Performance
+
+`@arikajs/session` is optimized for high-throughput applications.
+
+- Lazy session loading
+- Mutation-based writes
+- Efficient cookie parsing
+- Driver abstraction
+- Request lifecycle integration
+
+---
+
+## 🏗 Architecture
+
+```text
+session/
+├── src/
+│   ├── Contracts
+│   │   └── SessionDriver.ts
+│   ├── Drivers
+│   │   ├── FileDriver.ts
+│   │   ├── MemoryDriver.ts
+│   │   ├── RedisDriver.ts
+│   │   └── DatabaseDriver.ts
+│   ├── Middleware
+│   │   └── StartSession.ts
+│   ├── Session.ts
+│   ├── SessionManager.ts
+│   ├── CookieSessionId.ts
+│   ├── index.ts
+│   └── utils.ts
+├── tests/
+├── package.json
+├── tsconfig.json
+└── README.md
+```
+
+---
+
+## 🔌 Integration with ArikaJS
+
+| Package | Responsibility |
+| :--- | :--- |
+| `@arikajs/http` | Request & response lifecycle |
+| `@arikajs/router` | Route matching |
+| `@arikajs/session` | Session state management |
+| `@arikajs/auth` | Authentication |
+| `@arikajs/authorization` | Access control |
+
+---
+
+## 📌 Design Philosophy
+
+- **Stateless by default** — Sessions only when needed.
+- **Driver abstraction** — Swap storage without changing code.
+- **Security-first** — Built-in protection against fixation attacks.
+- **Performance-focused** — Lazy loading and write optimization.
+- **Framework-aligned** — Works seamlessly with ArikaJS middleware lifecycle.
+
+> "Sessions maintain continuity in a stateless world."
+
+---
+
+## 🔄 Versioning & Stability
+
+- Current version: **v0.x** (Experimental)
+- APIs may change until **v1.0**
+- Semantic versioning will be adopted after stabilization.
+
+---
+
+## 📜 License
+
+`@arikajs/session` is open-sourced software licensed under the **MIT License**.

package/dist/Contracts/SessionDriver.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Session driver contract.
+ * All session storage backends must implement this interface.
+ */
+export interface SessionDriver {
+    /**
+     * Read session data by session ID. Returns null if not found or expired.
+     */
+    load(sessionId: string): Promise<Record<string, any> | null>;
+    /**
+     * Persist session data with a TTL in seconds.
+     */
+    save(sessionId: string, data: Record<string, any>, ttlSeconds: number): Promise<void>;
+    /**
+     * Delete a session by ID.
+     */
+    destroy(sessionId: string): Promise<void>;
+    /**
+     * Run garbage collection to delete expired sessions.
+     * @param probability 0.0 – 1.0 likelihood of running GC on this call
+     */
+    gc(maxLifetimeSeconds: number): Promise<void>;
+    /**
+     * Optional: Acquire a lock for this session (for concurrency protection).
+     * Should return true if lock was acquired, false otherwise.
+     */
+    acquireLock?(sessionId: string, timeoutSeconds: number): Promise<boolean>;
+    /**
+     * Optional: Release a previously acquired session lock.
+     */
+    releaseLock?(sessionId: string): Promise<void>;
+}
+//# sourceMappingURL=SessionDriver.d.ts.map

package/dist/Contracts/SessionDriver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SessionDriver.d.ts","sourceRoot":"","sources":["../../src/Contracts/SessionDriver.ts"],"names":[],"mappings":"AACA;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC1B;;OAEG;IACH,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;IAE7D;;OAEG;IACH,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtF;;OAEG;IACH,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE1C;;;OAGG;IACH,EAAE,CAAC,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9C;;;OAGG;IACH,WAAW,CAAC,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAE1E;;OAEG;IACH,WAAW,CAAC,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAClD"}

package/dist/Contracts/SessionDriver.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=SessionDriver.js.map

package/dist/Contracts/SessionDriver.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SessionDriver.js","sourceRoot":"","sources":["../../src/Contracts/SessionDriver.ts"],"names":[],"mappings":""}

package/dist/CookieSessionId.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Handles reading and writing the session ID cookie.
+ */
+export declare class CookieSessionId {
+    private readonly cookieName;
+    private readonly secret;
+    constructor(cookieName: string, secret: string);
+    /**
+     * Generate a cryptographically random session ID.
+     */
+    generate(): string;
+    /**
+     * Read the session ID from incoming cookie headers.
+     * Returns null if not found or signature is invalid.
+     */
+    read(cookieHeader: string): string | null;
+    /**
+     * Produce a Set-Cookie header value for the session ID.
+     */
+    write(sessionId: string, options: {
+        lifetime: number;
+        path: string;
+        secure: boolean;
+        httpOnly: boolean;
+        sameSite: string;
+    }): string;
+    /**
+     * Produce a Set-Cookie header that clears the session cookie.
+     */
+    clear(path?: string): string;
+    private sign;
+    private verify;
+    private parseCookies;
+}
+//# sourceMappingURL=CookieSessionId.d.ts.map

package/dist/CookieSessionId.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CookieSessionId.d.ts","sourceRoot":"","sources":["../src/CookieSessionId.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,qBAAa,eAAe;IAEpB,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,MAAM;gBADN,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,MAAM;IAGnC;;OAEG;IACI,QAAQ,IAAI,MAAM;IAIzB;;;OAGG;IACI,IAAI,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAOhD;;OAEG;IACI,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE;QACrC,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,OAAO,CAAC;QAChB,QAAQ,EAAE,OAAO,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KACpB,GAAG,MAAM;IAaV;;OAEG;IACI,KAAK,CAAC,IAAI,GAAE,MAAY,GAAG,MAAM;IAIxC,OAAO,CAAC,IAAI;IAKZ,OAAO,CAAC,MAAM;IAgBd,OAAO,CAAC,YAAY;CAYvB"}

package/dist/CookieSessionId.js

@@ -0,0 +1,129 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CookieSessionId = void 0;
+const crypto = __importStar(require("node:crypto"));
+const SESSION_ID_LENGTH = 40; // 40 hex chars = 20 bytes of entropy
+/**
+ * Handles reading and writing the session ID cookie.
+ */
+class CookieSessionId {
+    constructor(cookieName, secret) {
+        this.cookieName = cookieName;
+        this.secret = secret;
+    }
+    /**
+     * Generate a cryptographically random session ID.
+     */
+    generate() {
+        return crypto.randomBytes(20).toString('hex');
+    }
+    /**
+     * Read the session ID from incoming cookie headers.
+     * Returns null if not found or signature is invalid.
+     */
+    read(cookieHeader) {
+        const cookies = this.parseCookies(cookieHeader);
+        const raw = cookies[this.cookieName];
+        if (!raw)
+            return null;
+        return this.verify(raw);
+    }
+    /**
+     * Produce a Set-Cookie header value for the session ID.
+     */
+    write(sessionId, options) {
+        const signed = this.sign(sessionId);
+        const parts = [
+            `${this.cookieName}=${encodeURIComponent(signed)}`,
+            `Path=${options.path}`,
+            `Max-Age=${options.lifetime}`,
+            `SameSite=${options.sameSite}`,
+        ];
+        if (options.httpOnly)
+            parts.push('HttpOnly');
+        if (options.secure)
+            parts.push('Secure');
+        return parts.join('; ');
+    }
+    /**
+     * Produce a Set-Cookie header that clears the session cookie.
+     */
+    clear(path = '/') {
+        return `${this.cookieName}=; Path=${path}; Max-Age=0; HttpOnly; SameSite=Lax`;
+    }
+    sign(value) {
+        const mac = crypto.createHmac('sha256', this.secret).update(value).digest('base64url');
+        return `${value}.${mac}`;
+    }
+    verify(signed) {
+        const dot = signed.lastIndexOf('.');
+        if (dot === -1)
+            return null;
+        const value = signed.slice(0, dot);
+        const mac = signed.slice(dot + 1);
+        const expected = crypto.createHmac('sha256', this.secret).update(value).digest('base64url');
+        try {
+            if (!crypto.timingSafeEqual(Buffer.from(mac, 'utf8'), Buffer.from(expected, 'utf8'))) {
+                return null;
+            }
+        }
+        catch {
+            return null;
+        }
+        return value;
+    }
+    parseCookies(header) {
+        const result = {};
+        if (!header)
+            return result;
+        for (const pair of header.split(';')) {
+            const idx = pair.indexOf('=');
+            if (idx === -1)
+                continue;
+            const key = pair.slice(0, idx).trim();
+            const val = pair.slice(idx + 1).trim();
+            try {
+                result[key] = decodeURIComponent(val);
+            }
+            catch {
+                result[key] = val;
+            }
+        }
+        return result;
+    }
+}
+exports.CookieSessionId = CookieSessionId;
+//# sourceMappingURL=CookieSessionId.js.map

package/dist/CookieSessionId.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CookieSessionId.js","sourceRoot":"","sources":["../src/CookieSessionId.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,MAAM,iBAAiB,GAAG,EAAE,CAAC,CAAC,qCAAqC;AAEnE;;GAEG;AACH,MAAa,eAAe;IACxB,YACqB,UAAkB,EAClB,MAAc;QADd,eAAU,GAAV,UAAU,CAAQ;QAClB,WAAM,GAAN,MAAM,CAAQ;IAC/B,CAAC;IAEL;;OAEG;IACI,QAAQ;QACX,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC;IAED;;;OAGG;IACI,IAAI,CAAC,YAAoB;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACtB,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAiB,EAAE,OAM/B;QACG,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,MAAM,KAAK,GAAG;YACV,GAAG,IAAI,CAAC,UAAU,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;YAClD,QAAQ,OAAO,CAAC,IAAI,EAAE;YACtB,WAAW,OAAO,CAAC,QAAQ,EAAE;YAC7B,YAAY,OAAO,CAAC,QAAQ,EAAE;SACjC,CAAC;QACF,IAAI,OAAO,CAAC,QAAQ;YAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7C,IAAI,OAAO,CAAC,MAAM;YAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACzC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,OAAe,GAAG;QAC3B,OAAO,GAAG,IAAI,CAAC,UAAU,WAAW,IAAI,qCAAqC,CAAC;IAClF,CAAC;IAEO,IAAI,CAAC,KAAa;QACtB,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QACvF,OAAO,GAAG,KAAK,IAAI,GAAG,EAAE,CAAC;IAC7B,CAAC;IAEO,MAAM,CAAC,MAAc;QACzB,MAAM,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,GAAG,KAAK,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC5B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACnC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QAClC,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC5F,IAAI,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,EAAE,CAAC;gBACnF,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IAEO,YAAY,CAAC,MAAc;QAC/B,MAAM,MAAM,GAA2B,EAAE,CAAC;QAC1C,IAAI,CAAC,MAAM;YAAE,OAAO,MAAM,CAAC;QAC3B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC9B,IAAI,GAAG,KAAK,CAAC,CAAC;gBAAE,SAAS;YACzB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACtC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACvC,IAAI,CAAC;gBAAC,MAAM,CAAC,GAAG,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC;gBAAC,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;YAAC,CAAC;QAC/E,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC;CACJ;AAtFD,0CAsFC"}

package/dist/Drivers/DatabaseDriver.d.ts

@@ -0,0 +1,19 @@
+import { SessionDriver } from '../Contracts/SessionDriver';
+/**
+ * DatabaseDriver — stores sessions using a SQL database table.
+ * Depends on the application's database instance implementing basic
+ * table(), where(), update(), insert(), and delete() methods.
+ */
+export declare class DatabaseDriver implements SessionDriver {
+    private readonly database;
+    private readonly table;
+    private readonly connection?;
+    constructor(database: any, table?: string, connection?: string | undefined);
+    load(sessionId: string): Promise<Record<string, any> | null>;
+    save(sessionId: string, data: Record<string, any>, ttlSeconds: number): Promise<void>;
+    destroy(sessionId: string): Promise<void>;
+    gc(maxLifetimeSeconds: number): Promise<void>;
+    acquireLock(sessionId: string, timeoutSeconds: number): Promise<boolean>;
+    releaseLock(sessionId: string): Promise<void>;
+}
+//# sourceMappingURL=DatabaseDriver.d.ts.map

package/dist/Drivers/DatabaseDriver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DatabaseDriver.d.ts","sourceRoot":"","sources":["../../src/Drivers/DatabaseDriver.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAE3D;;;;GAIG;AACH,qBAAa,cAAe,YAAW,aAAa;IAE5C,OAAO,CAAC,QAAQ,CAAC,QAAQ;IACzB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAFX,QAAQ,EAAE,GAAG,EACb,KAAK,GAAE,MAAmB,EAC1B,UAAU,CAAC,EAAE,MAAM,YAAA;IAG3B,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI,CAAC;IAmB5D,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoCrF,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMzC,EAAE,CAAC,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ7C,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOxE,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAG7D"}