@hono/auth-js 1.0.15 → 1.0.17

package/CHANGELOG.md

@@ -0,0 +1,109 @@
+# @hono/auth-js
+
+## 1.0.17
+
+### Patch Changes
+
+- [#1210](https://github.com/honojs/middleware/pull/1210) [`0758fd0af1f213131d0894299e5bec716d284580`](https://github.com/honojs/middleware/commit/0758fd0af1f213131d0894299e5bec716d284580) Thanks [@BarryThePenguin](https://github.com/BarryThePenguin)! - Add explicit return types
+
+## 1.0.16
+
+### Patch Changes
+
+- [#1170](https://github.com/honojs/middleware/pull/1170) [`7585969171ad4876e7620c7369eb9b638849d0eb`](https://github.com/honojs/middleware/commit/7585969171ad4876e7620c7369eb9b638849d0eb) Thanks [@hambergerpls](https://github.com/hambergerpls)! - fix(auth-js): use HonoRequest.blob() instead of HonoRequest.raw.body()
+
+## 1.0.15
+
+### Patch Changes
+
+- [#813](https://github.com/honojs/middleware/pull/813) [`b1c812e50c9388cf7cda893e7c554cedeb24d803`](https://github.com/honojs/middleware/commit/b1c812e50c9388cf7cda893e7c554cedeb24d803) Thanks [@divyam234](https://github.com/divyam234)! - add react 19 in peer dependencies
+
+## 1.0.14
+
+### Patch Changes
+
+- [#806](https://github.com/honojs/middleware/pull/806) [`9a2cf452c7000aee4193502da755b2c4352b077d`](https://github.com/honojs/middleware/commit/9a2cf452c7000aee4193502da755b2c4352b077d) Thanks [@985563349](https://github.com/985563349)! - fix cloned request causing request body to be unavailable in middleware
+
+## 1.0.13
+
+### Patch Changes
+
+- [#790](https://github.com/honojs/middleware/pull/790) [`ed31c680f7cb4d08985c820e8e1bf051ddc57acd`](https://github.com/honojs/middleware/commit/ed31c680f7cb4d08985c820e8e1bf051ddc57acd) Thanks [@divyam234](https://github.com/divyam234)! - clone request directly for bun
+
+## 1.0.12
+
+### Patch Changes
+
+- [#775](https://github.com/honojs/middleware/pull/775) [`c19b51baaf396647f2d6b021e38f083768328b74`](https://github.com/honojs/middleware/commit/c19b51baaf396647f2d6b021e38f083768328b74) Thanks [@divyam234](https://github.com/divyam234)! - refactor session provider
+
+## 1.0.11
+
+### Patch Changes
+
+- [#769](https://github.com/honojs/middleware/pull/769) [`c2d661aa697bc3800a1b4b6c10ed3589d6d85cf2`](https://github.com/honojs/middleware/commit/c2d661aa697bc3800a1b4b6c10ed3589d6d85cf2) Thanks [@yusukebe](https://github.com/yusukebe)! - fix: remove config.basePath
+
+## 1.0.10
+
+### Patch Changes
+
+- [#614](https://github.com/honojs/middleware/pull/614) [`19f3beae1ab33bb3257694c742d1b3e5487a187d`](https://github.com/honojs/middleware/commit/19f3beae1ab33bb3257694c742d1b3e5487a187d) Thanks [@divyam234](https://github.com/divyam234)! - fix immutable headers error in x-forwarded req
+
+## 1.0.9
+
+### Patch Changes
+
+- [#598](https://github.com/honojs/middleware/pull/598) [`eb7e597aaabce2b2ac6e7809579c44f440c2b8b0`](https://github.com/honojs/middleware/commit/eb7e597aaabce2b2ac6e7809579c44f440c2b8b0) Thanks [@divyam234](https://github.com/divyam234)! - fix bun req cloning
+
+## 1.0.8
+
+### Patch Changes
+
+- [#549](https://github.com/honojs/middleware/pull/549) [`d5ebee9c70b5c6e9ecdcadd39805a6a7c481c0ee`](https://github.com/honojs/middleware/commit/d5ebee9c70b5c6e9ecdcadd39805a6a7c481c0ee) Thanks [@divyam234](https://github.com/divyam234)! - handle x-forwarded headers to detect auth url
+
+## 1.0.7
+
+### Patch Changes
+
+- [#494](https://github.com/honojs/middleware/pull/494) [`300ef2f8bf4761b7b005e0c4ee7cb6ccf3ef810b`](https://github.com/honojs/middleware/commit/300ef2f8bf4761b7b005e0c4ee7cb6ccf3ef810b) Thanks [@divyam234](https://github.com/divyam234)! - fix for ssr
+
+## 1.0.6
+
+### Patch Changes
+
+- [#486](https://github.com/honojs/middleware/pull/486) [`18959557f45851a0109a63de3e865329c30d4fcc`](https://github.com/honojs/middleware/commit/18959557f45851a0109a63de3e865329c30d4fcc) Thanks [@yusukebe](https://github.com/yusukebe)! - fix: use `env` in `hono/adapter` and add tests
+
+## 1.0.5
+
+### Patch Changes
+
+- [#481](https://github.com/honojs/middleware/pull/481) [`b8fb9a06c13c3d5988b21e1b286c2a0b5ba99d80`](https://github.com/honojs/middleware/commit/b8fb9a06c13c3d5988b21e1b286c2a0b5ba99d80) Thanks [@DIYgod](https://github.com/DIYgod)! - fix AUTH_URL not working in getAuthUser
+
+## 1.0.4
+
+### Patch Changes
+
+- [#478](https://github.com/honojs/middleware/pull/478) [`5004ca9c5b6f75c1fca001c26fc70b927c154589`](https://github.com/honojs/middleware/commit/5004ca9c5b6f75c1fca001c26fc70b927c154589) Thanks [@DIYgod](https://github.com/DIYgod)! - fix env AUTH_URL not working
+
+## 1.0.3
+
+### Patch Changes
+
+- [#380](https://github.com/honojs/middleware/pull/380) [`ea19f6bdeb14216da0880baf5dd5885395c0f008`](https://github.com/honojs/middleware/commit/ea19f6bdeb14216da0880baf5dd5885395c0f008) Thanks [@CarlosZiegler](https://github.com/CarlosZiegler)! - fix: change peer dependency to support v4.0.0
+
+## 1.0.2
+
+### Patch Changes
+
+- [#359](https://github.com/honojs/middleware/pull/359) [`4ccda19d3176d9148310bcdb33baf48986433342`](https://github.com/honojs/middleware/commit/4ccda19d3176d9148310bcdb33baf48986433342) Thanks [@divyam234](https://github.com/divyam234)! - Update @auth/core version and set default basePath
+
+## 1.0.1
+
+### Patch Changes
+
+- [#330](https://github.com/honojs/middleware/pull/330) [`766738e0ea8f5e45739e0ffc4248f132f6313957`](https://github.com/honojs/middleware/commit/766738e0ea8f5e45739e0ffc4248f132f6313957) Thanks [@divyam234](https://github.com/divyam234)! - added react as peer dependency
+
+## 1.0.0
+
+### Major Changes
+
+- [#326](https://github.com/honojs/middleware/pull/326) [`f9859e8fa7e79e1111b8d335d927e7de0309dd7d`](https://github.com/honojs/middleware/commit/f9859e8fa7e79e1111b8d335d927e7de0309dd7d) Thanks [@divyam234](https://github.com/divyam234)! - initial support auth.js with hono

package/README.md

@@ -1,5 +1,7 @@
 # Auth.js middleware for Hono
 
+[![codecov](https://codecov.io/github/honojs/middleware/graph/badge.svg?flag=auth-js)](https://codecov.io/github/honojs/middleware)
+
 This is a [Auth.js](https://authjs.dev) third-party middleware for [Hono](https://github.com/honojs/hono).
 
 This middleware can be used to inject the Auth.js session into the request context.
@@ -112,6 +114,7 @@ const useSession = () => {
   return { session: data, status }
 }
 ```
+
 For more details on how to Popup Oauth Login see [example](https://github.com/divyam234/next-auth-hono-react)
 
 ## Author

package/dist/{index.mjs → index.cjs}

@@ -1,11 +1,39 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
 // src/index.ts
-import { Auth } from "@auth/core";
-import { env } from "hono/adapter";
-import { HTTPException } from "hono/http-exception";
-import { setEnvDefaults as coreSetEnvDefaults } from "@auth/core";
+var index_exports = {};
+__export(index_exports, {
+  authHandler: () => authHandler,
+  getAuthUser: () => getAuthUser,
+  initAuthConfig: () => initAuthConfig,
+  reqWithEnvUrl: () => reqWithEnvUrl,
+  setEnvDefaults: () => setEnvDefaults,
+  verifyAuth: () => verifyAuth
+});
+module.exports = __toCommonJS(index_exports);
+var import_core = require("@auth/core");
+var import_adapter = require("hono/adapter");
+var import_http_exception = require("hono/http-exception");
 function setEnvDefaults(env2, config) {
   config.secret ??= env2.AUTH_SECRET;
-  coreSetEnvDefaults(env2, config);
+  (0, import_core.setEnvDefaults)(env2, config);
 }
 function reqWithEnvUrl(req, authUrl) {
   if (authUrl) {
@@ -13,8 +41,9 @@ function reqWithEnvUrl(req, authUrl) {
     const authUrlObj = new URL(authUrl);
     const props = ["hostname", "protocol", "port", "password", "username"];
     for (const prop of props) {
-      if (authUrlObj[prop])
+      if (authUrlObj[prop]) {
         reqUrlObj[prop] = authUrlObj[prop];
+      }
     }
     return new Request(reqUrlObj.href, req);
   }
@@ -22,15 +51,17 @@ function reqWithEnvUrl(req, authUrl) {
   const newReq = new Request(url.href, req);
   const proto = newReq.headers.get("x-forwarded-proto");
   const host = newReq.headers.get("x-forwarded-host") ?? newReq.headers.get("host");
-  if (proto != null)
+  if (proto != null) {
     url.protocol = proto.endsWith(":") ? proto : `${proto}:`;
+  }
   if (host != null) {
     url.host = host;
     const portMatch = host.match(/:(\d+)$/);
-    if (portMatch)
+    if (portMatch) {
       url.port = portMatch[1];
-    else
+    } else {
       url.port = "";
+    }
     newReq.headers.delete("x-forwarded-host");
     newReq.headers.delete("Host");
     newReq.headers.set("Host", host);
@@ -39,7 +70,7 @@ function reqWithEnvUrl(req, authUrl) {
 }
 async function getAuthUser(c) {
   const config = c.get("authConfig");
-  const ctxEnv = env(c);
+  const ctxEnv = (0, import_adapter.env)(c);
   setEnvDefaults(ctxEnv, config);
   const authReq = reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL);
   const origin = new URL(authReq.url).origin;
@@ -47,7 +78,7 @@ async function getAuthUser(c) {
     headers: { cookie: c.req.header("cookie") ?? "" }
   });
   let authUser = {};
-  const response = await Auth(request, {
+  const response = await (0, import_core.Auth)(request, {
     ...config,
     callbacks: {
       ...config.callbacks,
@@ -70,7 +101,7 @@ function verifyAuth() {
       const res = new Response("Unauthorized", {
         status: 401
       });
-      throw new HTTPException(401, { res });
+      throw new import_http_exception.HTTPException(401, { res });
     }
     c.set("authUser", authUser);
     await next();
@@ -86,20 +117,41 @@ function initAuthConfig(cb) {
 function authHandler() {
   return async (c) => {
     const config = c.get("authConfig");
-    const ctxEnv = env(c);
+    const ctxEnv = (0, import_adapter.env)(c);
     setEnvDefaults(ctxEnv, config);
     if (!config.secret || config.secret.length === 0) {
-      throw new HTTPException(500, { message: "Missing AUTH_SECRET" });
+      throw new import_http_exception.HTTPException(500, { message: "Missing AUTH_SECRET" });
     }
-    const res = await Auth(reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL), config);
+    const body = c.req.raw.body ? await c.req.blob() : void 0;
+    const res = await (0, import_core.Auth)(
+      reqWithEnvUrl(
+        new Request(c.req.raw.url, {
+          body,
+          cache: c.req.raw.cache,
+          credentials: c.req.raw.credentials,
+          headers: c.req.raw.headers,
+          integrity: c.req.raw.integrity,
+          keepalive: c.req.raw.keepalive,
+          method: c.req.raw.method,
+          mode: c.req.raw.mode,
+          redirect: c.req.raw.redirect,
+          referrer: c.req.raw.referrer,
+          referrerPolicy: c.req.raw.referrerPolicy,
+          signal: c.req.raw.signal
+        }),
+        ctxEnv.AUTH_URL
+      ),
+      config
+    );
     return new Response(res.body, res);
   };
 }
-export {
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
   authHandler,
   getAuthUser,
   initAuthConfig,
   reqWithEnvUrl,
   setEnvDefaults,
   verifyAuth
-};
+});

package/dist/index.js

@@ -1,40 +1,10 @@
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-
 // src/index.ts
-var src_exports = {};
-__export(src_exports, {
-  authHandler: () => authHandler,
-  getAuthUser: () => getAuthUser,
-  initAuthConfig: () => initAuthConfig,
-  reqWithEnvUrl: () => reqWithEnvUrl,
-  setEnvDefaults: () => setEnvDefaults,
-  verifyAuth: () => verifyAuth
-});
-module.exports = __toCommonJS(src_exports);
-var import_core = require("@auth/core");
-var import_adapter = require("hono/adapter");
-var import_http_exception = require("hono/http-exception");
-var import_core2 = require("@auth/core");
+import { Auth, setEnvDefaults as coreSetEnvDefaults } from "@auth/core";
+import { env } from "hono/adapter";
+import { HTTPException } from "hono/http-exception";
 function setEnvDefaults(env2, config) {
   config.secret ??= env2.AUTH_SECRET;
-  (0, import_core2.setEnvDefaults)(env2, config);
+  coreSetEnvDefaults(env2, config);
 }
 function reqWithEnvUrl(req, authUrl) {
   if (authUrl) {
@@ -42,8 +12,9 @@ function reqWithEnvUrl(req, authUrl) {
     const authUrlObj = new URL(authUrl);
     const props = ["hostname", "protocol", "port", "password", "username"];
     for (const prop of props) {
-      if (authUrlObj[prop])
+      if (authUrlObj[prop]) {
         reqUrlObj[prop] = authUrlObj[prop];
+      }
     }
     return new Request(reqUrlObj.href, req);
   }
@@ -51,15 +22,17 @@ function reqWithEnvUrl(req, authUrl) {
   const newReq = new Request(url.href, req);
   const proto = newReq.headers.get("x-forwarded-proto");
   const host = newReq.headers.get("x-forwarded-host") ?? newReq.headers.get("host");
-  if (proto != null)
+  if (proto != null) {
     url.protocol = proto.endsWith(":") ? proto : `${proto}:`;
+  }
   if (host != null) {
     url.host = host;
     const portMatch = host.match(/:(\d+)$/);
-    if (portMatch)
+    if (portMatch) {
       url.port = portMatch[1];
-    else
+    } else {
       url.port = "";
+    }
     newReq.headers.delete("x-forwarded-host");
     newReq.headers.delete("Host");
     newReq.headers.set("Host", host);
@@ -68,7 +41,7 @@ function reqWithEnvUrl(req, authUrl) {
 }
 async function getAuthUser(c) {
   const config = c.get("authConfig");
-  const ctxEnv = (0, import_adapter.env)(c);
+  const ctxEnv = env(c);
   setEnvDefaults(ctxEnv, config);
   const authReq = reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL);
   const origin = new URL(authReq.url).origin;
@@ -76,7 +49,7 @@ async function getAuthUser(c) {
     headers: { cookie: c.req.header("cookie") ?? "" }
   });
   let authUser = {};
-  const response = await (0, import_core.Auth)(request, {
+  const response = await Auth(request, {
     ...config,
     callbacks: {
       ...config.callbacks,
@@ -99,7 +72,7 @@ function verifyAuth() {
       const res = new Response("Unauthorized", {
         status: 401
       });
-      throw new import_http_exception.HTTPException(401, { res });
+      throw new HTTPException(401, { res });
     }
     c.set("authUser", authUser);
     await next();
@@ -115,21 +88,40 @@ function initAuthConfig(cb) {
 function authHandler() {
   return async (c) => {
     const config = c.get("authConfig");
-    const ctxEnv = (0, import_adapter.env)(c);
+    const ctxEnv = env(c);
     setEnvDefaults(ctxEnv, config);
     if (!config.secret || config.secret.length === 0) {
-      throw new import_http_exception.HTTPException(500, { message: "Missing AUTH_SECRET" });
+      throw new HTTPException(500, { message: "Missing AUTH_SECRET" });
     }
-    const res = await (0, import_core.Auth)(reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL), config);
+    const body = c.req.raw.body ? await c.req.blob() : void 0;
+    const res = await Auth(
+      reqWithEnvUrl(
+        new Request(c.req.raw.url, {
+          body,
+          cache: c.req.raw.cache,
+          credentials: c.req.raw.credentials,
+          headers: c.req.raw.headers,
+          integrity: c.req.raw.integrity,
+          keepalive: c.req.raw.keepalive,
+          method: c.req.raw.method,
+          mode: c.req.raw.mode,
+          redirect: c.req.raw.redirect,
+          referrer: c.req.raw.referrer,
+          referrerPolicy: c.req.raw.referrerPolicy,
+          signal: c.req.raw.signal
+        }),
+        ctxEnv.AUTH_URL
+      ),
+      config
+    );
     return new Response(res.body, res);
   };
 }
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
+export {
   authHandler,
   getAuthUser,
   initAuthConfig,
   reqWithEnvUrl,
   setEnvDefaults,
   verifyAuth
-});
+};

package/dist/{react.mjs → react.cjs}

@@ -1,12 +1,56 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
 // src/react.tsx
-import * as React from "react";
+var react_exports = {};
+__export(react_exports, {
+  SessionContext: () => SessionContext,
+  SessionProvider: () => SessionProvider,
+  authConfigManager: () => authConfigManager,
+  getCsrfToken: () => getCsrfToken,
+  getProviders: () => getProviders,
+  getSession: () => getSession,
+  signIn: () => signIn,
+  signOut: () => signOut,
+  useOauthPopupLogin: () => useOauthPopupLogin,
+  useSession: () => useSession
+});
+module.exports = __toCommonJS(react_exports);
+var React = __toESM(require("react"), 1);
+var import_react2 = require("react");
 
 // src/client.ts
-import { AuthError } from "@auth/core/errors";
-import { useEffect, useState } from "react";
-var ClientFetchError = class extends AuthError {
+var import_errors = require("@auth/core/errors");
+var import_react = require("react");
+var ClientFetchError = class extends import_errors.AuthError {
 };
-var ClientSessionError = class extends AuthError {
+var ClientSessionError = class extends import_errors.AuthError {
 };
 async function fetchData(path, config, logger2, req = {}) {
   const url = `${config.baseUrl}${config.basePath}/${path}`;
@@ -34,10 +78,10 @@ async function fetchData(path, config, logger2, req = {}) {
   }
 }
 function useOnline() {
-  const [isOnline, setIsOnline] = useState(
+  const [isOnline, setIsOnline] = (0, import_react.useState)(
     typeof navigator !== "undefined" ? navigator.onLine : false
   );
-  useEffect(() => {
+  (0, import_react.useEffect)(() => {
     const abortController = new AbortController();
     const { signal } = abortController;
     const setOnline = () => setIsOnline(true);
@@ -55,7 +99,7 @@ function now() {
 }
 function parseUrl(url) {
   const defaultUrl = "http://localhost:3000/api/auth";
-  const parsedUrl = new URL(url?.startsWith("http") ? url : `https://${url}` || defaultUrl);
+  const parsedUrl = new URL(url ? url.startsWith("http") ? url : `https://${url}` : defaultUrl);
   const path = parsedUrl.pathname === "/" ? "/api/auth" : parsedUrl.pathname.replace(/\/$/, "");
   const base = `${parsedUrl.origin}${path}`;
   return {
@@ -68,7 +112,6 @@ function parseUrl(url) {
 }
 
 // src/react.tsx
-import { useCallback, useContext, useEffect as useEffect2, useMemo, useState as useState3 } from "react";
 var logger = {
   debug: console.debug,
   error: console.error,
@@ -112,7 +155,7 @@ function useInitializeSession(hasInitialSession, initialSession) {
   const authConfig = authConfigManager.getConfig();
   const [session, setSession] = React.useState(initialSession);
   const [loading, setLoading] = React.useState(!hasInitialSession);
-  useEffect2(() => {
+  (0, import_react2.useEffect)(() => {
     authConfig.fetchSession = async ({ event } = {}) => {
       try {
         const isStorageEvent = event === "storage";
@@ -144,7 +187,7 @@ function useInitializeSession(hasInitialSession, initialSession) {
   return { session, setSession, loading, setLoading };
 }
 function useVisibilityChangeEventListener(authConfig, refetchOnWindowFocus) {
-  useEffect2(() => {
+  (0, import_react2.useEffect)(() => {
     const abortController = new AbortController();
     const handleVisibilityChange = () => {
       if (refetchOnWindowFocus && document.visibilityState === "visible") {
@@ -158,7 +201,7 @@ function useVisibilityChangeEventListener(authConfig, refetchOnWindowFocus) {
   }, [refetchOnWindowFocus]);
 }
 function useRefetchInterval(authConfig, refetchInterval, shouldRefetch) {
-  useEffect2(() => {
+  (0, import_react2.useEffect)(() => {
     if (refetchInterval && shouldRefetch) {
       const intervalId = setInterval(() => {
         if (authConfig.session) {
@@ -212,7 +255,7 @@ function SessionProvider(props) {
   const isOnline = useOnline();
   const shouldRefetch = refetchWhenOffline || isOnline;
   useRefetchInterval(authConfig, refetchInterval, shouldRefetch);
-  const contextValue = useMemo(
+  const contextValue = (0, import_react2.useMemo)(
     () => ({
       data: session,
       status: loading ? "loading" : session ? "authenticated" : "unauthenticated",
@@ -243,10 +286,10 @@ function useSession(options) {
     throw new Error("React Context is unavailable in Server Components");
   }
   const config = authConfigManager.getConfig();
-  const session = useContext(SessionContext);
+  const session = (0, import_react2.useContext)(SessionContext);
   const { required, onUnauthenticated } = options ?? {};
   const requiredAndNotLoading = required && session?.status === "unauthenticated";
-  useEffect2(() => {
+  (0, import_react2.useEffect)(() => {
     if (requiredAndNotLoading) {
       const url = `${config.baseUrl}${config.basePath}/signin?${new URLSearchParams({
         error: "SessionRequired",
@@ -354,9 +397,9 @@ var createPopup = ({ url, title, height, width }) => {
 };
 var useOauthPopupLogin = (provider, options = {}) => {
   const { width = 500, height = 500, title = "Signin", onSuccess, callbackUrl = "/" } = options;
-  const [externalWindow, setExternalWindow] = useState3();
-  const [state, setState] = useState3({ status: "loading" });
-  const popUpSignin = useCallback(async () => {
+  const [externalWindow, setExternalWindow] = (0, import_react2.useState)();
+  const [state, setState] = (0, import_react2.useState)({ status: "loading" });
+  const popUpSignin = (0, import_react2.useCallback)(async () => {
     const res = await signIn(provider, {
       redirect: false,
       callbackUrl
@@ -374,10 +417,11 @@ var useOauthPopupLogin = (provider, options = {}) => {
       })
     );
   }, []);
-  useEffect2(() => {
+  (0, import_react2.useEffect)(() => {
     const handleMessage = (event) => {
-      if (event.origin !== window.location.origin)
+      if (event.origin !== window.location.origin) {
         return;
+      }
       if (event.data.status) {
         setState(event.data);
         if (event.data.status === "success") {
@@ -394,7 +438,8 @@ var useOauthPopupLogin = (provider, options = {}) => {
   }, [externalWindow]);
   return { popUpSignin, ...state };
 };
-export {
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
   SessionContext,
   SessionProvider,
   authConfigManager,
@@ -405,4 +450,4 @@ export {
   signOut,
   useOauthPopupLogin,
   useSession
-};
+});

package/dist/{react.d.mts → react.d.cts}

@@ -75,6 +75,10 @@ type WindowProps = {
     width: number;
     height: number;
 };
+type AuthState = {
+    status: 'loading' | 'success' | 'errored';
+    error?: string;
+};
 
 declare class AuthConfigManager {
     private static instance;
@@ -87,15 +91,7 @@ declare class AuthConfigManager {
     initializeConfig(hasInitialSession: boolean): void;
 }
 declare const authConfigManager: AuthConfigManager;
-declare const SessionContext: React$1.Context<{
-    update: UpdateSession;
-    data: Session;
-    status: "authenticated";
-} | {
-    update: UpdateSession;
-    data: null;
-    status: "loading" | "unauthenticated";
-} | undefined>;
+declare const SessionContext: React$1.Context<SessionContextValue | undefined>;
 declare function getSession(params?: GetSessionParams): Promise<Session | null>;
 declare function getCsrfToken(): Promise<string>;
 declare function SessionProvider(props: SessionProviderProps): React$1.JSX.Element;
@@ -108,10 +104,9 @@ interface PopupLoginOptions extends Partial<Omit<WindowProps, 'url'>> {
     onSuccess?: () => void;
     callbackUrl?: string;
 }
-declare const useOauthPopupLogin: (provider: Parameters<typeof signIn>[0], options?: PopupLoginOptions) => {
-    status: "loading" | "success" | "errored";
-    error?: string | undefined;
+interface LoginState extends AuthState {
     popUpSignin: () => Promise<void>;
-};
+}
+declare const useOauthPopupLogin: (provider: Parameters<typeof signIn>[0], options?: PopupLoginOptions) => LoginState;
 
 export { SessionContext, SessionProvider, authConfigManager, getCsrfToken, getProviders, getSession, signIn, signOut, useOauthPopupLogin, useSession };

package/dist/react.d.ts

@@ -75,6 +75,10 @@ type WindowProps = {
     width: number;
     height: number;
 };
+type AuthState = {
+    status: 'loading' | 'success' | 'errored';
+    error?: string;
+};
 
 declare class AuthConfigManager {
     private static instance;
@@ -87,15 +91,7 @@ declare class AuthConfigManager {
     initializeConfig(hasInitialSession: boolean): void;
 }
 declare const authConfigManager: AuthConfigManager;
-declare const SessionContext: React$1.Context<{
-    update: UpdateSession;
-    data: Session;
-    status: "authenticated";
-} | {
-    update: UpdateSession;
-    data: null;
-    status: "loading" | "unauthenticated";
-} | undefined>;
+declare const SessionContext: React$1.Context<SessionContextValue | undefined>;
 declare function getSession(params?: GetSessionParams): Promise<Session | null>;
 declare function getCsrfToken(): Promise<string>;
 declare function SessionProvider(props: SessionProviderProps): React$1.JSX.Element;
@@ -108,10 +104,9 @@ interface PopupLoginOptions extends Partial<Omit<WindowProps, 'url'>> {
     onSuccess?: () => void;
     callbackUrl?: string;
 }
-declare const useOauthPopupLogin: (provider: Parameters<typeof signIn>[0], options?: PopupLoginOptions) => {
-    status: "loading" | "success" | "errored";
-    error?: string | undefined;
+interface LoginState extends AuthState {
     popUpSignin: () => Promise<void>;
-};
+}
+declare const useOauthPopupLogin: (provider: Parameters<typeof signIn>[0], options?: PopupLoginOptions) => LoginState;
 
 export { SessionContext, SessionProvider, authConfigManager, getCsrfToken, getProviders, getSession, signIn, signOut, useOauthPopupLogin, useSession };

package/dist/react.js

@@ -1,55 +1,13 @@
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-
 // src/react.tsx
-var react_exports = {};
-__export(react_exports, {
-  SessionContext: () => SessionContext,
-  SessionProvider: () => SessionProvider,
-  authConfigManager: () => authConfigManager,
-  getCsrfToken: () => getCsrfToken,
-  getProviders: () => getProviders,
-  getSession: () => getSession,
-  signIn: () => signIn,
-  signOut: () => signOut,
-  useOauthPopupLogin: () => useOauthPopupLogin,
-  useSession: () => useSession
-});
-module.exports = __toCommonJS(react_exports);
-var React = __toESM(require("react"));
+import * as React from "react";
+import { useCallback, useContext, useEffect as useEffect2, useMemo, useState as useState3 } from "react";
 
 // src/client.ts
-var import_errors = require("@auth/core/errors");
-var import_react = require("react");
-var ClientFetchError = class extends import_errors.AuthError {
+import { AuthError } from "@auth/core/errors";
+import { useEffect, useState } from "react";
+var ClientFetchError = class extends AuthError {
 };
-var ClientSessionError = class extends import_errors.AuthError {
+var ClientSessionError = class extends AuthError {
 };
 async function fetchData(path, config, logger2, req = {}) {
   const url = `${config.baseUrl}${config.basePath}/${path}`;
@@ -77,10 +35,10 @@ async function fetchData(path, config, logger2, req = {}) {
   }
 }
 function useOnline() {
-  const [isOnline, setIsOnline] = (0, import_react.useState)(
+  const [isOnline, setIsOnline] = useState(
     typeof navigator !== "undefined" ? navigator.onLine : false
   );
-  (0, import_react.useEffect)(() => {
+  useEffect(() => {
     const abortController = new AbortController();
     const { signal } = abortController;
     const setOnline = () => setIsOnline(true);
@@ -98,7 +56,7 @@ function now() {
 }
 function parseUrl(url) {
   const defaultUrl = "http://localhost:3000/api/auth";
-  const parsedUrl = new URL(url?.startsWith("http") ? url : `https://${url}` || defaultUrl);
+  const parsedUrl = new URL(url ? url.startsWith("http") ? url : `https://${url}` : defaultUrl);
   const path = parsedUrl.pathname === "/" ? "/api/auth" : parsedUrl.pathname.replace(/\/$/, "");
   const base = `${parsedUrl.origin}${path}`;
   return {
@@ -111,7 +69,6 @@ function parseUrl(url) {
 }
 
 // src/react.tsx
-var import_react2 = require("react");
 var logger = {
   debug: console.debug,
   error: console.error,
@@ -155,7 +112,7 @@ function useInitializeSession(hasInitialSession, initialSession) {
   const authConfig = authConfigManager.getConfig();
   const [session, setSession] = React.useState(initialSession);
   const [loading, setLoading] = React.useState(!hasInitialSession);
-  (0, import_react2.useEffect)(() => {
+  useEffect2(() => {
     authConfig.fetchSession = async ({ event } = {}) => {
       try {
         const isStorageEvent = event === "storage";
@@ -187,7 +144,7 @@ function useInitializeSession(hasInitialSession, initialSession) {
   return { session, setSession, loading, setLoading };
 }
 function useVisibilityChangeEventListener(authConfig, refetchOnWindowFocus) {
-  (0, import_react2.useEffect)(() => {
+  useEffect2(() => {
     const abortController = new AbortController();
     const handleVisibilityChange = () => {
       if (refetchOnWindowFocus && document.visibilityState === "visible") {
@@ -201,7 +158,7 @@ function useVisibilityChangeEventListener(authConfig, refetchOnWindowFocus) {
   }, [refetchOnWindowFocus]);
 }
 function useRefetchInterval(authConfig, refetchInterval, shouldRefetch) {
-  (0, import_react2.useEffect)(() => {
+  useEffect2(() => {
     if (refetchInterval && shouldRefetch) {
       const intervalId = setInterval(() => {
         if (authConfig.session) {
@@ -255,7 +212,7 @@ function SessionProvider(props) {
   const isOnline = useOnline();
   const shouldRefetch = refetchWhenOffline || isOnline;
   useRefetchInterval(authConfig, refetchInterval, shouldRefetch);
-  const contextValue = (0, import_react2.useMemo)(
+  const contextValue = useMemo(
     () => ({
       data: session,
       status: loading ? "loading" : session ? "authenticated" : "unauthenticated",
@@ -286,10 +243,10 @@ function useSession(options) {
     throw new Error("React Context is unavailable in Server Components");
   }
   const config = authConfigManager.getConfig();
-  const session = (0, import_react2.useContext)(SessionContext);
+  const session = useContext(SessionContext);
   const { required, onUnauthenticated } = options ?? {};
   const requiredAndNotLoading = required && session?.status === "unauthenticated";
-  (0, import_react2.useEffect)(() => {
+  useEffect2(() => {
     if (requiredAndNotLoading) {
       const url = `${config.baseUrl}${config.basePath}/signin?${new URLSearchParams({
         error: "SessionRequired",
@@ -397,9 +354,9 @@ var createPopup = ({ url, title, height, width }) => {
 };
 var useOauthPopupLogin = (provider, options = {}) => {
   const { width = 500, height = 500, title = "Signin", onSuccess, callbackUrl = "/" } = options;
-  const [externalWindow, setExternalWindow] = (0, import_react2.useState)();
-  const [state, setState] = (0, import_react2.useState)({ status: "loading" });
-  const popUpSignin = (0, import_react2.useCallback)(async () => {
+  const [externalWindow, setExternalWindow] = useState3();
+  const [state, setState] = useState3({ status: "loading" });
+  const popUpSignin = useCallback(async () => {
     const res = await signIn(provider, {
       redirect: false,
       callbackUrl
@@ -417,10 +374,11 @@ var useOauthPopupLogin = (provider, options = {}) => {
       })
     );
   }, []);
-  (0, import_react2.useEffect)(() => {
+  useEffect2(() => {
     const handleMessage = (event) => {
-      if (event.origin !== window.location.origin)
+      if (event.origin !== window.location.origin) {
         return;
+      }
       if (event.data.status) {
         setState(event.data);
         if (event.data.status === "success") {
@@ -437,8 +395,7 @@ var useOauthPopupLogin = (provider, options = {}) => {
   }, [externalWindow]);
   return { popUpSignin, ...state };
 };
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
+export {
   SessionContext,
   SessionProvider,
   authConfigManager,
@@ -449,4 +406,4 @@ var useOauthPopupLogin = (provider, options = {}) => {
   signOut,
   useOauthPopupLogin,
   useSession
-});
+};

package/package.json

@@ -1,27 +1,28 @@
 {
   "name": "@hono/auth-js",
-  "version": "1.0.15",
+  "version": "1.0.17",
   "description": "A third-party Auth js middleware for Hono",
   "main": "dist/index.js",
+  "type": "module",
   "exports": {
     ".": {
       "import": {
-        "types": "./dist/index.d.mts",
-        "default": "./dist/index.mjs"
-      },
-      "require": {
         "types": "./dist/index.d.ts",
         "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
       }
     },
     "./react": {
       "import": {
-        "types": "./dist/react.d.mts",
-        "default": "./dist/react.mjs"
-      },
-      "require": {
         "types": "./dist/react.d.ts",
         "default": "./dist/react.js"
+      },
+      "require": {
+        "types": "./dist/react.d.cts",
+        "default": "./dist/react.cjs"
       }
     }
   },
@@ -36,10 +37,11 @@
     "dist"
   ],
   "scripts": {
-    "test": "vitest --run",
-    "build": "tsup",
-    "prerelease": "yarn build && yarn test",
-    "release": "yarn publish"
+    "build": "tsup src/index.ts src/react.tsx",
+    "prepack": "yarn build",
+    "publint": "attw --pack --profile node16 && publint",
+    "typecheck": "tsc -b tsconfig.json",
+    "test": "vitest"
   },
   "license": "MIT",
   "publishConfig": {
@@ -48,7 +50,8 @@
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/honojs/middleware.git"
+    "url": "git+https://github.com/honojs/middleware.git",
+    "directory": "packages/auth-js"
   },
   "homepage": "https://github.com/honojs/middleware",
   "peerDependencies": {
@@ -57,16 +60,16 @@
     "react": "^18 || ^19 || ^19.0.0-rc"
   },
   "devDependencies": {
+    "@arethetypeswrong/cli": "^0.17.4",
     "@auth/core": "^0.35.3",
     "@types/react": "^18",
-    "hono": "^3.11.7",
-    "jest": "^29.7.0",
+    "publint": "^0.3.9",
     "react": "^18.2.0",
-    "tsup": "^8.0.1",
-    "typescript": "^5.3.3",
-    "vitest": "^1.0.4"
+    "tsup": "^8.4.0",
+    "typescript": "^5.8.2",
+    "vitest": "^3.0.8"
   },
   "engines": {
     "node": ">=18.4.0"
   }
-}
+}