@hono/auth-js 1.0.10 → 1.0.12

package/README.md

@@ -16,78 +16,72 @@ Before starting using the middleware you must set the following environment vari
 
 ```plain
 AUTH_SECRET=#required
-AUTH_URL=#optional
+AUTH_URL=https://example.com/api/auth
 ```
 
 ## How to Use
 
 ```ts
-import { Hono, Context } from 'hono'
-import { authHandler, initAuthConfig, verifyAuth, type AuthConfig } from "@hono/auth-js"
-import GitHub from "@auth/core/providers/github"
+import { Hono } from 'hono'
+import { authHandler, initAuthConfig, verifyAuth } from '@hono/auth-js'
+import GitHub from '@auth/core/providers/github'
 
 const app = new Hono()
 
-app.use("*", initAuthConfig(getAuthConfig))
+app.use(
+  '*',
+  initAuthConfig((c) => ({
+    secret: c.env.AUTH_SECRET,
+    providers: [
+      GitHub({
+        clientId: c.env.GITHUB_ID,
+        clientSecret: c.env.GITHUB_SECRET,
+      }),
+    ],
+  }))
+)
 
-app.use("/api/auth/*", authHandler())
+app.use('/api/auth/*', authHandler())
 
 app.use('/api/*', verifyAuth())
 
 app.get('/api/protected', (c) => {
-  const auth = c.get("authUser")
+  const auth = c.get('authUser')
   return c.json(auth)
 })
 
-function getAuthConfig(c: Context): AuthConfig {
-  return {
-    secret: c.env.AUTH_SECRET,
-    providers: [
-      GitHub({
-        clientId: c.env.GITHUB_ID,
-        clientSecret: c.env.GITHUB_SECRET
-      }),
-    ]
-  }
-}
-
 export default app
 ```
 
 React component
-```tsx
-import { SessionProvider } from "@hono/auth-js/react"
 
-export default  function App() {
+```tsx
+import { SessionProvider, useSession } from '@hono/auth-js/react'
 
+export default function App() {
   return (
     <SessionProvider>
-       <Children />
+      <Children />
     </SessionProvider>
   )
 }
 
 function Children() {
   const { data: session, status } = useSession()
-  return (
-    <div >
-     I am {session?.user}
-    </div>
-  )
+  return <div>I am {session?.user}</div>
 }
 ```
+
 Default `/api/auth` path can be changed to something else but that will also require you to change path in react app.
 
 ```tsx
-import {SessionProvider,authConfigManager,useSession } from "@hono/auth-js/react"
+import { SessionProvider, authConfigManager, useSession } from '@hono/auth-js/react'
 
 authConfigManager.setConfig({
-  baseUrl: '', //needed  for cross domain setup.
   basePath: '/custom', // if auth route is diff from /api/auth
-  credentials:'same-origin' //needed  for cross domain setup
-});
+})
 
-export default  function App() {
+export default function App() {
   return (
     <SessionProvider>
       <Children />
@@ -97,45 +91,27 @@ export default  function App() {
 
 function Children() {
   const { data: session, status } = useSession()
-  return (
-    <div >
-     I am {session?.user}
-    </div>
-  )
+  return <div>I am {session?.user}</div>
 }
 ```
-For cross domain setup as mentioned above you need to set these cors headers in hono along with change in same site cookie attribute.[Read More Here](https://next-auth.js.org/configuration/options#cookies)
-``` ts
-app.use(
-  "*",
-  cors({
-    origin: (origin) => origin,
-    allowHeaders: ["Content-Type"],
-    credentials: true,
-  })
-)
-```
 
-
-SessionProvider is not needed with react query.This wrapper is enough
+SessionProvider is not needed with react query.Use useQuery hook to fetch session data.
 
 ```ts
-const useSession = ()=>{
-  const { data ,status } = useQuery({
-  queryKey: ["session"],
-  queryFn: async () => {
-    const res = await fetch("/api/auth/session")
-    return res.json();
-  },
-  staleTime: 5 * (60 * 1000),
-  gcTime: 10 * (60 * 1000),
-  refetchOnWindowFocus: true,
-})
- return { session:data, status }
+const useSession = () => {
+  const { data, status } = useQuery({
+    queryKey: ['session'],
+    queryFn: async () => {
+      const res = await fetch('/api/auth/session')
+      return res.json()
+    },
+    staleTime: 5 * (60 * 1000),
+    gcTime: 10 * (60 * 1000),
+    refetchOnWindowFocus: true,
+  })
+  return { session: data, status }
 }
 ```
-> [!WARNING]
-> You can't use event updates which SessionProvider provides and session will not be in  sync across tabs if you use react query wrapper but in  RQ5 you can enable this using Broadcast channel (see RQ docs).
 
 Working example repo https://github.com/divyam234/next-auth-hono-react
 

package/dist/index.js

@@ -34,7 +34,6 @@ var import_http_exception = require("hono/http-exception");
 var import_core2 = require("@auth/core");
 function setEnvDefaults(env2, config) {
   config.secret ??= env2.AUTH_SECRET;
-  config.basePath ||= "/api/auth";
   (0, import_core2.setEnvDefaults)(env2, config);
 }
 async function cloneRequest(input, request, headers) {
@@ -43,13 +42,10 @@ async function cloneRequest(input, request, headers) {
       method: request.method,
       headers: headers ?? new Headers(request.headers),
       body: request.method === "GET" || request.method === "HEAD" ? void 0 : await request.blob(),
-      // @ts-ignore: TS2353
       referrer: "referrer" in request ? request.referrer : void 0,
-      // deno-lint-ignore no-explicit-any
       referrerPolicy: request.referrerPolicy,
       mode: request.mode,
       credentials: request.credentials,
-      // @ts-ignore: TS2353
       cache: request.cache,
       redirect: request.redirect,
       integrity: request.integrity,
@@ -64,28 +60,30 @@ async function reqWithEnvUrl(req, authUrl) {
     const reqUrlObj = new URL(req.url);
     const authUrlObj = new URL(authUrl);
     const props = ["hostname", "protocol", "port", "password", "username"];
-    props.forEach((prop) => reqUrlObj[prop] = authUrlObj[prop]);
-    return cloneRequest(reqUrlObj.href, req);
-  } else {
-    const url = new URL(req.url);
-    const headers = new Headers(req.headers);
-    const proto = headers.get("x-forwarded-proto");
-    const host = headers.get("x-forwarded-host") ?? headers.get("host");
-    if (proto != null)
-      url.protocol = proto.endsWith(":") ? proto : proto + ":";
-    if (host != null) {
-      url.host = host;
-      const portMatch = host.match(/:(\d+)$/);
-      if (portMatch)
-        url.port = portMatch[1];
-      else
-        url.port = "";
-      headers.delete("x-forwarded-host");
-      headers.delete("Host");
-      headers.set("Host", host);
+    for (const prop of props) {
+      if (authUrlObj[prop])
+        reqUrlObj[prop] = authUrlObj[prop];
     }
-    return cloneRequest(url.href, req, headers);
+    return cloneRequest(reqUrlObj.href, req);
+  }
+  const url = new URL(req.url);
+  const headers = new Headers(req.headers);
+  const proto = headers.get("x-forwarded-proto");
+  const host = headers.get("x-forwarded-host") ?? headers.get("host");
+  if (proto != null)
+    url.protocol = proto.endsWith(":") ? proto : `${proto}:`;
+  if (host != null) {
+    url.host = host;
+    const portMatch = host.match(/:(\d+)$/);
+    if (portMatch)
+      url.port = portMatch[1];
+    else
+      url.port = "";
+    headers.delete("x-forwarded-host");
+    headers.delete("Host");
+    headers.set("Host", host);
   }
+  return cloneRequest(url.href, req, headers);
 }
 async function getAuthUser(c) {
   const config = c.get("authConfig");
@@ -110,7 +108,7 @@ async function getAuthUser(c) {
     }
   });
   const session = await response.json();
-  return session && session.user ? authUser : null;
+  return session?.user ? authUser : null;
 }
 function verifyAuth() {
   return async (c, next) => {
@@ -121,9 +119,8 @@ function verifyAuth() {
         status: 401
       });
       throw new import_http_exception.HTTPException(401, { res });
-    } else {
-      c.set("authUser", authUser);
     }
+    c.set("authUser", authUser);
     await next();
   };
 }

package/dist/index.mjs

@@ -5,7 +5,6 @@ import { HTTPException } from "hono/http-exception";
 import { setEnvDefaults as coreSetEnvDefaults } from "@auth/core";
 function setEnvDefaults(env2, config) {
   config.secret ??= env2.AUTH_SECRET;
-  config.basePath ||= "/api/auth";
   coreSetEnvDefaults(env2, config);
 }
 async function cloneRequest(input, request, headers) {
@@ -14,13 +13,10 @@ async function cloneRequest(input, request, headers) {
       method: request.method,
       headers: headers ?? new Headers(request.headers),
       body: request.method === "GET" || request.method === "HEAD" ? void 0 : await request.blob(),
-      // @ts-ignore: TS2353
       referrer: "referrer" in request ? request.referrer : void 0,
-      // deno-lint-ignore no-explicit-any
       referrerPolicy: request.referrerPolicy,
       mode: request.mode,
       credentials: request.credentials,
-      // @ts-ignore: TS2353
       cache: request.cache,
       redirect: request.redirect,
       integrity: request.integrity,
@@ -35,28 +31,30 @@ async function reqWithEnvUrl(req, authUrl) {
     const reqUrlObj = new URL(req.url);
     const authUrlObj = new URL(authUrl);
     const props = ["hostname", "protocol", "port", "password", "username"];
-    props.forEach((prop) => reqUrlObj[prop] = authUrlObj[prop]);
-    return cloneRequest(reqUrlObj.href, req);
-  } else {
-    const url = new URL(req.url);
-    const headers = new Headers(req.headers);
-    const proto = headers.get("x-forwarded-proto");
-    const host = headers.get("x-forwarded-host") ?? headers.get("host");
-    if (proto != null)
-      url.protocol = proto.endsWith(":") ? proto : proto + ":";
-    if (host != null) {
-      url.host = host;
-      const portMatch = host.match(/:(\d+)$/);
-      if (portMatch)
-        url.port = portMatch[1];
-      else
-        url.port = "";
-      headers.delete("x-forwarded-host");
-      headers.delete("Host");
-      headers.set("Host", host);
+    for (const prop of props) {
+      if (authUrlObj[prop])
+        reqUrlObj[prop] = authUrlObj[prop];
     }
-    return cloneRequest(url.href, req, headers);
+    return cloneRequest(reqUrlObj.href, req);
+  }
+  const url = new URL(req.url);
+  const headers = new Headers(req.headers);
+  const proto = headers.get("x-forwarded-proto");
+  const host = headers.get("x-forwarded-host") ?? headers.get("host");
+  if (proto != null)
+    url.protocol = proto.endsWith(":") ? proto : `${proto}:`;
+  if (host != null) {
+    url.host = host;
+    const portMatch = host.match(/:(\d+)$/);
+    if (portMatch)
+      url.port = portMatch[1];
+    else
+      url.port = "";
+    headers.delete("x-forwarded-host");
+    headers.delete("Host");
+    headers.set("Host", host);
   }
+  return cloneRequest(url.href, req, headers);
 }
 async function getAuthUser(c) {
   const config = c.get("authConfig");
@@ -81,7 +79,7 @@ async function getAuthUser(c) {
     }
   });
   const session = await response.json();
-  return session && session.user ? authUser : null;
+  return session?.user ? authUser : null;
 }
 function verifyAuth() {
   return async (c, next) => {
@@ -92,9 +90,8 @@ function verifyAuth() {
         status: 401
       });
       throw new HTTPException(401, { res });
-    } else {
-      c.set("authUser", authUser);
     }
+    c.set("authUser", authUser);
     await next();
   };
 }

package/dist/react.d.mts

@@ -1,14 +1,18 @@
 import { BuiltInProviderType, ProviderType, RedirectableProviderType } from '@auth/core/providers';
 import { Session } from '@auth/core/types';
-import * as React from 'react';
+import * as React$1 from 'react';
 
+interface GetSessionParams {
+    event?: 'storage' | 'timer' | 'hidden' | string;
+    triggerEvent?: boolean;
+}
 interface AuthClientConfig {
     baseUrl: string;
     basePath: string;
-    credentials?: RequestCredentials;
-    _session?: Session | null | undefined;
-    _lastSync: number;
-    _getSession: (...args: any[]) => any;
+    credentials: RequestCredentials;
+    lastSync: number;
+    session: Session | null;
+    fetchSession: (params?: GetSessionParams) => Promise<void>;
 }
 interface UseSessionOptions<R extends boolean> {
     required: R;
@@ -23,13 +27,7 @@ interface ClientSafeProvider {
     callbackUrl: string;
 }
 interface SignInOptions extends Record<string, unknown> {
-    /**
-     * Specify to which URL the user will be redirected after signing in. Defaults to the page URL the sign-in is initiated from.
-     *
-     * [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl)
-     */
     callbackUrl?: string;
-    /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option) */
     redirect?: boolean;
 }
 interface SignInResponse {
@@ -43,29 +41,16 @@ interface SignOutResponse {
     url: string;
 }
 interface SignOutParams<R extends boolean = true> {
-    /** [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl-1) */
     callbackUrl?: string;
-    /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1 */
     redirect?: R;
 }
 interface SessionProviderProps {
     children: React.ReactNode;
     session?: Session | null;
-    baseUrl?: string;
-    basePath?: string;
     refetchInterval?: number;
     refetchOnWindowFocus?: boolean;
     refetchWhenOffline?: false;
 }
-
-declare class AuthConfigManager {
-    private static instance;
-    _config: AuthClientConfig;
-    static getInstance(): AuthConfigManager;
-    setConfig(userConfig: Partial<AuthClientConfig>): void;
-    getConfig(): AuthClientConfig;
-}
-declare const authConfigManager: AuthConfigManager;
 type UpdateSession = (data?: any) => Promise<Session | null>;
 type SessionContextValue<R extends boolean = false> = R extends true ? {
     update: UpdateSession;
@@ -84,31 +69,34 @@ type SessionContextValue<R extends boolean = false> = R extends true ? {
     data: null;
     status: 'unauthenticated' | 'loading';
 };
-declare const SessionContext: React.Context<{
+
+declare class AuthConfigManager {
+    private static instance;
+    private config;
+    private constructor();
+    private createDefaultConfig;
+    static getInstance(): AuthConfigManager;
+    setConfig(userConfig: Partial<AuthClientConfig>): void;
+    getConfig(): AuthClientConfig;
+    initializeConfig(hasInitialSession: boolean): void;
+}
+declare const authConfigManager: AuthConfigManager;
+declare const SessionContext: React$1.Context<{
     update: UpdateSession;
     data: Session;
-    status: 'authenticated';
+    status: "authenticated";
 } | {
     update: UpdateSession;
     data: null;
-    status: 'unauthenticated' | 'loading';
+    status: "loading" | "unauthenticated";
 } | undefined>;
-declare function useSession<R extends boolean>(options?: UseSessionOptions<R>): SessionContextValue<R>;
-interface GetSessionParams {
-    event?: 'storage' | 'timer' | 'hidden' | string;
-    triggerEvent?: boolean;
-    broadcast?: boolean;
-}
 declare function getSession(params?: GetSessionParams): Promise<Session | null>;
 declare function getCsrfToken(): Promise<string>;
+declare function SessionProvider(props: SessionProviderProps): React$1.JSX.Element;
+declare function useSession<R extends boolean>(options?: UseSessionOptions<R>): SessionContextValue<R>;
 type ProvidersType = Record<LiteralUnion<BuiltInProviderType>, ClientSafeProvider>;
 declare function getProviders(): Promise<ProvidersType | null>;
 declare function signIn<P extends RedirectableProviderType | undefined = undefined>(provider?: LiteralUnion<P extends RedirectableProviderType ? P | BuiltInProviderType : BuiltInProviderType>, options?: SignInOptions, authorizationParams?: SignInAuthorizationParams): Promise<P extends RedirectableProviderType ? SignInResponse | undefined : undefined>;
-/**
- * Initiate a signout, by destroying the current session.
- * Handles CSRF protection.
- */
 declare function signOut<R extends boolean = true>(options?: SignOutParams<R>): Promise<R extends true ? undefined : SignOutResponse>;
-declare function SessionProvider(props: SessionProviderProps): React.JSX.Element;
 
-export { type GetSessionParams, type LiteralUnion, SessionContext, type SessionContextValue, SessionProvider, type SessionProviderProps, type SignInAuthorizationParams, type SignInOptions, type SignInResponse, type SignOutParams, type UpdateSession, authConfigManager, getCsrfToken, getProviders, getSession, signIn, signOut, useSession };
+export { SessionContext, SessionProvider, authConfigManager, getCsrfToken, getProviders, getSession, signIn, signOut, useSession };

package/dist/react.d.ts

@@ -1,14 +1,18 @@
 import { BuiltInProviderType, ProviderType, RedirectableProviderType } from '@auth/core/providers';
 import { Session } from '@auth/core/types';
-import * as React from 'react';
+import * as React$1 from 'react';
 
+interface GetSessionParams {
+    event?: 'storage' | 'timer' | 'hidden' | string;
+    triggerEvent?: boolean;
+}
 interface AuthClientConfig {
     baseUrl: string;
     basePath: string;
-    credentials?: RequestCredentials;
-    _session?: Session | null | undefined;
-    _lastSync: number;
-    _getSession: (...args: any[]) => any;
+    credentials: RequestCredentials;
+    lastSync: number;
+    session: Session | null;
+    fetchSession: (params?: GetSessionParams) => Promise<void>;
 }
 interface UseSessionOptions<R extends boolean> {
     required: R;
@@ -23,13 +27,7 @@ interface ClientSafeProvider {
     callbackUrl: string;
 }
 interface SignInOptions extends Record<string, unknown> {
-    /**
-     * Specify to which URL the user will be redirected after signing in. Defaults to the page URL the sign-in is initiated from.
-     *
-     * [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl)
-     */
     callbackUrl?: string;
-    /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option) */
     redirect?: boolean;
 }
 interface SignInResponse {
@@ -43,29 +41,16 @@ interface SignOutResponse {
     url: string;
 }
 interface SignOutParams<R extends boolean = true> {
-    /** [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl-1) */
     callbackUrl?: string;
-    /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1 */
     redirect?: R;
 }
 interface SessionProviderProps {
     children: React.ReactNode;
     session?: Session | null;
-    baseUrl?: string;
-    basePath?: string;
     refetchInterval?: number;
     refetchOnWindowFocus?: boolean;
     refetchWhenOffline?: false;
 }
-
-declare class AuthConfigManager {
-    private static instance;
-    _config: AuthClientConfig;
-    static getInstance(): AuthConfigManager;
-    setConfig(userConfig: Partial<AuthClientConfig>): void;
-    getConfig(): AuthClientConfig;
-}
-declare const authConfigManager: AuthConfigManager;
 type UpdateSession = (data?: any) => Promise<Session | null>;
 type SessionContextValue<R extends boolean = false> = R extends true ? {
     update: UpdateSession;
@@ -84,31 +69,34 @@ type SessionContextValue<R extends boolean = false> = R extends true ? {
     data: null;
     status: 'unauthenticated' | 'loading';
 };
-declare const SessionContext: React.Context<{
+
+declare class AuthConfigManager {
+    private static instance;
+    private config;
+    private constructor();
+    private createDefaultConfig;
+    static getInstance(): AuthConfigManager;
+    setConfig(userConfig: Partial<AuthClientConfig>): void;
+    getConfig(): AuthClientConfig;
+    initializeConfig(hasInitialSession: boolean): void;
+}
+declare const authConfigManager: AuthConfigManager;
+declare const SessionContext: React$1.Context<{
     update: UpdateSession;
     data: Session;
-    status: 'authenticated';
+    status: "authenticated";
 } | {
     update: UpdateSession;
     data: null;
-    status: 'unauthenticated' | 'loading';
+    status: "loading" | "unauthenticated";
 } | undefined>;
-declare function useSession<R extends boolean>(options?: UseSessionOptions<R>): SessionContextValue<R>;
-interface GetSessionParams {
-    event?: 'storage' | 'timer' | 'hidden' | string;
-    triggerEvent?: boolean;
-    broadcast?: boolean;
-}
 declare function getSession(params?: GetSessionParams): Promise<Session | null>;
 declare function getCsrfToken(): Promise<string>;
+declare function SessionProvider(props: SessionProviderProps): React$1.JSX.Element;
+declare function useSession<R extends boolean>(options?: UseSessionOptions<R>): SessionContextValue<R>;
 type ProvidersType = Record<LiteralUnion<BuiltInProviderType>, ClientSafeProvider>;
 declare function getProviders(): Promise<ProvidersType | null>;
 declare function signIn<P extends RedirectableProviderType | undefined = undefined>(provider?: LiteralUnion<P extends RedirectableProviderType ? P | BuiltInProviderType : BuiltInProviderType>, options?: SignInOptions, authorizationParams?: SignInAuthorizationParams): Promise<P extends RedirectableProviderType ? SignInResponse | undefined : undefined>;
-/**
- * Initiate a signout, by destroying the current session.
- * Handles CSRF protection.
- */
 declare function signOut<R extends boolean = true>(options?: SignOutParams<R>): Promise<R extends true ? undefined : SignOutResponse>;
-declare function SessionProvider(props: SessionProviderProps): React.JSX.Element;
 
-export { type GetSessionParams, type LiteralUnion, SessionContext, type SessionContextValue, SessionProvider, type SessionProviderProps, type SignInAuthorizationParams, type SignInOptions, type SignInResponse, type SignOutParams, type UpdateSession, authConfigManager, getCsrfToken, getProviders, getSession, signIn, signOut, useSession };
+export { SessionContext, SessionProvider, authConfigManager, getCsrfToken, getProviders, getSession, signIn, signOut, useSession };