@factiii/auth 0.5.4 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/{chunk-KUYH4DBN.mjs → chunk-EHI4P63M.mjs} +0 -8
  2. package/dist/database-CqnmD1HM.d.mts +148 -0
  3. package/dist/database-CqnmD1HM.d.ts +148 -0
  4. package/dist/drizzle.d.mts +60 -0
  5. package/dist/drizzle.d.ts +60 -0
  6. package/dist/drizzle.js +308 -0
  7. package/dist/drizzle.mjs +281 -0
  8. package/dist/index.d.mts +53 -199
  9. package/dist/index.d.ts +53 -199
  10. package/dist/index.js +85 -335
  11. package/dist/index.mjs +84 -336
  12. package/dist/validators.mjs +1 -1
  13. package/package.json +25 -33
package/dist/index.js CHANGED
@@ -42,10 +42,11 @@ __export(index_exports, {
42
42
  createAuthRouter: () => createAuthRouter,
43
43
  createAuthToken: () => createAuthToken,
44
44
  createConsoleEmailAdapter: () => createConsoleEmailAdapter,
45
- createDrizzleAdapter: () => createDrizzleAdapter,
46
45
  createNoopEmailAdapter: () => createNoopEmailAdapter,
47
46
  createOAuthVerifier: () => createOAuthVerifier,
48
47
  createPrismaAdapter: () => createPrismaAdapter,
48
+ createSessionWithToken: () => createSessionWithToken,
49
+ createSessionWithTokenAndCookie: () => createSessionWithTokenAndCookie,
49
50
  decodeToken: () => decodeToken,
50
51
  defaultAuthConfig: () => defaultAuthConfig,
51
52
  defaultCookieSettings: () => defaultCookieSettings,
@@ -82,20 +83,21 @@ var import_server = require("@trpc/server");
82
83
 
83
84
  // src/adapters/prismaAdapter.ts
84
85
  function createPrismaAdapter(prisma) {
86
+ const db = prisma;
85
87
  return {
86
88
  user: {
87
89
  async findByEmailInsensitive(email) {
88
- return prisma.user.findFirst({
90
+ return db.user.findFirst({
89
91
  where: { email: { equals: email, mode: "insensitive" } }
90
92
  });
91
93
  },
92
94
  async findByUsernameInsensitive(username) {
93
- return prisma.user.findFirst({
95
+ return db.user.findFirst({
94
96
  where: { username: { equals: username, mode: "insensitive" } }
95
97
  });
96
98
  },
97
99
  async findByEmailOrUsernameInsensitive(identifier) {
98
- return prisma.user.findFirst({
100
+ return db.user.findFirst({
99
101
  where: {
100
102
  OR: [
101
103
  { email: { equals: identifier, mode: "insensitive" } },
@@ -105,7 +107,7 @@ function createPrismaAdapter(prisma) {
105
107
  });
106
108
  },
107
109
  async findByEmailOrOAuthId(email, oauthId) {
108
- return prisma.user.findFirst({
110
+ return db.user.findFirst({
109
111
  where: {
110
112
  OR: [
111
113
  { email: { equals: email, mode: "insensitive" } },
@@ -115,23 +117,23 @@ function createPrismaAdapter(prisma) {
115
117
  });
116
118
  },
117
119
  async findById(id) {
118
- return prisma.user.findUnique({ where: { id } });
120
+ return db.user.findUnique({ where: { id } });
119
121
  },
120
122
  async findActiveById(id) {
121
- return prisma.user.findUnique({
123
+ return db.user.findUnique({
122
124
  where: { id, status: "ACTIVE" }
123
125
  });
124
126
  },
125
127
  async create(data) {
126
- return prisma.user.create({ data });
128
+ return db.user.create({ data });
127
129
  },
128
130
  async update(id, data) {
129
- return prisma.user.update({ where: { id }, data });
131
+ return db.user.update({ where: { id }, data });
130
132
  }
131
133
  },
132
134
  session: {
133
135
  async findById(id) {
134
- const session = await prisma.session.findUnique({
136
+ const session = await db.session.findUnique({
135
137
  where: { id },
136
138
  select: {
137
139
  id: true,
@@ -149,13 +151,13 @@ function createPrismaAdapter(prisma) {
149
151
  return session;
150
152
  },
151
153
  async create(data) {
152
- return prisma.session.create({ data });
154
+ return db.session.create({ data });
153
155
  },
154
156
  async update(id, data) {
155
- return prisma.session.update({ where: { id }, data });
157
+ return db.session.update({ where: { id }, data });
156
158
  },
157
159
  async updateLastUsed(id) {
158
- const session = await prisma.session.update({
160
+ const session = await db.session.update({
159
161
  where: { id },
160
162
  data: { lastUsed: /* @__PURE__ */ new Date() },
161
163
  select: {
@@ -174,13 +176,13 @@ function createPrismaAdapter(prisma) {
174
176
  return session;
175
177
  },
176
178
  async revoke(id) {
177
- await prisma.session.update({
179
+ await db.session.update({
178
180
  where: { id },
179
181
  data: { revokedAt: /* @__PURE__ */ new Date() }
180
182
  });
181
183
  },
182
184
  async findActiveByUserId(userId, excludeSessionId) {
183
- return prisma.session.findMany({
185
+ return db.session.findMany({
184
186
  where: {
185
187
  userId,
186
188
  revokedAt: null,
@@ -190,7 +192,7 @@ function createPrismaAdapter(prisma) {
190
192
  });
191
193
  },
192
194
  async revokeAllByUserId(userId, excludeSessionId) {
193
- await prisma.session.updateMany({
195
+ await db.session.updateMany({
194
196
  where: {
195
197
  userId,
196
198
  revokedAt: null,
@@ -200,13 +202,13 @@ function createPrismaAdapter(prisma) {
200
202
  });
201
203
  },
202
204
  async findTwoFaSecretsByUserId(userId) {
203
- return prisma.session.findMany({
205
+ return db.session.findMany({
204
206
  where: { userId, twoFaSecret: { not: null } },
205
207
  select: { twoFaSecret: true }
206
208
  });
207
209
  },
208
210
  async clearTwoFaSecrets(userId, excludeSessionId) {
209
- await prisma.session.updateMany({
211
+ await db.session.updateMany({
210
212
  where: {
211
213
  userId,
212
214
  ...excludeSessionId ? { NOT: { id: excludeSessionId } } : {}
@@ -215,7 +217,7 @@ function createPrismaAdapter(prisma) {
215
217
  });
216
218
  },
217
219
  async findByIdWithDevice(id, userId) {
218
- const session = await prisma.session.findUnique({
220
+ const session = await db.session.findUnique({
219
221
  where: { id, userId },
220
222
  select: {
221
223
  twoFaSecret: true,
@@ -226,7 +228,7 @@ function createPrismaAdapter(prisma) {
226
228
  return session;
227
229
  },
228
230
  async revokeByDevicePushToken(userId, pushToken, excludeSessionId) {
229
- await prisma.session.updateMany({
231
+ await db.session.updateMany({
230
232
  where: {
231
233
  userId,
232
234
  id: { not: excludeSessionId },
@@ -237,7 +239,7 @@ function createPrismaAdapter(prisma) {
237
239
  });
238
240
  },
239
241
  async clearDeviceId(userId, deviceId) {
240
- await prisma.session.updateMany({
242
+ await db.session.updateMany({
241
243
  where: { userId, deviceId },
242
244
  data: { deviceId: null }
243
245
  });
@@ -245,39 +247,39 @@ function createPrismaAdapter(prisma) {
245
247
  },
246
248
  otp: {
247
249
  async findValidByUserAndCode(userId, code) {
248
- return prisma.oTP.findFirst({
250
+ return db.oTP.findFirst({
249
251
  where: { userId, code, expiresAt: { gte: /* @__PURE__ */ new Date() } }
250
252
  });
251
253
  },
252
254
  async create(data) {
253
- return prisma.oTP.create({ data });
255
+ return db.oTP.create({ data });
254
256
  },
255
257
  async delete(id) {
256
- await prisma.oTP.delete({ where: { id } });
258
+ await db.oTP.delete({ where: { id } });
257
259
  }
258
260
  },
259
261
  passwordReset: {
260
262
  async findById(id) {
261
- return prisma.passwordReset.findUnique({
263
+ return db.passwordReset.findUnique({
262
264
  where: { id },
263
265
  select: { id: true, createdAt: true, userId: true }
264
266
  });
265
267
  },
266
268
  async create(userId) {
267
- return prisma.passwordReset.create({
269
+ return db.passwordReset.create({
268
270
  data: { userId }
269
271
  });
270
272
  },
271
273
  async delete(id) {
272
- await prisma.passwordReset.delete({ where: { id } });
274
+ await db.passwordReset.delete({ where: { id } });
273
275
  },
274
276
  async deleteAllByUserId(userId) {
275
- await prisma.passwordReset.deleteMany({ where: { userId } });
277
+ await db.passwordReset.deleteMany({ where: { userId } });
276
278
  }
277
279
  },
278
280
  device: {
279
281
  async findByTokenSessionAndUser(pushToken, sessionId, userId) {
280
- return prisma.device.findFirst({
282
+ return db.device.findFirst({
281
283
  where: {
282
284
  pushToken,
283
285
  sessions: { some: { id: sessionId } },
@@ -287,7 +289,7 @@ function createPrismaAdapter(prisma) {
287
289
  });
288
290
  },
289
291
  async upsertByPushToken(pushToken, sessionId, userId) {
290
- await prisma.device.upsert({
292
+ await db.device.upsert({
291
293
  where: { pushToken },
292
294
  create: {
293
295
  pushToken,
@@ -301,31 +303,31 @@ function createPrismaAdapter(prisma) {
301
303
  });
302
304
  },
303
305
  async findByUserAndToken(userId, pushToken) {
304
- return prisma.device.findFirst({
306
+ return db.device.findFirst({
305
307
  where: { users: { some: { id: userId } }, pushToken },
306
308
  select: { id: true }
307
309
  });
308
310
  },
309
311
  async disconnectUser(deviceId, userId) {
310
- await prisma.device.update({
312
+ await db.device.update({
311
313
  where: { id: deviceId },
312
314
  data: { users: { disconnect: { id: userId } } }
313
315
  });
314
316
  },
315
317
  async hasRemainingUsers(deviceId) {
316
- const result = await prisma.device.findUnique({
318
+ const result = await db.device.findUnique({
317
319
  where: { id: deviceId },
318
320
  select: { users: { select: { id: true }, take: 1 } }
319
321
  });
320
322
  return (result?.users.length ?? 0) > 0;
321
323
  },
322
324
  async delete(id) {
323
- await prisma.device.delete({ where: { id } });
325
+ await db.device.delete({ where: { id } });
324
326
  }
325
327
  },
326
328
  admin: {
327
329
  async findByUserId(userId) {
328
- return prisma.admin.findFirst({
330
+ return db.admin.findFirst({
329
331
  where: { userId },
330
332
  select: { ip: true }
331
333
  });
@@ -387,295 +389,10 @@ function createConsoleEmailAdapter() {
387
389
  };
388
390
  }
389
391
 
390
- // src/adapters/drizzleAdapter.ts
391
- function createDrizzleAdapter(db, tables) {
392
- const {
393
- eq,
394
- and,
395
- or,
396
- isNull,
397
- isNotNull,
398
- gte,
399
- ne,
400
- sql
401
- } = require("drizzle-orm");
402
- const { users, sessions, otps, passwordResets, devices, admins } = tables;
403
- return {
404
- user: {
405
- async findByEmailInsensitive(email) {
406
- const rows = await db.select().from(users).where(sql`lower(${users.email}) = lower(${email})`).limit(1);
407
- return rows[0] ?? null;
408
- },
409
- async findByUsernameInsensitive(username) {
410
- const rows = await db.select().from(users).where(sql`lower(${users.username}) = lower(${username})`).limit(1);
411
- return rows[0] ?? null;
412
- },
413
- async findByEmailOrUsernameInsensitive(identifier) {
414
- const rows = await db.select().from(users).where(
415
- or(
416
- sql`lower(${users.email}) = lower(${identifier})`,
417
- sql`lower(${users.username}) = lower(${identifier})`
418
- )
419
- ).limit(1);
420
- return rows[0] ?? null;
421
- },
422
- async findByEmailOrOAuthId(email, oauthId) {
423
- const rows = await db.select().from(users).where(
424
- or(
425
- sql`lower(${users.email}) = lower(${email})`,
426
- eq(users.oauthId, oauthId)
427
- )
428
- ).limit(1);
429
- return rows[0] ?? null;
430
- },
431
- async findById(id) {
432
- const rows = await db.select().from(users).where(eq(users.id, id)).limit(1);
433
- return rows[0] ?? null;
434
- },
435
- async findActiveById(id) {
436
- const rows = await db.select().from(users).where(and(eq(users.id, id), eq(users.status, "ACTIVE"))).limit(1);
437
- return rows[0] ?? null;
438
- },
439
- async create(data) {
440
- const rows = await db.insert(users).values(data).returning();
441
- return rows[0];
442
- },
443
- async update(id, data) {
444
- const rows = await db.update(users).set(data).where(eq(users.id, id)).returning();
445
- return rows[0];
446
- }
447
- },
448
- session: {
449
- async findById(id) {
450
- const rows = await db.select({
451
- id: sessions.id,
452
- userId: sessions.userId,
453
- socketId: sessions.socketId,
454
- twoFaSecret: sessions.twoFaSecret,
455
- browserName: sessions.browserName,
456
- issuedAt: sessions.issuedAt,
457
- lastUsed: sessions.lastUsed,
458
- revokedAt: sessions.revokedAt,
459
- deviceId: sessions.deviceId,
460
- user: {
461
- status: users.status,
462
- verifiedHumanAt: users.verifiedHumanAt
463
- }
464
- }).from(sessions).innerJoin(users, eq(sessions.userId, users.id)).where(eq(sessions.id, id)).limit(1);
465
- return rows[0] ?? null;
466
- },
467
- async create(data) {
468
- const rows = await db.insert(sessions).values(data).returning();
469
- return rows[0];
470
- },
471
- async update(id, data) {
472
- const rows = await db.update(sessions).set(data).where(eq(sessions.id, id)).returning();
473
- return rows[0];
474
- },
475
- async updateLastUsed(id) {
476
- await db.update(sessions).set({ lastUsed: /* @__PURE__ */ new Date() }).where(eq(sessions.id, id));
477
- const rows = await db.select({
478
- id: sessions.id,
479
- userId: sessions.userId,
480
- socketId: sessions.socketId,
481
- twoFaSecret: sessions.twoFaSecret,
482
- browserName: sessions.browserName,
483
- issuedAt: sessions.issuedAt,
484
- lastUsed: sessions.lastUsed,
485
- revokedAt: sessions.revokedAt,
486
- deviceId: sessions.deviceId,
487
- user: {
488
- verifiedHumanAt: users.verifiedHumanAt
489
- }
490
- }).from(sessions).innerJoin(users, eq(sessions.userId, users.id)).where(eq(sessions.id, id)).limit(1);
491
- return rows[0];
492
- },
493
- async revoke(id) {
494
- await db.update(sessions).set({ revokedAt: /* @__PURE__ */ new Date() }).where(eq(sessions.id, id));
495
- },
496
- async findActiveByUserId(userId, excludeSessionId) {
497
- const conditions = [eq(sessions.userId, userId), isNull(sessions.revokedAt)];
498
- if (excludeSessionId !== void 0) {
499
- conditions.push(ne(sessions.id, excludeSessionId));
500
- }
501
- return db.select({
502
- id: sessions.id,
503
- socketId: sessions.socketId,
504
- userId: sessions.userId
505
- }).from(sessions).where(and(...conditions));
506
- },
507
- async revokeAllByUserId(userId, excludeSessionId) {
508
- const conditions = [eq(sessions.userId, userId), isNull(sessions.revokedAt)];
509
- if (excludeSessionId !== void 0) {
510
- conditions.push(ne(sessions.id, excludeSessionId));
511
- }
512
- await db.update(sessions).set({ revokedAt: /* @__PURE__ */ new Date() }).where(and(...conditions));
513
- },
514
- async findTwoFaSecretsByUserId(userId) {
515
- return db.select({ twoFaSecret: sessions.twoFaSecret }).from(sessions).where(and(eq(sessions.userId, userId), isNotNull(sessions.twoFaSecret)));
516
- },
517
- async clearTwoFaSecrets(userId, excludeSessionId) {
518
- const conditions = [eq(sessions.userId, userId)];
519
- if (excludeSessionId !== void 0) {
520
- conditions.push(ne(sessions.id, excludeSessionId));
521
- }
522
- await db.update(sessions).set({ twoFaSecret: null }).where(and(...conditions));
523
- },
524
- async findByIdWithDevice(id, userId) {
525
- const rows = await db.select({
526
- twoFaSecret: sessions.twoFaSecret,
527
- deviceId: sessions.deviceId,
528
- device: {
529
- pushToken: devices.pushToken
530
- }
531
- }).from(sessions).leftJoin(devices, eq(sessions.deviceId, devices.id)).where(and(eq(sessions.id, id), eq(sessions.userId, userId))).limit(1);
532
- if (!rows[0]) return null;
533
- const row = rows[0];
534
- return {
535
- twoFaSecret: row.twoFaSecret,
536
- deviceId: row.deviceId,
537
- device: row.device?.pushToken ? { pushToken: row.device.pushToken } : null
538
- };
539
- },
540
- async revokeByDevicePushToken(userId, pushToken, excludeSessionId) {
541
- const deviceRows = await db.select({ id: devices.id }).from(devices).where(eq(devices.pushToken, pushToken)).limit(1);
542
- if (!deviceRows[0]) return;
543
- await db.update(sessions).set({ revokedAt: /* @__PURE__ */ new Date() }).where(
544
- and(
545
- eq(sessions.userId, userId),
546
- ne(sessions.id, excludeSessionId),
547
- isNull(sessions.revokedAt),
548
- eq(sessions.deviceId, deviceRows[0].id)
549
- )
550
- );
551
- },
552
- async clearDeviceId(userId, deviceId) {
553
- await db.update(sessions).set({ deviceId: null }).where(and(eq(sessions.userId, userId), eq(sessions.deviceId, deviceId)));
554
- }
555
- },
556
- otp: {
557
- async findValidByUserAndCode(userId, code) {
558
- const rows = await db.select().from(otps).where(
559
- and(eq(otps.userId, userId), eq(otps.code, code), gte(otps.expiresAt, /* @__PURE__ */ new Date()))
560
- ).limit(1);
561
- return rows[0] ?? null;
562
- },
563
- async create(data) {
564
- const rows = await db.insert(otps).values(data).returning();
565
- return rows[0];
566
- },
567
- async delete(id) {
568
- await db.delete(otps).where(eq(otps.id, id));
569
- }
570
- },
571
- passwordReset: {
572
- async findById(id) {
573
- const rows = await db.select({
574
- id: passwordResets.id,
575
- createdAt: passwordResets.createdAt,
576
- userId: passwordResets.userId
577
- }).from(passwordResets).where(eq(passwordResets.id, id)).limit(1);
578
- return rows[0] ?? null;
579
- },
580
- async create(userId) {
581
- const rows = await db.insert(passwordResets).values({ userId }).returning();
582
- return rows[0];
583
- },
584
- async delete(id) {
585
- await db.delete(passwordResets).where(eq(passwordResets.id, id));
586
- },
587
- async deleteAllByUserId(userId) {
588
- await db.delete(passwordResets).where(eq(passwordResets.userId, userId));
589
- }
590
- },
591
- device: {
592
- async findByTokenSessionAndUser(pushToken, sessionId, userId) {
593
- const rows = await db.select({ id: devices.id }).from(devices).where(eq(devices.pushToken, pushToken)).limit(1);
594
- if (!rows[0]) return null;
595
- if (tables.devicesToSessions && tables.devicesToUsers) {
596
- const sessionLink = await db.select().from(tables.devicesToSessions).where(
597
- and(
598
- eq(tables.devicesToSessions.deviceId, rows[0].id),
599
- eq(tables.devicesToSessions.sessionId, sessionId)
600
- )
601
- ).limit(1);
602
- const userLink = await db.select().from(tables.devicesToUsers).where(
603
- and(
604
- eq(tables.devicesToUsers.deviceId, rows[0].id),
605
- eq(tables.devicesToUsers.userId, userId)
606
- )
607
- ).limit(1);
608
- if (!sessionLink[0] || !userLink[0]) return null;
609
- }
610
- return { id: rows[0].id };
611
- },
612
- async upsertByPushToken(pushToken, sessionId, userId) {
613
- const existing = await db.select({ id: devices.id }).from(devices).where(eq(devices.pushToken, pushToken)).limit(1);
614
- let deviceId;
615
- if (existing[0]) {
616
- deviceId = existing[0].id;
617
- } else {
618
- const rows = await db.insert(devices).values({ pushToken }).returning({ id: devices.id });
619
- deviceId = rows[0].id;
620
- }
621
- if (tables.devicesToSessions) {
622
- await db.insert(tables.devicesToSessions).values({ deviceId, sessionId }).onConflictDoNothing();
623
- }
624
- if (tables.devicesToUsers) {
625
- await db.insert(tables.devicesToUsers).values({ deviceId, userId }).onConflictDoNothing();
626
- }
627
- await db.update(sessions).set({ deviceId }).where(eq(sessions.id, sessionId));
628
- },
629
- async findByUserAndToken(userId, pushToken) {
630
- if (tables.devicesToUsers) {
631
- const rows2 = await db.select({ id: devices.id }).from(devices).innerJoin(
632
- tables.devicesToUsers,
633
- eq(devices.id, tables.devicesToUsers.deviceId)
634
- ).where(
635
- and(
636
- eq(devices.pushToken, pushToken),
637
- eq(tables.devicesToUsers.userId, userId)
638
- )
639
- ).limit(1);
640
- return rows2[0] ? { id: rows2[0].id } : null;
641
- }
642
- const rows = await db.select({ id: devices.id }).from(devices).where(eq(devices.pushToken, pushToken)).limit(1);
643
- return rows[0] ? { id: rows[0].id } : null;
644
- },
645
- async disconnectUser(deviceId, userId) {
646
- if (tables.devicesToUsers) {
647
- await db.delete(tables.devicesToUsers).where(
648
- and(
649
- eq(tables.devicesToUsers.deviceId, deviceId),
650
- eq(tables.devicesToUsers.userId, userId)
651
- )
652
- );
653
- }
654
- },
655
- async hasRemainingUsers(deviceId) {
656
- if (tables.devicesToUsers) {
657
- const rows = await db.select({ userId: tables.devicesToUsers.userId }).from(tables.devicesToUsers).where(eq(tables.devicesToUsers.deviceId, deviceId)).limit(1);
658
- return rows.length > 0;
659
- }
660
- return false;
661
- },
662
- async delete(id) {
663
- await db.delete(devices).where(eq(devices.id, id));
664
- }
665
- },
666
- admin: {
667
- async findByUserId(userId) {
668
- const rows = await db.select({ ip: admins.ip }).from(admins).where(eq(admins.userId, userId)).limit(1);
669
- return rows[0] ?? null;
670
- }
671
- }
672
- };
673
- }
674
-
675
392
  // src/utilities/config.ts
676
393
  var defaultTokenSettings = {
677
- jwtExpiry: 30 * 24 * 60 * 60,
678
- // 30 days in seconds
394
+ jwtExpiry: 365 * 24 * 60 * 60,
395
+ // 1 year in seconds
679
396
  passwordResetExpiryMs: 60 * 60 * 1e3,
680
397
  // 1 hour
681
398
  otpValidityMs: 15 * 60 * 1e3
@@ -686,8 +403,8 @@ var defaultCookieSettings = {
686
403
  sameSite: "Strict",
687
404
  httpOnly: false,
688
405
  path: "/",
689
- maxAge: 30 * 24 * 60 * 60
690
- // 30 days in seconds
406
+ maxAge: 365 * 24 * 60 * 60
407
+ // 1 year in seconds (matches jwtExpiry)
691
408
  };
692
409
  var defaultStorageKeys = {
693
410
  authToken: "auth-token"
@@ -1137,6 +854,36 @@ function validatePasswordStrength(password, minLength = 6) {
1137
854
  return { valid: true };
1138
855
  }
1139
856
 
857
+ // src/utilities/session.ts
858
+ async function createSessionWithToken(config, params) {
859
+ const { userId, browserName, socketId, deviceId, extraSessionData } = params;
860
+ const session = await config.database.session.create({
861
+ userId,
862
+ browserName,
863
+ socketId,
864
+ ...deviceId != null ? { deviceId } : {},
865
+ ...extraSessionData
866
+ });
867
+ const user = await config.database.user.findById(userId);
868
+ const accessToken = createAuthToken(
869
+ {
870
+ id: session.id,
871
+ userId: session.userId,
872
+ verifiedHumanAt: user?.verifiedHumanAt ?? null
873
+ },
874
+ {
875
+ secret: config.secrets.jwt,
876
+ expiresIn: config.tokenSettings.jwtExpiry
877
+ }
878
+ );
879
+ return { accessToken, sessionId: session.id };
880
+ }
881
+ async function createSessionWithTokenAndCookie(config, params, res) {
882
+ const result = await createSessionWithToken(config, params);
883
+ setAuthCookie(res, result.accessToken, config.cookieSettings, config.storageKeys);
884
+ return result;
885
+ }
886
+
1140
887
  // src/utilities/totp.ts
1141
888
  var import_crypto = __toESM(require("crypto"));
1142
889
  var import_totp_generator = require("totp-generator");
@@ -2098,13 +1845,15 @@ var TwoFaProcedureFactory = class {
2098
1845
  var import_server7 = require("@trpc/server");
2099
1846
  var import_superjson = __toESM(require("superjson"));
2100
1847
  var import_zod2 = require("zod");
1848
+ function hasStringProp(obj, key) {
1849
+ return typeof obj === "object" && obj !== null && key in obj && typeof obj[key] === "string";
1850
+ }
2101
1851
  function isPrismaConnectionError(error) {
2102
1852
  if (!error || typeof error !== "object") {
2103
1853
  return false;
2104
1854
  }
2105
- const errorCode = error.code;
2106
- if (errorCode && typeof errorCode === "string") {
2107
- const codeMatch = errorCode.match(/^P(\d+)$/);
1855
+ if (hasStringProp(error, "code")) {
1856
+ const codeMatch = error.code.match(/^P(\d+)$/);
2108
1857
  if (codeMatch) {
2109
1858
  const codeNum = parseInt(codeMatch[1], 10);
2110
1859
  if (codeNum >= 1e3 && codeNum <= 1003) {
@@ -2114,14 +1863,13 @@ function isPrismaConnectionError(error) {
2114
1863
  }
2115
1864
  const constructorName = error.constructor?.name || "";
2116
1865
  if (constructorName.includes("Prisma")) {
2117
- const errorMessage = error.message?.toLowerCase() || "";
1866
+ const errorMessage = hasStringProp(error, "message") ? error.message.toLowerCase() : "";
2118
1867
  if (errorMessage.includes("can't reach database") || errorMessage.includes("authentication failed") || errorMessage.includes("database server") || errorMessage.includes("timeout") || errorMessage.includes("connection")) {
2119
1868
  return true;
2120
1869
  }
2121
1870
  }
2122
- const cause = error.cause;
2123
- if (cause) {
2124
- return isPrismaConnectionError(cause);
1871
+ if ("cause" in error) {
1872
+ return isPrismaConnectionError(error.cause);
2125
1873
  }
2126
1874
  return false;
2127
1875
  }
@@ -2167,8 +1915,9 @@ function createBaseProcedure(t, authGuard) {
2167
1915
  }
2168
1916
  function getClientIp(req) {
2169
1917
  const forwarded = req.headers["x-forwarded-for"];
2170
- if (forwarded) {
2171
- return forwarded.split(",")[0]?.trim();
1918
+ const forwardedStr = Array.isArray(forwarded) ? forwarded[0] : forwarded;
1919
+ if (forwardedStr) {
1920
+ return forwardedStr.split(",")[0]?.trim();
2172
1921
  }
2173
1922
  return req.socket.remoteAddress || void 0;
2174
1923
  }
@@ -2186,7 +1935,7 @@ var AuthRouterFactory = class {
2186
1935
  constructor(userConfig) {
2187
1936
  this.userConfig = userConfig;
2188
1937
  this.config = createAuthConfig(this.userConfig);
2189
- this.schemas = createSchemas(this.config.schemaExtensions);
1938
+ this.schemas = createSchemas(this.userConfig.schemaExtensions);
2190
1939
  this.t = createTrpcBuilder(this.config);
2191
1940
  this.authGuard = createAuthGuard(this.config, this.t);
2192
1941
  this.procedure = createBaseProcedure(this.t, this.authGuard);
@@ -2244,10 +1993,11 @@ function createAuthRouter(config) {
2244
1993
  createAuthRouter,
2245
1994
  createAuthToken,
2246
1995
  createConsoleEmailAdapter,
2247
- createDrizzleAdapter,
2248
1996
  createNoopEmailAdapter,
2249
1997
  createOAuthVerifier,
2250
1998
  createPrismaAdapter,
1999
+ createSessionWithToken,
2000
+ createSessionWithTokenAndCookie,
2251
2001
  decodeToken,
2252
2002
  defaultAuthConfig,
2253
2003
  defaultCookieSettings,