@aura-stack/auth 0.1.0-rc.7 → 0.1.0-rc.9

package/dist/cookie.cjs

@@ -1,201 +1,207 @@
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
+"use strict"
+var __defProp = Object.defineProperty
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor
+var __getOwnPropNames = Object.getOwnPropertyNames
+var __hasOwnProp = Object.prototype.hasOwnProperty
 var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
+    for (var name in all) __defProp(target, name, { get: all[name], enumerable: true })
+}
 var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+    if ((from && typeof from === "object") || typeof from === "function") {
+        for (let key of __getOwnPropNames(from))
+            if (!__hasOwnProp.call(to, key) && key !== except)
+                __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable })
+    }
+    return to
+}
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod)
 
 // src/cookie.ts
-var cookie_exports = {};
+var cookie_exports = {}
 __export(cookie_exports, {
-  COOKIE_NAME: () => COOKIE_NAME,
-  createSessionCookie: () => createSessionCookie,
-  defaultCookieConfig: () => defaultCookieConfig,
-  defaultCookieOptions: () => defaultCookieOptions,
-  defaultHostCookieConfig: () => defaultHostCookieConfig,
-  defaultSecureCookieConfig: () => defaultSecureCookieConfig,
-  defaultStandardCookieConfig: () => defaultStandardCookieConfig,
-  defineDefaultCookieOptions: () => defineDefaultCookieOptions,
-  expireCookie: () => expireCookie,
-  expiredCookieOptions: () => expiredCookieOptions,
-  getCookie: () => getCookie,
-  oauthCookie: () => oauthCookie,
-  parse: () => import_cookie2.parse,
-  secureCookieOptions: () => secureCookieOptions,
-  setCookie: () => setCookie
-});
-module.exports = __toCommonJS(cookie_exports);
-var import_cookie = require("cookie");
+    COOKIE_NAME: () => COOKIE_NAME,
+    createSessionCookie: () => createSessionCookie,
+    defaultCookieConfig: () => defaultCookieConfig,
+    defaultCookieOptions: () => defaultCookieOptions,
+    defaultHostCookieConfig: () => defaultHostCookieConfig,
+    defaultSecureCookieConfig: () => defaultSecureCookieConfig,
+    defaultStandardCookieConfig: () => defaultStandardCookieConfig,
+    defineDefaultCookieOptions: () => defineDefaultCookieOptions,
+    expireCookie: () => expireCookie,
+    expiredCookieOptions: () => expiredCookieOptions,
+    getCookie: () => getCookie,
+    oauthCookie: () => oauthCookie,
+    parse: () => import_cookie2.parse,
+    secureCookieOptions: () => secureCookieOptions,
+    setCookie: () => setCookie,
+})
+module.exports = __toCommonJS(cookie_exports)
+var import_cookie = require("cookie")
 
 // src/error.ts
 var AuthError = class extends Error {
-  constructor(type, message) {
-    super(message);
-    this.type = type;
-    this.name = "AuthError";
-  }
-};
+    constructor(type, message) {
+        super(message)
+        this.type = type
+        this.name = "AuthError"
+    }
+}
 
 // src/assert.ts
 var isRequest = (value) => {
-  return typeof Request !== "undefined" && value instanceof Request;
-};
+    return typeof Request !== "undefined" && value instanceof Request
+}
 
 // src/cookie.ts
-var import_cookie2 = require("cookie");
-var COOKIE_NAME = "aura-auth";
+var import_cookie2 = require("cookie")
+var COOKIE_NAME = "aura-auth"
 var defaultCookieOptions = {
-  httpOnly: true,
-  sameSite: "lax",
-  path: "/",
-  maxAge: 60 * 60 * 24 * 15
-};
+    httpOnly: true,
+    sameSite: "lax",
+    path: "/",
+    maxAge: 60 * 60 * 24 * 15,
+}
 var defaultCookieConfig = {
-  strategy: "standard",
-  name: COOKIE_NAME,
-  options: defaultCookieOptions
-};
+    strategy: "standard",
+    name: COOKIE_NAME,
+    options: defaultCookieOptions,
+}
 var defaultStandardCookieConfig = {
-  secure: false,
-  httpOnly: true,
-  prefix: ""
-};
+    secure: false,
+    httpOnly: true,
+    prefix: "",
+}
 var defaultSecureCookieConfig = {
-  secure: true,
-  prefix: "__Secure-"
-};
+    secure: true,
+    prefix: "__Secure-",
+}
 var defaultHostCookieConfig = {
-  secure: true,
-  prefix: "__Host-",
-  path: "/",
-  domain: void 0
-};
+    secure: true,
+    prefix: "__Host-",
+    path: "/",
+    domain: void 0,
+}
 var expiredCookieOptions = {
-  ...defaultCookieOptions,
-  expires: /* @__PURE__ */ new Date(0),
-  maxAge: 0
-};
-var defineDefaultCookieOptions = (options) => {
-  return {
-    name: options?.name ?? COOKIE_NAME,
-    prefix: options?.prefix ?? (options?.secure ? "__Secure-" : ""),
     ...defaultCookieOptions,
-    ...options
-  };
-};
+    expires: /* @__PURE__ */ new Date(0),
+    maxAge: 0,
+}
+var defineDefaultCookieOptions = (options) => {
+    return {
+        name: options?.name ?? COOKIE_NAME,
+        prefix: options?.prefix ?? (options?.secure ? "__Secure-" : ""),
+        ...defaultCookieOptions,
+        ...options,
+    }
+}
 var setCookie = (cookieName, value, options) => {
-  const { prefix, name } = defineDefaultCookieOptions(options);
-  const cookieNameWithPrefix = `${prefix}${name}.${cookieName}`;
-  return (0, import_cookie.serialize)(cookieNameWithPrefix, value, {
-    ...defaultCookieOptions,
-    ...options
-  });
-};
+    const { prefix, name } = defineDefaultCookieOptions(options)
+    const cookieNameWithPrefix = `${prefix}${name}.${cookieName}`
+    return (0, import_cookie.serialize)(cookieNameWithPrefix, value, {
+        ...defaultCookieOptions,
+        ...options,
+    })
+}
 var getCookie = (petition, cookie, options, optional = false) => {
-  const cookies = isRequest(petition) ? petition.headers.get("Cookie") : petition.headers.getSetCookie().join("; ");
-  if (!cookies) {
-    if (optional) {
-      return "";
+    const cookies = isRequest(petition) ? petition.headers.get("Cookie") : petition.headers.getSetCookie().join("; ")
+    if (!cookies) {
+        if (optional) {
+            return ""
+        }
+        throw new AuthError("invalid_request", "No cookies found. There is no active session")
     }
-    throw new AuthError("invalid_request", "No cookies found. There is no active session");
-  }
-  const { name, prefix } = defineDefaultCookieOptions(options);
-  const parsedCookies = (0, import_cookie.parse)(cookies);
-  const value = parsedCookies[`${prefix}${name}.${cookie}`];
-  if (value === void 0) {
-    if (optional) {
-      return "";
+    const { name, prefix } = defineDefaultCookieOptions(options)
+    const parsedCookies = (0, import_cookie.parse)(cookies)
+    const value = parsedCookies[`${prefix}${name}.${cookie}`]
+    if (value === void 0) {
+        if (optional) {
+            return ""
+        }
+        throw new AuthError("invalid_request", `Cookie "${cookie}" not found. There is no active session`)
     }
-    throw new AuthError("invalid_request", `Cookie "${cookie}" not found. There is no active session`);
-  }
-  return value;
-};
+    return value
+}
 var createSessionCookie = async (session, cookieOptions, jose) => {
-  try {
-    const encoded = await jose.encodeJWT(session);
-    return setCookie("sessionToken", encoded, cookieOptions);
-  } catch (error) {
-    throw new AuthError("server_error", "Failed to create session cookie", { cause: error });
-  }
-};
+    try {
+        const encoded = await jose.encodeJWT(session)
+        return setCookie("sessionToken", encoded, cookieOptions)
+    } catch (error) {
+        throw new AuthError("server_error", "Failed to create session cookie", { cause: error })
+    }
+}
 var secureCookieOptions = (request, cookieOptions, trustedProxyHeaders) => {
-  const name = cookieOptions.name ?? COOKIE_NAME;
-  const isSecure = trustedProxyHeaders ? request.url.startsWith("https://") || request.headers.get("X-Forwarded-Proto") === "https" || request.headers.get("Forwarded")?.includes("proto=https") : request.url.startsWith("https://");
-  if (!cookieOptions.options?.httpOnly) {
-    console.warn(
-      "[WARNING]: Cookie is configured without HttpOnly. This allows JavaScript access via document.cookie and increases XSS risk."
-    );
-  }
-  if (cookieOptions.options?.domain === "*") {
-    console.warn("[WARNING]: Cookie 'Domain' is set to '*', which is insecure. Avoid wildcard domains.");
-  }
-  if (!isSecure) {
-    const options = cookieOptions.options;
-    if (options?.secure) {
-      console.warn(
-        "[WARNING]: The 'Secure' attribute will be disabled for this cookie. Serve over HTTPS to enforce Secure cookies."
-      );
+    const name = cookieOptions.name ?? COOKIE_NAME
+    const isSecure = trustedProxyHeaders
+        ? request.url.startsWith("https://") ||
+          request.headers.get("X-Forwarded-Proto") === "https" ||
+          request.headers.get("Forwarded")?.includes("proto=https")
+        : request.url.startsWith("https://")
+    if (!cookieOptions.options?.httpOnly) {
+        console.warn(
+            "[WARNING]: Cookie is configured without HttpOnly. This allows JavaScript access via document.cookie and increases XSS risk."
+        )
     }
-    if (options?.sameSite == "none") {
-      console.warn("[WARNING]: SameSite=None without a secure connection can be blocked by browsers.");
+    if (cookieOptions.options?.domain === "*") {
+        console.warn("[WARNING]: Cookie 'Domain' is set to '*', which is insecure. Avoid wildcard domains.")
     }
-    if (process.env.NODE_ENV === "production") {
-      console.warn("[WARNING]: In production, ensure cookies are served over HTTPS to maintain security.");
+    if (!isSecure) {
+        const options = cookieOptions.options
+        if (options?.secure) {
+            console.warn(
+                "[WARNING]: The 'Secure' attribute will be disabled for this cookie. Serve over HTTPS to enforce Secure cookies."
+            )
+        }
+        if (options?.sameSite == "none") {
+            console.warn("[WARNING]: SameSite=None without a secure connection can be blocked by browsers.")
+        }
+        if (process.env.NODE_ENV === "production") {
+            console.warn("[WARNING]: In production, ensure cookies are served over HTTPS to maintain security.")
+        }
+        return {
+            ...defaultCookieOptions,
+            ...cookieOptions.options,
+            sameSite: options?.sameSite === "none" ? "lax" : (options?.sameSite ?? "lax"),
+            ...defaultStandardCookieConfig,
+            name,
+        }
     }
-    return {
-      ...defaultCookieOptions,
-      ...cookieOptions.options,
-      sameSite: options?.sameSite === "none" ? "lax" : options?.sameSite ?? "lax",
-      ...defaultStandardCookieConfig,
-      name
-    };
-  }
-  return cookieOptions.strategy === "host" ? {
-    ...defaultCookieOptions,
-    ...cookieOptions.options,
-    ...defaultHostCookieConfig,
-    name
-  } : { ...defaultCookieOptions, ...cookieOptions.options, ...defaultSecureCookieConfig, name };
-};
+    return cookieOptions.strategy === "host"
+        ? {
+              ...defaultCookieOptions,
+              ...cookieOptions.options,
+              ...defaultHostCookieConfig,
+              name,
+          }
+        : { ...defaultCookieOptions, ...cookieOptions.options, ...defaultSecureCookieConfig, name }
+}
 var expireCookie = (name, options) => {
-  return setCookie(name, "", { ...options, ...expiredCookieOptions });
-};
+    return setCookie(name, "", { ...options, ...expiredCookieOptions })
+}
 var oauthCookie = (options) => {
-  return {
-    ...options,
-    secure: options.secure,
-    httpOnly: options.httpOnly,
-    maxAge: 5 * 60,
-    expires: new Date(Date.now() + 5 * 60 * 1e3)
-  };
-};
+    return {
+        ...options,
+        secure: options.secure,
+        httpOnly: options.httpOnly,
+        maxAge: 5 * 60,
+        expires: new Date(Date.now() + 5 * 60 * 1e3),
+    }
+}
 // Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  COOKIE_NAME,
-  createSessionCookie,
-  defaultCookieConfig,
-  defaultCookieOptions,
-  defaultHostCookieConfig,
-  defaultSecureCookieConfig,
-  defaultStandardCookieConfig,
-  defineDefaultCookieOptions,
-  expireCookie,
-  expiredCookieOptions,
-  getCookie,
-  oauthCookie,
-  parse,
-  secureCookieOptions,
-  setCookie
-});
+0 &&
+    (module.exports = {
+        COOKIE_NAME,
+        createSessionCookie,
+        defaultCookieConfig,
+        defaultCookieOptions,
+        defaultHostCookieConfig,
+        defaultSecureCookieConfig,
+        defaultStandardCookieConfig,
+        defineDefaultCookieOptions,
+        expireCookie,
+        expiredCookieOptions,
+        getCookie,
+        oauthCookie,
+        parse,
+        secureCookieOptions,
+        setCookie,
+    })

package/dist/cookie.d.ts

@@ -1,40 +1,40 @@
-import { SerializeOptions } from 'cookie';
-export { parse } from 'cookie';
-import { JWTPayload } from '@aura-stack/jose/jose';
-import { C as CookieConfig, a as CookieConfigInternal, b as CookieName, A as AuthRuntimeConfig } from './index-DpfbvTZ_.js';
-import { LiteralUnion } from './@types/utility.js';
-import 'zod/v4';
-import './schemas.js';
-import 'zod/v4/core';
+import { SerializeOptions } from "cookie"
+export { parse } from "cookie"
+import { JWTPayload } from "@aura-stack/jose/jose"
+import { C as CookieConfig, a as CookieConfigInternal, b as CookieName, A as AuthRuntimeConfig } from "./index-DpfbvTZ_.js"
+import { LiteralUnion } from "./@types/utility.js"
+import "zod/v4"
+import "./schemas.js"
+import "zod/v4/core"
 
 /**
  * Prefix for all cookies set by Aura Auth.
  */
-declare const COOKIE_NAME = "aura-auth";
+declare const COOKIE_NAME = "aura-auth"
 /**
  * Default cookie options used by Aura Auth.
  */
-declare const defaultCookieOptions: SerializeOptions;
+declare const defaultCookieOptions: SerializeOptions
 /**
  * Default cookie options for "standard" cookies.
  */
-declare const defaultCookieConfig: CookieConfig;
-declare const defaultStandardCookieConfig: CookieConfigInternal;
+declare const defaultCookieConfig: CookieConfig
+declare const defaultStandardCookieConfig: CookieConfigInternal
 /**
  * Default cookie options for "secure" cookies.
  * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__secure-prefix
  */
-declare const defaultSecureCookieConfig: CookieConfigInternal;
+declare const defaultSecureCookieConfig: CookieConfigInternal
 /**
  * Default cookie options for "host" cookies.
  * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__host-prefix
  */
-declare const defaultHostCookieConfig: CookieConfigInternal;
+declare const defaultHostCookieConfig: CookieConfigInternal
 /**
  * Cookie options for expired cookies.
  */
-declare const expiredCookieOptions: SerializeOptions;
-declare const defineDefaultCookieOptions: (options?: CookieConfigInternal) => CookieConfigInternal;
+declare const expiredCookieOptions: SerializeOptions
+declare const defineDefaultCookieOptions: (options?: CookieConfigInternal) => CookieConfigInternal
 /**
  * Set a cookie with the given name, value and `CookieOptionsInternal`; supports secure
  * cookies with the `__Secure-` and `__Host-` prefixes.
@@ -42,7 +42,7 @@ declare const defineDefaultCookieOptions: (options?: CookieConfigInternal) => Co
  * Cookie attributes are serialized in the following order:
  * Expires, Max-Age, Domain, Path, Secure, HttpOnly, SameSite, Partitioned, Priority.
  */
-declare const setCookie: (cookieName: LiteralUnion<CookieName>, value: string, options?: CookieConfigInternal) => string;
+declare const setCookie: (cookieName: LiteralUnion<CookieName>, value: string, options?: CookieConfigInternal) => string
 /**
  * Get a cookie by name from the request.
  *
@@ -52,7 +52,12 @@ declare const setCookie: (cookieName: LiteralUnion<CookieName>, value: string, o
  * @param optional If true, returns an empty string instead of throwing an error when the cookie is not found
  * @returns The value of the cookie or undefined if not found
  */
-declare const getCookie: (petition: Request | Response, cookie: LiteralUnion<CookieName>, options?: CookieConfigInternal, optional?: boolean) => string;
+declare const getCookie: (
+    petition: Request | Response,
+    cookie: LiteralUnion<CookieName>,
+    options?: CookieConfigInternal,
+    optional?: boolean
+) => string
 /**
  * Create a session cookie containing a signed and encrypted JWT, using the
  * `@aura-stack/jose` package for the encoding.
@@ -60,7 +65,11 @@ declare const getCookie: (petition: Request | Response, cookie: LiteralUnion<Coo
  * @param session - The JWT payload to be encoded in the session cookie
  * @returns The serialized session cookie string
  */
-declare const createSessionCookie: (session: JWTPayload, cookieOptions: CookieConfigInternal, jose: AuthRuntimeConfig["jose"]) => Promise<string>;
+declare const createSessionCookie: (
+    session: JWTPayload,
+    cookieOptions: CookieConfigInternal,
+    jose: AuthRuntimeConfig["jose"]
+) => Promise<string>
 /**
  * Defines the cookie configuration based on the request security and cookie options passed
  * in the Aura Auth configuration (`createAuth` function). This function ensures the correct
@@ -73,7 +82,11 @@ declare const createSessionCookie: (session: JWTPayload, cookieOptions: CookieCo
  * @param cookieOptions Cookie options from the Aura Auth configuration
  * @returns The finalized cookie options to be used for setting cookies
  */
-declare const secureCookieOptions: (request: Request, cookieOptions: CookieConfig, trustedProxyHeaders?: boolean) => CookieConfigInternal;
+declare const secureCookieOptions: (
+    request: Request,
+    cookieOptions: CookieConfig,
+    trustedProxyHeaders?: boolean
+) => CookieConfigInternal
 /**
  * Expire a cookie by setting its value to an empty string and applying expired cookie options.
  *
@@ -81,13 +94,28 @@ declare const secureCookieOptions: (request: Request, cookieOptions: CookieConfi
  * @param options cookie options obtained from secureCookieOptions
  * @returns formatted cookie options for an expired cookie
  */
-declare const expireCookie: (name: LiteralUnion<CookieName>, options: CookieConfigInternal) => string;
+declare const expireCookie: (name: LiteralUnion<CookieName>, options: CookieConfigInternal) => string
 /**
  * Set OAuth-specific cookie options, including a short maxAge of 5 minutes.
  *
  * @param options cookie options obtained from secureCookieOptions
  * @returns formatted cookie options for OAuth cookies
  */
-declare const oauthCookie: (options: CookieConfigInternal) => CookieConfigInternal;
+declare const oauthCookie: (options: CookieConfigInternal) => CookieConfigInternal
 
-export { COOKIE_NAME, createSessionCookie, defaultCookieConfig, defaultCookieOptions, defaultHostCookieConfig, defaultSecureCookieConfig, defaultStandardCookieConfig, defineDefaultCookieOptions, expireCookie, expiredCookieOptions, getCookie, oauthCookie, secureCookieOptions, setCookie };
+export {
+    COOKIE_NAME,
+    createSessionCookie,
+    defaultCookieConfig,
+    defaultCookieOptions,
+    defaultHostCookieConfig,
+    defaultSecureCookieConfig,
+    defaultStandardCookieConfig,
+    defineDefaultCookieOptions,
+    expireCookie,
+    expiredCookieOptions,
+    getCookie,
+    oauthCookie,
+    secureCookieOptions,
+    setCookie,
+}

package/dist/cookie.js

@@ -1,36 +1,36 @@
 import {
-  COOKIE_NAME,
-  createSessionCookie,
-  defaultCookieConfig,
-  defaultCookieOptions,
-  defaultHostCookieConfig,
-  defaultSecureCookieConfig,
-  defaultStandardCookieConfig,
-  defineDefaultCookieOptions,
-  expireCookie,
-  expiredCookieOptions,
-  getCookie,
-  oauthCookie,
-  parse,
-  secureCookieOptions,
-  setCookie
-} from "./chunk-ZV4BH47P.js";
-import "./chunk-6SM22VVJ.js";
-import "./chunk-FJUDBLCP.js";
+    COOKIE_NAME,
+    createSessionCookie,
+    defaultCookieConfig,
+    defaultCookieOptions,
+    defaultHostCookieConfig,
+    defaultSecureCookieConfig,
+    defaultStandardCookieConfig,
+    defineDefaultCookieOptions,
+    expireCookie,
+    expiredCookieOptions,
+    getCookie,
+    oauthCookie,
+    parse,
+    secureCookieOptions,
+    setCookie,
+} from "./chunk-ZV4BH47P.js"
+import "./chunk-6SM22VVJ.js"
+import "./chunk-FJUDBLCP.js"
 export {
-  COOKIE_NAME,
-  createSessionCookie,
-  defaultCookieConfig,
-  defaultCookieOptions,
-  defaultHostCookieConfig,
-  defaultSecureCookieConfig,
-  defaultStandardCookieConfig,
-  defineDefaultCookieOptions,
-  expireCookie,
-  expiredCookieOptions,
-  getCookie,
-  oauthCookie,
-  parse,
-  secureCookieOptions,
-  setCookie
-};
+    COOKIE_NAME,
+    createSessionCookie,
+    defaultCookieConfig,
+    defaultCookieOptions,
+    defaultHostCookieConfig,
+    defaultSecureCookieConfig,
+    defaultStandardCookieConfig,
+    defineDefaultCookieOptions,
+    expireCookie,
+    expiredCookieOptions,
+    getCookie,
+    oauthCookie,
+    parse,
+    secureCookieOptions,
+    setCookie,
+}