@authticon/client 0.0.0-beta4 → 0.0.0-beta41

package/README.md

@@ -0,0 +1,375 @@
+# @authticon/client
+
+Oficjalny klient JavaScript/TypeScript dla [Authticon](https://authticon.com) — usługi uwierzytelniania. Biblioteka wspiera zarówno środowisko **Node.js** (SSR, API routes), jak i **przeglądarkę** (SPA, client-side).
+
+## Instalacja
+
+```bash
+npm install @authticon/client
+```
+
+**Wymagania:** Node.js >= 18
+
+## Dwa entry pointy
+
+Biblioteka dostarcza dwa osobne moduły z odrębnymi implementacjami cookie i sesji:
+
+| Import | Środowisko | Cookie adapter |
+|---|---|---|
+| `@authticon/client` lub `@authticon/client/node` | Node.js / SSR | Parsuje cookies z obiektu `Request`, zwraca `CookieStorageAdapter` z metodami `applyToResponse()`, `stringifySetCookies()` |
+| `@authticon/client/browser` | Przeglądarka / SPA | Używa `document.cookie` |
+
+## Szybki start
+
+### Node.js (np. Next.js, Express, Hono)
+
+```typescript
+import { createAuthticon } from "@authticon/client/node";
+
+const authticon = createAuthticon({
+  projectId: "your-project-id",
+});
+
+// W handlerze HTTP:
+async function handler(request: Request) {
+  const { getUser, login, logout, cookies } = await authticon.session({
+    request,
+  });
+
+  const user = getUser(); // SessionUser | null
+
+  // cookies.applyToResponse(response) — ustawia Set-Cookie na odpowiedzi
+}
+```
+
+### Przeglądarka
+
+```typescript
+import { createAuthticon } from "@authticon/client/browser";
+
+const authticon = createAuthticon({
+  projectId: "your-project-id",
+});
+
+const session = await authticon.session({});
+
+const user = session.getUser();
+await session.login({ email: "user@example.com", password: "secret" });
+```
+
+## Konfiguracja
+
+```typescript
+type AuthticonOptions = {
+  projectId: string;        // ID projektu w Authticon (wymagane)
+  baseUrl?: string;          // URL API (domyślnie: "https://authticon.com")
+  jwksUrl?: string;          // URL do JWKS (domyślnie: {baseUrl}/.well-known/jwks.json)
+  jwksCacheTtlMs?: number;   // TTL cache kluczy JWKS (domyślnie: 1h)
+  cache?: CacheAdapter;      // Zewnętrzny adapter cache (domyślnie: in-memory)
+  logger?: Logger;           // Instancja pino logger
+};
+```
+
+## Session (API stanowe)
+
+`session()` to główny sposób interakcji z biblioteką. Tworzy **stanowy obiekt sesji**, który:
+
+1. Przy tworzeniu automatycznie odczytuje tokeny z cookies
+2. Weryfikuje access token za pomocą JWKS
+3. Jeśli token wygasł — automatycznie odświeża go za pomocą refresh tokena
+4. Cache'uje obiekt `SessionUser` w pamięci na czas życia sesji
+5. Operacje takie jak `login()`, `logout()`, `createGuest()` automatycznie aktualizują wewnętrzny stan sesji i zapisują nowe tokeny w cookies
+
+### Tworzenie sesji
+
+#### Node.js — z obiektu `Request`
+
+```typescript
+const session = await authticon.session({ request });
+// session.cookies — CookieStorageAdapter z metodami applyToResponse(), stringifySetCookies()
+```
+
+#### Node.js — z własnym `CookieAdapter`
+
+```typescript
+const session = await authticon.session({ cookies: myCookieAdapter });
+```
+
+#### Przeglądarka
+
+```typescript
+const session = await authticon.session({});
+// Automatycznie używa document.cookie
+```
+
+Opcjonalnie można przekazać `tokenStorage` do nadpisania nazw cookies i ich parametrów:
+
+```typescript
+const session = await authticon.session({
+  request,
+  tokenStorage: {
+    accessTokenName: "my_access_token",
+    refreshTokenName: "my_refresh_token",
+    secure: true,
+    sameSite: "Strict",
+    domain: ".example.com",
+  },
+});
+```
+
+### Metody sesji
+
+#### Autentykacja
+
+| Metoda | Opis |
+|---|---|
+| `login(params)` | Logowanie (email/password). Zwraca `SessionUser`. |
+| `register(params)` | Rejestracja. Zwraca dane rejestracji (tokeny nie są jeszcze zapisywane). |
+| `sendMagicLink(params)` | Wysyła magic link na email. |
+| `loginWithMagicLink(params)` | Weryfikuje magic link i loguje użytkownika. Zwraca `SessionUser`. |
+| `forgotPassword(params)` | Inicjuje reset hasła. |
+| `verifyEmail(params)` | Weryfikuje email. |
+| `createGuest(params)` | Tworzy użytkownika-gościa. Zwraca `SessionUser`. |
+| `acceptInvitation(params)` | Akceptuje zaproszenie. Zwraca `SessionUser`. |
+| `resendConfirmation(params)` | Ponownie wysyła email potwierdzający. |
+| `logout()` | Wylogowuje (server-side + czyści cookies). |
+| `refresh()` | Wymusza odświeżenie tokenów. |
+
+#### Stan użytkownika
+
+| Metoda | Opis |
+|---|---|
+| `getUser()` | Zwraca `SessionUser \| null`. |
+| `requireUser()` | Zwraca `SessionUser` lub rzuca `AuthticonError`. |
+| `hasSession()` | Zwraca `boolean` — czy istnieje access token. |
+| `getFirstChallenge()` | Zwraca pierwszy challenge (np. `"verifyTwoFa"`, `"setPassword"`) lub `undefined`. |
+
+#### Zarządzanie kontem
+
+| Metoda | Opis |
+|---|---|
+| `changeEmail(params)` | Zmiana emaila. |
+| `changePassword(params)` | Zmiana hasła. |
+| `setPassword(params)` | Ustawienie hasła (np. po resecie). |
+| `changePhone(params)` | Zmiana numeru telefonu. |
+| `verifyPhone(params)` | Weryfikacja numeru telefonu. |
+
+#### Dwuskładnikowe uwierzytelnianie (2FA)
+
+| Metoda | Opis |
+|---|---|
+| `getTwoFaSecret()` | Pobiera sekret 2FA (do wyświetlenia QR code). |
+| `enableTwoFa(params)` | Włącza 2FA. |
+| `disableTwoFa(params)` | Wyłącza 2FA. |
+| `sendTwoFaCode(params)` | Wysyła kod 2FA. |
+| `completeTwoFaChallenge(code, remember?)` | Weryfikuje kod 2FA i aktualizuje sesję. |
+
+#### Zaproszenia
+
+| Metoda | Opis |
+|---|---|
+| `createInvitation(params)` | Tworzy zaproszenie. |
+| `deleteInvitation(params)` | Usuwa zaproszenie. |
+
+#### Tokeny
+
+Obiekt `session.tokens` daje bezpośredni dostęp do tokenów:
+
+```typescript
+session.tokens.getAccessToken();   // string | null
+session.tokens.getRefreshToken();  // string | null
+session.tokens.verify();           // weryfikuje aktualny access token
+session.tokens.verify(customToken); // weryfikuje dowolny token
+session.tokens.clear();            // czyści tokeny z cookies i resetuje stan sesji
+```
+
+### SessionUser
+
+```typescript
+type SessionUser<Payload> = {
+  id: string;           // ID użytkownika
+  sessionId: string;    // ID sesji
+  projectId: string;    // ID projektu
+  role: "guest" | "user";
+  isGuest: boolean;
+  challenges: Challenge[];  // np. ["verifyTwoFa", "setPassword"]
+  payload: Payload;         // custom claims z tokena
+  raw: AccessTokenPayload;  // surowy payload JWT
+};
+```
+
+## Low-level API
+
+Oprócz stanowej sesji, `createAuthticon()` udostępnia niskopoziomowe klienty API, które nie zarządzają stanem ani cookies.
+
+### `authticon.auth()` — klient publiczny (bez autoryzacji)
+
+Bezstanowy klient do endpointów niewymagających tokenu:
+
+```typescript
+const auth = authticon.auth();
+
+await auth.login({ email: "user@example.com", password: "secret" });
+await auth.register({ email: "user@example.com", password: "secret" });
+await auth.forgotPassword({ email: "user@example.com" });
+await auth.sendMagicLink({ email: "user@example.com" });
+await auth.verifyMagicLink({ token: "..." });
+await auth.verifyEmail({ token: "..." });
+await auth.createGuestUser({ ... });
+await auth.acceptInvitation({ token: "...", password: "..." });
+await auth.resendConfirmation({ email: "..." });
+```
+
+> **Uwaga:** Te metody zwracają surowe dane z API (np. tokeny). Zarządzanie cookies/stanem leży po stronie wywołującego.
+
+### `authticon.admin(options)` — klient administracyjny (tylko Node.js)
+
+Wymaga klucza API. Służy do operacji administracyjnych:
+
+```typescript
+const admin = authticon.admin({ apiKey: "your-api-key" });
+
+await admin.listUsers({ page: 1 });
+await admin.createUser({ email: "new@example.com", password: "..." });
+await admin.getUser("user-id");
+await admin.updateUser("user-id", { ... });
+await admin.deleteUser("user-id");
+await admin.loginAs({ userId: "user-id" });
+
+// Role
+await admin.createUserRole("user-id", { ... });
+await admin.listUserRoles("user-id");
+await admin.updateUserRole("user-id", "role-id", { ... });
+await admin.deleteUserRole("user-id", "role-id");
+
+// SMS
+await admin.sendSmsCode("user-id");
+await admin.verifySms("user-id", { code: "123456" });
+
+// Test email
+await admin.testEmail({ ... });
+```
+
+### `authticon.tokens` (tylko Node.js)
+
+Bezpośredni dostęp do weryfikatora tokenów na poziomie instancji:
+
+```typescript
+const payload = await authticon.tokens.verify(accessToken);
+authticon.tokens.clearKeyCache(); // czyści cache kluczy JWKS
+```
+
+## Cookie adaptery
+
+### Node.js — `createNodeCookieStorageAdapter`
+
+Parsuje cookies z `Request`, buforuje zmiany i pozwala je aplikować do `Response`:
+
+```typescript
+import { createNodeCookieStorageAdapter } from "@authticon/client/node";
+
+const cookies = createNodeCookieStorageAdapter(request);
+
+// Po operacjach sesji:
+cookies.applyToResponse(response);
+// lub:
+const setCookieHeaders = cookies.stringifySetCookies(); // string[]
+```
+
+### Przeglądarka — `createBrowserCookieAdapter`
+
+Operuje bezpośrednio na `document.cookie`:
+
+```typescript
+import { createBrowserCookieAdapter } from "@authticon/client/browser";
+
+const cookies = createBrowserCookieAdapter();
+```
+
+### Własny adapter
+
+Możesz zaimplementować interfejs `CookieAdapter`:
+
+```typescript
+interface CookieAdapter {
+  get(name: string): string | null;
+  set(name: string, value: string, options: CookieSetOptions): void;
+  remove(name: string, options: CookieRemoveOptions): void;
+}
+```
+
+## Token storage — konfiguracja cookies
+
+```typescript
+type TokenStorageOptions = {
+  accessTokenName?: string;        // domyślnie: "access_token"
+  refreshTokenName?: string;       // domyślnie: "refresh_token"
+  deviceIdName?: string;           // domyślnie: "device_id"
+  adminRefreshTokenName?: string;  // domyślnie: "admin_refresh_token"
+  path?: string;                   // domyślnie: "/"
+  domain?: string;
+  secure?: boolean;                // domyślnie: true
+  sameSite?: "Strict" | "Lax" | "None"; // domyślnie: "Lax"
+  accessTokenMaxAge?: number;      // domyślnie: 900 (15 min)
+  refreshTokenMaxAge?: number;     // domyślnie: 2592000 (30 dni)
+};
+```
+
+## Obsługa błędów
+
+Biblioteka definiuje dedykowaną hierarchię błędów:
+
+```typescript
+import {
+  AuthticonError,
+  AuthticonApiError,
+  AuthticonTokenError,
+  isAuthticonError,
+  isAuthticonApiError,
+  isAuthticonTokenError,
+} from "@authticon/client";
+```
+
+| Klasa | Opis |
+|---|---|
+| `AuthticonError` | Bazowy błąd (np. brak tokenu, użytkownik niezalogowany) |
+| `AuthticonApiError` | Błąd odpowiedzi API (zawiera `statusCode` i `response`) |
+| `AuthticonTokenError` | Błąd weryfikacji JWT (zawiera `code` i oryginalny `joseError`) |
+
+```typescript
+try {
+  const user = session.requireUser();
+} catch (error) {
+  if (isAuthticonApiError(error)) {
+    console.log(error.statusCode); // np. 401
+  }
+  if (isAuthticonTokenError(error, "ERR_JWT_EXPIRED")) {
+    // Token wygasł
+  }
+}
+```
+
+## Typowanie custom payloadu
+
+Biblioteka wspiera generyczne typowanie payloadu JWT:
+
+```typescript
+type MyPayload = {
+  organizationId: string;
+  permissions: string[];
+};
+
+const authticon = createAuthticon<MyPayload>({
+  projectId: "...",
+});
+
+const session = await authticon.session({ request });
+const user = session.getUser();
+
+user?.payload.organizationId;  // string
+user?.payload.permissions;     // string[]
+```
+
+## Licencja
+
+MIT

package/dist/CookieStorageAdapter.d.ts

@@ -0,0 +1,15 @@
+import type { CookieAdapter, CookieSetOptions } from "./types.js";
+export declare class CookieStorageAdapter implements CookieAdapter {
+    private readonly cookies;
+    private readonly setCookies;
+    private readonly values;
+    constructor(request: Request);
+    get(name: string): string | null;
+    set(name: string, value: string, options: CookieSetOptions): void;
+    remove(name: string): void;
+    stringifySetCookies(): string[];
+    stringifyCookies(): string;
+    applyToResponse(response: Response): void;
+}
+export declare function createCookieStorageAdapter(request: Request): CookieStorageAdapter;
+//# sourceMappingURL=CookieStorageAdapter.d.ts.map

package/dist/CookieStorageAdapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CookieStorageAdapter.d.ts","sourceRoot":"","sources":["../src/CookieStorageAdapter.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAElE,qBAAa,oBAAqB,YAAW,aAAa;IACxD,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAuB;IAC/C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAA8C;IACzE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAkC;gBAE7C,OAAO,EAAE,OAAO;IAmB5B,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAIhC,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,gBAAgB;IAW1D,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAY1B,mBAAmB,IAAI,MAAM,EAAE;IAM/B,gBAAgB,IAAI,MAAM;IAI1B,eAAe,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI;CAM1C;AAED,wBAAgB,0BAA0B,CACxC,OAAO,EAAE,OAAO,GACf,oBAAoB,CAEtB"}

package/dist/CookieStorageAdapter.js

@@ -0,0 +1,60 @@
+import * as cookiesUtils from "cookie";
+export class CookieStorageAdapter {
+    cookies;
+    setCookies = {};
+    values = new Map();
+    constructor(request) {
+        this.cookies = cookiesUtils.parseCookie(request.headers.get("Cookie") || "");
+        for (const [name, value] of Object.entries(this.cookies)) {
+            if (value) {
+                this.values.set(name, value);
+            }
+        }
+        for (const raw of request.headers.getSetCookie()) {
+            const cookie = cookiesUtils.parseSetCookie(raw);
+            this.setCookies[cookie.name] = cookie;
+            if (cookie.value) {
+                this.values.set(cookie.name, cookie.value);
+            }
+        }
+    }
+    get(name) {
+        return this.values.get(name) ?? null;
+    }
+    set(name, value, options) {
+        this.values.set(name, value);
+        this.setCookies[name] = {
+            name,
+            value,
+            ...options,
+            sameSite: options.sameSite.toLowerCase(),
+        };
+    }
+    remove(name) {
+        this.values.delete(name);
+        delete this.cookies[name];
+        this.setCookies[name] = {
+            name,
+            value: "",
+            secure: true,
+            sameSite: "none",
+            maxAge: 0,
+        };
+    }
+    stringifySetCookies() {
+        return Object.values(this.setCookies).map((cookie) => cookiesUtils.stringifySetCookie(cookie));
+    }
+    stringifyCookies() {
+        return cookiesUtils.stringifyCookie(this.cookies);
+    }
+    applyToResponse(response) {
+        response.headers.set("Cookie", this.stringifyCookies());
+        for (const cookie of this.stringifySetCookies()) {
+            response.headers.append("Set-Cookie", cookie);
+        }
+    }
+}
+export function createCookieStorageAdapter(request) {
+    return new CookieStorageAdapter(request);
+}
+//# sourceMappingURL=CookieStorageAdapter.js.map

package/dist/CookieStorageAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CookieStorageAdapter.js","sourceRoot":"","sources":["../src/CookieStorageAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,YAAY,MAAM,QAAQ,CAAC;AAGvC,MAAM,OAAO,oBAAoB;IACd,OAAO,CAAuB;IAC9B,UAAU,GAA2C,EAAE,CAAC;IACxD,MAAM,GAAwB,IAAI,GAAG,EAAE,CAAC;IAEzD,YAAY,OAAgB;QAC1B,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,WAAW,CACrC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CACpC,CAAC;QACF,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACzD,IAAI,KAAK,EAAE,CAAC;gBACV,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC;YACjD,MAAM,MAAM,GAAG,YAAY,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;YAChD,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC;YACtC,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;IACH,CAAC;IAED,GAAG,CAAC,IAAY;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;IACvC,CAAC;IAED,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,OAAyB;QACxD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC7B,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG;YACtB,IAAI;YACJ,KAAK;YACL,GAAG,OAAO;YACV,QAAQ,EACN,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAwC;SACvE,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,IAAY;QACjB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACzB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG;YACtB,IAAI;YACJ,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,IAAI;YACZ,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,CAAC;SACV,CAAC;IACJ,CAAC;IAED,mBAAmB;QACjB,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CACnD,YAAY,CAAC,kBAAkB,CAAC,MAAM,CAAC,CACxC,CAAC;IACJ,CAAC;IAED,gBAAgB;QACd,OAAO,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpD,CAAC;IAED,eAAe,CAAC,QAAkB;QAChC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC;QACxD,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAChD,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;CACF;AAED,MAAM,UAAU,0BAA0B,CACxC,OAAgB;IAEhB,OAAO,IAAI,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC3C,CAAC"}

package/dist/InMemoryCacheAdapter.d.ts

@@ -0,0 +1,3 @@
+import type { CacheAdapter } from "./types.js";
+export declare const createInMemoryCacheAdapter: () => CacheAdapter;
+//# sourceMappingURL=InMemoryCacheAdapter.d.ts.map

package/dist/InMemoryCacheAdapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"InMemoryCacheAdapter.d.ts","sourceRoot":"","sources":["../src/InMemoryCacheAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,eAAO,MAAM,0BAA0B,QAAO,YAY7C,CAAC"}

package/dist/InMemoryCacheAdapter.js

@@ -0,0 +1,13 @@
+export const createInMemoryCacheAdapter = () => {
+    const store = new Map();
+    return {
+        get: (key) => store.get(key),
+        set: (key, value) => {
+            store.set(key, value);
+        },
+        delete: (key) => {
+            store.delete(key);
+        },
+    };
+};
+//# sourceMappingURL=InMemoryCacheAdapter.js.map

package/dist/InMemoryCacheAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"InMemoryCacheAdapter.js","sourceRoot":"","sources":["../src/InMemoryCacheAdapter.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,0BAA0B,GAAG,GAAiB,EAAE;IAC3D,MAAM,KAAK,GAAG,IAAI,GAAG,EAAmB,CAAC;IAEzC,OAAO;QACL,GAAG,EAAE,CAAI,GAAW,EAAiB,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAkB;QACvE,GAAG,EAAE,CAAI,GAAW,EAAE,KAAQ,EAAQ,EAAE;YACtC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACxB,CAAC;QACD,MAAM,EAAE,CAAC,GAAW,EAAQ,EAAE;YAC5B,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACpB,CAAC;KACF,CAAC;AACJ,CAAC,CAAC"}

package/dist/TokenStorage.d.ts

@@ -1,17 +1,21 @@
+import type { Logger } from "pino";
 import type { CookieAdapter, TokenPair, TokenStorageOptions } from "./types.js";
-export declare class TokenStorage {
-    private readonly cookies;
-    private readonly accessName;
-    private readonly refreshName;
-    private readonly deviceIdName;
-    private readonly setOptions;
-    private readonly removeOptions;
-    constructor(cookies: CookieAdapter, options?: TokenStorageOptions);
+export type TokenStorage = {
     readonly save: (tokens: TokenPair) => void;
+    readonly clear: () => void;
     readonly getAccessToken: () => string | null;
     readonly getRefreshToken: () => string | null;
     readonly getDeviceId: () => string | null;
+    readonly getAdminRefreshToken: () => string | null;
+    readonly setAccessToken: (accessToken: string) => void;
+    readonly setRefreshToken: (refreshToken: string) => void;
+    readonly setAdminRefreshToken: (adminRefreshToken: string) => void;
+    readonly setDeviceId: (deviceId: string) => void;
+    readonly clearAccessToken: () => void;
+    readonly clearRefreshToken: () => void;
+    readonly clearDeviceId: () => void;
+    readonly clearAdminRefreshToken: () => void;
     readonly getAll: () => TokenPair | null;
-    readonly clear: () => void;
-}
+};
+export declare const createTokenStorage: (cookies: CookieAdapter, options?: TokenStorageOptions, logger?: Logger) => TokenStorage;
 //# sourceMappingURL=TokenStorage.d.ts.map

package/dist/TokenStorage.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"TokenStorage.d.ts","sourceRoot":"","sources":["../src/TokenStorage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,aAAa,EAGb,SAAS,EACT,mBAAmB,EACpB,MAAM,YAAY,CAAC;AAQpB,qBAAa,YAAY;IAYrB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAX1B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAIzB;IACF,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAsB;gBAGjC,OAAO,EAAE,aAAa,EACvC,OAAO,GAAE,mBAAwB;IAsCnC,QAAQ,CAAC,IAAI,GAAI,QAAQ,SAAS,KAAG,IAAI,CAIvC;IAEF,QAAQ,CAAC,cAAc,QAAO,MAAM,GAAG,IAAI,CACP;IAEpC,QAAQ,CAAC,eAAe,QAAO,MAAM,GAAG,IAAI,CACP;IAErC,QAAQ,CAAC,WAAW,QAAO,MAAM,GAAG,IAAI,CACF;IAEtC,QAAQ,CAAC,MAAM,QAAO,SAAS,GAAG,IAAI,CAMpC;IAEF,QAAQ,CAAC,KAAK,QAAO,IAAI,CAGvB;CACH"}
+{"version":3,"file":"TokenStorage.d.ts","sourceRoot":"","sources":["../src/TokenStorage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,MAAM,CAAC;AACnC,OAAO,KAAK,EACV,aAAa,EAGb,SAAS,EACT,mBAAmB,EACpB,MAAM,YAAY,CAAC;AAUpB,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,SAAS,KAAK,IAAI,CAAC;IAC3C,QAAQ,CAAC,KAAK,EAAE,MAAM,IAAI,CAAC;IAC3B,QAAQ,CAAC,cAAc,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;IAC7C,QAAQ,CAAC,eAAe,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;IAC9C,QAAQ,CAAC,WAAW,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;IAC1C,QAAQ,CAAC,oBAAoB,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;IACnD,QAAQ,CAAC,cAAc,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,IAAI,CAAC;IACvD,QAAQ,CAAC,eAAe,EAAE,CAAC,YAAY,EAAE,MAAM,KAAK,IAAI,CAAC;IACzD,QAAQ,CAAC,oBAAoB,EAAE,CAAC,iBAAiB,EAAE,MAAM,KAAK,IAAI,CAAC;IACnE,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;IACjD,QAAQ,CAAC,gBAAgB,EAAE,MAAM,IAAI,CAAC;IACtC,QAAQ,CAAC,iBAAiB,EAAE,MAAM,IAAI,CAAC;IACvC,QAAQ,CAAC,aAAa,EAAE,MAAM,IAAI,CAAC;IACnC,QAAQ,CAAC,sBAAsB,EAAE,MAAM,IAAI,CAAC;IAC5C,QAAQ,CAAC,MAAM,EAAE,MAAM,SAAS,GAAG,IAAI,CAAC;CACzC,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAC7B,SAAS,aAAa,EACtB,UAAS,mBAAwB,EACjC,SAAS,MAAM,KACd,YAuGF,CAAC"}