@authgate/browser 0.1.0

package/README.md

@@ -0,0 +1,101 @@
+# @authgate/browser
+
+Minimal browser-side helpers for applications using **AuthGate**.
+
+This package provides small, explicit utilities to integrate browser-based UIs
+with an AuthGate-backed authentication flow. It intentionally avoids framework
+coupling and hidden behavior.
+
+---
+
+## Features
+
+- Read AuthGate CSRF token from cookies
+- Perform a safe logout request with CSRF protection
+- Zero dependencies
+- Framework-agnostic (works with React, Vue, vanilla JS, etc.)
+
+---
+
+## Installation
+
+```bash
+npm install @authgate/browser
+```
+
+---
+
+## Usage
+
+### Read CSRF token
+
+```ts
+import { getCSRFToken } from "@authgate/browser";
+
+const csrf = getCSRFToken();
+```
+
+Returns the value of the `authgate_csrf` cookie, or `null` if not present.
+
+---
+
+### Logout
+
+```ts
+import { logout } from "@authgate/browser";
+
+await logout();
+```
+
+This will:
+
+- Send a `POST /auth/logout` request
+- Attach the CSRF token via `X-CSRF-Token`
+- Include credentials (`cookies`)
+
+---
+
+### Logout with redirect
+
+```ts
+await logout({ redirectTo: "/" });
+```
+
+After a successful logout request, the browser is redirected to the given path.
+
+---
+
+## Security Model
+
+- CSRF tokens are **not generated** by this package
+- CSRF validation is **enforced by AuthGate**
+- This package only forwards existing CSRF state
+
+No cookies are set, modified, or cleared by this library.
+
+---
+
+## What This Package Does NOT Do
+
+- No authentication logic
+- No token refresh
+- No session management
+- No redirects except when explicitly requested
+- No framework-specific helpers
+
+This package exists solely to reduce boilerplate and prevent integration mistakes.
+
+---
+
+## Compatibility
+
+- Works with any backend protected by AuthGate
+- Compatible with SSR and SPA architectures
+- Safe to use in multi-app or monorepo setups
+
+---
+
+## License
+
+MIT
+

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export declare function getCSRFToken(): string | null;
+export declare function logout(opts?: {
+    redirectTo?: string;
+}): Promise<void>;

package/dist/index.js

@@ -0,0 +1,22 @@
+function getCookie(name) {
+    const match = document.cookie
+        .split("; ")
+        .find((c) => c.startsWith(name + "="));
+    return match ? decodeURIComponent(match.split("=")[1]) : null;
+}
+export function getCSRFToken() {
+    return getCookie("authgate_csrf");
+}
+export async function logout(opts) {
+    const csrf = getCSRFToken();
+    await fetch("/auth/logout", {
+        method: "POST",
+        headers: {
+            "X-CSRF-Token": csrf ?? "",
+        },
+        credentials: "include",
+    });
+    if (opts?.redirectTo !== undefined) {
+        window.location.href = opts.redirectTo;
+    }
+}

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "@authgate/browser",
+  "version": "0.1.0",
+  "description": "Browser-side helpers for AuthGate (logout, CSRF forwarding)",
+  "license": "MIT",
+  "type": "module",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist/index.js",
+    "dist/index.d.ts",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "format": "prettier --write \"src/**/*.{ts,tsx,js}\"",
+    "check:format": "prettier --check \"src/**/*.{ts,tsx,js}\"",
+    "lint": "eslint \"src/**/*.{ts,tsx,js}\"",
+    "test": "vitest run",
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.39.2",
+    "@typescript-eslint/eslint-plugin": "^8.54.0",
+    "@typescript-eslint/parser": "^8.54.0",
+    "eslint": "^9.39.2",
+    "happy-dom": "^20.4.0",
+    "prettier": "^3.8.1",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.54.0",
+    "vitest": "^4.0.18"
+  }
+}