@mesob/auth-hono 0.0.7 → 0.1.0

package/dist/lib/openapi-config.js

@@ -0,0 +1,66 @@
+// src/lib/openapi-config.ts
+var createOpenApiConfig = (config) => {
+  const basePath = config.basePath || "";
+  const servers = config.docs?.servers || [
+    {
+      url: "http://localhost:3000",
+      description: "Development server"
+    }
+  ];
+  const serversWithBasePath = servers.map((server) => ({
+    ...server,
+    url: `${server.url.replace(/\/$/, "")}${basePath}`
+  }));
+  return {
+    openapi: "3.0.0",
+    info: {
+      title: config.docs?.title || "IAM API",
+      version: config.docs?.version || "1.0.0",
+      description: "Complete Identity and Access Management API"
+    },
+    servers: serversWithBasePath,
+    tags: [
+      { name: "Auth", description: "Authentication endpoints" },
+      { name: "Profile", description: "User profile management" },
+      { name: "Password", description: "Password management" },
+      { name: "Email", description: "Email verification" },
+      { name: "Phone", description: "Phone verification" },
+      { name: "Users", description: "User management (IAM)" },
+      { name: "Tenants", description: "Tenant management (IAM)" },
+      { name: "Domains", description: "Domain management (IAM)" },
+      { name: "Roles", description: "Role management (IAM)" },
+      { name: "Permissions", description: "Permission management (IAM)" },
+      {
+        name: "Role Permissions",
+        description: "Role-permission mapping (IAM)"
+      },
+      { name: "User Roles", description: "User-role assignment (IAM)" },
+      { name: "Sessions", description: "Session management (IAM)" },
+      { name: "Verifications", description: "Verification management (IAM)" }
+    ],
+    "x-tagGroups": [
+      {
+        name: "Authentication",
+        tags: ["Auth", "Profile", "Password", "Email", "Phone"]
+      },
+      {
+        name: "IAM Management",
+        tags: [
+          "Users",
+          "Tenants",
+          "Domains",
+          "Roles",
+          "Permissions",
+          "Role Permissions",
+          "User Roles",
+          "Sessions",
+          "Verifications"
+        ]
+      }
+    ]
+  };
+};
+export {
+  createOpenApiConfig
+};
+//# sourceMappingURL=openapi-config.js.map

package/dist/lib/openapi-config.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/lib/openapi-config.ts"],"sourcesContent":["import type { AuthConfig } from '../types';\n\nexport const createOpenApiConfig = (config: AuthConfig) => {\n  const basePath = config.basePath || '';\n  const servers = config.docs?.servers || [\n    {\n      url: 'http://localhost:3000',\n      description: 'Development server',\n    },\n  ];\n  const serversWithBasePath = servers.map((server) => ({\n    ...server,\n    url: `${server.url.replace(/\\/$/, '')}${basePath}`,\n  }));\n\n  return {\n    openapi: '3.0.0',\n    info: {\n      title: config.docs?.title || 'IAM API',\n      version: config.docs?.version || '1.0.0',\n      description: 'Complete Identity and Access Management API',\n    },\n    servers: serversWithBasePath,\n    tags: [\n      { name: 'Auth', description: 'Authentication endpoints' },\n      { name: 'Profile', description: 'User profile management' },\n      { name: 'Password', description: 'Password management' },\n      { name: 'Email', description: 'Email verification' },\n      { name: 'Phone', description: 'Phone verification' },\n      { name: 'Users', description: 'User management (IAM)' },\n      { name: 'Tenants', description: 'Tenant management (IAM)' },\n      { name: 'Domains', description: 'Domain management (IAM)' },\n      { name: 'Roles', description: 'Role management (IAM)' },\n      { name: 'Permissions', description: 'Permission management (IAM)' },\n      {\n        name: 'Role Permissions',\n        description: 'Role-permission mapping (IAM)',\n      },\n      { name: 'User Roles', description: 'User-role assignment (IAM)' },\n      { name: 'Sessions', description: 'Session management (IAM)' },\n      { name: 'Verifications', description: 'Verification management (IAM)' },\n    ],\n    'x-tagGroups': [\n      {\n        name: 'Authentication',\n        tags: ['Auth', 'Profile', 'Password', 'Email', 'Phone'],\n      },\n      {\n        name: 'IAM Management',\n        tags: [\n          'Users',\n          'Tenants',\n          'Domains',\n          'Roles',\n          'Permissions',\n          'Role Permissions',\n          'User Roles',\n          'Sessions',\n          'Verifications',\n        ],\n      },\n    ],\n  };\n};\n"],"mappings":";AAEO,IAAM,sBAAsB,CAAC,WAAuB;AACzD,QAAM,WAAW,OAAO,YAAY;AACpC,QAAM,UAAU,OAAO,MAAM,WAAW;AAAA,IACtC;AAAA,MACE,KAAK;AAAA,MACL,aAAa;AAAA,IACf;AAAA,EACF;AACA,QAAM,sBAAsB,QAAQ,IAAI,CAAC,YAAY;AAAA,IACnD,GAAG;AAAA,IACH,KAAK,GAAG,OAAO,IAAI,QAAQ,OAAO,EAAE,CAAC,GAAG,QAAQ;AAAA,EAClD,EAAE;AAEF,SAAO;AAAA,IACL,SAAS;AAAA,IACT,MAAM;AAAA,MACJ,OAAO,OAAO,MAAM,SAAS;AAAA,MAC7B,SAAS,OAAO,MAAM,WAAW;AAAA,MACjC,aAAa;AAAA,IACf;AAAA,IACA,SAAS;AAAA,IACT,MAAM;AAAA,MACJ,EAAE,MAAM,QAAQ,aAAa,2BAA2B;AAAA,MACxD,EAAE,MAAM,WAAW,aAAa,0BAA0B;AAAA,MAC1D,EAAE,MAAM,YAAY,aAAa,sBAAsB;AAAA,MACvD,EAAE,MAAM,SAAS,aAAa,qBAAqB;AAAA,MACnD,EAAE,MAAM,SAAS,aAAa,qBAAqB;AAAA,MACnD,EAAE,MAAM,SAAS,aAAa,wBAAwB;AAAA,MACtD,EAAE,MAAM,WAAW,aAAa,0BAA0B;AAAA,MAC1D,EAAE,MAAM,WAAW,aAAa,0BAA0B;AAAA,MAC1D,EAAE,MAAM,SAAS,aAAa,wBAAwB;AAAA,MACtD,EAAE,MAAM,eAAe,aAAa,8BAA8B;AAAA,MAClE;AAAA,QACE,MAAM;AAAA,QACN,aAAa;AAAA,MACf;AAAA,MACA,EAAE,MAAM,cAAc,aAAa,6BAA6B;AAAA,MAChE,EAAE,MAAM,YAAY,aAAa,2BAA2B;AAAA,MAC5D,EAAE,MAAM,iBAAiB,aAAa,gCAAgC;AAAA,IACxE;AAAA,IACA,eAAe;AAAA,MACb;AAAA,QACE,MAAM;AAAA,QACN,MAAM,CAAC,QAAQ,WAAW,YAAY,SAAS,OAAO;AAAA,MACxD;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,MAAM;AAAA,UACJ;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;","names":[]}

package/dist/lib/session.d.ts

@@ -1,23 +1,48 @@
-declare const SESSION_COOKIE_NAME = "session_token";
-type SessionMeta = Record<string, unknown>;
-type BuildSessionPayloadOptions = {
-    id: string;
-    expiresAt: string;
-    createdAt?: string;
-    userAgent?: string | null;
-    ip?: string | null;
-};
-declare const buildSessionPayload: ({ id, expiresAt, createdAt, userAgent, ip, }: BuildSessionPayloadOptions) => {
-    id: string;
-    expiresAt: string;
-    createdAt: string | undefined;
-    userAgent: string | null;
-    ip: string | null;
-};
-declare const generateHandle: (seed?: string | null) => string;
+import { b as SessionConfig } from '../index-CScADcDn.js';
+import 'hono';
+import '@hono/zod-openapi';
+import '../index-ULpI-i0z.js';
+import 'drizzle-orm/node-postgres';
+import 'drizzle-orm/pg-core';
+import 'drizzle-orm';
+import 'pg';
+
+declare const generateHandle: () => string;
 declare const getSessionExpiresAt: (days?: number) => string;
 declare const parseDuration: (duration: string) => number;
 declare const addDuration: (duration: string) => string;
 declare const generateOtpCode: (length?: number) => string;
+/**
+ * Get session expiration duration based on rememberMe option
+ */
+declare const getSessionDuration: ({ sessionConfig, rememberMe, }: {
+    sessionConfig: SessionConfig;
+    rememberMe: boolean;
+}) => string;
+/**
+ * Get the update age threshold based on session type
+ */
+declare const getSessionUpdateAge: ({ sessionConfig, rememberMe, }: {
+    sessionConfig: SessionConfig;
+    rememberMe: boolean;
+}) => string;
+/**
+ * Check if session needs refresh based on remaining time
+ */
+declare const shouldRefreshSession: ({ expiresAt, updateAge, }: {
+    expiresAt: string;
+    updateAge: string;
+}) => boolean;
+/**
+ * Get new expiration time for session refresh
+ */
+declare const getRefreshedExpiresAt: ({ sessionConfig, rememberMe, }: {
+    sessionConfig: SessionConfig;
+    rememberMe: boolean;
+}) => string;
+/**
+ * Check if session is expired
+ */
+declare const isSessionExpired: (expiresAt: string) => boolean;
 
-export { type BuildSessionPayloadOptions, SESSION_COOKIE_NAME, type SessionMeta, addDuration, buildSessionPayload, generateHandle, generateOtpCode, getSessionExpiresAt, parseDuration };
+export { addDuration, generateHandle, generateOtpCode, getRefreshedExpiresAt, getSessionDuration, getSessionExpiresAt, getSessionUpdateAge, isSessionExpired, parseDuration, shouldRefreshSession };

package/dist/lib/session.js

@@ -1,27 +1,13 @@
 // src/lib/session.ts
 import { dayjs } from "@mesob/common";
-var SESSION_COOKIE_NAME = "session_token";
-var buildSessionPayload = ({
-  id,
-  expiresAt,
-  createdAt,
-  userAgent,
-  ip
-}) => ({
-  id,
-  expiresAt,
-  createdAt,
-  userAgent: userAgent || null,
-  ip: ip || null
-});
-var generateHandle = (seed) => {
-  const base = seed?.replace(/[^a-zA-Z0-9]/g, "").toLowerCase() || `user${Math.random().toString(36).slice(2, 8)}`;
-  return `${base}-${Math.random().toString(36).slice(2, 6)}`;
+import { nanoid } from "nanoid";
+var generateHandle = () => {
+  return nanoid(10);
 };
 var getSessionExpiresAt = (days = 30) => dayjs().add(days, "day").toISOString();
 var parseDuration = (duration) => {
   const match = duration.match(/^(\d+)([smhd])$/);
-  if (!match) {
+  if (!(match?.[1] && match[2])) {
     throw new Error(`Invalid duration format: ${duration}`);
   }
   const value = Number.parseInt(match[1], 10);
@@ -40,19 +26,67 @@ var addDuration = (duration) => {
 };
 var generateOtpCode = (length = 6) => {
   const digits = "0123456789";
+  const maxValid = 250;
   let code = "";
-  for (let i = 0; i < length; i++) {
-    code += digits[Math.floor(Math.random() * digits.length)];
+  while (code.length < length) {
+    const randomValues = new Uint8Array(length - code.length);
+    crypto.getRandomValues(randomValues);
+    for (const val of randomValues) {
+      if (val < maxValid && code.length < length) {
+        code += digits[val % 10];
+      }
+    }
   }
   return code;
 };
+var getSessionDuration = ({
+  sessionConfig,
+  rememberMe
+}) => {
+  if (rememberMe) {
+    return sessionConfig.rememberMeExpiresIn;
+  }
+  return sessionConfig.shortSessionExpiresIn;
+};
+var getSessionUpdateAge = ({
+  sessionConfig,
+  rememberMe
+}) => {
+  if (rememberMe) {
+    return sessionConfig.updateAge;
+  }
+  return sessionConfig.shortSessionUpdateAge;
+};
+var shouldRefreshSession = ({
+  expiresAt,
+  updateAge
+}) => {
+  const updateAgeSeconds = parseDuration(updateAge);
+  const now = dayjs();
+  const expires = dayjs(expiresAt);
+  const remainingSeconds = expires.diff(now, "second");
+  return remainingSeconds > 0 && remainingSeconds <= updateAgeSeconds;
+};
+var getRefreshedExpiresAt = ({
+  sessionConfig,
+  rememberMe
+}) => {
+  const duration = getSessionDuration({ sessionConfig, rememberMe });
+  return addDuration(duration);
+};
+var isSessionExpired = (expiresAt) => {
+  return dayjs(expiresAt).isBefore(dayjs());
+};
 export {
-  SESSION_COOKIE_NAME,
   addDuration,
-  buildSessionPayload,
   generateHandle,
   generateOtpCode,
+  getRefreshedExpiresAt,
+  getSessionDuration,
   getSessionExpiresAt,
-  parseDuration
+  getSessionUpdateAge,
+  isSessionExpired,
+  parseDuration,
+  shouldRefreshSession
 };
 //# sourceMappingURL=session.js.map

package/dist/lib/session.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/lib/session.ts"],"sourcesContent":["import { dayjs } from '@mesob/common';\n\nexport const SESSION_COOKIE_NAME = 'session_token';\n\nexport type SessionMeta = Record<string, unknown>;\n\nexport type BuildSessionPayloadOptions = {\n  id: string;\n  expiresAt: string;\n  createdAt?: string;\n  userAgent?: string | null;\n  ip?: string | null;\n};\n\nexport const buildSessionPayload = ({\n  id,\n  expiresAt,\n  createdAt,\n  userAgent,\n  ip,\n}: BuildSessionPayloadOptions) => ({\n  id,\n  expiresAt,\n  createdAt,\n  userAgent: userAgent || null,\n  ip: ip || null,\n});\n\nexport const generateHandle = (seed?: string | null) => {\n  const base =\n    seed?.replace(/[^a-zA-Z0-9]/g, '').toLowerCase() ||\n    `user${Math.random().toString(36).slice(2, 8)}`;\n  return `${base}-${Math.random().toString(36).slice(2, 6)}`;\n};\n\nexport const getSessionExpiresAt = (days = 30) =>\n  dayjs().add(days, 'day').toISOString();\n\nexport const parseDuration = (duration: string): number => {\n  const match = duration.match(/^(\\d+)([smhd])$/);\n  if (!match) {\n    throw new Error(`Invalid duration format: ${duration}`);\n  }\n  const value = Number.parseInt(match[1]!, 10);\n  const unit = match[2]!;\n  const multipliers: Record<string, number> = {\n    s: 1,\n    m: 60,\n    h: 3600,\n    d: 86400,\n  };\n  return value * (multipliers[unit] || 1);\n};\n\nexport const addDuration = (duration: string): string => {\n  const seconds = parseDuration(duration);\n  return dayjs().add(seconds, 'second').toISOString();\n};\n\nexport const generateOtpCode = (length = 6): string => {\n  const digits = '0123456789';\n  let code = '';\n  for (let i = 0; i < length; i++) {\n    code += digits[Math.floor(Math.random() * digits.length)]!;\n  }\n  return code;\n};\n"],"mappings":";AAAA,SAAS,aAAa;AAEf,IAAM,sBAAsB;AAY5B,IAAM,sBAAsB,CAAC;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,OAAmC;AAAA,EACjC;AAAA,EACA;AAAA,EACA;AAAA,EACA,WAAW,aAAa;AAAA,EACxB,IAAI,MAAM;AACZ;AAEO,IAAM,iBAAiB,CAAC,SAAyB;AACtD,QAAM,OACJ,MAAM,QAAQ,iBAAiB,EAAE,EAAE,YAAY,KAC/C,OAAO,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,MAAM,GAAG,CAAC,CAAC;AAC/C,SAAO,GAAG,IAAI,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,MAAM,GAAG,CAAC,CAAC;AAC1D;AAEO,IAAM,sBAAsB,CAAC,OAAO,OACzC,MAAM,EAAE,IAAI,MAAM,KAAK,EAAE,YAAY;AAEhC,IAAM,gBAAgB,CAAC,aAA6B;AACzD,QAAM,QAAQ,SAAS,MAAM,iBAAiB;AAC9C,MAAI,CAAC,OAAO;AACV,UAAM,IAAI,MAAM,4BAA4B,QAAQ,EAAE;AAAA,EACxD;AACA,QAAM,QAAQ,OAAO,SAAS,MAAM,CAAC,GAAI,EAAE;AAC3C,QAAM,OAAO,MAAM,CAAC;AACpB,QAAM,cAAsC;AAAA,IAC1C,GAAG;AAAA,IACH,GAAG;AAAA,IACH,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACA,SAAO,SAAS,YAAY,IAAI,KAAK;AACvC;AAEO,IAAM,cAAc,CAAC,aAA6B;AACvD,QAAM,UAAU,cAAc,QAAQ;AACtC,SAAO,MAAM,EAAE,IAAI,SAAS,QAAQ,EAAE,YAAY;AACpD;AAEO,IAAM,kBAAkB,CAAC,SAAS,MAAc;AACrD,QAAM,SAAS;AACf,MAAI,OAAO;AACX,WAAS,IAAI,GAAG,IAAI,QAAQ,KAAK;AAC/B,YAAQ,OAAO,KAAK,MAAM,KAAK,OAAO,IAAI,OAAO,MAAM,CAAC;AAAA,EAC1D;AACA,SAAO;AACT;","names":[]}
+{"version":3,"sources":["../../src/lib/session.ts"],"sourcesContent":["import { dayjs } from '@mesob/common';\nimport { nanoid } from 'nanoid';\nimport type { SessionConfig } from '../types';\n\nexport const generateHandle = (): string => {\n  return nanoid(10);\n};\n\nexport const getSessionExpiresAt = (days = 30) =>\n  dayjs().add(days, 'day').toISOString();\n\nexport const parseDuration = (duration: string): number => {\n  const match = duration.match(/^(\\d+)([smhd])$/);\n  if (!(match?.[1] && match[2])) {\n    throw new Error(`Invalid duration format: ${duration}`);\n  }\n  const value = Number.parseInt(match[1], 10);\n  const unit = match[2];\n  const multipliers: Record<string, number> = {\n    s: 1,\n    m: 60,\n    h: 3600,\n    d: 86400,\n  };\n  return value * (multipliers[unit] || 1);\n};\n\nexport const addDuration = (duration: string): string => {\n  const seconds = parseDuration(duration);\n  return dayjs().add(seconds, 'second').toISOString();\n};\n\nexport const generateOtpCode = (length = 6): string => {\n  const digits = '0123456789';\n  const maxValid = 250; // largest multiple of 10 <= 255 to avoid modulo bias\n  let code = '';\n\n  while (code.length < length) {\n    const randomValues = new Uint8Array(length - code.length);\n    crypto.getRandomValues(randomValues);\n    for (const val of randomValues) {\n      if (val < maxValid && code.length < length) {\n        code += digits[val % 10];\n      }\n    }\n  }\n  return code;\n};\n\n/**\n * Get session expiration duration based on rememberMe option\n */\nexport const getSessionDuration = ({\n  sessionConfig,\n  rememberMe,\n}: {\n  sessionConfig: SessionConfig;\n  rememberMe: boolean;\n}): string => {\n  if (rememberMe) {\n    return sessionConfig.rememberMeExpiresIn;\n  }\n  return sessionConfig.shortSessionExpiresIn;\n};\n\n/**\n * Get the update age threshold based on session type\n */\nexport const getSessionUpdateAge = ({\n  sessionConfig,\n  rememberMe,\n}: {\n  sessionConfig: SessionConfig;\n  rememberMe: boolean;\n}): string => {\n  if (rememberMe) {\n    return sessionConfig.updateAge;\n  }\n  return sessionConfig.shortSessionUpdateAge;\n};\n\n/**\n * Check if session needs refresh based on remaining time\n */\nexport const shouldRefreshSession = ({\n  expiresAt,\n  updateAge,\n}: {\n  expiresAt: string;\n  updateAge: string;\n}): boolean => {\n  const updateAgeSeconds = parseDuration(updateAge);\n  const now = dayjs();\n  const expires = dayjs(expiresAt);\n  const remainingSeconds = expires.diff(now, 'second');\n\n  return remainingSeconds > 0 && remainingSeconds <= updateAgeSeconds;\n};\n\n/**\n * Get new expiration time for session refresh\n */\nexport const getRefreshedExpiresAt = ({\n  sessionConfig,\n  rememberMe,\n}: {\n  sessionConfig: SessionConfig;\n  rememberMe: boolean;\n}): string => {\n  const duration = getSessionDuration({ sessionConfig, rememberMe });\n  return addDuration(duration);\n};\n\n/**\n * Check if session is expired\n */\nexport const isSessionExpired = (expiresAt: string): boolean => {\n  return dayjs(expiresAt).isBefore(dayjs());\n};\n"],"mappings":";AAAA,SAAS,aAAa;AACtB,SAAS,cAAc;AAGhB,IAAM,iBAAiB,MAAc;AAC1C,SAAO,OAAO,EAAE;AAClB;AAEO,IAAM,sBAAsB,CAAC,OAAO,OACzC,MAAM,EAAE,IAAI,MAAM,KAAK,EAAE,YAAY;AAEhC,IAAM,gBAAgB,CAAC,aAA6B;AACzD,QAAM,QAAQ,SAAS,MAAM,iBAAiB;AAC9C,MAAI,EAAE,QAAQ,CAAC,KAAK,MAAM,CAAC,IAAI;AAC7B,UAAM,IAAI,MAAM,4BAA4B,QAAQ,EAAE;AAAA,EACxD;AACA,QAAM,QAAQ,OAAO,SAAS,MAAM,CAAC,GAAG,EAAE;AAC1C,QAAM,OAAO,MAAM,CAAC;AACpB,QAAM,cAAsC;AAAA,IAC1C,GAAG;AAAA,IACH,GAAG;AAAA,IACH,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACA,SAAO,SAAS,YAAY,IAAI,KAAK;AACvC;AAEO,IAAM,cAAc,CAAC,aAA6B;AACvD,QAAM,UAAU,cAAc,QAAQ;AACtC,SAAO,MAAM,EAAE,IAAI,SAAS,QAAQ,EAAE,YAAY;AACpD;AAEO,IAAM,kBAAkB,CAAC,SAAS,MAAc;AACrD,QAAM,SAAS;AACf,QAAM,WAAW;AACjB,MAAI,OAAO;AAEX,SAAO,KAAK,SAAS,QAAQ;AAC3B,UAAM,eAAe,IAAI,WAAW,SAAS,KAAK,MAAM;AACxD,WAAO,gBAAgB,YAAY;AACnC,eAAW,OAAO,cAAc;AAC9B,UAAI,MAAM,YAAY,KAAK,SAAS,QAAQ;AAC1C,gBAAQ,OAAO,MAAM,EAAE;AAAA,MACzB;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAKO,IAAM,qBAAqB,CAAC;AAAA,EACjC;AAAA,EACA;AACF,MAGc;AACZ,MAAI,YAAY;AACd,WAAO,cAAc;AAAA,EACvB;AACA,SAAO,cAAc;AACvB;AAKO,IAAM,sBAAsB,CAAC;AAAA,EAClC;AAAA,EACA;AACF,MAGc;AACZ,MAAI,YAAY;AACd,WAAO,cAAc;AAAA,EACvB;AACA,SAAO,cAAc;AACvB;AAKO,IAAM,uBAAuB,CAAC;AAAA,EACnC;AAAA,EACA;AACF,MAGe;AACb,QAAM,mBAAmB,cAAc,SAAS;AAChD,QAAM,MAAM,MAAM;AAClB,QAAM,UAAU,MAAM,SAAS;AAC/B,QAAM,mBAAmB,QAAQ,KAAK,KAAK,QAAQ;AAEnD,SAAO,mBAAmB,KAAK,oBAAoB;AACrD;AAKO,IAAM,wBAAwB,CAAC;AAAA,EACpC;AAAA,EACA;AACF,MAGc;AACZ,QAAM,WAAW,mBAAmB,EAAE,eAAe,WAAW,CAAC;AACjE,SAAO,YAAY,QAAQ;AAC7B;AAKO,IAAM,mBAAmB,CAAC,cAA+B;AAC9D,SAAO,MAAM,SAAS,EAAE,SAAS,MAAM,CAAC;AAC1C;","names":[]}

package/dist/lib/tenant.d.ts

@@ -1,4 +1,11 @@
-import { A as AuthConfig } from '../index-J2ZbOnZO.js';
+import { A as AuthConfig } from '../index-CScADcDn.js';
+import 'hono';
+import '@hono/zod-openapi';
+import '../index-ULpI-i0z.js';
+import 'drizzle-orm/node-postgres';
+import 'drizzle-orm/pg-core';
+import 'drizzle-orm';
+import 'pg';
 
 declare const ensureTenantId: (config: AuthConfig, tenantId: string | undefined) => string;
 

package/dist/lib/tenant.js

@@ -1,7 +1,8 @@
 // src/lib/tenant.ts
 import { HTTPException } from "hono/http-exception";
 var ensureTenantId = (config, tenantId) => {
-  if (config.enableTenant) {
+  const enableTenant = config.tenant?.enabled ?? true;
+  if (enableTenant) {
     if (!tenantId) {
       throw new HTTPException(400, {
         message: "Missing tenantId. Tenant isolation is enabled."
@@ -9,12 +10,12 @@ var ensureTenantId = (config, tenantId) => {
     }
     return tenantId;
   }
-  if (!config.tenantId) {
+  if (!config.tenant?.tenantId) {
     throw new HTTPException(500, {
-      message: "tenantId must be provided in config when enableTenant is false."
+      message: "tenantId must be provided in config.tenant when tenant.enabled is false."
     });
   }
-  return config.tenantId;
+  return config.tenant.tenantId;
 };
 export {
   ensureTenantId

package/dist/lib/tenant.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/lib/tenant.ts"],"sourcesContent":["import { HTTPException } from 'hono/http-exception';\nimport type { AuthConfig } from '../types';\n\nexport const ensureTenantId = (\n  config: AuthConfig,\n  tenantId: string | undefined,\n): string => {\n  if (config.enableTenant) {\n    if (!tenantId) {\n      throw new HTTPException(400, {\n        message: 'Missing tenantId. Tenant isolation is enabled.',\n      });\n    }\n    return tenantId;\n  }\n\n  // When tenant is disabled, use tenantId from config\n  if (!config.tenantId) {\n    throw new HTTPException(500, {\n      message:\n        'tenantId must be provided in config when enableTenant is false.',\n    });\n  }\n  return config.tenantId;\n};\n"],"mappings":";AAAA,SAAS,qBAAqB;AAGvB,IAAM,iBAAiB,CAC5B,QACA,aACW;AACX,MAAI,OAAO,cAAc;AACvB,QAAI,CAAC,UAAU;AACb,YAAM,IAAI,cAAc,KAAK;AAAA,QAC3B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAGA,MAAI,CAAC,OAAO,UAAU;AACpB,UAAM,IAAI,cAAc,KAAK;AAAA,MAC3B,SACE;AAAA,IACJ,CAAC;AAAA,EACH;AACA,SAAO,OAAO;AAChB;","names":[]}
+{"version":3,"sources":["../../src/lib/tenant.ts"],"sourcesContent":["import { HTTPException } from 'hono/http-exception';\nimport type { AuthConfig } from '../types';\n\nexport const ensureTenantId = (\n  config: AuthConfig,\n  tenantId: string | undefined,\n): string => {\n  const enableTenant = config.tenant?.enabled ?? true;\n  if (enableTenant) {\n    if (!tenantId) {\n      throw new HTTPException(400, {\n        message: 'Missing tenantId. Tenant isolation is enabled.',\n      });\n    }\n    return tenantId;\n  }\n\n  // When tenant is disabled, use tenantId from config\n  if (!config.tenant?.tenantId) {\n    throw new HTTPException(500, {\n      message:\n        'tenantId must be provided in config.tenant when tenant.enabled is false.',\n    });\n  }\n  return config.tenant.tenantId;\n};\n"],"mappings":";AAAA,SAAS,qBAAqB;AAGvB,IAAM,iBAAiB,CAC5B,QACA,aACW;AACX,QAAM,eAAe,OAAO,QAAQ,WAAW;AAC/C,MAAI,cAAc;AAChB,QAAI,CAAC,UAAU;AACb,YAAM,IAAI,cAAc,KAAK;AAAA,QAC3B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAGA,MAAI,CAAC,OAAO,QAAQ,UAAU;AAC5B,UAAM,IAAI,cAAc,KAAK;AAAA,MAC3B,SACE;AAAA,IACJ,CAAC;AAAA,EACH;AACA,SAAO,OAAO,OAAO;AACvB;","names":[]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mesob/auth-hono",
-  "version": "0.0.7",
+  "version": "0.1.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -19,17 +19,20 @@
     "dist"
   ],
   "dependencies": {
-    "@hono/zod-openapi": "^1.1.4",
+    "@hono/zod-openapi": "^1.2.0",
     "@noble/hashes": "^2.0.1",
+    "@scalar/hono-api-reference": "^0.9.22",
     "argon2-wasm-edge": "^1.0.23",
+    "deepmerge-ts": "^7.1.5",
     "drizzle-orm": "^0.44.4",
     "hash-wasm": "^4.12.0",
-    "hono": "^4.10.3",
+    "hono": "^4.11.3",
     "jsonwebtoken": "^9.0.2",
+    "nanoid": "^5.1.5",
     "pg": "^8.16.3",
     "resend": "^4.8.0",
     "zod": "^4.1.12",
-    "@mesob/common": "0.0.7"
+    "@mesob/common": "0.1.0"
   },
   "devDependencies": {
     "@types/jsonwebtoken": "^9.0.10",

package/dist/index-J2ZbOnZO.d.ts

@@ -1,76 +0,0 @@
-type UserRole = {
-    id: string;
-    roleId: string;
-    code: string;
-    name: unknown;
-    description: unknown;
-};
-type User = {
-    id: string;
-    tenantId: string;
-    fullName: string;
-    email: string | null;
-    phone: string | null;
-    handle: string;
-    image: string | null;
-    emailVerified: boolean;
-    phoneVerified: boolean;
-    lastSignInAt: string | null;
-    userRoles?: UserRole[];
-};
-type Session = {
-    id: string;
-    tenantId: string;
-    userId: string;
-    expiresAt: string;
-    createdAt: string;
-    updatedAt: string;
-    userAgent: string | null;
-    ip: string | null;
-};
-type ResendConfig = {
-    apiKey: string;
-    from: string;
-    baseUrl?: string;
-    verificationSubject?: string;
-    resetPasswordSubject?: string;
-};
-type SMSConfig = {
-    baseUrl: string;
-    identifierId: string;
-    senderName: string;
-    apiKey: string;
-    templateVerification?: string;
-    templateLogin?: string;
-};
-type EmailConfig = {
-    enabled: boolean;
-    verificationRequired: boolean;
-    verificationExpiresIn: string;
-    resetPasswordExpiresIn: string;
-    resend: ResendConfig;
-};
-type PhoneConfig = {
-    enabled: boolean;
-    verificationRequired: boolean;
-    otpLength: number;
-    otpExpiresIn: string;
-    maxAttempts: number;
-    smsConfig: SMSConfig;
-};
-type SessionConfig = {
-    expiresIn: string;
-    maxPerUser?: number;
-};
-type AuthConfig = {
-    connectionString: string;
-    secret: string;
-    basePath?: string;
-    enableTenant?: boolean;
-    tenantId?: string;
-    session: SessionConfig;
-    email: EmailConfig;
-    phone: PhoneConfig;
-};
-
-export type { AuthConfig as A, Session as S, User as U };

package/dist/lib/jwt.d.ts

@@ -1,15 +0,0 @@
-type TokenPayload = {
-    userId: string;
-    sessionId: string;
-    tenantId: string;
-    type: 'access';
-};
-declare const signAccessToken: (payload: TokenPayload, secret: string, ttlMinutes?: number) => {
-    token: string;
-    expiresAt: string;
-};
-declare const verifyAccessToken: (token: string, secret: string) => (TokenPayload & {
-    exp: number;
-}) | null;
-
-export { type TokenPayload, signAccessToken, verifyAccessToken };

package/dist/lib/jwt.js

@@ -1,25 +0,0 @@
-// src/lib/jwt.ts
-import { dayjs } from "@mesob/common";
-import jwt from "jsonwebtoken";
-var signAccessToken = (payload, secret, ttlMinutes = 15) => {
-  const exp = dayjs().add(ttlMinutes, "minute").unix();
-  const token = jwt.sign({ ...payload, exp }, secret, {
-    algorithm: "HS256"
-  });
-  return {
-    token,
-    expiresAt: dayjs.unix(exp).toISOString()
-  };
-};
-var verifyAccessToken = (token, secret) => {
-  try {
-    return jwt.verify(token, secret);
-  } catch (_err) {
-    return null;
-  }
-};
-export {
-  signAccessToken,
-  verifyAccessToken
-};
-//# sourceMappingURL=jwt.js.map

package/dist/lib/jwt.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/lib/jwt.ts"],"sourcesContent":["import { dayjs } from '@mesob/common';\nimport jwt from 'jsonwebtoken';\n\nexport type TokenPayload = {\n  userId: string;\n  sessionId: string;\n  tenantId: string;\n  type: 'access';\n};\n\nexport const signAccessToken = (\n  payload: TokenPayload,\n  secret: string,\n  ttlMinutes = 15,\n) => {\n  const exp = dayjs().add(ttlMinutes, 'minute').unix();\n  const token = jwt.sign({ ...payload, exp }, secret, {\n    algorithm: 'HS256',\n  });\n  return {\n    token,\n    expiresAt: dayjs.unix(exp).toISOString(),\n  };\n};\n\nexport const verifyAccessToken = (token: string, secret: string) => {\n  try {\n    return jwt.verify(token, secret) as TokenPayload & { exp: number };\n  } catch (_err) {\n    return null;\n  }\n};\n"],"mappings":";AAAA,SAAS,aAAa;AACtB,OAAO,SAAS;AAST,IAAM,kBAAkB,CAC7B,SACA,QACA,aAAa,OACV;AACH,QAAM,MAAM,MAAM,EAAE,IAAI,YAAY,QAAQ,EAAE,KAAK;AACnD,QAAM,QAAQ,IAAI,KAAK,EAAE,GAAG,SAAS,IAAI,GAAG,QAAQ;AAAA,IAClD,WAAW;AAAA,EACb,CAAC;AACD,SAAO;AAAA,IACL;AAAA,IACA,WAAW,MAAM,KAAK,GAAG,EAAE,YAAY;AAAA,EACzC;AACF;AAEO,IAAM,oBAAoB,CAAC,OAAe,WAAmB;AAClE,MAAI;AACF,WAAO,IAAI,OAAO,OAAO,MAAM;AAAA,EACjC,SAAS,MAAM;AACb,WAAO;AAAA,EACT;AACF;","names":[]}