@ilman00/authkit 1.0.0 → 2.0.0

package/dist/config/auth.config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.config.d.ts","sourceRoot":"","sources":["../../src/config/auth.config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAUtC,wBAAgB,UAAU,CAAC,UAAU,EAAE,UAAU,GAAG,IAAI,CAuBvD;AAED,wBAAgB,SAAS,IAAI,UAAU,CAKtC"}
+{"version":3,"file":"auth.config.d.ts","sourceRoot":"","sources":["../../src/config/auth.config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAUtC,wBAAgB,UAAU,CAAC,UAAU,EAAE,UAAU,GAAG,IAAI,CAgBvD;AAED,wBAAgB,SAAS,IAAI,UAAU,CAGtC"}

package/dist/config/auth.config.js

@@ -9,30 +9,25 @@ const REQUIRED_ADAPTER_METHODS = [
     "createUser",
 ];
 function initConfig(userConfig) {
-    // Validate secret
-    if (!userConfig.secret) {
-        throw new Error("[my-auth-kit] secret is required");
-    }
-    // Validate adapter
-    if (!userConfig.adapter) {
-        throw new Error("[my-auth-kit] adapter is required");
-    }
+    if (!userConfig.secret)
+        throw new Error("[authkit] secret is required");
+    if (!userConfig.adapter)
+        throw new Error("[authkit] adapter is required");
     for (const method of REQUIRED_ADAPTER_METHODS) {
         if (typeof userConfig.adapter[method] !== "function") {
-            throw new Error(`[my-auth-kit] adapter missing required method: "${method}"`);
+            throw new Error(`[authkit] adapter missing required method: "${method}"`);
         }
     }
-    // Store with defaults
     config = {
         accessTokenExpiry: "15m",
         refreshTokenExpiry: "7d",
+        verificationUrl: "http://localhost:3000", // sensible default
         ...userConfig,
     };
 }
 function getConfig() {
-    if (!config) {
-        throw new Error("[my-auth-kit] call init() before using auth");
-    }
+    if (!config)
+        throw new Error("[authkit] call init() before using auth");
     return config;
 }
 //# sourceMappingURL=auth.config.js.map

package/dist/config/auth.config.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.config.js","sourceRoot":"","sources":["../../src/config/auth.config.ts"],"names":[],"mappings":";;AAUA,gCAuBC;AAED,8BAKC;AAtCD,IAAI,MAAM,GAAsB,IAAI,CAAC;AAErC,MAAM,wBAAwB,GAAG;IAC/B,iBAAiB;IACjB,cAAc;IACd,YAAY;CACJ,CAAC;AAEX,SAAgB,UAAU,CAAC,UAAsB;IAC/C,kBAAkB;IAClB,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IAED,mBAAmB;IACnB,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,wBAAwB,EAAE,CAAC;QAC9C,IAAI,OAAO,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,mDAAmD,MAAM,GAAG,CAAC,CAAC;QAChF,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,GAAG;QACP,iBAAiB,EAAE,KAAK;QACxB,kBAAkB,EAAE,IAAI;QACxB,GAAG,UAAU;KACd,CAAC;AACJ,CAAC;AAED,SAAgB,SAAS;IACvB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
+{"version":3,"file":"auth.config.js","sourceRoot":"","sources":["../../src/config/auth.config.ts"],"names":[],"mappings":";;AAUA,gCAgBC;AAED,8BAGC;AA7BD,IAAI,MAAM,GAAsB,IAAI,CAAC;AAErC,MAAM,wBAAwB,GAAG;IAC/B,iBAAiB;IACjB,cAAc;IACd,YAAY;CACJ,CAAC;AAEX,SAAgB,UAAU,CAAC,UAAsB;IAC/C,IAAI,CAAC,UAAU,CAAC,MAAM;QAAG,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACzE,IAAI,CAAC,UAAU,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IAE1E,KAAK,MAAM,MAAM,IAAI,wBAAwB,EAAE,CAAC;QAC9C,IAAI,OAAO,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,+CAA+C,MAAM,GAAG,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,MAAM,GAAG;QACP,iBAAiB,EAAG,KAAK;QACzB,kBAAkB,EAAE,IAAI;QACxB,eAAe,EAAK,uBAAuB,EAAG,mBAAmB;QACjE,GAAG,UAAU;KACd,CAAC;AACJ,CAAC;AAED,SAAgB,SAAS;IACvB,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IACxE,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/handlers/email.handler.d.ts

@@ -0,0 +1,6 @@
+import { Response } from "express";
+import { AuthRequest } from "../types";
+export declare function verifyEmailHandler(req: AuthRequest, res: Response): Promise<void>;
+export declare function forgotPasswordHandler(req: AuthRequest, res: Response): Promise<void>;
+export declare function resetPasswordHandler(req: AuthRequest, res: Response): Promise<void>;
+//# sourceMappingURL=email.handler.d.ts.map

package/dist/handlers/email.handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"email.handler.d.ts","sourceRoot":"","sources":["../../src/handlers/email.handler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAYvC,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,WAAW,EAChB,GAAG,EAAE,QAAQ,GACZ,OAAO,CAAC,IAAI,CAAC,CA2Bf;AAGD,wBAAsB,qBAAqB,CACzC,GAAG,EAAE,WAAW,EAChB,GAAG,EAAE,QAAQ,GACZ,OAAO,CAAC,IAAI,CAAC,CAiCf;AAGD,wBAAsB,oBAAoB,CACxC,GAAG,EAAE,WAAW,EAChB,GAAG,EAAE,QAAQ,GACZ,OAAO,CAAC,IAAI,CAAC,CA6Bf"}

package/dist/handlers/email.handler.js

@@ -0,0 +1,96 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyEmailHandler = verifyEmailHandler;
+exports.forgotPasswordHandler = forgotPasswordHandler;
+exports.resetPasswordHandler = resetPasswordHandler;
+const errors_1 = require("../utils/errors");
+const email_service_1 = require("../services/email.service");
+const password_service_1 = require("../services/password.service");
+// POST /verify-email  { token }
+async function verifyEmailHandler(req, res) {
+    try {
+        const { adapter } = (0, email_service_1.requireEmailConfig)();
+        const { token } = req.body;
+        if (!token)
+            throw new errors_1.AuthError("Token is required", 400);
+        const record = await adapter.findVerificationToken(token);
+        if (!record)
+            throw new errors_1.AuthError("Invalid or expired token", 400);
+        if (record.type !== "email_verification")
+            throw new errors_1.AuthError("Invalid token type", 400);
+        if (record.expiresAt < new Date())
+            throw new errors_1.AuthError("Token has expired", 400);
+        await adapter.updateUser(record.userId, { isVerified: true });
+        await adapter.deleteVerificationToken(token);
+        res.status(200).json({ message: "Email verified successfully" });
+    }
+    catch (err) {
+        if (err instanceof errors_1.AuthError) {
+            res.status(err.statusCode).json({ message: err.message });
+        }
+        else if (err instanceof Error) {
+            res.status(400).json({ message: err.message });
+        }
+    }
+}
+// POST /forgot-password  { email }
+async function forgotPasswordHandler(req, res) {
+    try {
+        const { adapter } = (0, email_service_1.requireEmailConfig)();
+        const { email } = req.body;
+        if (!email)
+            throw new errors_1.AuthError("Email is required", 400);
+        const user = await adapter.findUserByEmail(email);
+        // Always respond with 200 — never reveal if email exists or not
+        if (!user) {
+            res.status(200).json({ message: "If that email exists, a reset link has been sent" });
+            return;
+        }
+        const token = (0, email_service_1.generateToken)();
+        await adapter.saveVerificationToken({
+            token,
+            userId: user.id,
+            type: "password_reset",
+            expiresAt: (0, email_service_1.getExpiryDate)(15), // 15 minutes
+        });
+        await (0, email_service_1.sendPasswordResetEmail)(user.email, token);
+        res.status(200).json({ message: "If that email exists, a reset link has been sent" });
+    }
+    catch (err) {
+        if (err instanceof errors_1.AuthError) {
+            res.status(err.statusCode).json({ message: err.message });
+        }
+        else if (err instanceof Error) {
+            res.status(400).json({ message: err.message });
+        }
+    }
+}
+// POST /reset-password  { token, newPassword }
+async function resetPasswordHandler(req, res) {
+    try {
+        const { adapter } = (0, email_service_1.requireEmailConfig)();
+        const { token, newPassword } = req.body;
+        if (!token || !newPassword)
+            throw new errors_1.AuthError("Token and newPassword are required", 400);
+        const record = await adapter.findVerificationToken(token);
+        if (!record)
+            throw new errors_1.AuthError("Invalid or expired token", 400);
+        if (record.type !== "password_reset")
+            throw new errors_1.AuthError("Invalid token type", 400);
+        if (record.expiresAt < new Date())
+            throw new errors_1.AuthError("Token has expired", 400);
+        const hashed = await (0, password_service_1.hashPassword)(newPassword);
+        await adapter.updateUser(record.userId, { password: hashed });
+        await adapter.deleteVerificationToken(token);
+        res.status(200).json({ message: "Password reset successfully" });
+    }
+    catch (err) {
+        if (err instanceof errors_1.AuthError) {
+            res.status(err.statusCode).json({ message: err.message });
+        }
+        else if (err instanceof Error) {
+            res.status(400).json({ message: err.message });
+        }
+    }
+}
+//# sourceMappingURL=email.handler.js.map

package/dist/handlers/email.handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"email.handler.js","sourceRoot":"","sources":["../../src/handlers/email.handler.ts"],"names":[],"mappings":";;AAaA,gDA8BC;AAGD,sDAoCC;AAGD,oDAgCC;AAnHD,4CAA4C;AAE5C,6DAKmC;AACnC,mEAA4D;AAE5D,gCAAgC;AACzB,KAAK,UAAU,kBAAkB,CACtC,GAAgB,EAChB,GAAa;IAEb,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,kCAAkB,GAAE,CAAC;QACzC,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE3B,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,kBAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAE1D,IAAI,CAAC,MAAM;YACT,MAAM,IAAI,kBAAS,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QACvD,IAAI,MAAM,CAAC,IAAI,KAAK,oBAAoB;YACtC,MAAM,IAAI,kBAAS,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;QACjD,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE;YAC/B,MAAM,IAAI,kBAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QAEhD,MAAM,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,OAAO,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAE7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;IACnE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,kBAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5D,CAAC;aAAM,IAAI,GAAG,YAAY,KAAK,EAAE,CAAC;YAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;AACH,CAAC;AAED,mCAAmC;AAC5B,KAAK,UAAU,qBAAqB,CACzC,GAAgB,EAChB,GAAa;IAEb,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,kCAAkB,GAAE,CAAC;QACzC,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE3B,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,kBAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QAE1D,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAElD,gEAAgE;QAChE,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,kDAAkD,EAAE,CAAC,CAAC;YACtF,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,IAAA,6BAAa,GAAE,CAAC;QAC9B,MAAM,OAAO,CAAC,qBAAqB,CAAC;YAClC,KAAK;YACL,MAAM,EAAK,IAAI,CAAC,EAAE;YAClB,IAAI,EAAO,gBAAgB;YAC3B,SAAS,EAAE,IAAA,6BAAa,EAAC,EAAE,CAAC,EAAE,aAAa;SAC5C,CAAC,CAAC;QAEH,MAAM,IAAA,sCAAsB,EAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAEhD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,kDAAkD,EAAE,CAAC,CAAC;IACxF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,kBAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5D,CAAC;aAAM,IAAI,GAAG,YAAY,KAAK,EAAE,CAAC;YAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;AACH,CAAC;AAED,+CAA+C;AACxC,KAAK,UAAU,oBAAoB,CACxC,GAAgB,EAChB,GAAa;IAEb,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,kCAAkB,GAAE,CAAC;QACzC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAExC,IAAI,CAAC,KAAK,IAAI,CAAC,WAAW;YACxB,MAAM,IAAI,kBAAS,CAAC,oCAAoC,EAAE,GAAG,CAAC,CAAC;QAEjE,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAE1D,IAAI,CAAC,MAAM;YACT,MAAM,IAAI,kBAAS,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QACvD,IAAI,MAAM,CAAC,IAAI,KAAK,gBAAgB;YAClC,MAAM,IAAI,kBAAS,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;QACjD,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE;YAC/B,MAAM,IAAI,kBAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QAEhD,MAAM,MAAM,GAAG,MAAM,IAAA,+BAAY,EAAC,WAAW,CAAC,CAAC;QAC/C,MAAM,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9D,MAAM,OAAO,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAE7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;IACnE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,kBAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5D,CAAC;aAAM,IAAI,GAAG,YAAY,KAAK,EAAE,CAAC;YAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/index.d.ts

@@ -1,7 +1,8 @@
 import { registerHandler, loginHandler } from "./handlers/auth.handler";
 import { protect } from "./middleware/protect";
-import { AuthConfig, AuthAdapter, AuthUser, AuthRequest } from "./types";
+import { verifyEmailHandler, forgotPasswordHandler, resetPasswordHandler } from "./handlers/email.handler";
+import { AuthConfig, AuthAdapter, AuthUser, AuthRequest, VerificationToken } from "./types";
 export declare function init(config: AuthConfig): void;
-export { registerHandler, loginHandler, protect };
-export type { AuthConfig, AuthAdapter, AuthUser, AuthRequest };
+export { registerHandler, loginHandler, protect, verifyEmailHandler, forgotPasswordHandler, resetPasswordHandler, };
+export type { AuthConfig, AuthAdapter, AuthUser, AuthRequest, VerificationToken };
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACxE,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEzE,wBAAgB,IAAI,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,CAE7C;AAED,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;AAGlD,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACxE,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EACL,kBAAkB,EAClB,qBAAqB,EACrB,oBAAoB,EACrB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAE5F,wBAAgB,IAAI,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,CAE7C;AAED,OAAO,EACL,eAAe,EACf,YAAY,EACZ,OAAO,EACP,kBAAkB,EAClB,qBAAqB,EACrB,oBAAoB,GACrB,CAAC;AAEF,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE,CAAC"}

package/dist/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.protect = exports.loginHandler = exports.registerHandler = void 0;
+exports.resetPasswordHandler = exports.forgotPasswordHandler = exports.verifyEmailHandler = exports.protect = exports.loginHandler = exports.registerHandler = void 0;
 exports.init = init;
 const auth_config_1 = require("./config/auth.config");
 const auth_handler_1 = require("./handlers/auth.handler");
@@ -8,6 +8,10 @@ Object.defineProperty(exports, "registerHandler", { enumerable: true, get: funct
 Object.defineProperty(exports, "loginHandler", { enumerable: true, get: function () { return auth_handler_1.loginHandler; } });
 const protect_1 = require("./middleware/protect");
 Object.defineProperty(exports, "protect", { enumerable: true, get: function () { return protect_1.protect; } });
+const email_handler_1 = require("./handlers/email.handler");
+Object.defineProperty(exports, "verifyEmailHandler", { enumerable: true, get: function () { return email_handler_1.verifyEmailHandler; } });
+Object.defineProperty(exports, "forgotPasswordHandler", { enumerable: true, get: function () { return email_handler_1.forgotPasswordHandler; } });
+Object.defineProperty(exports, "resetPasswordHandler", { enumerable: true, get: function () { return email_handler_1.resetPasswordHandler; } });
 function init(config) {
     (0, auth_config_1.initConfig)(config);
 }

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAKA,oBAEC;AAPD,sDAAkD;AAClD,0DAAwE;AAQ/D,gGARA,8BAAe,OAQA;AAAE,6FARA,2BAAY,OAQA;AAPtC,kDAA+C;AAOP,wFAP/B,iBAAO,OAO+B;AAJ/C,SAAgB,IAAI,CAAC,MAAkB;IACrC,IAAA,wBAAU,EAAC,MAAM,CAAC,CAAC;AACrB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAUA,oBAEC;AAZD,sDAAkD;AAClD,0DAAwE;AActE,gGAdO,8BAAe,OAcP;AACf,6FAfwB,2BAAY,OAexB;AAdd,kDAA+C;AAe7C,wFAfO,iBAAO,OAeP;AAdT,4DAIkC;AAWhC,mGAdA,kCAAkB,OAcA;AAClB,sGAdA,qCAAqB,OAcA;AACrB,qGAdA,oCAAoB,OAcA;AAVtB,SAAgB,IAAI,CAAC,MAAkB;IACrC,IAAA,wBAAU,EAAC,MAAM,CAAC,CAAC;AACrB,CAAC"}

package/dist/middleware/protect.d.ts

@@ -1,4 +1,4 @@
 import { Response, NextFunction } from "express";
 import { AuthRequest } from "../types";
-export declare function protect(req: AuthRequest, res: Response, next: NextFunction): Promise<void>;
+export declare function protect(...allowedRoles: string[]): (req: AuthRequest, res: Response, next: NextFunction) => Promise<void>;
 //# sourceMappingURL=protect.d.ts.map

package/dist/middleware/protect.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"protect.d.ts","sourceRoot":"","sources":["../../src/middleware/protect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAGjD,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAGvC,wBAAsB,OAAO,CAC3B,GAAG,EAAE,WAAW,EAChB,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CAyBf"}
+{"version":3,"file":"protect.d.ts","sourceRoot":"","sources":["../../src/middleware/protect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAGjD,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAIvC,wBAAgB,OAAO,CAAC,GAAG,YAAY,EAAE,MAAM,EAAE,IACjC,KAAK,WAAW,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAAC,CA2BlF"}

package/dist/middleware/protect.js

@@ -4,28 +4,34 @@ exports.protect = protect;
 const jwt_service_1 = require("../services/jwt.service");
 const auth_config_1 = require("../config/auth.config");
 const errors_1 = require("../utils/errors");
-async function protect(req, res, next) {
-    try {
-        const authHeader = req.headers.authorization;
-        if (!authHeader?.startsWith("Bearer ")) {
-            throw new errors_1.AuthError("No token provided", 401);
+// ✅ Now accepts optional roles
+function protect(...allowedRoles) {
+    return async (req, res, next) => {
+        try {
+            const authHeader = req.headers.authorization;
+            if (!authHeader?.startsWith("Bearer "))
+                throw new errors_1.AuthError("No token provided", 401);
+            const token = authHeader.split(" ")[1];
+            const decoded = (0, jwt_service_1.verifyToken)(token);
+            const { adapter } = (0, auth_config_1.getConfig)();
+            const user = await adapter.findUserById(decoded.id);
+            if (!user)
+                throw new errors_1.AuthError("User no longer exists", 401);
+            // ✅ Role check — only runs if roles were specified
+            if (allowedRoles.length > 0 && !allowedRoles.includes(user.role ?? "")) {
+                throw new errors_1.AuthError("Forbidden: insufficient permissions", 403);
+            }
+            req.user = user;
+            next();
         }
-        const token = authHeader.split(" ")[1];
-        const decoded = (0, jwt_service_1.verifyToken)(token);
-        const { adapter } = (0, auth_config_1.getConfig)();
-        const user = await adapter.findUserById(decoded.id);
-        if (!user)
-            throw new errors_1.AuthError("User no longer exists", 401);
-        req.user = user;
-        next();
-    }
-    catch (err) {
-        if (err instanceof errors_1.AuthError) {
-            res.status(err.statusCode).json({ message: err.message });
+        catch (err) {
+            if (err instanceof errors_1.AuthError) {
+                res.status(err.statusCode).json({ message: err.message });
+            }
+            else {
+                res.status(401).json({ message: "Invalid or expired token" });
+            }
         }
-        else {
-            res.status(401).json({ message: "Invalid or expired token" });
-        }
-    }
+    };
 }
 //# sourceMappingURL=protect.js.map

package/dist/middleware/protect.js.map

@@ -1 +1 @@
-{"version":3,"file":"protect.js","sourceRoot":"","sources":["../../src/middleware/protect.ts"],"names":[],"mappings":";;AAMA,0BA6BC;AAlCD,yDAAsD;AACtD,uDAAkD;AAElD,4CAA4C;AAErC,KAAK,UAAU,OAAO,CAC3B,GAAgB,EAChB,GAAa,EACb,IAAkB;IAElB,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAE7C,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,kBAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,IAAA,yBAAW,EAAC,KAAK,CAAC,CAAC;QAEnC,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAS,GAAE,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAEpD,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,kBAAS,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;QAE7D,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;QAChB,IAAI,EAAE,CAAC;IACT,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,kBAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5D,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;AACH,CAAC"}
+{"version":3,"file":"protect.js","sourceRoot":"","sources":["../../src/middleware/protect.ts"],"names":[],"mappings":";;AAOA,0BA4BC;AAlCD,yDAAsD;AACtD,uDAAkD;AAElD,4CAA4C;AAE5C,+BAA+B;AAC/B,SAAgB,OAAO,CAAC,GAAG,YAAsB;IAC/C,OAAO,KAAK,EAAE,GAAgB,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QAClF,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;YAC7C,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC;gBAAE,MAAM,IAAI,kBAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;YAEtF,MAAM,KAAK,GAAK,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,OAAO,GAAG,IAAA,yBAAW,EAAC,KAAK,CAAC,CAAC;YAEnC,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAS,GAAE,CAAC;YAChC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YACpD,IAAI,CAAC,IAAI;gBAAE,MAAM,IAAI,kBAAS,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;YAE7D,mDAAmD;YACnD,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC;gBACvE,MAAM,IAAI,kBAAS,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC;YAClE,CAAC;YAED,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;YAChB,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,kBAAS,EAAE,CAAC;gBAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5D,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/dist/services/auth.service.d.ts

@@ -2,6 +2,7 @@ export declare function registerUser(userData: {
     email: string;
     password: string;
     role?: string;
+    [key: string]: unknown;
 }): Promise<void>;
 export declare function loginUser(email: string, password: string): Promise<{
     accessToken: string;

package/dist/services/auth.service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAIA,wBAAsB,YAAY,CAAC,QAAQ,EAAE;IAC3C,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,IAAI,CAAC,CAQhB;AAED,wBAAsB,SAAS,CAC7B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAAC,CAaxD"}
+{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AASA,wBAAsB,YAAY,CAAC,QAAQ,EAAE;IAC3C,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,GAAG,OAAO,CAAC,IAAI,CAAC,CAyBhB;AAED,wBAAsB,SAAS,CAC7B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAAC,CASxD"}

package/dist/services/auth.service.js

@@ -5,13 +5,30 @@ exports.loginUser = loginUser;
 const password_service_1 = require("./password.service");
 const jwt_service_1 = require("./jwt.service");
 const auth_config_1 = require("../config/auth.config");
+const email_service_1 = require("./email.service");
 async function registerUser(userData) {
-    const { adapter } = (0, auth_config_1.getConfig)();
+    const { adapter, emailSender } = (0, auth_config_1.getConfig)();
     const existing = await adapter.findUserByEmail(userData.email);
     if (existing)
         throw new Error("User already exists");
     const hashed = await (0, password_service_1.hashPassword)(userData.password);
-    await adapter.createUser({ ...userData, password: hashed });
+    const user = await adapter.createUser({
+        ...userData,
+        password: hashed,
+        isVerified: false, // always false on register
+    });
+    // Only send verification email if emailSender is configured
+    // If not — silently skip (backward compatible)
+    if (emailSender && adapter.saveVerificationToken) {
+        const token = (0, email_service_1.generateToken)();
+        await adapter.saveVerificationToken({
+            token,
+            userId: user.id,
+            type: "email_verification",
+            expiresAt: (0, email_service_1.getExpiryDate)(24 * 60), // 24 hours
+        });
+        await (0, email_service_1.sendVerificationEmail)(user.email, token);
+    }
 }
 async function loginUser(email, password) {
     const { adapter } = (0, auth_config_1.getConfig)();

package/dist/services/auth.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";;AAIA,oCAYC;AAED,8BAgBC;AAlCD,yDAAmE;AACnE,+CAAkE;AAClE,uDAAkD;AAE3C,KAAK,UAAU,YAAY,CAAC,QAIlC;IACC,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAS,GAAE,CAAC;IAEhC,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/D,IAAI,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAErD,MAAM,MAAM,GAAG,MAAM,IAAA,+BAAY,EAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,OAAO,CAAC,UAAU,CAAC,EAAE,GAAG,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;AAC9D,CAAC;AAEM,KAAK,UAAU,SAAS,CAC7B,KAAa,EACb,QAAgB;IAEhB,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAS,GAAE,CAAC;IAEhC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAClD,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAE7C,MAAM,OAAO,GAAG,MAAM,IAAA,kCAAe,EAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC/D,IAAI,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAErD,MAAM,WAAW,GAAG,IAAA,6BAAe,EAAC,IAAI,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,IAAA,8BAAgB,EAAC,IAAI,CAAC,CAAC;IAE5C,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;AACvC,CAAC"}
+{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";;AASA,oCA8BC;AAED,8BAYC;AArDD,yDAAmE;AACnE,+CAAkE;AAClE,uDAAkD;AAClD,mDAIyB;AAElB,KAAK,UAAU,YAAY,CAAC,QAKlC;IACC,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,IAAA,uBAAS,GAAE,CAAC;IAE7C,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/D,IAAI,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAErD,MAAM,MAAM,GAAG,MAAM,IAAA,+BAAY,EAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC;QACpC,GAAG,QAAQ;QACX,QAAQ,EAAE,MAAM;QAChB,UAAU,EAAE,KAAK,EAAU,2BAA2B;KACvD,CAAC,CAAC;IAEH,4DAA4D;IAC5D,+CAA+C;IAC/C,IAAI,WAAW,IAAI,OAAO,CAAC,qBAAqB,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,IAAA,6BAAa,GAAE,CAAC;QAC9B,MAAM,OAAO,CAAC,qBAAqB,CAAC;YAClC,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,IAAI,EAAO,oBAAoB;YAC/B,SAAS,EAAE,IAAA,6BAAa,EAAC,EAAE,GAAG,EAAE,CAAC,EAAE,WAAW;SAC/C,CAAC,CAAC;QACH,MAAM,IAAA,qCAAqB,EAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IACjD,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,SAAS,CAC7B,KAAa,EACb,QAAgB;IAEhB,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAS,GAAE,CAAC;IAChC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAClD,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,MAAM,IAAA,kCAAe,EAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC/D,IAAI,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACrD,MAAM,WAAW,GAAI,IAAA,6BAAe,EAAC,IAAI,CAAC,CAAC;IAC3C,MAAM,YAAY,GAAG,IAAA,8BAAgB,EAAC,IAAI,CAAC,CAAC;IAC5C,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;AACvC,CAAC"}

package/dist/services/email.service.d.ts

@@ -0,0 +1,17 @@
+import { AuthConfig } from "../types";
+type EmailReadyConfig = Omit<AuthConfig, "adapter" | "emailSender"> & {
+    emailSender: Required<AuthConfig>["emailSender"];
+    adapter: Omit<AuthConfig["adapter"], "updateUser" | "saveVerificationToken" | "findVerificationToken" | "deleteVerificationToken"> & {
+        updateUser: Required<AuthConfig["adapter"]>["updateUser"];
+        saveVerificationToken: Required<AuthConfig["adapter"]>["saveVerificationToken"];
+        findVerificationToken: Required<AuthConfig["adapter"]>["findVerificationToken"];
+        deleteVerificationToken: Required<AuthConfig["adapter"]>["deleteVerificationToken"];
+    };
+};
+export declare function requireEmailConfig(): EmailReadyConfig;
+export declare function generateToken(): string;
+export declare function getExpiryDate(minutes: number): Date;
+export declare function sendVerificationEmail(to: string, token: string): Promise<void>;
+export declare function sendPasswordResetEmail(to: string, token: string): Promise<void>;
+export {};
+//# sourceMappingURL=email.service.d.ts.map

package/dist/services/email.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"email.service.d.ts","sourceRoot":"","sources":["../../src/services/email.service.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAGtC,KAAK,gBAAgB,GAAG,IAAI,CAAC,UAAU,EAAE,SAAS,GAAG,aAAa,CAAC,GAAG;IACpE,WAAW,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC,aAAa,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EACjC,YAAY,GAAG,uBAAuB,GAAG,uBAAuB,GAAG,yBAAyB,CAC7F,GAAG;QACF,UAAU,EAAe,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;QACvE,qBAAqB,EAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC;QAClF,qBAAqB,EAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC;QAClF,uBAAuB,EAAE,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC;KACrF,CAAC;CACH,CAAC;AAEF,wBAAgB,kBAAkB,IAAI,gBAAgB,CAerD;AAGD,wBAAgB,aAAa,IAAI,MAAM,CAEtC;AAED,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAEnD;AAID,wBAAsB,qBAAqB,CACzC,EAAE,EAAE,MAAM,EACV,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,IAAI,CAAC,CAaf;AAED,wBAAsB,sBAAsB,CAC1C,EAAE,EAAE,MAAM,EACV,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,IAAI,CAAC,CAaf"}

package/dist/services/email.service.js

@@ -0,0 +1,58 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireEmailConfig = requireEmailConfig;
+exports.generateToken = generateToken;
+exports.getExpiryDate = getExpiryDate;
+exports.sendVerificationEmail = sendVerificationEmail;
+exports.sendPasswordResetEmail = sendPasswordResetEmail;
+const crypto_1 = __importDefault(require("crypto"));
+const auth_config_1 = require("../config/auth.config");
+const errors_1 = require("../utils/errors");
+function requireEmailConfig() {
+    const config = (0, auth_config_1.getConfig)();
+    if (!config.emailSender)
+        throw new errors_1.AuthError("[authkit] emailSender is required to use email features", 500);
+    if (!config.adapter.updateUser)
+        throw new errors_1.AuthError("[authkit] adapter.updateUser is required", 500);
+    if (!config.adapter.saveVerificationToken)
+        throw new errors_1.AuthError("[authkit] adapter.saveVerificationToken is required", 500);
+    if (!config.adapter.findVerificationToken)
+        throw new errors_1.AuthError("[authkit] adapter.findVerificationToken is required", 500);
+    if (!config.adapter.deleteVerificationToken)
+        throw new errors_1.AuthError("[authkit] adapter.deleteVerificationToken is required", 500);
+    return config; // safe — all fields confirmed above
+}
+// ---- Token helpers -----------------------------------------------
+function generateToken() {
+    return crypto_1.default.randomBytes(32).toString("hex");
+}
+function getExpiryDate(minutes) {
+    return new Date(Date.now() + minutes * 60 * 1000);
+}
+// ---- Email senders -----------------------------------------------
+async function sendVerificationEmail(to, token) {
+    const { emailSender, verificationUrl } = requireEmailConfig();
+    const link = `${verificationUrl}/verify-email?token=${token}`;
+    const html = `
+    <h2>Verify your email</h2>
+    <p>Click the link below to verify your email address. This link expires in 24 hours.</p>
+    <a href="${link}">${link}</a>
+    <p>If you did not create an account, ignore this email.</p>
+  `;
+    await emailSender(to, "Verify your email", html);
+}
+async function sendPasswordResetEmail(to, token) {
+    const { emailSender, verificationUrl } = requireEmailConfig();
+    const link = `${verificationUrl}/reset-password?token=${token}`;
+    const html = `
+    <h2>Reset your password</h2>
+    <p>Click the link below to reset your password. This link expires in 15 minutes.</p>
+    <a href="${link}">${link}</a>
+    <p>If you did not request a password reset, ignore this email.</p>
+  `;
+    await emailSender(to, "Reset your password", html);
+}
+//# sourceMappingURL=email.service.js.map

package/dist/services/email.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"email.service.js","sourceRoot":"","sources":["../../src/services/email.service.ts"],"names":[],"mappings":";;;;;AAoBA,gDAeC;AAGD,sCAEC;AAED,sCAEC;AAID,sDAgBC;AAED,wDAgBC;AAlFD,oDAA4B;AAC5B,uDAAkD;AAClD,4CAA4C;AAkB5C,SAAgB,kBAAkB;IAChC,MAAM,MAAM,GAAG,IAAA,uBAAS,GAAE,CAAC;IAE3B,IAAI,CAAC,MAAM,CAAC,WAAW;QACrB,MAAM,IAAI,kBAAS,CAAC,yDAAyD,EAAE,GAAG,CAAC,CAAC;IACtF,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU;QAC5B,MAAM,IAAI,kBAAS,CAAC,0CAA0C,EAAE,GAAG,CAAC,CAAC;IACvE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,qBAAqB;QACvC,MAAM,IAAI,kBAAS,CAAC,qDAAqD,EAAE,GAAG,CAAC,CAAC;IAClF,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,qBAAqB;QACvC,MAAM,IAAI,kBAAS,CAAC,qDAAqD,EAAE,GAAG,CAAC,CAAC;IAClF,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,uBAAuB;QACzC,MAAM,IAAI,kBAAS,CAAC,uDAAuD,EAAE,GAAG,CAAC,CAAC;IAEpF,OAAO,MAAqC,CAAC,CAAC,oCAAoC;AACpF,CAAC;AACD,qEAAqE;AAErE,SAAgB,aAAa;IAC3B,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChD,CAAC;AAED,SAAgB,aAAa,CAAC,OAAe;IAC3C,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AACpD,CAAC;AAED,qEAAqE;AAE9D,KAAK,UAAU,qBAAqB,CACzC,EAAU,EACV,KAAa;IAEb,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,GAAG,kBAAkB,EAAE,CAAC;IAE9D,MAAM,IAAI,GAAG,GAAG,eAAe,uBAAuB,KAAK,EAAE,CAAC;IAE9D,MAAM,IAAI,GAAG;;;eAGA,IAAI,KAAK,IAAI;;GAEzB,CAAC;IAEF,MAAM,WAAW,CAAC,EAAE,EAAE,mBAAmB,EAAE,IAAI,CAAC,CAAC;AACnD,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,EAAU,EACV,KAAa;IAEb,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,GAAG,kBAAkB,EAAE,CAAC;IAE9D,MAAM,IAAI,GAAG,GAAG,eAAe,yBAAyB,KAAK,EAAE,CAAC;IAEhE,MAAM,IAAI,GAAG;;;eAGA,IAAI,KAAK,IAAI;;GAEzB,CAAC;IAEF,MAAM,WAAW,CAAC,EAAE,EAAE,qBAAqB,EAAE,IAAI,CAAC,CAAC;AACrD,CAAC"}

package/dist/types/index.d.ts

@@ -4,16 +4,30 @@ export interface AuthUser {
     email: string;
     password: string;
     role?: string;
+    isVerified?: boolean;
+    [key: string]: unknown;
+}
+export interface VerificationToken {
+    token: string;
+    userId: string;
+    type: "email_verification" | "password_reset";
+    expiresAt: Date;
 }
 export interface AuthAdapter {
     findUserByEmail: (email: string) => Promise<AuthUser | null>;
     findUserById: (id: string) => Promise<AuthUser | null>;
     createUser: (data: Partial<AuthUser>) => Promise<AuthUser>;
+    updateUser?: (id: string, data: Partial<AuthUser>) => Promise<AuthUser>;
+    saveVerificationToken?: (payload: VerificationToken) => Promise<void>;
+    findVerificationToken?: (token: string) => Promise<VerificationToken | null>;
+    deleteVerificationToken?: (token: string) => Promise<void>;
 }
 export interface AuthConfig {
     secret: string;
     accessTokenExpiry?: string;
     refreshTokenExpiry?: string;
+    verificationUrl?: string;
+    emailSender?: (to: string, subject: string, html: string) => Promise<void>;
     adapter: AuthAdapter;
 }
 export interface AuthRequest extends Request {

package/dist/types/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAGD,MAAM,WAAW,WAAW;IAC1B,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IAC7D,YAAY,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IACvD,UAAU,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;CAC5D;AAGD,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,EAAE,WAAW,CAAC;CACtB;AAGD,MAAM,WAAW,WAAY,SAAQ,OAAO;IAC1C,IAAI,CAAC,EAAE,QAAQ,CAAC;CACjB"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,oBAAoB,GAAG,gBAAgB,CAAC;IAC9C,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAE1B,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IAC7D,YAAY,EAAK,CAAC,EAAE,EAAE,MAAM,KAAQ,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IAC7D,UAAU,EAAO,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IAGhE,UAAU,CAAC,EAAe,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrF,qBAAqB,CAAC,EAAI,CAAC,OAAO,EAAE,iBAAiB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACxE,qBAAqB,CAAC,EAAI,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;IAC/E,uBAAuB,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC5D;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAG,MAAM,CAAC;IAC5B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,eAAe,CAAC,EAAK,MAAM,CAAC;IAC5B,WAAW,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3E,OAAO,EAAE,WAAW,CAAC;CACtB;AAED,MAAM,WAAW,WAAY,SAAQ,OAAO;IAC1C,IAAI,CAAC,EAAE,QAAQ,CAAC;CACjB"}

package/package.json

@@ -1,10 +1,12 @@
 {
   "name": "@ilman00/authkit",
-  "version": "1.0.0",
+  "version": "2.0.0",
   "description": "Plug and play auth for Express apps",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
-  "files": ["dist"],
+  "files": [
+    "dist"
+  ],
   "scripts": {
     "build": "tsc",
     "dev": "tsc --watch"
@@ -13,6 +15,7 @@
     "express": "^4.x || ^5.x"
   },
   "dependencies": {
+    "@ilman00/authkit": "^1.0.0",
     "bcryptjs": "^2.4.3",
     "jsonwebtoken": "^9.0.0"
   },
@@ -22,6 +25,11 @@
     "@types/jsonwebtoken": "^9.0.0",
     "typescript": "^5.0.0"
   },
-  "keywords": ["auth", "jwt", "express", "authentication"],
+  "keywords": [
+    "auth",
+    "jwt",
+    "express",
+    "authentication"
+  ],
   "license": "MIT"
-}
+}