@authticon/client 0.0.0-beta9 → 0.0.4

package/dist/tokens.js

@@ -0,0 +1,212 @@
+import * as jose from "jose";
+import { decodeProtectedHeader, importJWK, jwtVerify, } from "jose";
+import { AuthticonError, AuthticonTokenError } from "./errors.js";
+// --- In-memory cache ---
+export const createInMemoryCacheAdapter = () => {
+    const store = new Map();
+    return {
+        get: (key) => store.get(key),
+        set: (key, value) => {
+            store.set(key, value);
+        },
+        delete: (key) => {
+            store.delete(key);
+        },
+    };
+};
+// --- Token storage ---
+const DEFAULT_ACCESS_TOKEN_NAME = "access_token";
+const DEFAULT_REFRESH_TOKEN_NAME = "refresh_token";
+const DEFAULT_DEVICE_ID_NAME = "device_id";
+const DEFAULT_ADMIN_REFRESH_TOKEN_NAME = "admin_refresh_token";
+const DEFAULT_ACCESS_TOKEN_MAX_AGE = 900;
+const DEFAULT_REFRESH_TOKEN_MAX_AGE = 2_592_000;
+const DEFAULT_ADMIN_REFRESH_TOKEN_MAX_AGE = 2_592_000;
+export const createTokenStorage = (cookies, options = {}, logger) => {
+    const accessName = options.accessTokenName ?? DEFAULT_ACCESS_TOKEN_NAME;
+    const refreshName = options.refreshTokenName ?? DEFAULT_REFRESH_TOKEN_NAME;
+    const deviceIdName = options.deviceIdName ?? DEFAULT_DEVICE_ID_NAME;
+    const adminRefreshName = options.adminRefreshTokenName ?? DEFAULT_ADMIN_REFRESH_TOKEN_NAME;
+    const path = options.path ?? "/";
+    const domain = options.domain;
+    const secure = options.secure ?? true;
+    const sameSite = options.sameSite ?? "lax";
+    const setOpts = {
+        access: {
+            path,
+            domain,
+            secure,
+            sameSite,
+            maxAge: options.accessTokenMaxAge ?? DEFAULT_ACCESS_TOKEN_MAX_AGE,
+        },
+        refresh: {
+            path,
+            domain,
+            secure,
+            sameSite,
+            maxAge: options.refreshTokenMaxAge ?? DEFAULT_REFRESH_TOKEN_MAX_AGE,
+        },
+        deviceId: {
+            path,
+            domain,
+            secure,
+            sameSite,
+            maxAge: options.refreshTokenMaxAge ?? DEFAULT_REFRESH_TOKEN_MAX_AGE,
+        },
+        adminRefresh: {
+            path,
+            domain,
+            secure,
+            sameSite,
+            maxAge: options.adminRefreshTokenMaxAge ?? DEFAULT_ADMIN_REFRESH_TOKEN_MAX_AGE,
+        },
+    };
+    const removeOpts = { path, domain };
+    const setAccessToken = (accessToken) => {
+        logger?.debug({ accessToken: accessToken.slice(0, 10) + "..." }, "Setting access token");
+        cookies.set(accessName, accessToken, setOpts.access);
+    };
+    const setRefreshToken = (refreshToken) => {
+        logger?.debug({ refreshToken: refreshToken.slice(0, 10) + "..." }, "Setting refresh token");
+        cookies.set(refreshName, refreshToken, setOpts.refresh);
+    };
+    const setAdminRefreshToken = (adminRefreshToken) => {
+        logger?.debug({ adminRefreshToken: adminRefreshToken.slice(0, 10) + "..." }, "Setting admin refresh token");
+        cookies.set(adminRefreshName, adminRefreshToken, setOpts.adminRefresh);
+    };
+    const setDeviceId = (deviceId) => {
+        logger?.debug({ deviceId }, "Setting device id");
+        cookies.set(deviceIdName, deviceId, setOpts.deviceId);
+    };
+    const clearAccessToken = () => {
+        logger?.debug("Clearing access token");
+        cookies.remove(accessName, removeOpts);
+    };
+    const clearRefreshToken = () => {
+        logger?.debug("Clearing refresh token");
+        cookies.remove(refreshName, removeOpts);
+    };
+    const clearDeviceId = () => {
+        logger?.debug("Clearing device id");
+        cookies.remove(deviceIdName, removeOpts);
+    };
+    const clearAdminRefreshToken = () => {
+        logger?.debug("Clearing admin refresh token");
+        cookies.remove(adminRefreshName, removeOpts);
+    };
+    const getAccessToken = () => cookies.get(accessName);
+    const getRefreshToken = () => cookies.get(refreshName);
+    const getDeviceId = () => cookies.get(deviceIdName);
+    const getAdminRefreshToken = () => cookies.get(adminRefreshName);
+    return {
+        save: (tokens) => {
+            setAccessToken(tokens.accessToken);
+            setRefreshToken(tokens.refreshToken);
+            if (tokens.deviceId)
+                setDeviceId(tokens.deviceId);
+            if (tokens.adminRefreshToken)
+                setAdminRefreshToken(tokens.adminRefreshToken);
+        },
+        clear: () => {
+            clearAccessToken();
+            clearRefreshToken();
+            clearDeviceId();
+            clearAdminRefreshToken();
+        },
+        getAccessToken,
+        getRefreshToken,
+        getDeviceId,
+        getAdminRefreshToken,
+        setAccessToken,
+        setRefreshToken,
+        setAdminRefreshToken,
+        setDeviceId,
+        clearAccessToken,
+        clearRefreshToken,
+        clearDeviceId,
+        clearAdminRefreshToken,
+        getAll: () => {
+            const accessToken = getAccessToken();
+            const refreshToken = getRefreshToken();
+            if (!accessToken || !refreshToken)
+                return null;
+            return {
+                accessToken,
+                refreshToken,
+                deviceId: getDeviceId() ?? undefined,
+                adminRefreshToken: getAdminRefreshToken() ?? undefined,
+            };
+        },
+    };
+};
+const DEFAULT_CACHE_TTL_MS = 3_600_000;
+const JWKS_CACHE_KEY = "authticon:jwks";
+const importKeysFromJwks = async (jwks) => {
+    const keysWithKid = jwks.filter((jwk) => typeof jwk.kid === "string");
+    const entries = await Promise.all(keysWithKid.map(async (jwk) => {
+        const imported = await importJWK(jwk);
+        if (imported instanceof Uint8Array) {
+            throw new Error(`Symmetric key (kid: ${jwk.kid}) is not supported`);
+        }
+        return [jwk.kid, imported];
+    }));
+    return new Map(entries);
+};
+export const createTokenVerifier = (jwksUrl, cacheTtlMs = DEFAULT_CACHE_TTL_MS, logger, externalCache) => {
+    const cache = externalCache ?? createInMemoryCacheAdapter();
+    const fetchJwks = async () => {
+        const response = await fetch(jwksUrl);
+        if (!response.ok) {
+            throw new AuthticonError(`Failed to fetch JWKS: ${response.status}`);
+        }
+        const data = await response.json();
+        const keys = await importKeysFromJwks(data.keys);
+        cache.set(JWKS_CACHE_KEY, { keys, fetchedAt: Date.now() });
+        logger?.debug({ jwksUrl }, "JWKS fetched");
+        return keys;
+    };
+    const getCachedOrFetch = async () => {
+        const cached = cache.get(JWKS_CACHE_KEY);
+        if (cached && Date.now() - cached.fetchedAt < cacheTtlMs) {
+            return cached.keys;
+        }
+        return fetchJwks();
+    };
+    const resolveKey = async (kid) => {
+        const keys = await getCachedOrFetch();
+        const key = keys.get(kid);
+        if (key)
+            return key;
+        cache.delete(JWKS_CACHE_KEY);
+        const freshKeys = await fetchJwks();
+        const freshKey = freshKeys.get(kid);
+        if (!freshKey) {
+            throw new AuthticonError(`Key with kid "${kid}" not found in JWKS`);
+        }
+        return freshKey;
+    };
+    return {
+        verifyToken: async (token) => {
+            try {
+                const header = decodeProtectedHeader(token);
+                if (!header.kid) {
+                    throw new AuthticonError("Token header is missing 'kid' claim");
+                }
+                const key = await resolveKey(header.kid);
+                const { payload } = await jwtVerify(token, key);
+                return payload;
+            }
+            catch (error) {
+                if (error instanceof jose.errors.JOSEError) {
+                    throw new AuthticonTokenError(error.message, error.code, error);
+                }
+                throw error;
+            }
+        },
+        clearKeyCache: () => {
+            cache.delete(JWKS_CACHE_KEY);
+            logger?.debug("Key cache cleared");
+        },
+    };
+};
+//# sourceMappingURL=tokens.js.map

package/dist/tokens.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../src/tokens.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EACL,qBAAqB,EACrB,SAAS,EACT,SAAS,GAGV,MAAM,MAAM,CAAC;AAEd,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAWlE,0BAA0B;AAE1B,MAAM,CAAC,MAAM,0BAA0B,GAAG,GAAiB,EAAE;IAC3D,MAAM,KAAK,GAAG,IAAI,GAAG,EAAmB,CAAC;IAEzC,OAAO;QACL,GAAG,EAAE,CAAI,GAAW,EAAiB,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAkB;QACvE,GAAG,EAAE,CAAI,GAAW,EAAE,KAAQ,EAAQ,EAAE;YACtC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACxB,CAAC;QACD,MAAM,EAAE,CAAC,GAAW,EAAQ,EAAE;YAC5B,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACpB,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAEF,wBAAwB;AAExB,MAAM,yBAAyB,GAAG,cAAc,CAAC;AACjD,MAAM,0BAA0B,GAAG,eAAe,CAAC;AACnD,MAAM,sBAAsB,GAAG,WAAW,CAAC;AAC3C,MAAM,gCAAgC,GAAG,qBAAqB,CAAC;AAC/D,MAAM,4BAA4B,GAAG,GAAG,CAAC;AACzC,MAAM,6BAA6B,GAAG,SAAS,CAAC;AAChD,MAAM,mCAAmC,GAAG,SAAS,CAAC;AAoBtD,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAAsB,EACtB,UAA+B,EAAE,EACjC,MAAe,EACD,EAAE;IAChB,MAAM,UAAU,GAAG,OAAO,CAAC,eAAe,IAAI,yBAAyB,CAAC;IACxE,MAAM,WAAW,GAAG,OAAO,CAAC,gBAAgB,IAAI,0BAA0B,CAAC;IAC3E,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,sBAAsB,CAAC;IACpE,MAAM,gBAAgB,GACpB,OAAO,CAAC,qBAAqB,IAAI,gCAAgC,CAAC;IAEpE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,GAAG,CAAC;IACjC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC;IACtC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,KAAK,CAAC;IAE3C,MAAM,OAAO,GAAqC;QAChD,MAAM,EAAE;YACN,IAAI;YACJ,MAAM;YACN,MAAM;YACN,QAAQ;YACR,MAAM,EAAE,OAAO,CAAC,iBAAiB,IAAI,4BAA4B;SAClE;QACD,OAAO,EAAE;YACP,IAAI;YACJ,MAAM;YACN,MAAM;YACN,QAAQ;YACR,MAAM,EAAE,OAAO,CAAC,kBAAkB,IAAI,6BAA6B;SACpE;QACD,QAAQ,EAAE;YACR,IAAI;YACJ,MAAM;YACN,MAAM;YACN,QAAQ;YACR,MAAM,EAAE,OAAO,CAAC,kBAAkB,IAAI,6BAA6B;SACpE;QACD,YAAY,EAAE;YACZ,IAAI;YACJ,MAAM;YACN,MAAM;YACN,QAAQ;YACR,MAAM,EACJ,OAAO,CAAC,uBAAuB,IAAI,mCAAmC;SACzE;KACF,CAAC;IAEF,MAAM,UAAU,GAAwB,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAEzD,MAAM,cAAc,GAAG,CAAC,WAAmB,EAAQ,EAAE;QACnD,MAAM,EAAE,KAAK,CACX,EAAE,WAAW,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,EAAE,EACjD,sBAAsB,CACvB,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,WAAW,EAAE,OAAO,CAAC,MAAO,CAAC,CAAC;IACxD,CAAC,CAAC;IAEF,MAAM,eAAe,GAAG,CAAC,YAAoB,EAAQ,EAAE;QACrD,MAAM,EAAE,KAAK,CACX,EAAE,YAAY,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,EAAE,EACnD,uBAAuB,CACxB,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,YAAY,EAAE,OAAO,CAAC,OAAQ,CAAC,CAAC;IAC3D,CAAC,CAAC;IAEF,MAAM,oBAAoB,GAAG,CAAC,iBAAyB,EAAQ,EAAE;QAC/D,MAAM,EAAE,KAAK,CACX,EAAE,iBAAiB,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,EAAE,EAC7D,6BAA6B,CAC9B,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,OAAO,CAAC,YAAa,CAAC,CAAC;IAC1E,CAAC,CAAC;IAEF,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAQ,EAAE;QAC7C,MAAM,EAAE,KAAK,CAAC,EAAE,QAAQ,EAAE,EAAE,mBAAmB,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAS,CAAC,CAAC;IACzD,CAAC,CAAC;IAEF,MAAM,gBAAgB,GAAG,GAAS,EAAE;QAClC,MAAM,EAAE,KAAK,CAAC,uBAAuB,CAAC,CAAC;QACvC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IACzC,CAAC,CAAC;IAEF,MAAM,iBAAiB,GAAG,GAAS,EAAE;QACnC,MAAM,EAAE,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACxC,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IAC1C,CAAC,CAAC;IAEF,MAAM,aAAa,GAAG,GAAS,EAAE;QAC/B,MAAM,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACpC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;IAC3C,CAAC,CAAC;IAEF,MAAM,sBAAsB,GAAG,GAAS,EAAE;QACxC,MAAM,EAAE,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,MAAM,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;IAC/C,CAAC,CAAC;IAEF,MAAM,cAAc,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACrD,MAAM,eAAe,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACvD,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACpD,MAAM,oBAAoB,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAEjE,OAAO;QACL,IAAI,EAAE,CAAC,MAAM,EAAE,EAAE;YACf,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACnC,eAAe,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACrC,IAAI,MAAM,CAAC,QAAQ;gBAAE,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAClD,IAAI,MAAM,CAAC,iBAAiB;gBAC1B,oBAAoB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QACnD,CAAC;QACD,KAAK,EAAE,GAAG,EAAE;YACV,gBAAgB,EAAE,CAAC;YACnB,iBAAiB,EAAE,CAAC;YACpB,aAAa,EAAE,CAAC;YAChB,sBAAsB,EAAE,CAAC;QAC3B,CAAC;QACD,cAAc;QACd,eAAe;QACf,WAAW;QACX,oBAAoB;QACpB,cAAc;QACd,eAAe;QACf,oBAAoB;QACpB,WAAW;QACX,gBAAgB;QAChB,iBAAiB;QACjB,aAAa;QACb,sBAAsB;QACtB,MAAM,EAAE,GAAG,EAAE;YACX,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;YACrC,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;YACvC,IAAI,CAAC,WAAW,IAAI,CAAC,YAAY;gBAAE,OAAO,IAAI,CAAC;YAC/C,OAAO;gBACL,WAAW;gBACX,YAAY;gBACZ,QAAQ,EAAE,WAAW,EAAE,IAAI,SAAS;gBACpC,iBAAiB,EAAE,oBAAoB,EAAE,IAAI,SAAS;aACvD,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAaF,MAAM,oBAAoB,GAAG,SAAS,CAAC;AACvC,MAAM,cAAc,GAAG,gBAAgB,CAAC;AAExC,MAAM,kBAAkB,GAAG,KAAK,EAC9B,IAAoB,EACyB,EAAE;IAC/C,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAC7B,CAAC,GAAG,EAAyC,EAAE,CAAC,OAAO,GAAG,CAAC,GAAG,KAAK,QAAQ,CAC5E,CAAC;IAEF,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC5B,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,QAAQ,YAAY,UAAU,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,CAAC,GAAG,oBAAoB,CAAC,CAAC;QACtE,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAU,CAAC;IACtC,CAAC,CAAC,CACH,CAAC;IAEF,OAAO,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;AAC1B,CAAC,CAAC;AAOF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAGjC,OAAe,EACf,aAAqB,oBAAoB,EACzC,MAAe,EACf,aAA4B,EACJ,EAAE;IAC1B,MAAM,KAAK,GAAG,aAAa,IAAI,0BAA0B,EAAE,CAAC;IAE5D,MAAM,SAAS,GAAG,KAAK,IAAiD,EAAE;QACxE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,cAAc,CAAC,yBAAyB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACvE,CAAC;QACD,MAAM,IAAI,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACjD,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjD,KAAK,CAAC,GAAG,CAAa,cAAc,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACvE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,cAAc,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IAEF,MAAM,gBAAgB,GAAG,KAAK,IAE5B,EAAE;QACF,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAa,cAAc,CAAC,CAAC;QACrD,IAAI,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,UAAU,EAAE,CAAC;YACzD,OAAO,MAAM,CAAC,IAAI,CAAC;QACrB,CAAC;QACD,OAAO,SAAS,EAAE,CAAC;IACrB,CAAC,CAAC;IAEF,MAAM,UAAU,GAAG,KAAK,EAAE,GAAW,EAA0B,EAAE;QAC/D,MAAM,IAAI,GAAG,MAAM,gBAAgB,EAAE,CAAC;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC1B,IAAI,GAAG;YAAE,OAAO,GAAG,CAAC;QAEpB,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QAC7B,MAAM,SAAS,GAAG,MAAM,SAAS,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,cAAc,CAAC,iBAAiB,GAAG,qBAAqB,CAAC,CAAC;QACtE,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO;QACL,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YAC3B,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAAC;gBAC5C,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;oBAChB,MAAM,IAAI,cAAc,CAAC,qCAAqC,CAAC,CAAC;gBAClE,CAAC;gBACD,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACzC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CACjC,KAAK,EACL,GAAG,CACJ,CAAC;gBACF,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;oBAC3C,MAAM,IAAI,mBAAmB,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;gBAClE,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;QAED,aAAa,EAAE,GAAG,EAAE;YAClB,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;YAC7B,MAAM,EAAE,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACrC,CAAC;KACF,CAAC;AACJ,CAAC,CAAC"}

package/dist/types.d.ts

@@ -1,15 +1,22 @@
 import type { JWTPayload } from "jose";
+import type { Logger } from "pino";
 export type { JWTPayload } from "jose";
+export interface CacheAdapter {
+    readonly get: <T>(key: string) => T | undefined;
+    readonly set: <T>(key: string, value: T) => void;
+    readonly delete: (key: string) => void;
+}
 export type TokenPair = {
     readonly accessToken: string;
     readonly refreshToken: string;
-    readonly deviceId: string;
+    readonly deviceId?: string;
+    readonly adminRefreshToken?: string;
 };
 export type CookieSetOptions = {
     readonly path: string;
     readonly domain?: string | undefined;
     readonly secure: boolean;
-    readonly sameSite: "Strict" | "Lax" | "None";
+    readonly sameSite: "strict" | "lax" | "none";
     readonly maxAge: number;
 };
 export type CookieRemoveOptions = {
@@ -25,27 +32,62 @@ export type TokenStorageOptions = {
     readonly accessTokenName?: string;
     readonly refreshTokenName?: string;
     readonly deviceIdName?: string;
+    readonly rememberTokenName?: string;
+    readonly adminRefreshTokenName?: string;
     readonly path?: string;
     readonly domain?: string;
     readonly secure?: boolean;
-    readonly sameSite?: "Strict" | "Lax" | "None";
+    readonly sameSite?: "strict" | "lax" | "none";
     readonly accessTokenMaxAge?: number;
     readonly refreshTokenMaxAge?: number;
+    readonly rememberTokenMaxAge?: number;
+    readonly adminRefreshTokenMaxAge?: number;
 };
 export type TokenManagerOptions = {
     readonly jwksUrl: string;
     readonly jwksCacheTtlMs?: number | undefined;
     readonly cookies?: CookieAdapter | undefined;
     readonly storage?: TokenStorageOptions | undefined;
+    readonly cache?: CacheAdapter | undefined;
 };
+export type Challenge = "verifyTwoFa" | "setTwoFa" | "resetPassword" | "setPassword";
+/** @deprecated Use Challenge instead */
+export type Challange = Challenge;
 export type AccessTokenPayload<Payload extends Record<string, any>> = JWTPayload & Payload & {
     authticon: {
         sessionId: string;
         userId: string;
         projectId: string;
-        role: 'guest' | 'user';
-        twoFaEnabled: boolean;
-        twoFaType: 'email' | 'sms' | 'app';
+        role: "guest" | "user";
+        challenges: Challenge[];
+        loggedByAdminId?: string;
     };
 };
+export type DefaultAccessTokenPayload = {
+    id: string;
+    email: string;
+    firstName: string;
+    lastName: string;
+};
+export type SessionUser<Payload extends Record<string, any> = DefaultAccessTokenPayload> = Payload & {
+    readonly sessionId: string;
+    readonly projectId: string;
+    readonly challenges: Challenge[];
+    readonly raw: AccessTokenPayload<Payload>;
+};
+export type AuthticonOptions = {
+    readonly projectId: string;
+    readonly baseUrl?: string;
+    readonly jwksUrl?: string;
+    readonly jwksCacheTtlMs?: number;
+    readonly cache?: CacheAdapter;
+    readonly logger?: Logger;
+};
+export type SessionOptions = {
+    request: Request;
+    tokenStorage?: TokenStorageOptions;
+} | {
+    cookies: CookieAdapter;
+    tokenStorage?: TokenStorageOptions;
+};
 //# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC,YAAY,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAIvC,MAAM,MAAM,SAAS,GAAG;IACtB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACrC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC7C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CACtC,CAAC;AAEF,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAC9C,QAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,gBAAgB,KAAK,IAAI,CAAC;IAC/E,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,KAAK,IAAI,CAAC;CACvE;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC9C,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;CACtC,CAAC;AAIF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7C,QAAQ,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,SAAS,CAAC;IAC7C,QAAQ,CAAC,OAAO,CAAC,EAAE,mBAAmB,GAAG,SAAS,CAAC;CACpD,CAAC;AAEF,MAAM,MAAM,kBAAkB,CAAC,OAAO,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,UAAU,GAAG,OAAO,GAAG;IAC3F,SAAS,EAAE;QACT,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,EAAE,MAAM,CAAC;QAClB,IAAI,EAAE,OAAO,GAAG,MAAM,CAAC;QACvB,YAAY,EAAE,OAAO,CAAC;QACtB,SAAS,EAAE,OAAO,GAAG,KAAK,GAAG,KAAK,CAAC;KACpC,CAAC;CACH,CAAA"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AACvC,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,MAAM,CAAC;AAEnC,YAAY,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAIvC,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC,GAAG,SAAS,CAAC;IAChD,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,KAAK,IAAI,CAAC;IACjD,QAAQ,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CACxC;AAID,MAAM,MAAM,SAAS,GAAG;IACtB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACrC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC7C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CACtC,CAAC;AAEF,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAC9C,QAAQ,CAAC,GAAG,EAAE,CACZ,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,gBAAgB,KACtB,IAAI,CAAC;IACV,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,KAAK,IAAI,CAAC;CACvE;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IACxC,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC9C,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IACtC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,MAAM,CAAC;CAC3C,CAAC;AAIF,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7C,QAAQ,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,SAAS,CAAC;IAC7C,QAAQ,CAAC,OAAO,CAAC,EAAE,mBAAmB,GAAG,SAAS,CAAC;IACnD,QAAQ,CAAC,KAAK,CAAC,EAAE,YAAY,GAAG,SAAS,CAAC;CAC3C,CAAC;AAIF,MAAM,MAAM,SAAS,GACjB,aAAa,GACb,UAAU,GACV,eAAe,GACf,aAAa,CAAC;AAElB,wCAAwC;AACxC,MAAM,MAAM,SAAS,GAAG,SAAS,CAAC;AAIlC,MAAM,MAAM,kBAAkB,CAAC,OAAO,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAChE,UAAU,GACR,OAAO,GAAG;IACR,SAAS,EAAE;QACT,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,EAAE,MAAM,CAAC;QAClB,IAAI,EAAE,OAAO,GAAG,MAAM,CAAC;QACvB,UAAU,EAAE,SAAS,EAAE,CAAC;QACxB,eAAe,CAAC,EAAE,MAAM,CAAC;KAC1B,CAAC;CACH,CAAC;AAEN,MAAM,MAAM,yBAAyB,GAAG;IACtC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAIF,MAAM,MAAM,WAAW,CACrB,OAAO,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,yBAAyB,IAC7D,OAAO,GAAG;IACZ,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC;IACjC,QAAQ,CAAC,GAAG,EAAE,kBAAkB,CAAC,OAAO,CAAC,CAAC;CAC3C,CAAC;AAIF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,KAAK,CAAC,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAIF,MAAM,MAAM,cAAc,GACtB;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,YAAY,CAAC,EAAE,mBAAmB,CAAA;CAAE,GACxD;IAAE,OAAO,EAAE,aAAa,CAAC;IAAC,YAAY,CAAC,EAAE,mBAAmB,CAAA;CAAE,CAAC"}

package/package.json

@@ -1,15 +1,29 @@
 {
   "name": "@authticon/client",
-  "version": "0.0.0-beta9",
+  "version": "0.0.4",
   "description": "Official Authticon API client for Node.js",
   "license": "MIT",
   "type": "module",
-  "main": "./dist/index.js",
-  "types": "./dist/index.d.ts",
+  "main": "./dist/node.js",
+  "types": "./dist/node.d.ts",
   "exports": {
     ".": {
-      "types": "./dist/index.d.ts",
-      "import": "./dist/index.js"
+      "browser": {
+        "types": "./dist/browser.d.ts",
+        "import": "./dist/browser.js"
+      },
+      "default": {
+        "types": "./dist/node.d.ts",
+        "import": "./dist/node.js"
+      }
+    },
+    "./browser": {
+      "types": "./dist/browser.d.ts",
+      "import": "./dist/browser.js"
+    },
+    "./node": {
+      "types": "./dist/node.d.ts",
+      "import": "./dist/node.js"
     }
   },
   "files": [
@@ -35,19 +49,20 @@
     "registry": "https://registry.npmjs.org/"
   },
   "scripts": {
-    "codegen:auto": "wget http://authticon-krs.dev.kubeticon.com/documentation/yaml -O openapi.yaml && npm run codegen && rm openapi.yaml",
+    "codegen:auto": "wget http://authticon-krs.dev.kubeticon.com/documentation/yaml -O openapi.yaml && npm run codegen ",
     "codegen": "openapi-ts",
     "build": "tsc",
+    "dev": "tsc --watch",
     "test": "vitest",
     "prepublishOnly": "npm run build"
   },
   "dependencies": {
-    "axios": "^1.13.6",
+    "@types/pino": "^7.0.5",
     "cookie": "^1.1.1",
     "jose": "^6.2.0"
   },
   "devDependencies": {
-    "@hey-api/client-axios": "^0.9.1",
+    "@hey-api/client-fetch": "^0.9.0",
     "@hey-api/openapi-ts": "0.94.1",
     "@types/node": "^25.5.0",
     "dotenv": "^17.3.1",

package/dist/Acccount.d.ts

@@ -1,9 +0,0 @@
-import type { Client } from "./generated/client/index.js";
-import { type PostApiV1AuthEmailChangeData, type PostApiV1AuthPasswordChangeData } from "./generated/index.js";
-export declare class Account {
-    private readonly client;
-    constructor(client: Client);
-    changeEmail(params: PostApiV1AuthEmailChangeData['body']): Promise<null>;
-    changePassword(params: PostApiV1AuthPasswordChangeData['body']): Promise<null>;
-}
-//# sourceMappingURL=Acccount.d.ts.map

package/dist/Acccount.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"Acccount.d.ts","sourceRoot":"","sources":["../src/Acccount.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,6BAA6B,CAAC;AAC1D,OAAO,EAAyD,KAAK,4BAA4B,EAAE,KAAK,+BAA+B,EAAE,MAAM,sBAAsB,CAAC;AAEtK,qBAAa,OAAO;IACJ,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,MAAM;IAErC,WAAW,CAAC,MAAM,EAAE,4BAA4B,CAAC,MAAM,CAAC;IAQxD,cAAc,CAAC,MAAM,EAAE,+BAA+B,CAAC,MAAM,CAAC;CAOvE"}

package/dist/Acccount.js

@@ -1,22 +0,0 @@
-import { postApiV1AuthEmailChange, postApiV1AuthPasswordChange } from "./generated/index.js";
-export class Account {
-    client;
-    constructor(client) {
-        this.client = client;
-    }
-    async changeEmail(params) {
-        const { data } = await postApiV1AuthEmailChange({
-            client: this.client,
-            body: params
-        });
-        return data;
-    }
-    async changePassword(params) {
-        const { data } = await postApiV1AuthPasswordChange({
-            client: this.client,
-            body: params
-        });
-        return data;
-    }
-}
-//# sourceMappingURL=Acccount.js.map

package/dist/Acccount.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"Acccount.js","sourceRoot":"","sources":["../src/Acccount.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,2BAA2B,EAA2E,MAAM,sBAAsB,CAAC;AAEtK,MAAM,OAAO,OAAO;IACa;IAA7B,YAA6B,MAAc;QAAd,WAAM,GAAN,MAAM,CAAQ;IAAG,CAAC;IAE/C,KAAK,CAAC,WAAW,CAAC,MAA4C;QAC1D,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,wBAAwB,CAAC;YAC5C,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE,MAAM;SACf,CAAC,CAAA;QACF,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAA+C;QAChE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,2BAA2B,CAAC;YAC/C,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE,MAAM;SACf,CAAC,CAAA;QACF,OAAO,IAAI,CAAC;IAChB,CAAC;CACJ"}

package/dist/Auth.d.ts

@@ -1,25 +0,0 @@
-import type { Client } from "./generated/client/index.js";
-import type { PostApiV1AuthLoginData, PostApiV1AuthRegisterData } from "./generated/types.gen.js";
-export declare class Auth {
-    private readonly client;
-    constructor(client: Client);
-    login(params: PostApiV1AuthLoginData["body"]): Promise<{
-        accessToken: string;
-        refreshToken: string;
-        deviceId: string;
-    } | {
-        twoFaType: "email" | "sms" | "app";
-        twoFaToken: string;
-        deviceId: string;
-    }>;
-    register(params: PostApiV1AuthRegisterData['body']): Promise<{
-        userId: string;
-    }>;
-    logout(refreshToken: string): Promise<{
-        success: boolean;
-    }>;
-    refresh(refreshToken: string): Promise<{
-        accessToken: string;
-    }>;
-}
-//# sourceMappingURL=Auth.d.ts.map

package/dist/Auth.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"Auth.d.ts","sourceRoot":"","sources":["../src/Auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,6BAA6B,CAAC;AAE1D,OAAO,KAAK,EAAE,sBAAsB,EAAE,yBAAyB,EAAE,MAAM,0BAA0B,CAAC;AAGlG,qBAAa,IAAI;IACH,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,MAAM;IAErC,KAAK,CAAC,MAAM,EAAE,sBAAsB,CAAC,MAAM,CAAC;;;;;;;;;IAQ5C,QAAQ,CAAC,MAAM,EAAE,yBAAyB,CAAC,MAAM,CAAC;;;IAQlD,MAAM,CAAC,YAAY,EAAE,MAAM;;;IAU3B,OAAO,CAAC,YAAY,EAAE,MAAM;;;CASnC"}

package/dist/Auth.js

@@ -1,43 +0,0 @@
-import { postApiV1AuthLogin, postApiV1AuthLogout, postApiV1AuthRegister, postApiV1AuthTokenRefresh } from "./generated/sdk.gen.js";
-export class Auth {
-    client;
-    constructor(client) {
-        this.client = client;
-    }
-    async login(params) {
-        const { data } = await postApiV1AuthLogin({
-            client: this.client,
-            body: params
-        });
-        return data;
-    }
-    ;
-    async register(params) {
-        const { data } = await postApiV1AuthRegister({
-            client: this.client,
-            body: params
-        });
-        return data;
-    }
-    ;
-    async logout(refreshToken) {
-        const { data } = await postApiV1AuthLogout({
-            client: this.client,
-            body: {
-                refreshToken
-            }
-        });
-        return data;
-    }
-    ;
-    async refresh(refreshToken) {
-        const { data } = await postApiV1AuthTokenRefresh({
-            client: this.client,
-            body: {
-                refreshToken
-            }
-        });
-        return data;
-    }
-}
-//# sourceMappingURL=Auth.js.map

package/dist/Auth.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"Auth.js","sourceRoot":"","sources":["../src/Auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AAInI,MAAM,OAAO,IAAI;IACc;IAA7B,YAA6B,MAAc;QAAd,WAAM,GAAN,MAAM,CAAQ;IAAG,CAAC;IAE/C,KAAK,CAAC,KAAK,CAAC,MAAsC;QAChD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,kBAAkB,CAAC;YACxC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE,MAAM;SACb,CAAC,CAAA;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAAA,CAAC;IAEF,KAAK,CAAC,QAAQ,CAAC,MAAyC;QACtD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,qBAAqB,CAAC;YAC3C,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE,MAAM;SACb,CAAC,CAAA;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAAA,CAAC;IAEF,KAAK,CAAC,MAAM,CAAC,YAAoB;QAC/B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,mBAAmB,CAAC;YACzC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE;gBACJ,YAAY;aACb;SACF,CAAC,CAAA;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAAA,CAAC;IAEF,KAAK,CAAC,OAAO,CAAC,YAAoB;QAChC,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,yBAAyB,CAAC;YAC/C,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE;gBACJ,YAAY;aACb;SACF,CAAC,CAAA;QACF,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}

package/dist/Authticon.d.ts

@@ -1,87 +0,0 @@
-import { Account } from "./Acccount.js";
-import { Auth } from "./Auth.js";
-import { Challange } from "./Challange.js";
-import { TokenManager } from "./TokenManager.js";
-import { TwoFa } from "./TwoFa.js";
-import type { CookieAdapter, TokenStorageOptions } from "./types.js";
-import { Users } from "./Users.js";
-type ClientOptions<C extends CookieAdapter> = {
-    readonly apiKey: string;
-    readonly baseURL?: string;
-    readonly jwksUrl?: string;
-    readonly jwksCacheTtlMs?: number;
-    readonly cookies?: C;
-    readonly tokenStorage?: TokenStorageOptions;
-};
-export declare class Authticon<Payload extends Record<string, any>, C extends CookieAdapter> {
-    private readonly client;
-    readonly auth: Auth;
-    readonly users: Users;
-    readonly tokens: TokenManager<Payload>;
-    readonly twoFa: TwoFa;
-    readonly account: Account;
-    readonly challange: Challange;
-    private readonly cookiesAdapter?;
-    constructor(options: ClientOptions<C>);
-    hasSession(): boolean;
-    verifyToken(): Promise<import("./types.js").AccessTokenPayload<Payload>>;
-    getUser(): Promise<import("./types.js").JWTPayload & Payload & {
-        auth: {
-            logout: () => Promise<{
-                success: boolean;
-            }>;
-            refresh: () => Promise<{
-                accessToken: string;
-            }>;
-        };
-        account: {
-            changeEmail: (newEmail: string) => Promise<null>;
-            changePassword: (newPassword: string, oldPassword: string) => Promise<null>;
-        };
-        twoFa: {
-            enabled: boolean;
-            type: "email" | "sms" | "app";
-            getSecret: () => Promise<{
-                secret: string;
-                uri: string;
-            }>;
-            enablePhone: () => Promise<{
-                success: boolean;
-            }>;
-            enableEmail: () => Promise<{
-                success: boolean;
-            }>;
-            enableApp: (token: string) => Promise<{
-                success: boolean;
-            }>;
-            disable: (token: string) => Promise<{
-                success: boolean;
-            }>;
-        };
-        challange: {
-            startPhone: (phone: string) => Promise<null>;
-            completePhone: (phone: string, code: string) => Promise<null>;
-        };
-        authticon: {
-            sessionId: string;
-            userId: string;
-            projectId: string;
-            role: "guest" | "user";
-            twoFaEnabled: boolean;
-            twoFaType: "email" | "sms" | "app";
-        };
-    }>;
-    cookies(): C;
-    login(email: string, password: string, userAgent: string): Promise<{
-        accessToken: string;
-        refreshToken: string;
-        deviceId: string;
-    } | {
-        twoFaType: "email" | "sms" | "app";
-        twoFaToken: string;
-        deviceId: string;
-    }>;
-}
-export declare function createAuthticon<Payload extends Record<string, any> = Record<string, any>, C extends CookieAdapter = CookieAdapter>(options: ClientOptions<C>): Authticon<Payload, C>;
-export {};
-//# sourceMappingURL=Authticon.d.ts.map

package/dist/Authticon.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"Authticon.d.ts","sourceRoot":"","sources":["../src/Authticon.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AACnC,OAAO,KAAK,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAErE,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAEnC,KAAK,aAAa,CAAC,CAAC,SAAS,aAAa,IAAI;IAC5C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IACrB,QAAQ,CAAC,YAAY,CAAC,EAAE,mBAAmB,CAAC;CAC7C,CAAC;AAEF,qBAAa,SAAS,CACpB,OAAO,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACnC,CAAC,SAAS,aAAa;IAEvB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;IACvC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAI;gBAExB,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;IA4B9B,UAAU;IAIJ,WAAW;IAUX,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAKb,OAAO;IAOD,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;CAOtE;AAED,wBAAgB,eAAe,CAC7B,OAAO,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzD,CAAC,SAAS,aAAa,GAAG,aAAa,EACvC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC,yBAE1B"}