@aura-stack/auth 0.1.0-rc.8 → 0.1.0

package/dist/cookie.cjs

@@ -1,207 +1,201 @@
-"use strict"
-var __defProp = Object.defineProperty
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor
-var __getOwnPropNames = Object.getOwnPropertyNames
-var __hasOwnProp = Object.prototype.hasOwnProperty
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
-    for (var name in all) __defProp(target, name, { get: all[name], enumerable: true })
-}
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
 var __copyProps = (to, from, except, desc) => {
-    if ((from && typeof from === "object") || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-            if (!__hasOwnProp.call(to, key) && key !== except)
-                __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable })
-    }
-    return to
-}
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod)
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/cookie.ts
-var cookie_exports = {}
+var cookie_exports = {};
 __export(cookie_exports, {
-    COOKIE_NAME: () => COOKIE_NAME,
-    createSessionCookie: () => createSessionCookie,
-    defaultCookieConfig: () => defaultCookieConfig,
-    defaultCookieOptions: () => defaultCookieOptions,
-    defaultHostCookieConfig: () => defaultHostCookieConfig,
-    defaultSecureCookieConfig: () => defaultSecureCookieConfig,
-    defaultStandardCookieConfig: () => defaultStandardCookieConfig,
-    defineDefaultCookieOptions: () => defineDefaultCookieOptions,
-    expireCookie: () => expireCookie,
-    expiredCookieOptions: () => expiredCookieOptions,
-    getCookie: () => getCookie,
-    oauthCookie: () => oauthCookie,
-    parse: () => import_cookie2.parse,
-    secureCookieOptions: () => secureCookieOptions,
-    setCookie: () => setCookie,
-})
-module.exports = __toCommonJS(cookie_exports)
-var import_cookie = require("cookie")
+  COOKIE_NAME: () => COOKIE_NAME,
+  createSessionCookie: () => createSessionCookie,
+  defaultCookieConfig: () => defaultCookieConfig,
+  defaultCookieOptions: () => defaultCookieOptions,
+  defaultHostCookieConfig: () => defaultHostCookieConfig,
+  defaultSecureCookieConfig: () => defaultSecureCookieConfig,
+  defaultStandardCookieConfig: () => defaultStandardCookieConfig,
+  defineDefaultCookieOptions: () => defineDefaultCookieOptions,
+  expireCookie: () => expireCookie,
+  expiredCookieOptions: () => expiredCookieOptions,
+  getCookie: () => getCookie,
+  oauthCookie: () => oauthCookie,
+  parse: () => import_cookie2.parse,
+  secureCookieOptions: () => secureCookieOptions,
+  setCookie: () => setCookie
+});
+module.exports = __toCommonJS(cookie_exports);
+var import_cookie = require("cookie");
 
 // src/error.ts
 var AuthError = class extends Error {
-    constructor(type, message) {
-        super(message)
-        this.type = type
-        this.name = "AuthError"
-    }
-}
+  constructor(type, message) {
+    super(message);
+    this.type = type;
+    this.name = "AuthError";
+  }
+};
 
 // src/assert.ts
 var isRequest = (value) => {
-    return typeof Request !== "undefined" && value instanceof Request
-}
+  return typeof Request !== "undefined" && value instanceof Request;
+};
 
 // src/cookie.ts
-var import_cookie2 = require("cookie")
-var COOKIE_NAME = "aura-auth"
+var import_cookie2 = require("cookie");
+var COOKIE_NAME = "aura-auth";
 var defaultCookieOptions = {
-    httpOnly: true,
-    sameSite: "lax",
-    path: "/",
-    maxAge: 60 * 60 * 24 * 15,
-}
+  httpOnly: true,
+  sameSite: "lax",
+  path: "/",
+  maxAge: 60 * 60 * 24 * 15
+};
 var defaultCookieConfig = {
-    strategy: "standard",
-    name: COOKIE_NAME,
-    options: defaultCookieOptions,
-}
+  strategy: "standard",
+  name: COOKIE_NAME,
+  options: defaultCookieOptions
+};
 var defaultStandardCookieConfig = {
-    secure: false,
-    httpOnly: true,
-    prefix: "",
-}
+  secure: false,
+  httpOnly: true,
+  prefix: ""
+};
 var defaultSecureCookieConfig = {
-    secure: true,
-    prefix: "__Secure-",
-}
+  secure: true,
+  prefix: "__Secure-"
+};
 var defaultHostCookieConfig = {
-    secure: true,
-    prefix: "__Host-",
-    path: "/",
-    domain: void 0,
-}
+  secure: true,
+  prefix: "__Host-",
+  path: "/",
+  domain: void 0
+};
 var expiredCookieOptions = {
-    ...defaultCookieOptions,
-    expires: /* @__PURE__ */ new Date(0),
-    maxAge: 0,
-}
+  ...defaultCookieOptions,
+  expires: /* @__PURE__ */ new Date(0),
+  maxAge: 0
+};
 var defineDefaultCookieOptions = (options) => {
-    return {
-        name: options?.name ?? COOKIE_NAME,
-        prefix: options?.prefix ?? (options?.secure ? "__Secure-" : ""),
-        ...defaultCookieOptions,
-        ...options,
-    }
-}
+  return {
+    name: options?.name ?? COOKIE_NAME,
+    prefix: options?.prefix ?? (options?.secure ? "__Secure-" : ""),
+    ...defaultCookieOptions,
+    ...options
+  };
+};
 var setCookie = (cookieName, value, options) => {
-    const { prefix, name } = defineDefaultCookieOptions(options)
-    const cookieNameWithPrefix = `${prefix}${name}.${cookieName}`
-    return (0, import_cookie.serialize)(cookieNameWithPrefix, value, {
-        ...defaultCookieOptions,
-        ...options,
-    })
-}
+  const { prefix, name } = defineDefaultCookieOptions(options);
+  const cookieNameWithPrefix = `${prefix}${name}.${cookieName}`;
+  return (0, import_cookie.serialize)(cookieNameWithPrefix, value, {
+    ...defaultCookieOptions,
+    ...options
+  });
+};
 var getCookie = (petition, cookie, options, optional = false) => {
-    const cookies = isRequest(petition) ? petition.headers.get("Cookie") : petition.headers.getSetCookie().join("; ")
-    if (!cookies) {
-        if (optional) {
-            return ""
-        }
-        throw new AuthError("invalid_request", "No cookies found. There is no active session")
+  const cookies = isRequest(petition) ? petition.headers.get("Cookie") : petition.headers.getSetCookie().join("; ");
+  if (!cookies) {
+    if (optional) {
+      return "";
     }
-    const { name, prefix } = defineDefaultCookieOptions(options)
-    const parsedCookies = (0, import_cookie.parse)(cookies)
-    const value = parsedCookies[`${prefix}${name}.${cookie}`]
-    if (value === void 0) {
-        if (optional) {
-            return ""
-        }
-        throw new AuthError("invalid_request", `Cookie "${cookie}" not found. There is no active session`)
+    throw new AuthError("invalid_request", "No cookies found. There is no active session");
+  }
+  const { name, prefix } = defineDefaultCookieOptions(options);
+  const parsedCookies = (0, import_cookie.parse)(cookies);
+  const value = parsedCookies[`${prefix}${name}.${cookie}`];
+  if (value === void 0) {
+    if (optional) {
+      return "";
     }
-    return value
-}
+    throw new AuthError("invalid_request", `Cookie "${cookie}" not found. There is no active session`);
+  }
+  return value;
+};
 var createSessionCookie = async (session, cookieOptions, jose) => {
-    try {
-        const encoded = await jose.encodeJWT(session)
-        return setCookie("sessionToken", encoded, cookieOptions)
-    } catch (error) {
-        throw new AuthError("server_error", "Failed to create session cookie", { cause: error })
-    }
-}
+  try {
+    const encoded = await jose.encodeJWT(session);
+    return setCookie("sessionToken", encoded, cookieOptions);
+  } catch (error) {
+    throw new AuthError("server_error", "Failed to create session cookie", { cause: error });
+  }
+};
 var secureCookieOptions = (request, cookieOptions, trustedProxyHeaders) => {
-    const name = cookieOptions.name ?? COOKIE_NAME
-    const isSecure = trustedProxyHeaders
-        ? request.url.startsWith("https://") ||
-          request.headers.get("X-Forwarded-Proto") === "https" ||
-          request.headers.get("Forwarded")?.includes("proto=https")
-        : request.url.startsWith("https://")
-    if (!cookieOptions.options?.httpOnly) {
-        console.warn(
-            "[WARNING]: Cookie is configured without HttpOnly. This allows JavaScript access via document.cookie and increases XSS risk."
-        )
+  const name = cookieOptions.name ?? COOKIE_NAME;
+  const isSecure = trustedProxyHeaders ? request.url.startsWith("https://") || request.headers.get("X-Forwarded-Proto") === "https" || request.headers.get("Forwarded")?.includes("proto=https") : request.url.startsWith("https://");
+  if (!cookieOptions.options?.httpOnly) {
+    console.warn(
+      "[WARNING]: Cookie is configured without HttpOnly. This allows JavaScript access via document.cookie and increases XSS risk."
+    );
+  }
+  if (cookieOptions.options?.domain === "*") {
+    console.warn("[WARNING]: Cookie 'Domain' is set to '*', which is insecure. Avoid wildcard domains.");
+  }
+  if (!isSecure) {
+    const options = cookieOptions.options;
+    if (options?.secure) {
+      console.warn(
+        "[WARNING]: The 'Secure' attribute will be disabled for this cookie. Serve over HTTPS to enforce Secure cookies."
+      );
     }
-    if (cookieOptions.options?.domain === "*") {
-        console.warn("[WARNING]: Cookie 'Domain' is set to '*', which is insecure. Avoid wildcard domains.")
+    if (options?.sameSite == "none") {
+      console.warn("[WARNING]: SameSite=None without a secure connection can be blocked by browsers.");
     }
-    if (!isSecure) {
-        const options = cookieOptions.options
-        if (options?.secure) {
-            console.warn(
-                "[WARNING]: The 'Secure' attribute will be disabled for this cookie. Serve over HTTPS to enforce Secure cookies."
-            )
-        }
-        if (options?.sameSite == "none") {
-            console.warn("[WARNING]: SameSite=None without a secure connection can be blocked by browsers.")
-        }
-        if (process.env.NODE_ENV === "production") {
-            console.warn("[WARNING]: In production, ensure cookies are served over HTTPS to maintain security.")
-        }
-        return {
-            ...defaultCookieOptions,
-            ...cookieOptions.options,
-            sameSite: options?.sameSite === "none" ? "lax" : (options?.sameSite ?? "lax"),
-            ...defaultStandardCookieConfig,
-            name,
-        }
+    if (process.env.NODE_ENV === "production") {
+      console.warn("[WARNING]: In production, ensure cookies are served over HTTPS to maintain security.");
     }
-    return cookieOptions.strategy === "host"
-        ? {
-              ...defaultCookieOptions,
-              ...cookieOptions.options,
-              ...defaultHostCookieConfig,
-              name,
-          }
-        : { ...defaultCookieOptions, ...cookieOptions.options, ...defaultSecureCookieConfig, name }
-}
+    return {
+      ...defaultCookieOptions,
+      ...cookieOptions.options,
+      sameSite: options?.sameSite === "none" ? "lax" : options?.sameSite ?? "lax",
+      ...defaultStandardCookieConfig,
+      name
+    };
+  }
+  return cookieOptions.strategy === "host" ? {
+    ...defaultCookieOptions,
+    ...cookieOptions.options,
+    ...defaultHostCookieConfig,
+    name
+  } : { ...defaultCookieOptions, ...cookieOptions.options, ...defaultSecureCookieConfig, name };
+};
 var expireCookie = (name, options) => {
-    return setCookie(name, "", { ...options, ...expiredCookieOptions })
-}
+  return setCookie(name, "", { ...options, ...expiredCookieOptions });
+};
 var oauthCookie = (options) => {
-    return {
-        ...options,
-        secure: options.secure,
-        httpOnly: options.httpOnly,
-        maxAge: 5 * 60,
-        expires: new Date(Date.now() + 5 * 60 * 1e3),
-    }
-}
+  return {
+    ...options,
+    secure: options.secure,
+    httpOnly: options.httpOnly,
+    maxAge: 5 * 60,
+    expires: new Date(Date.now() + 5 * 60 * 1e3)
+  };
+};
 // Annotate the CommonJS export names for ESM import in node:
-0 &&
-    (module.exports = {
-        COOKIE_NAME,
-        createSessionCookie,
-        defaultCookieConfig,
-        defaultCookieOptions,
-        defaultHostCookieConfig,
-        defaultSecureCookieConfig,
-        defaultStandardCookieConfig,
-        defineDefaultCookieOptions,
-        expireCookie,
-        expiredCookieOptions,
-        getCookie,
-        oauthCookie,
-        parse,
-        secureCookieOptions,
-        setCookie,
-    })
+0 && (module.exports = {
+  COOKIE_NAME,
+  createSessionCookie,
+  defaultCookieConfig,
+  defaultCookieOptions,
+  defaultHostCookieConfig,
+  defaultSecureCookieConfig,
+  defaultStandardCookieConfig,
+  defineDefaultCookieOptions,
+  expireCookie,
+  expiredCookieOptions,
+  getCookie,
+  oauthCookie,
+  parse,
+  secureCookieOptions,
+  setCookie
+});

package/dist/cookie.d.ts

@@ -1,40 +1,40 @@
-import { SerializeOptions } from "cookie"
-export { parse } from "cookie"
-import { JWTPayload } from "@aura-stack/jose/jose"
-import { C as CookieConfig, a as CookieConfigInternal, b as CookieName, A as AuthRuntimeConfig } from "./index-DpfbvTZ_.js"
-import { LiteralUnion } from "./@types/utility.js"
-import "zod/v4"
-import "./schemas.js"
-import "zod/v4/core"
+import { SerializeOptions } from 'cookie';
+export { parse } from 'cookie';
+import { JWTPayload } from '@aura-stack/jose/jose';
+import { C as CookieConfig, a as CookieConfigInternal, b as CookieName, A as AuthRuntimeConfig } from './index-DpfbvTZ_.js';
+import { LiteralUnion } from './@types/utility.js';
+import 'zod/v4';
+import './schemas.js';
+import 'zod/v4/core';
 
 /**
  * Prefix for all cookies set by Aura Auth.
  */
-declare const COOKIE_NAME = "aura-auth"
+declare const COOKIE_NAME = "aura-auth";
 /**
  * Default cookie options used by Aura Auth.
  */
-declare const defaultCookieOptions: SerializeOptions
+declare const defaultCookieOptions: SerializeOptions;
 /**
  * Default cookie options for "standard" cookies.
  */
-declare const defaultCookieConfig: CookieConfig
-declare const defaultStandardCookieConfig: CookieConfigInternal
+declare const defaultCookieConfig: CookieConfig;
+declare const defaultStandardCookieConfig: CookieConfigInternal;
 /**
  * Default cookie options for "secure" cookies.
  * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__secure-prefix
  */
-declare const defaultSecureCookieConfig: CookieConfigInternal
+declare const defaultSecureCookieConfig: CookieConfigInternal;
 /**
  * Default cookie options for "host" cookies.
  * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__host-prefix
  */
-declare const defaultHostCookieConfig: CookieConfigInternal
+declare const defaultHostCookieConfig: CookieConfigInternal;
 /**
  * Cookie options for expired cookies.
  */
-declare const expiredCookieOptions: SerializeOptions
-declare const defineDefaultCookieOptions: (options?: CookieConfigInternal) => CookieConfigInternal
+declare const expiredCookieOptions: SerializeOptions;
+declare const defineDefaultCookieOptions: (options?: CookieConfigInternal) => CookieConfigInternal;
 /**
  * Set a cookie with the given name, value and `CookieOptionsInternal`; supports secure
  * cookies with the `__Secure-` and `__Host-` prefixes.
@@ -42,7 +42,7 @@ declare const defineDefaultCookieOptions: (options?: CookieConfigInternal) => Co
  * Cookie attributes are serialized in the following order:
  * Expires, Max-Age, Domain, Path, Secure, HttpOnly, SameSite, Partitioned, Priority.
  */
-declare const setCookie: (cookieName: LiteralUnion<CookieName>, value: string, options?: CookieConfigInternal) => string
+declare const setCookie: (cookieName: LiteralUnion<CookieName>, value: string, options?: CookieConfigInternal) => string;
 /**
  * Get a cookie by name from the request.
  *
@@ -52,12 +52,7 @@ declare const setCookie: (cookieName: LiteralUnion<CookieName>, value: string, o
  * @param optional If true, returns an empty string instead of throwing an error when the cookie is not found
  * @returns The value of the cookie or undefined if not found
  */
-declare const getCookie: (
-    petition: Request | Response,
-    cookie: LiteralUnion<CookieName>,
-    options?: CookieConfigInternal,
-    optional?: boolean
-) => string
+declare const getCookie: (petition: Request | Response, cookie: LiteralUnion<CookieName>, options?: CookieConfigInternal, optional?: boolean) => string;
 /**
  * Create a session cookie containing a signed and encrypted JWT, using the
  * `@aura-stack/jose` package for the encoding.
@@ -65,11 +60,7 @@ declare const getCookie: (
  * @param session - The JWT payload to be encoded in the session cookie
  * @returns The serialized session cookie string
  */
-declare const createSessionCookie: (
-    session: JWTPayload,
-    cookieOptions: CookieConfigInternal,
-    jose: AuthRuntimeConfig["jose"]
-) => Promise<string>
+declare const createSessionCookie: (session: JWTPayload, cookieOptions: CookieConfigInternal, jose: AuthRuntimeConfig["jose"]) => Promise<string>;
 /**
  * Defines the cookie configuration based on the request security and cookie options passed
  * in the Aura Auth configuration (`createAuth` function). This function ensures the correct
@@ -82,11 +73,7 @@ declare const createSessionCookie: (
  * @param cookieOptions Cookie options from the Aura Auth configuration
  * @returns The finalized cookie options to be used for setting cookies
  */
-declare const secureCookieOptions: (
-    request: Request,
-    cookieOptions: CookieConfig,
-    trustedProxyHeaders?: boolean
-) => CookieConfigInternal
+declare const secureCookieOptions: (request: Request, cookieOptions: CookieConfig, trustedProxyHeaders?: boolean) => CookieConfigInternal;
 /**
  * Expire a cookie by setting its value to an empty string and applying expired cookie options.
  *
@@ -94,28 +81,13 @@ declare const secureCookieOptions: (
  * @param options cookie options obtained from secureCookieOptions
  * @returns formatted cookie options for an expired cookie
  */
-declare const expireCookie: (name: LiteralUnion<CookieName>, options: CookieConfigInternal) => string
+declare const expireCookie: (name: LiteralUnion<CookieName>, options: CookieConfigInternal) => string;
 /**
  * Set OAuth-specific cookie options, including a short maxAge of 5 minutes.
  *
  * @param options cookie options obtained from secureCookieOptions
  * @returns formatted cookie options for OAuth cookies
  */
-declare const oauthCookie: (options: CookieConfigInternal) => CookieConfigInternal
+declare const oauthCookie: (options: CookieConfigInternal) => CookieConfigInternal;
 
-export {
-    COOKIE_NAME,
-    createSessionCookie,
-    defaultCookieConfig,
-    defaultCookieOptions,
-    defaultHostCookieConfig,
-    defaultSecureCookieConfig,
-    defaultStandardCookieConfig,
-    defineDefaultCookieOptions,
-    expireCookie,
-    expiredCookieOptions,
-    getCookie,
-    oauthCookie,
-    secureCookieOptions,
-    setCookie,
-}
+export { COOKIE_NAME, createSessionCookie, defaultCookieConfig, defaultCookieOptions, defaultHostCookieConfig, defaultSecureCookieConfig, defaultStandardCookieConfig, defineDefaultCookieOptions, expireCookie, expiredCookieOptions, getCookie, oauthCookie, secureCookieOptions, setCookie };

package/dist/cookie.js

@@ -1,36 +1,36 @@
 import {
-    COOKIE_NAME,
-    createSessionCookie,
-    defaultCookieConfig,
-    defaultCookieOptions,
-    defaultHostCookieConfig,
-    defaultSecureCookieConfig,
-    defaultStandardCookieConfig,
-    defineDefaultCookieOptions,
-    expireCookie,
-    expiredCookieOptions,
-    getCookie,
-    oauthCookie,
-    parse,
-    secureCookieOptions,
-    setCookie,
-} from "./chunk-ZV4BH47P.js"
-import "./chunk-6SM22VVJ.js"
-import "./chunk-FJUDBLCP.js"
+  COOKIE_NAME,
+  createSessionCookie,
+  defaultCookieConfig,
+  defaultCookieOptions,
+  defaultHostCookieConfig,
+  defaultSecureCookieConfig,
+  defaultStandardCookieConfig,
+  defineDefaultCookieOptions,
+  expireCookie,
+  expiredCookieOptions,
+  getCookie,
+  oauthCookie,
+  parse,
+  secureCookieOptions,
+  setCookie
+} from "./chunk-ZV4BH47P.js";
+import "./chunk-6SM22VVJ.js";
+import "./chunk-FJUDBLCP.js";
 export {
-    COOKIE_NAME,
-    createSessionCookie,
-    defaultCookieConfig,
-    defaultCookieOptions,
-    defaultHostCookieConfig,
-    defaultSecureCookieConfig,
-    defaultStandardCookieConfig,
-    defineDefaultCookieOptions,
-    expireCookie,
-    expiredCookieOptions,
-    getCookie,
-    oauthCookie,
-    parse,
-    secureCookieOptions,
-    setCookie,
-}
+  COOKIE_NAME,
+  createSessionCookie,
+  defaultCookieConfig,
+  defaultCookieOptions,
+  defaultHostCookieConfig,
+  defaultSecureCookieConfig,
+  defaultStandardCookieConfig,
+  defineDefaultCookieOptions,
+  expireCookie,
+  expiredCookieOptions,
+  getCookie,
+  oauthCookie,
+  parse,
+  secureCookieOptions,
+  setCookie
+};