@factiii/auth 0.5.4 → 0.5.6

package/dist/index.d.mts

@@ -4,6 +4,8 @@ import SuperJSON__default from 'superjson';
 import * as _trpc_server from '@trpc/server';
 import * as zod from 'zod';
 import { CreateHTTPContextOptions } from '@trpc/server/adapters/standalone';
+import { D as DatabaseAdapter } from './database-CqnmD1HM.mjs';
+export { A as AuthOTP, a as AuthPasswordReset, b as AuthSession, c as AuthUser, C as CreateSessionData, d as CreateUserData, S as SessionWithDevice, e as SessionWithUser } from './database-CqnmD1HM.mjs';
 import { S as SchemaExtensions, A as AuthHooks } from './hooks-yHGJ7C6_.mjs';
 export { C as ChangePasswordInput, L as LoginInput, O as OAuthLoginInput, R as ResetPasswordInput, a as SignupInput, T as TwoFaVerifyInput, V as VerifyEmailInput, b as biometricVerifySchema, c as changePasswordSchema, e as endAllSessionsSchema, l as loginSchema, o as oAuthLoginSchema, r as requestPasswordResetSchema, d as resetPasswordSchema, s as signupSchema, t as twoFaResetSchema, f as twoFaVerifySchema, v as verifyEmailSchema } from './hooks-yHGJ7C6_.mjs';
 
@@ -147,207 +149,11 @@ declare function createNoopEmailAdapter(): EmailAdapter;
  */
 declare function createConsoleEmailAdapter(): EmailAdapter;
 
-/**
- * ORM-agnostic database adapter interface for @factiii/auth.
- * Implement this interface to use any database/ORM with the auth library.
- */
-interface AuthUser {
-    id: number;
-    status: string;
-    email: string;
-    username: string;
-    password: string | null;
-    twoFaEnabled: boolean;
-    oauthProvider: string | null;
-    oauthId: string | null;
-    tag: string;
-    verifiedHumanAt: Date | null;
-    emailVerificationStatus: string;
-    otpForEmailVerification: string | null;
-    isActive: boolean;
-}
-interface AuthSession {
-    id: number;
-    userId: number;
-    socketId: string | null;
-    twoFaSecret: string | null;
-    browserName: string;
-    issuedAt: Date;
-    lastUsed: Date;
-    revokedAt: Date | null;
-    deviceId: number | null;
-}
-interface AuthOTP {
-    id: number;
-    code: number;
-    expiresAt: Date;
-    userId: number;
-}
-interface AuthPasswordReset {
-    id: string;
-    createdAt: Date;
-    userId: number;
-}
-interface CreateUserData {
-    username: string;
-    email: string;
-    password: string | null;
-    status: string;
-    tag: string;
-    twoFaEnabled: boolean;
-    emailVerificationStatus: string;
-    verifiedHumanAt: Date | null;
-    oauthProvider?: string;
-    oauthId?: string;
-}
-interface CreateSessionData {
-    userId: number;
-    browserName: string;
-    socketId: string | null;
-    [key: string]: unknown;
-}
-type SessionWithUser = AuthSession & {
-    user: {
-        status: string;
-        verifiedHumanAt: Date | null;
-    };
-};
-type SessionWithDevice = {
-    twoFaSecret: string | null;
-    deviceId: number | null;
-    device: {
-        pushToken: string;
-    } | null;
-};
-interface DatabaseAdapter {
-    user: {
-        findByEmailInsensitive(email: string): Promise<AuthUser | null>;
-        findByUsernameInsensitive(username: string): Promise<AuthUser | null>;
-        findByEmailOrUsernameInsensitive(identifier: string): Promise<AuthUser | null>;
-        findByEmailOrOAuthId(email: string, oauthId: string): Promise<AuthUser | null>;
-        findById(id: number): Promise<AuthUser | null>;
-        findActiveById(id: number): Promise<AuthUser | null>;
-        create(data: CreateUserData): Promise<AuthUser>;
-        update(id: number, data: Partial<Omit<AuthUser, 'id'>>): Promise<AuthUser>;
-    };
-    session: {
-        /** Find session by ID with user status and verifiedHumanAt joined. */
-        findById(id: number): Promise<SessionWithUser | null>;
-        create(data: CreateSessionData): Promise<AuthSession>;
-        update(id: number, data: Partial<Pick<AuthSession, 'revokedAt' | 'lastUsed' | 'twoFaSecret' | 'deviceId'>>): Promise<AuthSession>;
-        /** Update lastUsed and return session with user's verifiedHumanAt. */
-        updateLastUsed(id: number): Promise<AuthSession & {
-            user: {
-                verifiedHumanAt: Date | null;
-            };
-        }>;
-        /** Set revokedAt on a single session. */
-        revoke(id: number): Promise<void>;
-        /** Find active (non-revoked) sessions for a user, optionally excluding one. */
-        findActiveByUserId(userId: number, excludeSessionId?: number): Promise<Pick<AuthSession, 'id' | 'socketId' | 'userId'>[]>;
-        /** Revoke all active sessions for a user, optionally excluding one. */
-        revokeAllByUserId(userId: number, excludeSessionId?: number): Promise<void>;
-        /** Get twoFaSecret from all sessions that have one for a user. */
-        findTwoFaSecretsByUserId(userId: number): Promise<{
-            twoFaSecret: string | null;
-        }[]>;
-        /** Clear twoFaSecret on sessions for a user, optionally excluding one. */
-        clearTwoFaSecrets(userId: number, excludeSessionId?: number): Promise<void>;
-        /** Find session with device relation for TOTP verification. */
-        findByIdWithDevice(id: number, userId: number): Promise<SessionWithDevice | null>;
-        /** Revoke other sessions that share a device push token. */
-        revokeByDevicePushToken(userId: number, pushToken: string, excludeSessionId: number): Promise<void>;
-        /** Clear deviceId on all sessions for a user+device pair. */
-        clearDeviceId(userId: number, deviceId: number): Promise<void>;
-    };
-    otp: {
-        findValidByUserAndCode(userId: number, code: number): Promise<AuthOTP | null>;
-        create(data: {
-            userId: number;
-            code: number;
-            expiresAt: Date;
-        }): Promise<AuthOTP>;
-        delete(id: number): Promise<void>;
-    };
-    passwordReset: {
-        findById(id: string): Promise<AuthPasswordReset | null>;
-        create(userId: number): Promise<AuthPasswordReset>;
-        delete(id: string): Promise<void>;
-        deleteAllByUserId(userId: number): Promise<void>;
-    };
-    device: {
-        findByTokenSessionAndUser(pushToken: string, sessionId: number, userId: number): Promise<{
-            id: number;
-        } | null>;
-        upsertByPushToken(pushToken: string, sessionId: number, userId: number): Promise<void>;
-        findByUserAndToken(userId: number, pushToken: string): Promise<{
-            id: number;
-        } | null>;
-        disconnectUser(deviceId: number, userId: number): Promise<void>;
-        hasRemainingUsers(deviceId: number): Promise<boolean>;
-        delete(id: number): Promise<void>;
-    };
-    admin: {
-        findByUserId(userId: number): Promise<{
-            ip: string;
-        } | null>;
-    };
-}
-
-type PrismaClient = any;
 /**
  * Creates a DatabaseAdapter backed by Prisma.
- * Each method is a direct extraction of existing Prisma calls from the procedures.
- */
-declare function createPrismaAdapter(prisma: PrismaClient): DatabaseAdapter;
-
-/**
- * Drizzle table references required by the adapter.
- * Consumers pass their Drizzle table objects so the adapter
- * can build queries without knowing the schema file location.
- */
-interface DrizzleAdapterTables {
-    users: any;
-    sessions: any;
-    otps: any;
-    passwordResets: any;
-    devices: any;
-    admins: any;
-    /** Join table for many-to-many device↔user relation (if applicable). */
-    devicesToUsers?: any;
-    /** Join table for many-to-many device↔session relation (if applicable). */
-    devicesToSessions?: any;
-}
-/**
- * Any Drizzle database instance (pg, mysql, better-sqlite3, etc.).
- * We keep this generic so consumers aren't locked into a specific driver.
+ * Pass your generated PrismaClient instance — its full types are preserved at the call site.
  */
-type DrizzleDB = any;
-/**
- * Creates a DatabaseAdapter backed by Drizzle ORM.
- *
- * Usage:
- * ```ts
- * import { drizzle } from 'drizzle-orm/node-postgres';
- * import { createDrizzleAdapter } from '@factiii/auth';
- * import * as schema from './schema';
- *
- * const db = drizzle(pool, { schema });
- * const adapter = createDrizzleAdapter(db, {
- *   users: schema.users,
- *   sessions: schema.sessions,
- *   otps: schema.otps,
- *   passwordResets: schema.passwordResets,
- *   devices: schema.devices,
- *   admins: schema.admins,
- * });
- * ```
- *
- * **Important:** This adapter uses Drizzle's relational query API (`db.query.*`)
- * for joins and `db.insert/update/delete` for mutations. Make sure your Drizzle
- * instance is created with `{ schema }` so relational queries work.
- */
-declare function createDrizzleAdapter(db: DrizzleDB, tables: DrizzleAdapterTables): DatabaseAdapter;
+declare function createPrismaAdapter(prisma: unknown): DatabaseAdapter;
 
 /**
  * JWT payload structure
@@ -1222,6 +1028,54 @@ declare function validatePasswordStrength(password: string, minLength?: number):
     error?: string;
 };
 
+/**
+ * Parameters for creating a session with a signed JWT token.
+ */
+interface CreateSessionWithTokenParams {
+    /** User ID to create the session for */
+    userId: number;
+    /** Browser name (from user-agent) */
+    browserName: string;
+    /** Socket ID for real-time connections */
+    socketId: string | null;
+    /** Device ID for push notifications */
+    deviceId?: number;
+    /** Extra fields to include in the session record (e.g., instanceId) */
+    extraSessionData?: Record<string, unknown>;
+}
+/**
+ * Result of creating a session with a token.
+ */
+interface SessionWithTokenResult {
+    /** Signed JWT access token */
+    accessToken: string;
+    /** Created session ID */
+    sessionId: number;
+}
+/**
+ * Create a session and sign a JWT token.
+ *
+ * Use this for programmatic auth flows (magic links, auto-login, test helpers)
+ * where you need a token without going through the full login procedure.
+ *
+ * @param config - Resolved auth config (from createAuthConfig)
+ * @param params - Session creation parameters
+ * @returns Signed JWT and session ID
+ */
+declare function createSessionWithToken(config: ResolvedAuthConfig, params: CreateSessionWithTokenParams): Promise<SessionWithTokenResult>;
+/**
+ * Create a session, sign a JWT token, and set the auth cookie on the response.
+ *
+ * Convenience wrapper around {@link createSessionWithToken} for HTTP handlers
+ * that need to set the cookie immediately.
+ *
+ * @param config - Resolved auth config (from createAuthConfig)
+ * @param params - Session creation parameters
+ * @param res - HTTP response to set the cookie on
+ * @returns Signed JWT and session ID
+ */
+declare function createSessionWithTokenAndCookie(config: ResolvedAuthConfig, params: CreateSessionWithTokenParams, res: CreateHTTPContextOptions['res']): Promise<SessionWithTokenResult>;
+
 /**
  * Generate a random TOTP secret
  * @param length - Length of the secret (default: 16)
@@ -1256,4 +1110,4 @@ declare function verifyTotp(code: string, secret: string): Promise<boolean>;
  */
 declare function generateOtp(min?: number, max?: number): number;
 
-export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthOTP, type AuthPasswordReset, type AuthRouter, type AuthSession, type AuthUser, type CreateSessionData, type CreateUserData, DEFAULT_STORAGE_KEYS, type DatabaseAdapter, type DrizzleAdapterTables, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, SchemaExtensions, type SessionWithDevice, type SessionWithUser, type TokenSettings, type TrpcContext, cleanBase32String, clearAuthCookie, comparePassword, createAuthConfig, createAuthGuard, createAuthRouter, createAuthToken, createConsoleEmailAdapter, createDrizzleAdapter, createNoopEmailAdapter, createOAuthVerifier, createPrismaAdapter, decodeToken, defaultAuthConfig, defaultCookieSettings, defaultStorageKeys, defaultTokenSettings, detectBrowser, generateOtp, generateTotpCode, generateTotpSecret, hashPassword, isMobileDevice, isNativeApp, isTokenExpiredError, isTokenInvalidError, parseAuthCookie, setAuthCookie, validatePasswordStrength, verifyAuthToken, verifyTotp };
+export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthRouter, type CreateSessionWithTokenParams, DEFAULT_STORAGE_KEYS, DatabaseAdapter, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, type ResolvedAuthConfig, SchemaExtensions, type SessionWithTokenResult, type TokenSettings, type TrpcContext, cleanBase32String, clearAuthCookie, comparePassword, createAuthConfig, createAuthGuard, createAuthRouter, createAuthToken, createConsoleEmailAdapter, createNoopEmailAdapter, createOAuthVerifier, createPrismaAdapter, createSessionWithToken, createSessionWithTokenAndCookie, decodeToken, defaultAuthConfig, defaultCookieSettings, defaultStorageKeys, defaultTokenSettings, detectBrowser, generateOtp, generateTotpCode, generateTotpSecret, hashPassword, isMobileDevice, isNativeApp, isTokenExpiredError, isTokenInvalidError, parseAuthCookie, setAuthCookie, validatePasswordStrength, verifyAuthToken, verifyTotp };

package/dist/index.d.ts

@@ -4,6 +4,8 @@ import SuperJSON__default from 'superjson';
 import * as _trpc_server from '@trpc/server';
 import * as zod from 'zod';
 import { CreateHTTPContextOptions } from '@trpc/server/adapters/standalone';
+import { D as DatabaseAdapter } from './database-CqnmD1HM.js';
+export { A as AuthOTP, a as AuthPasswordReset, b as AuthSession, c as AuthUser, C as CreateSessionData, d as CreateUserData, S as SessionWithDevice, e as SessionWithUser } from './database-CqnmD1HM.js';
 import { S as SchemaExtensions, A as AuthHooks } from './hooks-yHGJ7C6_.js';
 export { C as ChangePasswordInput, L as LoginInput, O as OAuthLoginInput, R as ResetPasswordInput, a as SignupInput, T as TwoFaVerifyInput, V as VerifyEmailInput, b as biometricVerifySchema, c as changePasswordSchema, e as endAllSessionsSchema, l as loginSchema, o as oAuthLoginSchema, r as requestPasswordResetSchema, d as resetPasswordSchema, s as signupSchema, t as twoFaResetSchema, f as twoFaVerifySchema, v as verifyEmailSchema } from './hooks-yHGJ7C6_.js';
 
@@ -147,207 +149,11 @@ declare function createNoopEmailAdapter(): EmailAdapter;
  */
 declare function createConsoleEmailAdapter(): EmailAdapter;
 
-/**
- * ORM-agnostic database adapter interface for @factiii/auth.
- * Implement this interface to use any database/ORM with the auth library.
- */
-interface AuthUser {
-    id: number;
-    status: string;
-    email: string;
-    username: string;
-    password: string | null;
-    twoFaEnabled: boolean;
-    oauthProvider: string | null;
-    oauthId: string | null;
-    tag: string;
-    verifiedHumanAt: Date | null;
-    emailVerificationStatus: string;
-    otpForEmailVerification: string | null;
-    isActive: boolean;
-}
-interface AuthSession {
-    id: number;
-    userId: number;
-    socketId: string | null;
-    twoFaSecret: string | null;
-    browserName: string;
-    issuedAt: Date;
-    lastUsed: Date;
-    revokedAt: Date | null;
-    deviceId: number | null;
-}
-interface AuthOTP {
-    id: number;
-    code: number;
-    expiresAt: Date;
-    userId: number;
-}
-interface AuthPasswordReset {
-    id: string;
-    createdAt: Date;
-    userId: number;
-}
-interface CreateUserData {
-    username: string;
-    email: string;
-    password: string | null;
-    status: string;
-    tag: string;
-    twoFaEnabled: boolean;
-    emailVerificationStatus: string;
-    verifiedHumanAt: Date | null;
-    oauthProvider?: string;
-    oauthId?: string;
-}
-interface CreateSessionData {
-    userId: number;
-    browserName: string;
-    socketId: string | null;
-    [key: string]: unknown;
-}
-type SessionWithUser = AuthSession & {
-    user: {
-        status: string;
-        verifiedHumanAt: Date | null;
-    };
-};
-type SessionWithDevice = {
-    twoFaSecret: string | null;
-    deviceId: number | null;
-    device: {
-        pushToken: string;
-    } | null;
-};
-interface DatabaseAdapter {
-    user: {
-        findByEmailInsensitive(email: string): Promise<AuthUser | null>;
-        findByUsernameInsensitive(username: string): Promise<AuthUser | null>;
-        findByEmailOrUsernameInsensitive(identifier: string): Promise<AuthUser | null>;
-        findByEmailOrOAuthId(email: string, oauthId: string): Promise<AuthUser | null>;
-        findById(id: number): Promise<AuthUser | null>;
-        findActiveById(id: number): Promise<AuthUser | null>;
-        create(data: CreateUserData): Promise<AuthUser>;
-        update(id: number, data: Partial<Omit<AuthUser, 'id'>>): Promise<AuthUser>;
-    };
-    session: {
-        /** Find session by ID with user status and verifiedHumanAt joined. */
-        findById(id: number): Promise<SessionWithUser | null>;
-        create(data: CreateSessionData): Promise<AuthSession>;
-        update(id: number, data: Partial<Pick<AuthSession, 'revokedAt' | 'lastUsed' | 'twoFaSecret' | 'deviceId'>>): Promise<AuthSession>;
-        /** Update lastUsed and return session with user's verifiedHumanAt. */
-        updateLastUsed(id: number): Promise<AuthSession & {
-            user: {
-                verifiedHumanAt: Date | null;
-            };
-        }>;
-        /** Set revokedAt on a single session. */
-        revoke(id: number): Promise<void>;
-        /** Find active (non-revoked) sessions for a user, optionally excluding one. */
-        findActiveByUserId(userId: number, excludeSessionId?: number): Promise<Pick<AuthSession, 'id' | 'socketId' | 'userId'>[]>;
-        /** Revoke all active sessions for a user, optionally excluding one. */
-        revokeAllByUserId(userId: number, excludeSessionId?: number): Promise<void>;
-        /** Get twoFaSecret from all sessions that have one for a user. */
-        findTwoFaSecretsByUserId(userId: number): Promise<{
-            twoFaSecret: string | null;
-        }[]>;
-        /** Clear twoFaSecret on sessions for a user, optionally excluding one. */
-        clearTwoFaSecrets(userId: number, excludeSessionId?: number): Promise<void>;
-        /** Find session with device relation for TOTP verification. */
-        findByIdWithDevice(id: number, userId: number): Promise<SessionWithDevice | null>;
-        /** Revoke other sessions that share a device push token. */
-        revokeByDevicePushToken(userId: number, pushToken: string, excludeSessionId: number): Promise<void>;
-        /** Clear deviceId on all sessions for a user+device pair. */
-        clearDeviceId(userId: number, deviceId: number): Promise<void>;
-    };
-    otp: {
-        findValidByUserAndCode(userId: number, code: number): Promise<AuthOTP | null>;
-        create(data: {
-            userId: number;
-            code: number;
-            expiresAt: Date;
-        }): Promise<AuthOTP>;
-        delete(id: number): Promise<void>;
-    };
-    passwordReset: {
-        findById(id: string): Promise<AuthPasswordReset | null>;
-        create(userId: number): Promise<AuthPasswordReset>;
-        delete(id: string): Promise<void>;
-        deleteAllByUserId(userId: number): Promise<void>;
-    };
-    device: {
-        findByTokenSessionAndUser(pushToken: string, sessionId: number, userId: number): Promise<{
-            id: number;
-        } | null>;
-        upsertByPushToken(pushToken: string, sessionId: number, userId: number): Promise<void>;
-        findByUserAndToken(userId: number, pushToken: string): Promise<{
-            id: number;
-        } | null>;
-        disconnectUser(deviceId: number, userId: number): Promise<void>;
-        hasRemainingUsers(deviceId: number): Promise<boolean>;
-        delete(id: number): Promise<void>;
-    };
-    admin: {
-        findByUserId(userId: number): Promise<{
-            ip: string;
-        } | null>;
-    };
-}
-
-type PrismaClient = any;
 /**
  * Creates a DatabaseAdapter backed by Prisma.
- * Each method is a direct extraction of existing Prisma calls from the procedures.
- */
-declare function createPrismaAdapter(prisma: PrismaClient): DatabaseAdapter;
-
-/**
- * Drizzle table references required by the adapter.
- * Consumers pass their Drizzle table objects so the adapter
- * can build queries without knowing the schema file location.
- */
-interface DrizzleAdapterTables {
-    users: any;
-    sessions: any;
-    otps: any;
-    passwordResets: any;
-    devices: any;
-    admins: any;
-    /** Join table for many-to-many device↔user relation (if applicable). */
-    devicesToUsers?: any;
-    /** Join table for many-to-many device↔session relation (if applicable). */
-    devicesToSessions?: any;
-}
-/**
- * Any Drizzle database instance (pg, mysql, better-sqlite3, etc.).
- * We keep this generic so consumers aren't locked into a specific driver.
+ * Pass your generated PrismaClient instance — its full types are preserved at the call site.
  */
-type DrizzleDB = any;
-/**
- * Creates a DatabaseAdapter backed by Drizzle ORM.
- *
- * Usage:
- * ```ts
- * import { drizzle } from 'drizzle-orm/node-postgres';
- * import { createDrizzleAdapter } from '@factiii/auth';
- * import * as schema from './schema';
- *
- * const db = drizzle(pool, { schema });
- * const adapter = createDrizzleAdapter(db, {
- *   users: schema.users,
- *   sessions: schema.sessions,
- *   otps: schema.otps,
- *   passwordResets: schema.passwordResets,
- *   devices: schema.devices,
- *   admins: schema.admins,
- * });
- * ```
- *
- * **Important:** This adapter uses Drizzle's relational query API (`db.query.*`)
- * for joins and `db.insert/update/delete` for mutations. Make sure your Drizzle
- * instance is created with `{ schema }` so relational queries work.
- */
-declare function createDrizzleAdapter(db: DrizzleDB, tables: DrizzleAdapterTables): DatabaseAdapter;
+declare function createPrismaAdapter(prisma: unknown): DatabaseAdapter;
 
 /**
  * JWT payload structure
@@ -1222,6 +1028,54 @@ declare function validatePasswordStrength(password: string, minLength?: number):
     error?: string;
 };
 
+/**
+ * Parameters for creating a session with a signed JWT token.
+ */
+interface CreateSessionWithTokenParams {
+    /** User ID to create the session for */
+    userId: number;
+    /** Browser name (from user-agent) */
+    browserName: string;
+    /** Socket ID for real-time connections */
+    socketId: string | null;
+    /** Device ID for push notifications */
+    deviceId?: number;
+    /** Extra fields to include in the session record (e.g., instanceId) */
+    extraSessionData?: Record<string, unknown>;
+}
+/**
+ * Result of creating a session with a token.
+ */
+interface SessionWithTokenResult {
+    /** Signed JWT access token */
+    accessToken: string;
+    /** Created session ID */
+    sessionId: number;
+}
+/**
+ * Create a session and sign a JWT token.
+ *
+ * Use this for programmatic auth flows (magic links, auto-login, test helpers)
+ * where you need a token without going through the full login procedure.
+ *
+ * @param config - Resolved auth config (from createAuthConfig)
+ * @param params - Session creation parameters
+ * @returns Signed JWT and session ID
+ */
+declare function createSessionWithToken(config: ResolvedAuthConfig, params: CreateSessionWithTokenParams): Promise<SessionWithTokenResult>;
+/**
+ * Create a session, sign a JWT token, and set the auth cookie on the response.
+ *
+ * Convenience wrapper around {@link createSessionWithToken} for HTTP handlers
+ * that need to set the cookie immediately.
+ *
+ * @param config - Resolved auth config (from createAuthConfig)
+ * @param params - Session creation parameters
+ * @param res - HTTP response to set the cookie on
+ * @returns Signed JWT and session ID
+ */
+declare function createSessionWithTokenAndCookie(config: ResolvedAuthConfig, params: CreateSessionWithTokenParams, res: CreateHTTPContextOptions['res']): Promise<SessionWithTokenResult>;
+
 /**
  * Generate a random TOTP secret
  * @param length - Length of the secret (default: 16)
@@ -1256,4 +1110,4 @@ declare function verifyTotp(code: string, secret: string): Promise<boolean>;
  */
 declare function generateOtp(min?: number, max?: number): number;
 
-export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthOTP, type AuthPasswordReset, type AuthRouter, type AuthSession, type AuthUser, type CreateSessionData, type CreateUserData, DEFAULT_STORAGE_KEYS, type DatabaseAdapter, type DrizzleAdapterTables, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, SchemaExtensions, type SessionWithDevice, type SessionWithUser, type TokenSettings, type TrpcContext, cleanBase32String, clearAuthCookie, comparePassword, createAuthConfig, createAuthGuard, createAuthRouter, createAuthToken, createConsoleEmailAdapter, createDrizzleAdapter, createNoopEmailAdapter, createOAuthVerifier, createPrismaAdapter, decodeToken, defaultAuthConfig, defaultCookieSettings, defaultStorageKeys, defaultTokenSettings, detectBrowser, generateOtp, generateTotpCode, generateTotpSecret, hashPassword, isMobileDevice, isNativeApp, isTokenExpiredError, isTokenInvalidError, parseAuthCookie, setAuthCookie, validatePasswordStrength, verifyAuthToken, verifyTotp };
+export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthRouter, type CreateSessionWithTokenParams, DEFAULT_STORAGE_KEYS, DatabaseAdapter, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, type ResolvedAuthConfig, SchemaExtensions, type SessionWithTokenResult, type TokenSettings, type TrpcContext, cleanBase32String, clearAuthCookie, comparePassword, createAuthConfig, createAuthGuard, createAuthRouter, createAuthToken, createConsoleEmailAdapter, createNoopEmailAdapter, createOAuthVerifier, createPrismaAdapter, createSessionWithToken, createSessionWithTokenAndCookie, decodeToken, defaultAuthConfig, defaultCookieSettings, defaultStorageKeys, defaultTokenSettings, detectBrowser, generateOtp, generateTotpCode, generateTotpSecret, hashPassword, isMobileDevice, isNativeApp, isTokenExpiredError, isTokenInvalidError, parseAuthCookie, setAuthCookie, validatePasswordStrength, verifyAuthToken, verifyTotp };