@commercekitsdk/auth 1.0.0

package/dist/firebase.cjs

@@ -0,0 +1,31 @@
+'use strict';
+
+// src/firebase.ts
+async function toSession(user) {
+  if (!user) return null;
+  const token = await user.getIdToken();
+  return { token, user: { id: user.uid, ...user.email ? { email: user.email } : {} } };
+}
+function createFirebaseAuth(config) {
+  const { auth } = config;
+  return {
+    getToken: async () => auth.currentUser ? auth.currentUser.getIdToken() : null,
+    getCustomerId: () => auth.currentUser?.uid ?? null,
+    getSession: () => toSession(auth.currentUser),
+    signIn: async (credentials) => {
+      const { user } = await auth.signInWithEmailAndPassword(
+        credentials.email,
+        credentials.password
+      );
+      return await toSession(user);
+    },
+    signOut: () => auth.signOut(),
+    onAuthChange: (handler) => auth.onAuthStateChanged((user) => {
+      void toSession(user).then(handler);
+    })
+  };
+}
+
+exports.createFirebaseAuth = createFirebaseAuth;
+//# sourceMappingURL=firebase.cjs.map
+//# sourceMappingURL=firebase.cjs.map

package/dist/firebase.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/firebase.ts"],"names":[],"mappings":";;;AAeA,eAAe,UAAU,IAAA,EAAwD;AAC/E,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,EAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,UAAA,EAAW;AACpC,EAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,EAAE,EAAA,EAAI,KAAK,GAAA,EAAK,GAAI,IAAA,CAAK,KAAA,GAAQ,EAAE,KAAA,EAAO,IAAA,CAAK,OAAM,GAAI,IAAI,EAAE;AACvF;AAQO,SAAS,mBAAmB,MAAA,EAAoD;AACrF,EAAA,MAAM,EAAE,MAAK,GAAI,MAAA;AAEjB,EAAA,OAAO;AAAA,IACL,UAAU,YAAa,IAAA,CAAK,cAAc,IAAA,CAAK,WAAA,CAAY,YAAW,GAAI,IAAA;AAAA,IAC1E,aAAA,EAAe,MAAM,IAAA,CAAK,WAAA,EAAa,GAAA,IAAO,IAAA;AAAA,IAC9C,UAAA,EAAY,MAAM,SAAA,CAAU,IAAA,CAAK,WAAW,CAAA;AAAA,IAE5C,MAAA,EAAQ,OAAO,WAAA,KAAgB;AAC7B,MAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,IAAA,CAAK,0BAAA;AAAA,QAC1B,WAAA,CAAY,KAAA;AAAA,QACZ,WAAA,CAAY;AAAA,OACd;AACA,MAAA,OAAQ,MAAM,UAAU,IAAI,CAAA;AAAA,IAC9B,CAAA;AAAA,IAEA,OAAA,EAAS,MAAM,IAAA,CAAK,OAAA,EAAQ;AAAA,IAE5B,cAAc,CAAC,OAAA,KACb,IAAA,CAAK,kBAAA,CAAmB,CAAC,IAAA,KAAS;AAChC,MAAA,KAAK,SAAA,CAAU,IAAI,CAAA,CAAE,IAAA,CAAK,OAAO,CAAA;AAAA,IACnC,CAAC;AAAA,GACL;AACF","file":"firebase.cjs","sourcesContent":["import type { AuthSession, CommerceAuth, Unsubscribe } from \"./types.js\";\n\n/** Structural slice of the Firebase Auth client (v8/compat shape). */\ninterface FirebaseUser {\n  uid: string;\n  email: string | null;\n  getIdToken(): Promise<string>;\n}\nexport interface FirebaseAuthClient {\n  currentUser: FirebaseUser | null;\n  signInWithEmailAndPassword(email: string, password: string): Promise<{ user: FirebaseUser }>;\n  signOut(): Promise<void>;\n  onAuthStateChanged(callback: (user: FirebaseUser | null) => void): () => void;\n}\n\nasync function toSession(user: FirebaseUser | null): Promise<AuthSession | null> {\n  if (!user) return null;\n  const token = await user.getIdToken();\n  return { token, user: { id: user.uid, ...(user.email ? { email: user.email } : {}) } };\n}\n\n/**\n * Wraps a Firebase Auth client as a {@link CommerceAuth}.\n *\n * @example\n * const auth = createFirebaseAuth({ auth: firebase.auth() });\n */\nexport function createFirebaseAuth(config: { auth: FirebaseAuthClient }): CommerceAuth {\n  const { auth } = config;\n\n  return {\n    getToken: async () => (auth.currentUser ? auth.currentUser.getIdToken() : null),\n    getCustomerId: () => auth.currentUser?.uid ?? null,\n    getSession: () => toSession(auth.currentUser),\n\n    signIn: async (credentials) => {\n      const { user } = await auth.signInWithEmailAndPassword(\n        credentials.email,\n        credentials.password,\n      );\n      return (await toSession(user))!;\n    },\n\n    signOut: () => auth.signOut(),\n\n    onAuthChange: (handler): Unsubscribe =>\n      auth.onAuthStateChanged((user) => {\n        void toSession(user).then(handler);\n      }),\n  };\n}\n"]}

package/dist/firebase.d.cts

@@ -0,0 +1,28 @@
+import { C as CommerceAuth } from './types-CSm6J3gP.cjs';
+import '@commercekitsdk/core';
+
+/** Structural slice of the Firebase Auth client (v8/compat shape). */
+interface FirebaseUser {
+    uid: string;
+    email: string | null;
+    getIdToken(): Promise<string>;
+}
+interface FirebaseAuthClient {
+    currentUser: FirebaseUser | null;
+    signInWithEmailAndPassword(email: string, password: string): Promise<{
+        user: FirebaseUser;
+    }>;
+    signOut(): Promise<void>;
+    onAuthStateChanged(callback: (user: FirebaseUser | null) => void): () => void;
+}
+/**
+ * Wraps a Firebase Auth client as a {@link CommerceAuth}.
+ *
+ * @example
+ * const auth = createFirebaseAuth({ auth: firebase.auth() });
+ */
+declare function createFirebaseAuth(config: {
+    auth: FirebaseAuthClient;
+}): CommerceAuth;
+
+export { type FirebaseAuthClient, createFirebaseAuth };

package/dist/firebase.d.ts

@@ -0,0 +1,28 @@
+import { C as CommerceAuth } from './types-CSm6J3gP.js';
+import '@commercekitsdk/core';
+
+/** Structural slice of the Firebase Auth client (v8/compat shape). */
+interface FirebaseUser {
+    uid: string;
+    email: string | null;
+    getIdToken(): Promise<string>;
+}
+interface FirebaseAuthClient {
+    currentUser: FirebaseUser | null;
+    signInWithEmailAndPassword(email: string, password: string): Promise<{
+        user: FirebaseUser;
+    }>;
+    signOut(): Promise<void>;
+    onAuthStateChanged(callback: (user: FirebaseUser | null) => void): () => void;
+}
+/**
+ * Wraps a Firebase Auth client as a {@link CommerceAuth}.
+ *
+ * @example
+ * const auth = createFirebaseAuth({ auth: firebase.auth() });
+ */
+declare function createFirebaseAuth(config: {
+    auth: FirebaseAuthClient;
+}): CommerceAuth;
+
+export { type FirebaseAuthClient, createFirebaseAuth };

package/dist/firebase.js

@@ -0,0 +1,29 @@
+// src/firebase.ts
+async function toSession(user) {
+  if (!user) return null;
+  const token = await user.getIdToken();
+  return { token, user: { id: user.uid, ...user.email ? { email: user.email } : {} } };
+}
+function createFirebaseAuth(config) {
+  const { auth } = config;
+  return {
+    getToken: async () => auth.currentUser ? auth.currentUser.getIdToken() : null,
+    getCustomerId: () => auth.currentUser?.uid ?? null,
+    getSession: () => toSession(auth.currentUser),
+    signIn: async (credentials) => {
+      const { user } = await auth.signInWithEmailAndPassword(
+        credentials.email,
+        credentials.password
+      );
+      return await toSession(user);
+    },
+    signOut: () => auth.signOut(),
+    onAuthChange: (handler) => auth.onAuthStateChanged((user) => {
+      void toSession(user).then(handler);
+    })
+  };
+}
+
+export { createFirebaseAuth };
+//# sourceMappingURL=firebase.js.map
+//# sourceMappingURL=firebase.js.map

package/dist/firebase.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/firebase.ts"],"names":[],"mappings":";AAeA,eAAe,UAAU,IAAA,EAAwD;AAC/E,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,EAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,UAAA,EAAW;AACpC,EAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,EAAE,EAAA,EAAI,KAAK,GAAA,EAAK,GAAI,IAAA,CAAK,KAAA,GAAQ,EAAE,KAAA,EAAO,IAAA,CAAK,OAAM,GAAI,IAAI,EAAE;AACvF;AAQO,SAAS,mBAAmB,MAAA,EAAoD;AACrF,EAAA,MAAM,EAAE,MAAK,GAAI,MAAA;AAEjB,EAAA,OAAO;AAAA,IACL,UAAU,YAAa,IAAA,CAAK,cAAc,IAAA,CAAK,WAAA,CAAY,YAAW,GAAI,IAAA;AAAA,IAC1E,aAAA,EAAe,MAAM,IAAA,CAAK,WAAA,EAAa,GAAA,IAAO,IAAA;AAAA,IAC9C,UAAA,EAAY,MAAM,SAAA,CAAU,IAAA,CAAK,WAAW,CAAA;AAAA,IAE5C,MAAA,EAAQ,OAAO,WAAA,KAAgB;AAC7B,MAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,IAAA,CAAK,0BAAA;AAAA,QAC1B,WAAA,CAAY,KAAA;AAAA,QACZ,WAAA,CAAY;AAAA,OACd;AACA,MAAA,OAAQ,MAAM,UAAU,IAAI,CAAA;AAAA,IAC9B,CAAA;AAAA,IAEA,OAAA,EAAS,MAAM,IAAA,CAAK,OAAA,EAAQ;AAAA,IAE5B,cAAc,CAAC,OAAA,KACb,IAAA,CAAK,kBAAA,CAAmB,CAAC,IAAA,KAAS;AAChC,MAAA,KAAK,SAAA,CAAU,IAAI,CAAA,CAAE,IAAA,CAAK,OAAO,CAAA;AAAA,IACnC,CAAC;AAAA,GACL;AACF","file":"firebase.js","sourcesContent":["import type { AuthSession, CommerceAuth, Unsubscribe } from \"./types.js\";\n\n/** Structural slice of the Firebase Auth client (v8/compat shape). */\ninterface FirebaseUser {\n  uid: string;\n  email: string | null;\n  getIdToken(): Promise<string>;\n}\nexport interface FirebaseAuthClient {\n  currentUser: FirebaseUser | null;\n  signInWithEmailAndPassword(email: string, password: string): Promise<{ user: FirebaseUser }>;\n  signOut(): Promise<void>;\n  onAuthStateChanged(callback: (user: FirebaseUser | null) => void): () => void;\n}\n\nasync function toSession(user: FirebaseUser | null): Promise<AuthSession | null> {\n  if (!user) return null;\n  const token = await user.getIdToken();\n  return { token, user: { id: user.uid, ...(user.email ? { email: user.email } : {}) } };\n}\n\n/**\n * Wraps a Firebase Auth client as a {@link CommerceAuth}.\n *\n * @example\n * const auth = createFirebaseAuth({ auth: firebase.auth() });\n */\nexport function createFirebaseAuth(config: { auth: FirebaseAuthClient }): CommerceAuth {\n  const { auth } = config;\n\n  return {\n    getToken: async () => (auth.currentUser ? auth.currentUser.getIdToken() : null),\n    getCustomerId: () => auth.currentUser?.uid ?? null,\n    getSession: () => toSession(auth.currentUser),\n\n    signIn: async (credentials) => {\n      const { user } = await auth.signInWithEmailAndPassword(\n        credentials.email,\n        credentials.password,\n      );\n      return (await toSession(user))!;\n    },\n\n    signOut: () => auth.signOut(),\n\n    onAuthChange: (handler): Unsubscribe =>\n      auth.onAuthStateChanged((user) => {\n        void toSession(user).then(handler);\n      }),\n  };\n}\n"]}

package/dist/index.cjs

@@ -0,0 +1,18 @@
+'use strict';
+
+// src/cart-sync.ts
+function attachCartSync(auth, options) {
+  return auth.onAuthChange((session) => {
+    if (!session) return;
+    const guestCartId = options.getGuestCartId();
+    if (!guestCartId) return;
+    const userCartId = options.resolveUserCartId(session);
+    if (guestCartId === userCartId) return;
+    void options.client.cart.merge(guestCartId, userCartId).then(() => options.onMerged?.(userCartId)).catch(() => {
+    });
+  });
+}
+
+exports.attachCartSync = attachCartSync;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/cart-sync.ts"],"names":[],"mappings":";;;AA+BO,SAAS,cAAA,CAAe,MAAoB,OAAA,EAAuC;AACxF,EAAA,OAAO,IAAA,CAAK,YAAA,CAAa,CAAC,OAAA,KAAY;AACpC,IAAA,IAAI,CAAC,OAAA,EAAS;AACd,IAAA,MAAM,WAAA,GAAc,QAAQ,cAAA,EAAe;AAC3C,IAAA,IAAI,CAAC,WAAA,EAAa;AAClB,IAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,iBAAA,CAAkB,OAAO,CAAA;AACpD,IAAA,IAAI,gBAAgB,UAAA,EAAY;AAChC,IAAA,KAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CACjB,KAAA,CAAM,aAAa,UAAU,CAAA,CAC7B,IAAA,CAAK,MAAM,QAAQ,QAAA,GAAW,UAAU,CAAC,CAAA,CACzC,MAAM,MAAM;AAAA,IAEb,CAAC,CAAA;AAAA,EACL,CAAC,CAAA;AACH","file":"index.cjs","sourcesContent":["import type { AuthSession, CommerceAuth, Unsubscribe } from \"./types.js\";\n\n/** The minimal slice of a CommerceClient the cart-sync needs. */\nexport interface CartMerger {\n  cart: { merge(sourceCartId: string, targetCartId: string): Promise<unknown> };\n}\n\nexport interface CartSyncOptions {\n  /** A CommerceClient (or anything exposing `cart.merge`). */\n  client: CartMerger;\n  /** Returns the current guest cart id, or `null` if there isn't one. */\n  getGuestCartId: () => string | null;\n  /** Resolves the signed-in user's cart id from their session. */\n  resolveUserCartId: (session: AuthSession) => string;\n  /** Called after a successful merge so the app can drop the guest cart id. */\n  onMerged?: (userCartId: string) => void;\n}\n\n/**\n * Wires guest→user cart merging to a {@link CommerceAuth}. On sign-in, if a\n * guest cart exists and differs from the user's cart, it is merged via\n * `client.cart.merge` so the shopper keeps their items. Returns an unsubscribe.\n *\n * @example\n * const off = attachCartSync(auth, {\n *   client,\n *   getGuestCartId: () => localStorage.getItem(\"ck_cart\"),\n *   resolveUserCartId: (s) => `cart:${s.user.id}`,\n *   onMerged: () => localStorage.removeItem(\"ck_cart\"),\n * });\n */\nexport function attachCartSync(auth: CommerceAuth, options: CartSyncOptions): Unsubscribe {\n  return auth.onAuthChange((session) => {\n    if (!session) return;\n    const guestCartId = options.getGuestCartId();\n    if (!guestCartId) return;\n    const userCartId = options.resolveUserCartId(session);\n    if (guestCartId === userCartId) return;\n    void options.client.cart\n      .merge(guestCartId, userCartId)\n      .then(() => options.onMerged?.(userCartId))\n      .catch(() => {\n        /* Non-fatal: keep the guest cart for a later retry. */\n      });\n  });\n}\n"]}

package/dist/index.d.cts

@@ -0,0 +1,36 @@
+import { a as AuthSession, C as CommerceAuth, U as Unsubscribe } from './types-CSm6J3gP.cjs';
+export { A as AuthChangeHandler, b as AuthUser, P as PasswordCredentials } from './types-CSm6J3gP.cjs';
+import '@commercekitsdk/core';
+
+/** The minimal slice of a CommerceClient the cart-sync needs. */
+interface CartMerger {
+    cart: {
+        merge(sourceCartId: string, targetCartId: string): Promise<unknown>;
+    };
+}
+interface CartSyncOptions {
+    /** A CommerceClient (or anything exposing `cart.merge`). */
+    client: CartMerger;
+    /** Returns the current guest cart id, or `null` if there isn't one. */
+    getGuestCartId: () => string | null;
+    /** Resolves the signed-in user's cart id from their session. */
+    resolveUserCartId: (session: AuthSession) => string;
+    /** Called after a successful merge so the app can drop the guest cart id. */
+    onMerged?: (userCartId: string) => void;
+}
+/**
+ * Wires guest→user cart merging to a {@link CommerceAuth}. On sign-in, if a
+ * guest cart exists and differs from the user's cart, it is merged via
+ * `client.cart.merge` so the shopper keeps their items. Returns an unsubscribe.
+ *
+ * @example
+ * const off = attachCartSync(auth, {
+ *   client,
+ *   getGuestCartId: () => localStorage.getItem("ck_cart"),
+ *   resolveUserCartId: (s) => `cart:${s.user.id}`,
+ *   onMerged: () => localStorage.removeItem("ck_cart"),
+ * });
+ */
+declare function attachCartSync(auth: CommerceAuth, options: CartSyncOptions): Unsubscribe;
+
+export { AuthSession, type CartMerger, type CartSyncOptions, CommerceAuth, Unsubscribe, attachCartSync };

package/dist/index.d.ts

@@ -0,0 +1,36 @@
+import { a as AuthSession, C as CommerceAuth, U as Unsubscribe } from './types-CSm6J3gP.js';
+export { A as AuthChangeHandler, b as AuthUser, P as PasswordCredentials } from './types-CSm6J3gP.js';
+import '@commercekitsdk/core';
+
+/** The minimal slice of a CommerceClient the cart-sync needs. */
+interface CartMerger {
+    cart: {
+        merge(sourceCartId: string, targetCartId: string): Promise<unknown>;
+    };
+}
+interface CartSyncOptions {
+    /** A CommerceClient (or anything exposing `cart.merge`). */
+    client: CartMerger;
+    /** Returns the current guest cart id, or `null` if there isn't one. */
+    getGuestCartId: () => string | null;
+    /** Resolves the signed-in user's cart id from their session. */
+    resolveUserCartId: (session: AuthSession) => string;
+    /** Called after a successful merge so the app can drop the guest cart id. */
+    onMerged?: (userCartId: string) => void;
+}
+/**
+ * Wires guest→user cart merging to a {@link CommerceAuth}. On sign-in, if a
+ * guest cart exists and differs from the user's cart, it is merged via
+ * `client.cart.merge` so the shopper keeps their items. Returns an unsubscribe.
+ *
+ * @example
+ * const off = attachCartSync(auth, {
+ *   client,
+ *   getGuestCartId: () => localStorage.getItem("ck_cart"),
+ *   resolveUserCartId: (s) => `cart:${s.user.id}`,
+ *   onMerged: () => localStorage.removeItem("ck_cart"),
+ * });
+ */
+declare function attachCartSync(auth: CommerceAuth, options: CartSyncOptions): Unsubscribe;
+
+export { AuthSession, type CartMerger, type CartSyncOptions, CommerceAuth, Unsubscribe, attachCartSync };

package/dist/index.js

@@ -0,0 +1,16 @@
+// src/cart-sync.ts
+function attachCartSync(auth, options) {
+  return auth.onAuthChange((session) => {
+    if (!session) return;
+    const guestCartId = options.getGuestCartId();
+    if (!guestCartId) return;
+    const userCartId = options.resolveUserCartId(session);
+    if (guestCartId === userCartId) return;
+    void options.client.cart.merge(guestCartId, userCartId).then(() => options.onMerged?.(userCartId)).catch(() => {
+    });
+  });
+}
+
+export { attachCartSync };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/cart-sync.ts"],"names":[],"mappings":";AA+BO,SAAS,cAAA,CAAe,MAAoB,OAAA,EAAuC;AACxF,EAAA,OAAO,IAAA,CAAK,YAAA,CAAa,CAAC,OAAA,KAAY;AACpC,IAAA,IAAI,CAAC,OAAA,EAAS;AACd,IAAA,MAAM,WAAA,GAAc,QAAQ,cAAA,EAAe;AAC3C,IAAA,IAAI,CAAC,WAAA,EAAa;AAClB,IAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,iBAAA,CAAkB,OAAO,CAAA;AACpD,IAAA,IAAI,gBAAgB,UAAA,EAAY;AAChC,IAAA,KAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CACjB,KAAA,CAAM,aAAa,UAAU,CAAA,CAC7B,IAAA,CAAK,MAAM,QAAQ,QAAA,GAAW,UAAU,CAAC,CAAA,CACzC,MAAM,MAAM;AAAA,IAEb,CAAC,CAAA;AAAA,EACL,CAAC,CAAA;AACH","file":"index.js","sourcesContent":["import type { AuthSession, CommerceAuth, Unsubscribe } from \"./types.js\";\n\n/** The minimal slice of a CommerceClient the cart-sync needs. */\nexport interface CartMerger {\n  cart: { merge(sourceCartId: string, targetCartId: string): Promise<unknown> };\n}\n\nexport interface CartSyncOptions {\n  /** A CommerceClient (or anything exposing `cart.merge`). */\n  client: CartMerger;\n  /** Returns the current guest cart id, or `null` if there isn't one. */\n  getGuestCartId: () => string | null;\n  /** Resolves the signed-in user's cart id from their session. */\n  resolveUserCartId: (session: AuthSession) => string;\n  /** Called after a successful merge so the app can drop the guest cart id. */\n  onMerged?: (userCartId: string) => void;\n}\n\n/**\n * Wires guest→user cart merging to a {@link CommerceAuth}. On sign-in, if a\n * guest cart exists and differs from the user's cart, it is merged via\n * `client.cart.merge` so the shopper keeps their items. Returns an unsubscribe.\n *\n * @example\n * const off = attachCartSync(auth, {\n *   client,\n *   getGuestCartId: () => localStorage.getItem(\"ck_cart\"),\n *   resolveUserCartId: (s) => `cart:${s.user.id}`,\n *   onMerged: () => localStorage.removeItem(\"ck_cart\"),\n * });\n */\nexport function attachCartSync(auth: CommerceAuth, options: CartSyncOptions): Unsubscribe {\n  return auth.onAuthChange((session) => {\n    if (!session) return;\n    const guestCartId = options.getGuestCartId();\n    if (!guestCartId) return;\n    const userCartId = options.resolveUserCartId(session);\n    if (guestCartId === userCartId) return;\n    void options.client.cart\n      .merge(guestCartId, userCartId)\n      .then(() => options.onMerged?.(userCartId))\n      .catch(() => {\n        /* Non-fatal: keep the guest cart for a later retry. */\n      });\n  });\n}\n"]}

package/dist/jwt.cjs

@@ -0,0 +1,38 @@
+'use strict';
+
+// src/jwt.ts
+function createJwtAuth(config) {
+  const listeners = /* @__PURE__ */ new Set();
+  let session = null;
+  if (config.initialToken && config.decode) {
+    const user = config.decode(config.initialToken);
+    if (user) session = { user, token: config.initialToken };
+  }
+  const emit = () => {
+    for (const listener of [...listeners]) listener(session);
+  };
+  return {
+    getToken: () => session?.token ?? null,
+    getCustomerId: () => session?.user.id ?? null,
+    getSession: async () => session,
+    signIn: async (credentials) => {
+      const { token, user } = await config.signIn(credentials);
+      session = { user, token };
+      emit();
+      return session;
+    },
+    signOut: async () => {
+      await config.signOut?.();
+      session = null;
+      emit();
+    },
+    onAuthChange: (handler) => {
+      listeners.add(handler);
+      return () => void listeners.delete(handler);
+    }
+  };
+}
+
+exports.createJwtAuth = createJwtAuth;
+//# sourceMappingURL=jwt.cjs.map
+//# sourceMappingURL=jwt.cjs.map

package/dist/jwt.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/jwt.ts"],"names":[],"mappings":";;;AA8BO,SAAS,cAAc,MAAA,EAAqC;AACjE,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAuB;AAC7C,EAAA,IAAI,OAAA,GAA8B,IAAA;AAElC,EAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,MAAA,CAAO,MAAA,EAAQ;AACxC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA;AAC9C,IAAA,IAAI,MAAM,OAAA,GAAU,EAAE,IAAA,EAAM,KAAA,EAAO,OAAO,YAAA,EAAa;AAAA,EACzD;AAEA,EAAA,MAAM,OAAO,MAAY;AACvB,IAAA,KAAA,MAAW,YAAY,CAAC,GAAG,SAAS,CAAA,WAAY,OAAO,CAAA;AAAA,EACzD,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,MAAM,OAAA,EAAS,KAAA,IAAS,IAAA;AAAA,IAClC,aAAA,EAAe,MAAM,OAAA,EAAS,IAAA,CAAK,EAAA,IAAM,IAAA;AAAA,IACzC,YAAY,YAAY,OAAA;AAAA,IAExB,MAAA,EAAQ,OAAO,WAAA,KAAgB;AAC7B,MAAA,MAAM,EAAE,KAAA,EAAO,IAAA,KAAS,MAAM,MAAA,CAAO,OAAO,WAAW,CAAA;AACvD,MAAA,OAAA,GAAU,EAAE,MAAM,KAAA,EAAM;AACxB,MAAA,IAAA,EAAK;AACL,MAAA,OAAO,OAAA;AAAA,IACT,CAAA;AAAA,IAEA,SAAS,YAAY;AACnB,MAAA,MAAM,OAAO,OAAA,IAAU;AACvB,MAAA,OAAA,GAAU,IAAA;AACV,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,IAEA,YAAA,EAAc,CAAC,OAAA,KAAyB;AACtC,MAAA,SAAA,CAAU,IAAI,OAAO,CAAA;AACrB,MAAA,OAAO,MAAM,KAAK,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AAAA,IAC5C;AAAA,GACF;AACF","file":"jwt.cjs","sourcesContent":["import type {\n  AuthChangeHandler,\n  AuthSession,\n  AuthUser,\n  CommerceAuth,\n  PasswordCredentials,\n  Unsubscribe,\n} from \"./types.js\";\n\nexport interface JwtAuthConfig {\n  /** Exchanges credentials for a token + user (your backend login call). */\n  signIn: (credentials: PasswordCredentials) => Promise<{ token: string; user: AuthUser }>;\n  /** Optional logout hook (e.g. to revoke the token server-side). */\n  signOut?: () => Promise<void> | void;\n  /** Derives a user from a token, used to restore `initialToken`. */\n  decode?: (token: string) => AuthUser | null;\n  /** A persisted token to restore a session on construction. */\n  initialToken?: string;\n}\n\n/**\n * A self-contained JWT/session auth provider. You supply how to exchange\n * credentials for a token; this manages the in-memory session, change\n * notifications, and the core `getToken`/`getCustomerId` hooks.\n *\n * @example\n * const auth = createJwtAuth({\n *   signIn: (c) => fetch(\"/login\", { method: \"POST\", body: JSON.stringify(c) }).then((r) => r.json()),\n * });\n */\nexport function createJwtAuth(config: JwtAuthConfig): CommerceAuth {\n  const listeners = new Set<AuthChangeHandler>();\n  let session: AuthSession | null = null;\n\n  if (config.initialToken && config.decode) {\n    const user = config.decode(config.initialToken);\n    if (user) session = { user, token: config.initialToken };\n  }\n\n  const emit = (): void => {\n    for (const listener of [...listeners]) listener(session);\n  };\n\n  return {\n    getToken: () => session?.token ?? null,\n    getCustomerId: () => session?.user.id ?? null,\n    getSession: async () => session,\n\n    signIn: async (credentials) => {\n      const { token, user } = await config.signIn(credentials);\n      session = { user, token };\n      emit();\n      return session;\n    },\n\n    signOut: async () => {\n      await config.signOut?.();\n      session = null;\n      emit();\n    },\n\n    onAuthChange: (handler): Unsubscribe => {\n      listeners.add(handler);\n      return () => void listeners.delete(handler);\n    },\n  };\n}\n"]}

package/dist/jwt.d.cts

@@ -0,0 +1,29 @@
+import { P as PasswordCredentials, b as AuthUser, C as CommerceAuth } from './types-CSm6J3gP.cjs';
+import '@commercekitsdk/core';
+
+interface JwtAuthConfig {
+    /** Exchanges credentials for a token + user (your backend login call). */
+    signIn: (credentials: PasswordCredentials) => Promise<{
+        token: string;
+        user: AuthUser;
+    }>;
+    /** Optional logout hook (e.g. to revoke the token server-side). */
+    signOut?: () => Promise<void> | void;
+    /** Derives a user from a token, used to restore `initialToken`. */
+    decode?: (token: string) => AuthUser | null;
+    /** A persisted token to restore a session on construction. */
+    initialToken?: string;
+}
+/**
+ * A self-contained JWT/session auth provider. You supply how to exchange
+ * credentials for a token; this manages the in-memory session, change
+ * notifications, and the core `getToken`/`getCustomerId` hooks.
+ *
+ * @example
+ * const auth = createJwtAuth({
+ *   signIn: (c) => fetch("/login", { method: "POST", body: JSON.stringify(c) }).then((r) => r.json()),
+ * });
+ */
+declare function createJwtAuth(config: JwtAuthConfig): CommerceAuth;
+
+export { type JwtAuthConfig, createJwtAuth };

package/dist/jwt.d.ts

@@ -0,0 +1,29 @@
+import { P as PasswordCredentials, b as AuthUser, C as CommerceAuth } from './types-CSm6J3gP.js';
+import '@commercekitsdk/core';
+
+interface JwtAuthConfig {
+    /** Exchanges credentials for a token + user (your backend login call). */
+    signIn: (credentials: PasswordCredentials) => Promise<{
+        token: string;
+        user: AuthUser;
+    }>;
+    /** Optional logout hook (e.g. to revoke the token server-side). */
+    signOut?: () => Promise<void> | void;
+    /** Derives a user from a token, used to restore `initialToken`. */
+    decode?: (token: string) => AuthUser | null;
+    /** A persisted token to restore a session on construction. */
+    initialToken?: string;
+}
+/**
+ * A self-contained JWT/session auth provider. You supply how to exchange
+ * credentials for a token; this manages the in-memory session, change
+ * notifications, and the core `getToken`/`getCustomerId` hooks.
+ *
+ * @example
+ * const auth = createJwtAuth({
+ *   signIn: (c) => fetch("/login", { method: "POST", body: JSON.stringify(c) }).then((r) => r.json()),
+ * });
+ */
+declare function createJwtAuth(config: JwtAuthConfig): CommerceAuth;
+
+export { type JwtAuthConfig, createJwtAuth };

package/dist/jwt.js

@@ -0,0 +1,36 @@
+// src/jwt.ts
+function createJwtAuth(config) {
+  const listeners = /* @__PURE__ */ new Set();
+  let session = null;
+  if (config.initialToken && config.decode) {
+    const user = config.decode(config.initialToken);
+    if (user) session = { user, token: config.initialToken };
+  }
+  const emit = () => {
+    for (const listener of [...listeners]) listener(session);
+  };
+  return {
+    getToken: () => session?.token ?? null,
+    getCustomerId: () => session?.user.id ?? null,
+    getSession: async () => session,
+    signIn: async (credentials) => {
+      const { token, user } = await config.signIn(credentials);
+      session = { user, token };
+      emit();
+      return session;
+    },
+    signOut: async () => {
+      await config.signOut?.();
+      session = null;
+      emit();
+    },
+    onAuthChange: (handler) => {
+      listeners.add(handler);
+      return () => void listeners.delete(handler);
+    }
+  };
+}
+
+export { createJwtAuth };
+//# sourceMappingURL=jwt.js.map
+//# sourceMappingURL=jwt.js.map

package/dist/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/jwt.ts"],"names":[],"mappings":";AA8BO,SAAS,cAAc,MAAA,EAAqC;AACjE,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAuB;AAC7C,EAAA,IAAI,OAAA,GAA8B,IAAA;AAElC,EAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,MAAA,CAAO,MAAA,EAAQ;AACxC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA;AAC9C,IAAA,IAAI,MAAM,OAAA,GAAU,EAAE,IAAA,EAAM,KAAA,EAAO,OAAO,YAAA,EAAa;AAAA,EACzD;AAEA,EAAA,MAAM,OAAO,MAAY;AACvB,IAAA,KAAA,MAAW,YAAY,CAAC,GAAG,SAAS,CAAA,WAAY,OAAO,CAAA;AAAA,EACzD,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,MAAM,OAAA,EAAS,KAAA,IAAS,IAAA;AAAA,IAClC,aAAA,EAAe,MAAM,OAAA,EAAS,IAAA,CAAK,EAAA,IAAM,IAAA;AAAA,IACzC,YAAY,YAAY,OAAA;AAAA,IAExB,MAAA,EAAQ,OAAO,WAAA,KAAgB;AAC7B,MAAA,MAAM,EAAE,KAAA,EAAO,IAAA,KAAS,MAAM,MAAA,CAAO,OAAO,WAAW,CAAA;AACvD,MAAA,OAAA,GAAU,EAAE,MAAM,KAAA,EAAM;AACxB,MAAA,IAAA,EAAK;AACL,MAAA,OAAO,OAAA;AAAA,IACT,CAAA;AAAA,IAEA,SAAS,YAAY;AACnB,MAAA,MAAM,OAAO,OAAA,IAAU;AACvB,MAAA,OAAA,GAAU,IAAA;AACV,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,IAEA,YAAA,EAAc,CAAC,OAAA,KAAyB;AACtC,MAAA,SAAA,CAAU,IAAI,OAAO,CAAA;AACrB,MAAA,OAAO,MAAM,KAAK,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AAAA,IAC5C;AAAA,GACF;AACF","file":"jwt.js","sourcesContent":["import type {\n  AuthChangeHandler,\n  AuthSession,\n  AuthUser,\n  CommerceAuth,\n  PasswordCredentials,\n  Unsubscribe,\n} from \"./types.js\";\n\nexport interface JwtAuthConfig {\n  /** Exchanges credentials for a token + user (your backend login call). */\n  signIn: (credentials: PasswordCredentials) => Promise<{ token: string; user: AuthUser }>;\n  /** Optional logout hook (e.g. to revoke the token server-side). */\n  signOut?: () => Promise<void> | void;\n  /** Derives a user from a token, used to restore `initialToken`. */\n  decode?: (token: string) => AuthUser | null;\n  /** A persisted token to restore a session on construction. */\n  initialToken?: string;\n}\n\n/**\n * A self-contained JWT/session auth provider. You supply how to exchange\n * credentials for a token; this manages the in-memory session, change\n * notifications, and the core `getToken`/`getCustomerId` hooks.\n *\n * @example\n * const auth = createJwtAuth({\n *   signIn: (c) => fetch(\"/login\", { method: \"POST\", body: JSON.stringify(c) }).then((r) => r.json()),\n * });\n */\nexport function createJwtAuth(config: JwtAuthConfig): CommerceAuth {\n  const listeners = new Set<AuthChangeHandler>();\n  let session: AuthSession | null = null;\n\n  if (config.initialToken && config.decode) {\n    const user = config.decode(config.initialToken);\n    if (user) session = { user, token: config.initialToken };\n  }\n\n  const emit = (): void => {\n    for (const listener of [...listeners]) listener(session);\n  };\n\n  return {\n    getToken: () => session?.token ?? null,\n    getCustomerId: () => session?.user.id ?? null,\n    getSession: async () => session,\n\n    signIn: async (credentials) => {\n      const { token, user } = await config.signIn(credentials);\n      session = { user, token };\n      emit();\n      return session;\n    },\n\n    signOut: async () => {\n      await config.signOut?.();\n      session = null;\n      emit();\n    },\n\n    onAuthChange: (handler): Unsubscribe => {\n      listeners.add(handler);\n      return () => void listeners.delete(handler);\n    },\n  };\n}\n"]}

package/dist/supabase.cjs

@@ -0,0 +1,40 @@
+'use strict';
+
+var core = require('@commercekitsdk/core');
+
+// src/supabase.ts
+function toSession(session) {
+  if (!session) return null;
+  return {
+    token: session.access_token,
+    user: { id: session.user.id, ...session.user.email ? { email: session.user.email } : {} }
+  };
+}
+function createSupabaseAuth(config) {
+  const { auth } = config.client;
+  const getSession = async () => toSession((await auth.getSession()).data.session);
+  return {
+    getToken: async () => (await getSession())?.token ?? null,
+    getCustomerId: async () => (await getSession())?.user.id ?? null,
+    getSession,
+    signIn: async (credentials) => {
+      const { data, error } = await auth.signInWithPassword(credentials);
+      if (error || !data.session) {
+        throw new core.UnauthorizedError(error?.message ?? "Sign in failed");
+      }
+      return toSession(data.session);
+    },
+    signOut: async () => {
+      const { error } = await auth.signOut();
+      if (error) throw new core.UnauthorizedError(error.message);
+    },
+    onAuthChange: (handler) => {
+      const { data } = auth.onAuthStateChange((_event, session) => handler(toSession(session)));
+      return () => data.subscription.unsubscribe();
+    }
+  };
+}
+
+exports.createSupabaseAuth = createSupabaseAuth;
+//# sourceMappingURL=supabase.cjs.map
+//# sourceMappingURL=supabase.cjs.map

package/dist/supabase.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/supabase.ts"],"names":["UnauthorizedError"],"mappings":";;;;;AAsBA,SAAS,UAAU,OAAA,EAAqD;AACtE,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,OAAO;AAAA,IACL,OAAO,OAAA,CAAQ,YAAA;AAAA,IACf,MAAM,EAAE,EAAA,EAAI,OAAA,CAAQ,IAAA,CAAK,IAAI,GAAI,OAAA,CAAQ,IAAA,CAAK,KAAA,GAAQ,EAAE,KAAA,EAAO,OAAA,CAAQ,KAAK,KAAA,EAAM,GAAI,EAAC;AAAG,GAC5F;AACF;AASO,SAAS,mBAAmB,MAAA,EAAsD;AACvF,EAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAA,CAAO,MAAA;AACxB,EAAA,MAAM,UAAA,GAAa,YACjB,SAAA,CAAA,CAAW,MAAM,KAAK,UAAA,EAAW,EAAG,KAAK,OAAO,CAAA;AAElD,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,YAAA,CAAa,MAAM,UAAA,KAAe,KAAA,IAAS,IAAA;AAAA,IACrD,eAAe,YAAA,CAAa,MAAM,UAAA,EAAW,GAAI,KAAK,EAAA,IAAM,IAAA;AAAA,IAC5D,UAAA;AAAA,IAEA,MAAA,EAAQ,OAAO,WAAA,KAAgB;AAC7B,MAAA,MAAM,EAAE,IAAA,EAAM,KAAA,KAAU,MAAM,IAAA,CAAK,mBAAmB,WAAW,CAAA;AACjE,MAAA,IAAI,KAAA,IAAS,CAAC,IAAA,CAAK,OAAA,EAAS;AAC1B,QAAA,MAAM,IAAIA,sBAAA,CAAkB,KAAA,EAAO,OAAA,IAAW,gBAAgB,CAAA;AAAA,MAChE;AACA,MAAA,OAAO,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,SAAS,YAAY;AACnB,MAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAM,KAAK,OAAA,EAAQ;AACrC,MAAA,IAAI,KAAA,EAAO,MAAM,IAAIA,sBAAA,CAAkB,MAAM,OAAO,CAAA;AAAA,IACtD,CAAA;AAAA,IAEA,YAAA,EAAc,CAAC,OAAA,KAAyB;AACtC,MAAA,MAAM,EAAE,IAAA,EAAK,GAAI,IAAA,CAAK,iBAAA,CAAkB,CAAC,MAAA,EAAQ,OAAA,KAAY,OAAA,CAAQ,SAAA,CAAU,OAAO,CAAC,CAAC,CAAA;AACxF,MAAA,OAAO,MAAM,IAAA,CAAK,YAAA,CAAa,WAAA,EAAY;AAAA,IAC7C;AAAA,GACF;AACF","file":"supabase.cjs","sourcesContent":["import { UnauthorizedError } from \"@commercekitsdk/core\";\nimport type { AuthSession, CommerceAuth, Unsubscribe } from \"./types.js\";\n\n/** Structural slice of `supabase.auth` (the v2 client) this wrapper uses. */\ninterface SupabaseSession {\n  access_token: string;\n  user: { id: string; email?: string };\n}\nexport interface SupabaseAuthClient {\n  auth: {\n    signInWithPassword(credentials: { email: string; password: string }): Promise<{\n      data: { session: SupabaseSession | null };\n      error: { message: string } | null;\n    }>;\n    signOut(): Promise<{ error: { message: string } | null }>;\n    getSession(): Promise<{ data: { session: SupabaseSession | null } }>;\n    onAuthStateChange(callback: (event: string, session: SupabaseSession | null) => void): {\n      data: { subscription: { unsubscribe(): void } };\n    };\n  };\n}\n\nfunction toSession(session: SupabaseSession | null): AuthSession | null {\n  if (!session) return null;\n  return {\n    token: session.access_token,\n    user: { id: session.user.id, ...(session.user.email ? { email: session.user.email } : {}) },\n  };\n}\n\n/**\n * Wraps a Supabase v2 client as a {@link CommerceAuth}.\n *\n * @example\n * import { createClient } from \"@supabase/supabase-js\";\n * const auth = createSupabaseAuth({ client: createClient(url, anonKey) });\n */\nexport function createSupabaseAuth(config: { client: SupabaseAuthClient }): CommerceAuth {\n  const { auth } = config.client;\n  const getSession = async (): Promise<AuthSession | null> =>\n    toSession((await auth.getSession()).data.session);\n\n  return {\n    getToken: async () => (await getSession())?.token ?? null,\n    getCustomerId: async () => (await getSession())?.user.id ?? null,\n    getSession,\n\n    signIn: async (credentials) => {\n      const { data, error } = await auth.signInWithPassword(credentials);\n      if (error || !data.session) {\n        throw new UnauthorizedError(error?.message ?? \"Sign in failed\");\n      }\n      return toSession(data.session)!;\n    },\n\n    signOut: async () => {\n      const { error } = await auth.signOut();\n      if (error) throw new UnauthorizedError(error.message);\n    },\n\n    onAuthChange: (handler): Unsubscribe => {\n      const { data } = auth.onAuthStateChange((_event, session) => handler(toSession(session)));\n      return () => data.subscription.unsubscribe();\n    },\n  };\n}\n"]}

package/dist/supabase.d.cts

@@ -0,0 +1,55 @@
+import { C as CommerceAuth } from './types-CSm6J3gP.cjs';
+import '@commercekitsdk/core';
+
+/** Structural slice of `supabase.auth` (the v2 client) this wrapper uses. */
+interface SupabaseSession {
+    access_token: string;
+    user: {
+        id: string;
+        email?: string;
+    };
+}
+interface SupabaseAuthClient {
+    auth: {
+        signInWithPassword(credentials: {
+            email: string;
+            password: string;
+        }): Promise<{
+            data: {
+                session: SupabaseSession | null;
+            };
+            error: {
+                message: string;
+            } | null;
+        }>;
+        signOut(): Promise<{
+            error: {
+                message: string;
+            } | null;
+        }>;
+        getSession(): Promise<{
+            data: {
+                session: SupabaseSession | null;
+            };
+        }>;
+        onAuthStateChange(callback: (event: string, session: SupabaseSession | null) => void): {
+            data: {
+                subscription: {
+                    unsubscribe(): void;
+                };
+            };
+        };
+    };
+}
+/**
+ * Wraps a Supabase v2 client as a {@link CommerceAuth}.
+ *
+ * @example
+ * import { createClient } from "@supabase/supabase-js";
+ * const auth = createSupabaseAuth({ client: createClient(url, anonKey) });
+ */
+declare function createSupabaseAuth(config: {
+    client: SupabaseAuthClient;
+}): CommerceAuth;
+
+export { type SupabaseAuthClient, createSupabaseAuth };

package/dist/supabase.d.ts

@@ -0,0 +1,55 @@
+import { C as CommerceAuth } from './types-CSm6J3gP.js';
+import '@commercekitsdk/core';
+
+/** Structural slice of `supabase.auth` (the v2 client) this wrapper uses. */
+interface SupabaseSession {
+    access_token: string;
+    user: {
+        id: string;
+        email?: string;
+    };
+}
+interface SupabaseAuthClient {
+    auth: {
+        signInWithPassword(credentials: {
+            email: string;
+            password: string;
+        }): Promise<{
+            data: {
+                session: SupabaseSession | null;
+            };
+            error: {
+                message: string;
+            } | null;
+        }>;
+        signOut(): Promise<{
+            error: {
+                message: string;
+            } | null;
+        }>;
+        getSession(): Promise<{
+            data: {
+                session: SupabaseSession | null;
+            };
+        }>;
+        onAuthStateChange(callback: (event: string, session: SupabaseSession | null) => void): {
+            data: {
+                subscription: {
+                    unsubscribe(): void;
+                };
+            };
+        };
+    };
+}
+/**
+ * Wraps a Supabase v2 client as a {@link CommerceAuth}.
+ *
+ * @example
+ * import { createClient } from "@supabase/supabase-js";
+ * const auth = createSupabaseAuth({ client: createClient(url, anonKey) });
+ */
+declare function createSupabaseAuth(config: {
+    client: SupabaseAuthClient;
+}): CommerceAuth;
+
+export { type SupabaseAuthClient, createSupabaseAuth };

package/dist/supabase.js

@@ -0,0 +1,38 @@
+import { UnauthorizedError } from '@commercekitsdk/core';
+
+// src/supabase.ts
+function toSession(session) {
+  if (!session) return null;
+  return {
+    token: session.access_token,
+    user: { id: session.user.id, ...session.user.email ? { email: session.user.email } : {} }
+  };
+}
+function createSupabaseAuth(config) {
+  const { auth } = config.client;
+  const getSession = async () => toSession((await auth.getSession()).data.session);
+  return {
+    getToken: async () => (await getSession())?.token ?? null,
+    getCustomerId: async () => (await getSession())?.user.id ?? null,
+    getSession,
+    signIn: async (credentials) => {
+      const { data, error } = await auth.signInWithPassword(credentials);
+      if (error || !data.session) {
+        throw new UnauthorizedError(error?.message ?? "Sign in failed");
+      }
+      return toSession(data.session);
+    },
+    signOut: async () => {
+      const { error } = await auth.signOut();
+      if (error) throw new UnauthorizedError(error.message);
+    },
+    onAuthChange: (handler) => {
+      const { data } = auth.onAuthStateChange((_event, session) => handler(toSession(session)));
+      return () => data.subscription.unsubscribe();
+    }
+  };
+}
+
+export { createSupabaseAuth };
+//# sourceMappingURL=supabase.js.map
+//# sourceMappingURL=supabase.js.map

package/dist/supabase.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/supabase.ts"],"names":[],"mappings":";;;AAsBA,SAAS,UAAU,OAAA,EAAqD;AACtE,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,OAAO;AAAA,IACL,OAAO,OAAA,CAAQ,YAAA;AAAA,IACf,MAAM,EAAE,EAAA,EAAI,OAAA,CAAQ,IAAA,CAAK,IAAI,GAAI,OAAA,CAAQ,IAAA,CAAK,KAAA,GAAQ,EAAE,KAAA,EAAO,OAAA,CAAQ,KAAK,KAAA,EAAM,GAAI,EAAC;AAAG,GAC5F;AACF;AASO,SAAS,mBAAmB,MAAA,EAAsD;AACvF,EAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAA,CAAO,MAAA;AACxB,EAAA,MAAM,UAAA,GAAa,YACjB,SAAA,CAAA,CAAW,MAAM,KAAK,UAAA,EAAW,EAAG,KAAK,OAAO,CAAA;AAElD,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,YAAA,CAAa,MAAM,UAAA,KAAe,KAAA,IAAS,IAAA;AAAA,IACrD,eAAe,YAAA,CAAa,MAAM,UAAA,EAAW,GAAI,KAAK,EAAA,IAAM,IAAA;AAAA,IAC5D,UAAA;AAAA,IAEA,MAAA,EAAQ,OAAO,WAAA,KAAgB;AAC7B,MAAA,MAAM,EAAE,IAAA,EAAM,KAAA,KAAU,MAAM,IAAA,CAAK,mBAAmB,WAAW,CAAA;AACjE,MAAA,IAAI,KAAA,IAAS,CAAC,IAAA,CAAK,OAAA,EAAS;AAC1B,QAAA,MAAM,IAAI,iBAAA,CAAkB,KAAA,EAAO,OAAA,IAAW,gBAAgB,CAAA;AAAA,MAChE;AACA,MAAA,OAAO,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,SAAS,YAAY;AACnB,MAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAM,KAAK,OAAA,EAAQ;AACrC,MAAA,IAAI,KAAA,EAAO,MAAM,IAAI,iBAAA,CAAkB,MAAM,OAAO,CAAA;AAAA,IACtD,CAAA;AAAA,IAEA,YAAA,EAAc,CAAC,OAAA,KAAyB;AACtC,MAAA,MAAM,EAAE,IAAA,EAAK,GAAI,IAAA,CAAK,iBAAA,CAAkB,CAAC,MAAA,EAAQ,OAAA,KAAY,OAAA,CAAQ,SAAA,CAAU,OAAO,CAAC,CAAC,CAAA;AACxF,MAAA,OAAO,MAAM,IAAA,CAAK,YAAA,CAAa,WAAA,EAAY;AAAA,IAC7C;AAAA,GACF;AACF","file":"supabase.js","sourcesContent":["import { UnauthorizedError } from \"@commercekitsdk/core\";\nimport type { AuthSession, CommerceAuth, Unsubscribe } from \"./types.js\";\n\n/** Structural slice of `supabase.auth` (the v2 client) this wrapper uses. */\ninterface SupabaseSession {\n  access_token: string;\n  user: { id: string; email?: string };\n}\nexport interface SupabaseAuthClient {\n  auth: {\n    signInWithPassword(credentials: { email: string; password: string }): Promise<{\n      data: { session: SupabaseSession | null };\n      error: { message: string } | null;\n    }>;\n    signOut(): Promise<{ error: { message: string } | null }>;\n    getSession(): Promise<{ data: { session: SupabaseSession | null } }>;\n    onAuthStateChange(callback: (event: string, session: SupabaseSession | null) => void): {\n      data: { subscription: { unsubscribe(): void } };\n    };\n  };\n}\n\nfunction toSession(session: SupabaseSession | null): AuthSession | null {\n  if (!session) return null;\n  return {\n    token: session.access_token,\n    user: { id: session.user.id, ...(session.user.email ? { email: session.user.email } : {}) },\n  };\n}\n\n/**\n * Wraps a Supabase v2 client as a {@link CommerceAuth}.\n *\n * @example\n * import { createClient } from \"@supabase/supabase-js\";\n * const auth = createSupabaseAuth({ client: createClient(url, anonKey) });\n */\nexport function createSupabaseAuth(config: { client: SupabaseAuthClient }): CommerceAuth {\n  const { auth } = config.client;\n  const getSession = async (): Promise<AuthSession | null> =>\n    toSession((await auth.getSession()).data.session);\n\n  return {\n    getToken: async () => (await getSession())?.token ?? null,\n    getCustomerId: async () => (await getSession())?.user.id ?? null,\n    getSession,\n\n    signIn: async (credentials) => {\n      const { data, error } = await auth.signInWithPassword(credentials);\n      if (error || !data.session) {\n        throw new UnauthorizedError(error?.message ?? \"Sign in failed\");\n      }\n      return toSession(data.session)!;\n    },\n\n    signOut: async () => {\n      const { error } = await auth.signOut();\n      if (error) throw new UnauthorizedError(error.message);\n    },\n\n    onAuthChange: (handler): Unsubscribe => {\n      const { data } = auth.onAuthStateChange((_event, session) => handler(toSession(session)));\n      return () => data.subscription.unsubscribe();\n    },\n  };\n}\n"]}

package/dist/types-CSm6J3gP.d.cts

@@ -0,0 +1,29 @@
+import { AuthProvider } from '@commercekitsdk/core';
+
+interface AuthUser {
+    id: string;
+    email?: string;
+}
+interface AuthSession {
+    user: AuthUser;
+    token: string;
+}
+interface PasswordCredentials {
+    email: string;
+    password: string;
+}
+type AuthChangeHandler = (session: AuthSession | null) => void;
+type Unsubscribe = () => void;
+/**
+ * Unified auth surface across providers. Extends the core {@link AuthProvider}
+ * (`getToken`/`getCustomerId`) so an instance can be passed straight to
+ * `createCommerceClient({ auth })`, while adding session lifecycle methods.
+ */
+interface CommerceAuth extends AuthProvider {
+    signIn(credentials: PasswordCredentials): Promise<AuthSession>;
+    signOut(): Promise<void>;
+    getSession(): Promise<AuthSession | null>;
+    onAuthChange(handler: AuthChangeHandler): Unsubscribe;
+}
+
+export type { AuthChangeHandler as A, CommerceAuth as C, PasswordCredentials as P, Unsubscribe as U, AuthSession as a, AuthUser as b };

package/dist/types-CSm6J3gP.d.ts

@@ -0,0 +1,29 @@
+import { AuthProvider } from '@commercekitsdk/core';
+
+interface AuthUser {
+    id: string;
+    email?: string;
+}
+interface AuthSession {
+    user: AuthUser;
+    token: string;
+}
+interface PasswordCredentials {
+    email: string;
+    password: string;
+}
+type AuthChangeHandler = (session: AuthSession | null) => void;
+type Unsubscribe = () => void;
+/**
+ * Unified auth surface across providers. Extends the core {@link AuthProvider}
+ * (`getToken`/`getCustomerId`) so an instance can be passed straight to
+ * `createCommerceClient({ auth })`, while adding session lifecycle methods.
+ */
+interface CommerceAuth extends AuthProvider {
+    signIn(credentials: PasswordCredentials): Promise<AuthSession>;
+    signOut(): Promise<void>;
+    getSession(): Promise<AuthSession | null>;
+    onAuthChange(handler: AuthChangeHandler): Unsubscribe;
+}
+
+export type { AuthChangeHandler as A, CommerceAuth as C, PasswordCredentials as P, Unsubscribe as U, AuthSession as a, AuthUser as b };

package/package.json

@@ -0,0 +1,98 @@
+{
+  "name": "@commercekitsdk/auth",
+  "version": "1.0.0",
+  "description": "Unified auth for CommerceKit — Supabase, Firebase, and JWT providers + guest-cart sync",
+  "license": "MIT",
+  "type": "module",
+  "engines": {
+    "node": ">=20"
+  },
+  "sideEffects": false,
+  "files": [
+    "dist"
+  ],
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    },
+    "./supabase": {
+      "import": {
+        "types": "./dist/supabase.d.ts",
+        "default": "./dist/supabase.js"
+      },
+      "require": {
+        "types": "./dist/supabase.d.cts",
+        "default": "./dist/supabase.cjs"
+      }
+    },
+    "./firebase": {
+      "import": {
+        "types": "./dist/firebase.d.ts",
+        "default": "./dist/firebase.js"
+      },
+      "require": {
+        "types": "./dist/firebase.d.cts",
+        "default": "./dist/firebase.cjs"
+      }
+    },
+    "./jwt": {
+      "import": {
+        "types": "./dist/jwt.d.ts",
+        "default": "./dist/jwt.js"
+      },
+      "require": {
+        "types": "./dist/jwt.d.cts",
+        "default": "./dist/jwt.cjs"
+      }
+    },
+    "./package.json": "./package.json"
+  },
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "peerDependencies": {
+    "@commercekitsdk/core": "1.0.0"
+  },
+  "devDependencies": {
+    "@size-limit/preset-small-lib": "^11.1.4",
+    "@vitest/coverage-v8": "^2.0.5",
+    "eslint": "^9.8.0",
+    "size-limit": "^11.1.4",
+    "tsup": "^8.2.4",
+    "typescript": "^5.5.4",
+    "vitest": "^2.0.5",
+    "@commercekitsdk/core": "1.0.0",
+    "@commercekitsdk/tsconfig": "0.0.0",
+    "@commercekitsdk/eslint-config": "0.0.0"
+  },
+  "size-limit": [
+    {
+      "name": "@commercekitsdk/auth core (ESM)",
+      "path": "dist/index.js",
+      "limit": "6 kb",
+      "ignore": [
+        "@commercekitsdk/core"
+      ]
+    }
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "clean": "rm -rf dist .turbo coverage *.tsbuildinfo",
+    "lint": "eslint src",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "test:coverage": "vitest run --coverage",
+    "size": "size-limit"
+  }
+}