@mindfulauth/core 1.0.0 → 1.0.2

package/README.md

@@ -2,53 +2,7 @@
 
 Core authentication library for Mindful Auth, designed for Astro applications.
 
-## Installation
-
-```bash
-npm install @mindful-auth/core
-```
-
-## Usage
-
-### Set up middleware
-
-In your `src/middleware.ts`:
-
-```typescript
-export { onRequest } from '@mindful-auth/core/middleware';
-```
-
-### Handle auth routes
-
-In your `src/pages/auth/[...slug].ts`:
-
-```typescript
-import { handleAuthGet, handleAuthPost } from '@mindful-auth/core/auth-handler';
-
-export async function GET(context: APIContext) {
-  const { params, request, url, locals } = context;
-  return handleAuthGet(params.slug || '', request, url, locals);
-}
-
-export async function POST(context: APIContext) {
-  const { params, request, url, locals } = context;
-  return handleAuthPost(params.slug || '', request, url, locals);
-}
-```
-
-### Configure your application
-
-You can customize the configuration by importing and modifying values:
-
-```typescript
-import { CENTRAL_AUTH_ORIGIN, PUBLIC_ROUTES } from '@mindful-auth/core/config';
-```
-
-## Environment Variables
-
-Set the following environment variable (required):
-
-- `INTERNAL_API_KEY`: Your Mindful Auth API key
+Install Mindful Auth Astro template here https://docs.mindfulauth.com/guides/frontend/astro/astro-setup/
 
 ## Features
 

package/dist/auth-handler.js

@@ -20,7 +20,7 @@ function buildProxyHeaders(request, tenantDomain, apiKey) {
         request.headers.get('x-forwarded-for')?.split(',')[0]?.trim() ||
         request.headers.get('x-real-ip');
     if (clientIp)
-        headers['X-Forwarded-For'] = clientIp;
+        headers['X-Original-Client-IP'] = clientIp;
     const userAgent = request.headers.get('user-agent');
     if (userAgent)
         headers['User-Agent'] = userAgent;

package/dist/auth.js

@@ -17,7 +17,7 @@ export async function validateSession(request, tenantDomain, pathname, internalA
                 'Content-Type': 'application/json',
                 'X-Tenant-Domain': tenantDomain,
                 'X-Internal-Api-Key': internalApiKey,
-                ...(clientIp && { 'X-Forwarded-For': clientIp }),
+                ...(clientIp && { 'X-Original-Client-IP': clientIp }),
                 ...(request.headers.get('user-agent') && { 'User-Agent': request.headers.get('user-agent') })
             },
             body: JSON.stringify({ sessionId, requestedUrl: pathname }),

package/dist/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,mBAAmB,gCAAgC,CAAC;AACjE,eAAO,MAAM,UAAU,gCAAgC,CAAC;AACxD,eAAO,MAAM,oBAAoB,UAAkB,CAAC;AACpD,eAAO,MAAM,mBAAmB,UAAU,CAAC;AAC3C,eAAO,MAAM,qBAAqB,QAAQ,CAAC;AAC3C,eAAO,MAAM,6BAA6B,QAAQ,CAAC;AAMnD,eAAO,MAAM,WAAW,UAA+D,CAAC;AAKxF,eAAO,MAAM,aAAa,UAQzB,CAAC;AAKF,eAAO,MAAM,eAAe,UAM3B,CAAC;AAaF,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAoBnD,CAAC"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,mBAAmB,gCAAgC,CAAC;AACjE,eAAO,MAAM,UAAU,gCAAgC,CAAC;AACxD,eAAO,MAAM,oBAAoB,UAAkB,CAAC;AACpD,eAAO,MAAM,mBAAmB,UAAU,CAAC;AAC3C,eAAO,MAAM,qBAAqB,QAAQ,CAAC;AAC3C,eAAO,MAAM,6BAA6B,QAAQ,CAAC;AAMnD,eAAO,MAAM,WAAW,UAA+D,CAAC;AAKxF,eAAO,MAAM,aAAa,UAQzB,CAAC;AAKF,eAAO,MAAM,eAAe,UAO3B,CAAC;AAaF,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAoBnD,CAAC"}

package/dist/config.js

@@ -31,6 +31,7 @@ export const PUBLIC_PREFIXES = [
     '/reset-password/',
     '/verify-email/',
     '/verify-magic-link/',
+    '/api/public/', // Public API routes (e.g. for webhooks)
 ];
 // Security headers for all HTML responses
 // ⚠️ IMPORTANT: Do not remove the following domains from the CSP - they are critical for authentication:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mindfulauth/core",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "Mindful Auth core authentication library for Astro",
   "type": "module",
   "main": "./dist/index.js",