npm - @authon/node - Versions diffs - 0.1.0 - Mend

@authon/node 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,141 @@
+# @authon/node
+Node.js server SDK for [Authon](https://authon.dev) — verify tokens, manage users, and validate webhooks.
+## Install
+```bash
+npm install @authon/node
+# or
+pnpm add @authon/node
+```
+## Quick Start
+### Token Verification
+```ts
+import { AuthonBackend } from '@authon/node';
+const authon = new AuthonBackend('sk_live_...');
+const user = await authon.verifyToken(accessToken);
+console.log(user.id, user.email);
+```
+### Express Middleware
+```ts
+import express from 'express';
+import { expressMiddleware } from '@authon/node';
+const app = express();
+app.use('/api', expressMiddleware({
+  secretKey: process.env.AUTHON_SECRET_KEY!,
+}));
+app.get('/api/profile', (req, res) => {
+  // req.auth is the verified AuthonUser
+  res.json({ user: req.auth });
+});
+```
+### Fastify Plugin
+```ts
+import Fastify from 'fastify';
+import { fastifyPlugin } from '@authon/node';
+const app = Fastify();
+app.addHook('onRequest', fastifyPlugin({
+  secretKey: process.env.AUTHON_SECRET_KEY!,
+}));
+app.get('/api/profile', (request, reply) => {
+  reply.send({ user: request.auth });
+});
+```
+### User Management
+```ts
+const authon = new AuthonBackend('sk_live_...');
+// List users
+const { data, total } = await authon.users.list({ page: 1, limit: 20 });
+// Get a user
+const user = await authon.users.get('user_abc123');
+// Create a user
+const newUser = await authon.users.create({
+  email: 'new@example.com',
+  password: 'securePassword',
+  displayName: 'New User',
+});
+// Update a user
+await authon.users.update('user_abc123', {
+  displayName: 'Updated Name',
+  publicMetadata: { role: 'admin' },
+});
+// Ban / unban
+await authon.users.ban('user_abc123', 'Violation of ToS');
+await authon.users.unban('user_abc123');
+// Delete a user
+await authon.users.delete('user_abc123');
+```
+### Webhook Verification
+```ts
+import { AuthonBackend } from '@authon/node';
+const authon = new AuthonBackend('sk_live_...');
+app.post('/webhooks/authon', express.raw({ type: 'application/json' }), (req, res) => {
+  const signature = req.headers['x-authon-signature'] as string;
+  try {
+    const event = authon.webhooks.verify(req.body, signature, process.env.WEBHOOK_SECRET!);
+    console.log('Event:', event);
+    res.sendStatus(200);
+  } catch (err) {
+    res.sendStatus(400);
+  }
+});
+```
+## API Reference
+### `AuthonBackend`
+| Method | Returns | Description |
+|--------|---------|-------------|
+| `verifyToken(token)` | `Promise<AuthonUser>` | Verify an access token |
+| `users.list(options?)` | `Promise<ListResult<AuthonUser>>` | List users with pagination |
+| `users.get(id)` | `Promise<AuthonUser>` | Get a user by ID |
+| `users.create(data)` | `Promise<AuthonUser>` | Create a user |
+| `users.update(id, data)` | `Promise<AuthonUser>` | Update a user |
+| `users.delete(id)` | `Promise<void>` | Delete a user |
+| `users.ban(id, reason?)` | `Promise<AuthonUser>` | Ban a user |
+| `users.unban(id)` | `Promise<AuthonUser>` | Unban a user |
+| `webhooks.verify(payload, signature, secret)` | `Record<string, unknown>` | Verify webhook HMAC-SHA256 signature |
+### Middleware
+| Export | Description |
+|--------|-------------|
+| `expressMiddleware(options)` | Express/Connect middleware, sets `req.auth` |
+| `fastifyPlugin(options)` | Fastify onRequest hook, sets `request.auth` |
+## Documentation
+[authon.dev/docs](https://authon.dev/docs)
+## License
+[MIT](../../LICENSE)

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,145 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  AuthonBackend: () => AuthonBackend,
+  expressMiddleware: () => expressMiddleware,
+  fastifyPlugin: () => fastifyPlugin
+});
+module.exports = __toCommonJS(index_exports);
+// src/authon.ts
+var import_crypto = require("crypto");
+var AuthonBackend = class {
+  secretKey;
+  apiUrl;
+  constructor(secretKey, config) {
+    this.secretKey = secretKey;
+    this.apiUrl = config?.apiUrl || "https://api.authon.dev";
+  }
+  async verifyToken(accessToken) {
+    return this.request("GET", "/v1/auth/token/verify", void 0, {
+      Authorization: `Bearer ${accessToken}`
+    });
+  }
+  users = {
+    list: (options) => {
+      const params = new URLSearchParams();
+      if (options?.page) params.set("page", String(options.page));
+      if (options?.limit) params.set("limit", String(options.limit));
+      if (options?.search) params.set("search", options.search);
+      const qs = params.toString();
+      return this.request("GET", `/v1/users${qs ? `?${qs}` : ""}`);
+    },
+    get: (userId) => {
+      return this.request("GET", `/v1/users/${userId}`);
+    },
+    create: (data) => {
+      return this.request("POST", "/v1/users", data);
+    },
+    update: (userId, data) => {
+      return this.request("PATCH", `/v1/users/${userId}`, data);
+    },
+    delete: (userId) => {
+      return this.request("DELETE", `/v1/users/${userId}`);
+    },
+    ban: (userId, reason) => {
+      return this.request("POST", `/v1/users/${userId}/ban`, { reason });
+    },
+    unban: (userId) => {
+      return this.request("POST", `/v1/users/${userId}/unban`);
+    }
+  };
+  webhooks = {
+    verify: (payload, signature, secret) => {
+      const body = typeof payload === "string" ? payload : payload.toString("utf8");
+      const expected = (0, import_crypto.createHmac)("sha256", secret).update(body).digest("hex");
+      const actual = signature.replace("sha256=", "");
+      const expectedBuf = Buffer.from(expected, "hex");
+      const actualBuf = Buffer.from(actual, "hex");
+      if (expectedBuf.length !== actualBuf.length || !(0, import_crypto.timingSafeEqual)(expectedBuf, actualBuf)) {
+        throw new Error("Invalid webhook signature");
+      }
+      return JSON.parse(body);
+    }
+  };
+  async request(method, path, body, extraHeaders) {
+    const res = await fetch(`${this.apiUrl}${path}`, {
+      method,
+      headers: {
+        "Content-Type": "application/json",
+        "x-api-key": this.secretKey,
+        ...extraHeaders
+      },
+      body: body ? JSON.stringify(body) : void 0
+    });
+    if (!res.ok) {
+      const text = await res.text();
+      throw new Error(`Authon API error ${res.status}: ${text}`);
+    }
+    if (res.status === 204) return void 0;
+    return res.json();
+  }
+};
+// src/middleware.ts
+function expressMiddleware(options) {
+  const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });
+  return async (req, res, next) => {
+    const authHeader = req.headers["authorization"];
+    const token = typeof authHeader === "string" ? authHeader.replace("Bearer ", "") : null;
+    if (!token) {
+      res.status(401).json({ error: "Missing authorization header" });
+      return;
+    }
+    try {
+      req.auth = await client.verifyToken(token);
+      next();
+    } catch (err) {
+      options.onError?.(err instanceof Error ? err : new Error(String(err)));
+      res.status(401).json({ error: "Invalid token" });
+    }
+  };
+}
+function fastifyPlugin(options) {
+  const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });
+  return async (request, reply) => {
+    const authHeader = request.headers["authorization"];
+    const token = typeof authHeader === "string" ? authHeader.replace("Bearer ", "") : null;
+    if (!token) {
+      reply.code(401).send({ error: "Missing authorization header" });
+      return;
+    }
+    try {
+      request.auth = await client.verifyToken(token);
+    } catch (err) {
+      options.onError?.(err instanceof Error ? err : new Error(String(err)));
+      reply.code(401).send({ error: "Invalid token" });
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AuthonBackend,
+  expressMiddleware,
+  fastifyPlugin
+});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts","../src/authon.ts","../src/middleware.ts"],"sourcesContent":["export { AuthonBackend } from './authon';\nexport { expressMiddleware, fastifyPlugin } from './middleware';\nexport type { AuthonMiddlewareOptions } from './middleware';\n","import type { AuthonUser } from '@authon/shared';\nimport { createHmac, timingSafeEqual } from 'crypto';\n\ninterface AuthonBackendConfig {\n apiUrl?: string;\n}\n\ninterface ListOptions {\n page?: number;\n limit?: number;\n search?: string;\n}\n\ninterface ListResult<T> {\n data: T[];\n total: number;\n page: number;\n limit: number;\n}\n\nexport class AuthonBackend {\n private secretKey: string;\n private apiUrl: string;\n\n constructor(secretKey: string, config?: AuthonBackendConfig) {\n this.secretKey = secretKey;\n this.apiUrl = config?.apiUrl || 'https://api.authon.dev';\n }\n\n async verifyToken(accessToken: string): Promise<AuthonUser> {\n return this.request<AuthonUser>('GET', '/v1/auth/token/verify', undefined, {\n Authorization: `Bearer ${accessToken}`,\n });\n }\n\n users = {\n list: (options?: ListOptions): Promise<ListResult<AuthonUser>> => {\n const params = new URLSearchParams();\n if (options?.page) params.set('page', String(options.page));\n if (options?.limit) params.set('limit', String(options.limit));\n if (options?.search) params.set('search', options.search);\n const qs = params.toString();\n return this.request('GET', `/v1/users${qs ? `?${qs}` : ''}`);\n },\n\n get: (userId: string): Promise<AuthonUser> => {\n return this.request('GET', `/v1/users/${userId}`);\n },\n\n create: (data: {\n email: string;\n password?: string;\n displayName?: string;\n }): Promise<AuthonUser> => {\n return this.request('POST', '/v1/users', data);\n },\n\n update: (\n userId: string,\n data: Partial<{ email: string; displayName: string; publicMetadata: Record<string, unknown> }>,\n ): Promise<AuthonUser> => {\n return this.request('PATCH', `/v1/users/${userId}`, data);\n },\n\n delete: (userId: string): Promise<void> => {\n return this.request('DELETE', `/v1/users/${userId}`);\n },\n\n ban: (userId: string, reason?: string): Promise<AuthonUser> => {\n return this.request('POST', `/v1/users/${userId}/ban`, { reason });\n },\n\n unban: (userId: string): Promise<AuthonUser> => {\n return this.request('POST', `/v1/users/${userId}/unban`);\n },\n };\n\n webhooks = {\n verify: (\n payload: string | Buffer,\n signature: string,\n secret: string,\n ): Record<string, unknown> => {\n const body = typeof payload === 'string' ? payload : payload.toString('utf8');\n const expected = createHmac('sha256', secret).update(body).digest('hex');\n const actual = signature.replace('sha256=', '');\n\n const expectedBuf = Buffer.from(expected, 'hex');\n const actualBuf = Buffer.from(actual, 'hex');\n\n if (expectedBuf.length !== actualBuf.length || !timingSafeEqual(expectedBuf, actualBuf)) {\n throw new Error('Invalid webhook signature');\n }\n\n return JSON.parse(body);\n },\n };\n\n private async request<T>(\n method: string,\n path: string,\n body?: unknown,\n extraHeaders?: Record<string, string>,\n ): Promise<T> {\n const res = await fetch(`${this.apiUrl}${path}`, {\n method,\n headers: {\n 'Content-Type': 'application/json',\n 'x-api-key': this.secretKey,\n ...extraHeaders,\n },\n body: body ? JSON.stringify(body) : undefined,\n });\n\n if (!res.ok) {\n const text = await res.text();\n throw new Error(`Authon API error ${res.status}: ${text}`);\n }\n\n if (res.status === 204) return undefined as T;\n return res.json() as Promise<T>;\n }\n}\n","import type { AuthonUser } from '@authon/shared';\nimport { AuthonBackend } from './authon';\n\nexport interface AuthonMiddlewareOptions {\n secretKey: string;\n apiUrl?: string;\n onError?: (error: Error) => void;\n}\n\nexport function expressMiddleware(options: AuthonMiddlewareOptions) {\n const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });\n\n return async (\n req: { headers: Record<string, string | string[] | undefined>; auth?: AuthonUser },\n res: { status: (code: number) => { json: (body: unknown) => void } },\n next: (err?: unknown) => void,\n ) => {\n const authHeader = req.headers['authorization'];\n const token = typeof authHeader === 'string' ? authHeader.replace('Bearer ', '') : null;\n\n if (!token) {\n res.status(401).json({ error: 'Missing authorization header' });\n return;\n }\n\n try {\n req.auth = await client.verifyToken(token);\n next();\n } catch (err) {\n options.onError?.(err instanceof Error ? err : new Error(String(err)));\n res.status(401).json({ error: 'Invalid token' });\n }\n };\n}\n\nexport function fastifyPlugin(options: AuthonMiddlewareOptions) {\n const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });\n\n return async (\n request: { headers: Record<string, string | string[] | undefined>; auth?: AuthonUser },\n reply: { code: (code: number) => { send: (body: unknown) => void } },\n ) => {\n const authHeader = request.headers['authorization'];\n const token = typeof authHeader === 'string' ? authHeader.replace('Bearer ', '') : null;\n\n if (!token) {\n reply.code(401).send({ error: 'Missing authorization header' });\n return;\n }\n\n try {\n request.auth = await client.verifyToken(token);\n } catch (err) {\n options.onError?.(err instanceof Error ? err : new Error(String(err)));\n reply.code(401).send({ error: 'Invalid token' });\n }\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACCA,oBAA4C;AAmBrC,IAAM,gBAAN,MAAoB;AAAA,EACjB;AAAA,EACA;AAAA,EAER,YAAY,WAAmB,QAA8B;AAC3D,SAAK,YAAY;AACjB,SAAK,SAAS,QAAQ,UAAU;AAAA,EAClC;AAAA,EAEA,MAAM,YAAY,aAA0C;AAC1D,WAAO,KAAK,QAAoB,OAAO,yBAAyB,QAAW;AAAA,MACzE,eAAe,UAAU,WAAW;AAAA,IACtC,CAAC;AAAA,EACH;AAAA,EAEA,QAAQ;AAAA,IACN,MAAM,CAAC,YAA2D;AAChE,YAAM,SAAS,IAAI,gBAAgB;AACnC,UAAI,SAAS,KAAM,QAAO,IAAI,QAAQ,OAAO,QAAQ,IAAI,CAAC;AAC1D,UAAI,SAAS,MAAO,QAAO,IAAI,SAAS,OAAO,QAAQ,KAAK,CAAC;AAC7D,UAAI,SAAS,OAAQ,QAAO,IAAI,UAAU,QAAQ,MAAM;AACxD,YAAM,KAAK,OAAO,SAAS;AAC3B,aAAO,KAAK,QAAQ,OAAO,YAAY,KAAK,IAAI,EAAE,KAAK,EAAE,EAAE;AAAA,IAC7D;AAAA,IAEA,KAAK,CAAC,WAAwC;AAC5C,aAAO,KAAK,QAAQ,OAAO,aAAa,MAAM,EAAE;AAAA,IAClD;AAAA,IAEA,QAAQ,CAAC,SAIkB;AACzB,aAAO,KAAK,QAAQ,QAAQ,aAAa,IAAI;AAAA,IAC/C;AAAA,IAEA,QAAQ,CACN,QACA,SACwB;AACxB,aAAO,KAAK,QAAQ,SAAS,aAAa,MAAM,IAAI,IAAI;AAAA,IAC1D;AAAA,IAEA,QAAQ,CAAC,WAAkC;AACzC,aAAO,KAAK,QAAQ,UAAU,aAAa,MAAM,EAAE;AAAA,IACrD;AAAA,IAEA,KAAK,CAAC,QAAgB,WAAyC;AAC7D,aAAO,KAAK,QAAQ,QAAQ,aAAa,MAAM,QAAQ,EAAE,OAAO,CAAC;AAAA,IACnE;AAAA,IAEA,OAAO,CAAC,WAAwC;AAC9C,aAAO,KAAK,QAAQ,QAAQ,aAAa,MAAM,QAAQ;AAAA,IACzD;AAAA,EACF;AAAA,EAEA,WAAW;AAAA,IACT,QAAQ,CACN,SACA,WACA,WAC4B;AAC5B,YAAM,OAAO,OAAO,YAAY,WAAW,UAAU,QAAQ,SAAS,MAAM;AAC5E,YAAM,eAAW,0BAAW,UAAU,MAAM,EAAE,OAAO,IAAI,EAAE,OAAO,KAAK;AACvE,YAAM,SAAS,UAAU,QAAQ,WAAW,EAAE;AAE9C,YAAM,cAAc,OAAO,KAAK,UAAU,KAAK;AAC/C,YAAM,YAAY,OAAO,KAAK,QAAQ,KAAK;AAE3C,UAAI,YAAY,WAAW,UAAU,UAAU,KAAC,+BAAgB,aAAa,SAAS,GAAG;AACvF,cAAM,IAAI,MAAM,2BAA2B;AAAA,MAC7C;AAEA,aAAO,KAAK,MAAM,IAAI;AAAA,IACxB;AAAA,EACF;AAAA,EAEA,MAAc,QACZ,QACA,MACA,MACA,cACY;AACZ,UAAM,MAAM,MAAM,MAAM,GAAG,KAAK,MAAM,GAAG,IAAI,IAAI;AAAA,MAC/C;AAAA,MACA,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,aAAa,KAAK;AAAA,QAClB,GAAG;AAAA,MACL;AAAA,MACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,IACtC,CAAC;AAED,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,YAAM,IAAI,MAAM,oBAAoB,IAAI,MAAM,KAAK,IAAI,EAAE;AAAA,IAC3D;AAEA,QAAI,IAAI,WAAW,IAAK,QAAO;AAC/B,WAAO,IAAI,KAAK;AAAA,EAClB;AACF;;;ACjHO,SAAS,kBAAkB,SAAkC;AAClE,QAAM,SAAS,IAAI,cAAc,QAAQ,WAAW,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAE9E,SAAO,OACL,KACA,KACA,SACG;AACH,UAAM,aAAa,IAAI,QAAQ,eAAe;AAC9C,UAAM,QAAQ,OAAO,eAAe,WAAW,WAAW,QAAQ,WAAW,EAAE,IAAI;AAEnF,QAAI,CAAC,OAAO;AACV,UAAI,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,+BAA+B,CAAC;AAC9D;AAAA,IACF;AAEA,QAAI;AACF,UAAI,OAAO,MAAM,OAAO,YAAY,KAAK;AACzC,WAAK;AAAA,IACP,SAAS,KAAK;AACZ,cAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC;AACrE,UAAI,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,gBAAgB,CAAC;AAAA,IACjD;AAAA,EACF;AACF;AAEO,SAAS,cAAc,SAAkC;AAC9D,QAAM,SAAS,IAAI,cAAc,QAAQ,WAAW,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAE9E,SAAO,OACL,SACA,UACG;AACH,UAAM,aAAa,QAAQ,QAAQ,eAAe;AAClD,UAAM,QAAQ,OAAO,eAAe,WAAW,WAAW,QAAQ,WAAW,EAAE,IAAI;AAEnF,QAAI,CAAC,OAAO;AACV,YAAM,KAAK,GAAG,EAAE,KAAK,EAAE,OAAO,+BAA+B,CAAC;AAC9D;AAAA,IACF;AAEA,QAAI;AACF,cAAQ,OAAO,MAAM,OAAO,YAAY,KAAK;AAAA,IAC/C,SAAS,KAAK;AACZ,cAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC;AACrE,YAAM,KAAK,GAAG,EAAE,KAAK,EAAE,OAAO,gBAAgB,CAAC;AAAA,IACjD;AAAA,EACF;AACF;","names":[]}

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,67 @@
+import { AuthonUser } from '@authon/shared';
+interface AuthonBackendConfig {
+    apiUrl?: string;
+}
+interface ListOptions {
+    page?: number;
+    limit?: number;
+    search?: string;
+}
+interface ListResult<T> {
+    data: T[];
+    total: number;
+    page: number;
+    limit: number;
+}
+declare class AuthonBackend {
+    private secretKey;
+    private apiUrl;
+    constructor(secretKey: string, config?: AuthonBackendConfig);
+    verifyToken(accessToken: string): Promise<AuthonUser>;
+    users: {
+        list: (options?: ListOptions) => Promise<ListResult<AuthonUser>>;
+        get: (userId: string) => Promise<AuthonUser>;
+        create: (data: {
+            email: string;
+            password?: string;
+            displayName?: string;
+        }) => Promise<AuthonUser>;
+        update: (userId: string, data: Partial<{
+            email: string;
+            displayName: string;
+            publicMetadata: Record<string, unknown>;
+        }>) => Promise<AuthonUser>;
+        delete: (userId: string) => Promise<void>;
+        ban: (userId: string, reason?: string) => Promise<AuthonUser>;
+        unban: (userId: string) => Promise<AuthonUser>;
+    };
+    webhooks: {
+        verify: (payload: string | Buffer, signature: string, secret: string) => Record<string, unknown>;
+    };
+    private request;
+}
+interface AuthonMiddlewareOptions {
+    secretKey: string;
+    apiUrl?: string;
+    onError?: (error: Error) => void;
+}
+declare function expressMiddleware(options: AuthonMiddlewareOptions): (req: {
+    headers: Record<string, string | string[] | undefined>;
+    auth?: AuthonUser;
+}, res: {
+    status: (code: number) => {
+        json: (body: unknown) => void;
+    };
+}, next: (err?: unknown) => void) => Promise<void>;
+declare function fastifyPlugin(options: AuthonMiddlewareOptions): (request: {
+    headers: Record<string, string | string[] | undefined>;
+    auth?: AuthonUser;
+}, reply: {
+    code: (code: number) => {
+        send: (body: unknown) => void;
+    };
+}) => Promise<void>;
+export { AuthonBackend, type AuthonMiddlewareOptions, expressMiddleware, fastifyPlugin };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,67 @@
+import { AuthonUser } from '@authon/shared';
+interface AuthonBackendConfig {
+    apiUrl?: string;
+}
+interface ListOptions {
+    page?: number;
+    limit?: number;
+    search?: string;
+}
+interface ListResult<T> {
+    data: T[];
+    total: number;
+    page: number;
+    limit: number;
+}
+declare class AuthonBackend {
+    private secretKey;
+    private apiUrl;
+    constructor(secretKey: string, config?: AuthonBackendConfig);
+    verifyToken(accessToken: string): Promise<AuthonUser>;
+    users: {
+        list: (options?: ListOptions) => Promise<ListResult<AuthonUser>>;
+        get: (userId: string) => Promise<AuthonUser>;
+        create: (data: {
+            email: string;
+            password?: string;
+            displayName?: string;
+        }) => Promise<AuthonUser>;
+        update: (userId: string, data: Partial<{
+            email: string;
+            displayName: string;
+            publicMetadata: Record<string, unknown>;
+        }>) => Promise<AuthonUser>;
+        delete: (userId: string) => Promise<void>;
+        ban: (userId: string, reason?: string) => Promise<AuthonUser>;
+        unban: (userId: string) => Promise<AuthonUser>;
+    };
+    webhooks: {
+        verify: (payload: string | Buffer, signature: string, secret: string) => Record<string, unknown>;
+    };
+    private request;
+}
+interface AuthonMiddlewareOptions {
+    secretKey: string;
+    apiUrl?: string;
+    onError?: (error: Error) => void;
+}
+declare function expressMiddleware(options: AuthonMiddlewareOptions): (req: {
+    headers: Record<string, string | string[] | undefined>;
+    auth?: AuthonUser;
+}, res: {
+    status: (code: number) => {
+        json: (body: unknown) => void;
+    };
+}, next: (err?: unknown) => void) => Promise<void>;
+declare function fastifyPlugin(options: AuthonMiddlewareOptions): (request: {
+    headers: Record<string, string | string[] | undefined>;
+    auth?: AuthonUser;
+}, reply: {
+    code: (code: number) => {
+        send: (body: unknown) => void;
+    };
+}) => Promise<void>;
+export { AuthonBackend, type AuthonMiddlewareOptions, expressMiddleware, fastifyPlugin };

package/dist/index.js ADDED Viewed

@@ -0,0 +1,116 @@
+// src/authon.ts
+import { createHmac, timingSafeEqual } from "crypto";
+var AuthonBackend = class {
+  secretKey;
+  apiUrl;
+  constructor(secretKey, config) {
+    this.secretKey = secretKey;
+    this.apiUrl = config?.apiUrl || "https://api.authon.dev";
+  }
+  async verifyToken(accessToken) {
+    return this.request("GET", "/v1/auth/token/verify", void 0, {
+      Authorization: `Bearer ${accessToken}`
+    });
+  }
+  users = {
+    list: (options) => {
+      const params = new URLSearchParams();
+      if (options?.page) params.set("page", String(options.page));
+      if (options?.limit) params.set("limit", String(options.limit));
+      if (options?.search) params.set("search", options.search);
+      const qs = params.toString();
+      return this.request("GET", `/v1/users${qs ? `?${qs}` : ""}`);
+    },
+    get: (userId) => {
+      return this.request("GET", `/v1/users/${userId}`);
+    },
+    create: (data) => {
+      return this.request("POST", "/v1/users", data);
+    },
+    update: (userId, data) => {
+      return this.request("PATCH", `/v1/users/${userId}`, data);
+    },
+    delete: (userId) => {
+      return this.request("DELETE", `/v1/users/${userId}`);
+    },
+    ban: (userId, reason) => {
+      return this.request("POST", `/v1/users/${userId}/ban`, { reason });
+    },
+    unban: (userId) => {
+      return this.request("POST", `/v1/users/${userId}/unban`);
+    }
+  };
+  webhooks = {
+    verify: (payload, signature, secret) => {
+      const body = typeof payload === "string" ? payload : payload.toString("utf8");
+      const expected = createHmac("sha256", secret).update(body).digest("hex");
+      const actual = signature.replace("sha256=", "");
+      const expectedBuf = Buffer.from(expected, "hex");
+      const actualBuf = Buffer.from(actual, "hex");
+      if (expectedBuf.length !== actualBuf.length || !timingSafeEqual(expectedBuf, actualBuf)) {
+        throw new Error("Invalid webhook signature");
+      }
+      return JSON.parse(body);
+    }
+  };
+  async request(method, path, body, extraHeaders) {
+    const res = await fetch(`${this.apiUrl}${path}`, {
+      method,
+      headers: {
+        "Content-Type": "application/json",
+        "x-api-key": this.secretKey,
+        ...extraHeaders
+      },
+      body: body ? JSON.stringify(body) : void 0
+    });
+    if (!res.ok) {
+      const text = await res.text();
+      throw new Error(`Authon API error ${res.status}: ${text}`);
+    }
+    if (res.status === 204) return void 0;
+    return res.json();
+  }
+};
+// src/middleware.ts
+function expressMiddleware(options) {
+  const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });
+  return async (req, res, next) => {
+    const authHeader = req.headers["authorization"];
+    const token = typeof authHeader === "string" ? authHeader.replace("Bearer ", "") : null;
+    if (!token) {
+      res.status(401).json({ error: "Missing authorization header" });
+      return;
+    }
+    try {
+      req.auth = await client.verifyToken(token);
+      next();
+    } catch (err) {
+      options.onError?.(err instanceof Error ? err : new Error(String(err)));
+      res.status(401).json({ error: "Invalid token" });
+    }
+  };
+}
+function fastifyPlugin(options) {
+  const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });
+  return async (request, reply) => {
+    const authHeader = request.headers["authorization"];
+    const token = typeof authHeader === "string" ? authHeader.replace("Bearer ", "") : null;
+    if (!token) {
+      reply.code(401).send({ error: "Missing authorization header" });
+      return;
+    }
+    try {
+      request.auth = await client.verifyToken(token);
+    } catch (err) {
+      options.onError?.(err instanceof Error ? err : new Error(String(err)));
+      reply.code(401).send({ error: "Invalid token" });
+    }
+  };
+}
+export {
+  AuthonBackend,
+  expressMiddleware,
+  fastifyPlugin
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/authon.ts","../src/middleware.ts"],"sourcesContent":["import type { AuthonUser } from '@authon/shared';\nimport { createHmac, timingSafeEqual } from 'crypto';\n\ninterface AuthonBackendConfig {\n apiUrl?: string;\n}\n\ninterface ListOptions {\n page?: number;\n limit?: number;\n search?: string;\n}\n\ninterface ListResult<T> {\n data: T[];\n total: number;\n page: number;\n limit: number;\n}\n\nexport class AuthonBackend {\n private secretKey: string;\n private apiUrl: string;\n\n constructor(secretKey: string, config?: AuthonBackendConfig) {\n this.secretKey = secretKey;\n this.apiUrl = config?.apiUrl || 'https://api.authon.dev';\n }\n\n async verifyToken(accessToken: string): Promise<AuthonUser> {\n return this.request<AuthonUser>('GET', '/v1/auth/token/verify', undefined, {\n Authorization: `Bearer ${accessToken}`,\n });\n }\n\n users = {\n list: (options?: ListOptions): Promise<ListResult<AuthonUser>> => {\n const params = new URLSearchParams();\n if (options?.page) params.set('page', String(options.page));\n if (options?.limit) params.set('limit', String(options.limit));\n if (options?.search) params.set('search', options.search);\n const qs = params.toString();\n return this.request('GET', `/v1/users${qs ? `?${qs}` : ''}`);\n },\n\n get: (userId: string): Promise<AuthonUser> => {\n return this.request('GET', `/v1/users/${userId}`);\n },\n\n create: (data: {\n email: string;\n password?: string;\n displayName?: string;\n }): Promise<AuthonUser> => {\n return this.request('POST', '/v1/users', data);\n },\n\n update: (\n userId: string,\n data: Partial<{ email: string; displayName: string; publicMetadata: Record<string, unknown> }>,\n ): Promise<AuthonUser> => {\n return this.request('PATCH', `/v1/users/${userId}`, data);\n },\n\n delete: (userId: string): Promise<void> => {\n return this.request('DELETE', `/v1/users/${userId}`);\n },\n\n ban: (userId: string, reason?: string): Promise<AuthonUser> => {\n return this.request('POST', `/v1/users/${userId}/ban`, { reason });\n },\n\n unban: (userId: string): Promise<AuthonUser> => {\n return this.request('POST', `/v1/users/${userId}/unban`);\n },\n };\n\n webhooks = {\n verify: (\n payload: string | Buffer,\n signature: string,\n secret: string,\n ): Record<string, unknown> => {\n const body = typeof payload === 'string' ? payload : payload.toString('utf8');\n const expected = createHmac('sha256', secret).update(body).digest('hex');\n const actual = signature.replace('sha256=', '');\n\n const expectedBuf = Buffer.from(expected, 'hex');\n const actualBuf = Buffer.from(actual, 'hex');\n\n if (expectedBuf.length !== actualBuf.length || !timingSafeEqual(expectedBuf, actualBuf)) {\n throw new Error('Invalid webhook signature');\n }\n\n return JSON.parse(body);\n },\n };\n\n private async request<T>(\n method: string,\n path: string,\n body?: unknown,\n extraHeaders?: Record<string, string>,\n ): Promise<T> {\n const res = await fetch(`${this.apiUrl}${path}`, {\n method,\n headers: {\n 'Content-Type': 'application/json',\n 'x-api-key': this.secretKey,\n ...extraHeaders,\n },\n body: body ? JSON.stringify(body) : undefined,\n });\n\n if (!res.ok) {\n const text = await res.text();\n throw new Error(`Authon API error ${res.status}: ${text}`);\n }\n\n if (res.status === 204) return undefined as T;\n return res.json() as Promise<T>;\n }\n}\n","import type { AuthonUser } from '@authon/shared';\nimport { AuthonBackend } from './authon';\n\nexport interface AuthonMiddlewareOptions {\n secretKey: string;\n apiUrl?: string;\n onError?: (error: Error) => void;\n}\n\nexport function expressMiddleware(options: AuthonMiddlewareOptions) {\n const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });\n\n return async (\n req: { headers: Record<string, string | string[] | undefined>; auth?: AuthonUser },\n res: { status: (code: number) => { json: (body: unknown) => void } },\n next: (err?: unknown) => void,\n ) => {\n const authHeader = req.headers['authorization'];\n const token = typeof authHeader === 'string' ? authHeader.replace('Bearer ', '') : null;\n\n if (!token) {\n res.status(401).json({ error: 'Missing authorization header' });\n return;\n }\n\n try {\n req.auth = await client.verifyToken(token);\n next();\n } catch (err) {\n options.onError?.(err instanceof Error ? err : new Error(String(err)));\n res.status(401).json({ error: 'Invalid token' });\n }\n };\n}\n\nexport function fastifyPlugin(options: AuthonMiddlewareOptions) {\n const client = new AuthonBackend(options.secretKey, { apiUrl: options.apiUrl });\n\n return async (\n request: { headers: Record<string, string | string[] | undefined>; auth?: AuthonUser },\n reply: { code: (code: number) => { send: (body: unknown) => void } },\n ) => {\n const authHeader = request.headers['authorization'];\n const token = typeof authHeader === 'string' ? authHeader.replace('Bearer ', '') : null;\n\n if (!token) {\n reply.code(401).send({ error: 'Missing authorization header' });\n return;\n }\n\n try {\n request.auth = await client.verifyToken(token);\n } catch (err) {\n options.onError?.(err instanceof Error ? err : new Error(String(err)));\n reply.code(401).send({ error: 'Invalid token' });\n }\n };\n}\n"],"mappings":";AACA,SAAS,YAAY,uBAAuB;AAmBrC,IAAM,gBAAN,MAAoB;AAAA,EACjB;AAAA,EACA;AAAA,EAER,YAAY,WAAmB,QAA8B;AAC3D,SAAK,YAAY;AACjB,SAAK,SAAS,QAAQ,UAAU;AAAA,EAClC;AAAA,EAEA,MAAM,YAAY,aAA0C;AAC1D,WAAO,KAAK,QAAoB,OAAO,yBAAyB,QAAW;AAAA,MACzE,eAAe,UAAU,WAAW;AAAA,IACtC,CAAC;AAAA,EACH;AAAA,EAEA,QAAQ;AAAA,IACN,MAAM,CAAC,YAA2D;AAChE,YAAM,SAAS,IAAI,gBAAgB;AACnC,UAAI,SAAS,KAAM,QAAO,IAAI,QAAQ,OAAO,QAAQ,IAAI,CAAC;AAC1D,UAAI,SAAS,MAAO,QAAO,IAAI,SAAS,OAAO,QAAQ,KAAK,CAAC;AAC7D,UAAI,SAAS,OAAQ,QAAO,IAAI,UAAU,QAAQ,MAAM;AACxD,YAAM,KAAK,OAAO,SAAS;AAC3B,aAAO,KAAK,QAAQ,OAAO,YAAY,KAAK,IAAI,EAAE,KAAK,EAAE,EAAE;AAAA,IAC7D;AAAA,IAEA,KAAK,CAAC,WAAwC;AAC5C,aAAO,KAAK,QAAQ,OAAO,aAAa,MAAM,EAAE;AAAA,IAClD;AAAA,IAEA,QAAQ,CAAC,SAIkB;AACzB,aAAO,KAAK,QAAQ,QAAQ,aAAa,IAAI;AAAA,IAC/C;AAAA,IAEA,QAAQ,CACN,QACA,SACwB;AACxB,aAAO,KAAK,QAAQ,SAAS,aAAa,MAAM,IAAI,IAAI;AAAA,IAC1D;AAAA,IAEA,QAAQ,CAAC,WAAkC;AACzC,aAAO,KAAK,QAAQ,UAAU,aAAa,MAAM,EAAE;AAAA,IACrD;AAAA,IAEA,KAAK,CAAC,QAAgB,WAAyC;AAC7D,aAAO,KAAK,QAAQ,QAAQ,aAAa,MAAM,QAAQ,EAAE,OAAO,CAAC;AAAA,IACnE;AAAA,IAEA,OAAO,CAAC,WAAwC;AAC9C,aAAO,KAAK,QAAQ,QAAQ,aAAa,MAAM,QAAQ;AAAA,IACzD;AAAA,EACF;AAAA,EAEA,WAAW;AAAA,IACT,QAAQ,CACN,SACA,WACA,WAC4B;AAC5B,YAAM,OAAO,OAAO,YAAY,WAAW,UAAU,QAAQ,SAAS,MAAM;AAC5E,YAAM,WAAW,WAAW,UAAU,MAAM,EAAE,OAAO,IAAI,EAAE,OAAO,KAAK;AACvE,YAAM,SAAS,UAAU,QAAQ,WAAW,EAAE;AAE9C,YAAM,cAAc,OAAO,KAAK,UAAU,KAAK;AAC/C,YAAM,YAAY,OAAO,KAAK,QAAQ,KAAK;AAE3C,UAAI,YAAY,WAAW,UAAU,UAAU,CAAC,gBAAgB,aAAa,SAAS,GAAG;AACvF,cAAM,IAAI,MAAM,2BAA2B;AAAA,MAC7C;AAEA,aAAO,KAAK,MAAM,IAAI;AAAA,IACxB;AAAA,EACF;AAAA,EAEA,MAAc,QACZ,QACA,MACA,MACA,cACY;AACZ,UAAM,MAAM,MAAM,MAAM,GAAG,KAAK,MAAM,GAAG,IAAI,IAAI;AAAA,MAC/C;AAAA,MACA,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,aAAa,KAAK;AAAA,QAClB,GAAG;AAAA,MACL;AAAA,MACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,IACtC,CAAC;AAED,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,YAAM,IAAI,MAAM,oBAAoB,IAAI,MAAM,KAAK,IAAI,EAAE;AAAA,IAC3D;AAEA,QAAI,IAAI,WAAW,IAAK,QAAO;AAC/B,WAAO,IAAI,KAAK;AAAA,EAClB;AACF;;;ACjHO,SAAS,kBAAkB,SAAkC;AAClE,QAAM,SAAS,IAAI,cAAc,QAAQ,WAAW,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAE9E,SAAO,OACL,KACA,KACA,SACG;AACH,UAAM,aAAa,IAAI,QAAQ,eAAe;AAC9C,UAAM,QAAQ,OAAO,eAAe,WAAW,WAAW,QAAQ,WAAW,EAAE,IAAI;AAEnF,QAAI,CAAC,OAAO;AACV,UAAI,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,+BAA+B,CAAC;AAC9D;AAAA,IACF;AAEA,QAAI;AACF,UAAI,OAAO,MAAM,OAAO,YAAY,KAAK;AACzC,WAAK;AAAA,IACP,SAAS,KAAK;AACZ,cAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC;AACrE,UAAI,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,gBAAgB,CAAC;AAAA,IACjD;AAAA,EACF;AACF;AAEO,SAAS,cAAc,SAAkC;AAC9D,QAAM,SAAS,IAAI,cAAc,QAAQ,WAAW,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAE9E,SAAO,OACL,SACA,UACG;AACH,UAAM,aAAa,QAAQ,QAAQ,eAAe;AAClD,UAAM,QAAQ,OAAO,eAAe,WAAW,WAAW,QAAQ,WAAW,EAAE,IAAI;AAEnF,QAAI,CAAC,OAAO;AACV,YAAM,KAAK,GAAG,EAAE,KAAK,EAAE,OAAO,+BAA+B,CAAC;AAC9D;AAAA,IACF;AAEA,QAAI;AACF,cAAQ,OAAO,MAAM,OAAO,YAAY,KAAK;AAAA,IAC/C,SAAS,KAAK;AACZ,cAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC;AACrE,YAAM,KAAK,GAAG,EAAE,KAAK,EAAE,OAAO,gBAAgB,CAAC;AAAA,IACjD;AAAA,EACF;AACF;","names":[]}

package/package.json ADDED Viewed

@@ -0,0 +1,40 @@
+{
+  "name": "@authon/node",
+  "version": "0.1.0",
+  "description": "Authon Node.js SDK — verify tokens, manage users, validate webhooks",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": ["dist"],
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch"
+  },
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mikusnuz/authon-sdk.git",
+    "directory": "packages/node"
+  },
+  "homepage": "https://github.com/mikusnuz/authon-sdk/tree/main/packages/node",
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": ["authon", "auth", "authentication", "node", "server", "sdk"],
+  "dependencies": {
+    "@authon/shared": "workspace:*"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.9.3"
+  }
+}