@mulverse/mulguard-core 1.0.0

package/types.d.ts

@@ -0,0 +1,309 @@
+/**
+ *
+ * This module contains public types and interfaces of the core package.
+ *
+ * ## Installation
+ *
+ * ```bash npm2yarn
+ * npm install @auth/core
+ * ```
+ *
+ * You can then import this submodule from `@auth/core/types`.
+ *
+ * ## Usage
+ *
+ * Even if you don't use TypeScript, IDEs like VS Code will pick up types to provide you with a better developer experience.
+ * While you are typing, you will get suggestions about what certain objects/functions look like,
+ * and sometimes links to documentation, examples, and other valuable resources.
+ *
+ * Generally, you will not need to import types from this module.
+ * Mostly when using the `Auth` function and optionally the `AuthConfig` interface,
+ * everything inside there will already be typed.
+ *
+ * :::tip
+ * Inside the `Auth` function, you won't need to use a single type from this module.
+ *
+ * @example
+ * ```ts title=index.ts
+ * import { Auth } from "@auth/core"
+ *
+ * const request = new Request("https://example.com")
+ * const response = await Auth(request, {
+ *   callbacks: {
+ *     jwt(): JWT { // <-- This is unnecessary!
+ *       return { foo: "bar" }
+ *     },
+ *     session(
+ *        { session, token }: { session: Session; token: JWT } // <-- This is unnecessary!
+ *     ) {
+ *       return session
+ *     },
+ *   }
+ * })
+ * ```
+ * :::
+ *
+ * ## Resources
+ *
+ * - [TypeScript - The Basics](https://www.typescriptlang.org/docs/handbook/2/basic-types.html)
+ * - [Extending built-in types](https://authjs.dev/getting-started/typescript#module-augmentation)
+ *
+ * @module types
+ */
+import type { SerializeOptions } from "./lib/vendored/cookie.js";
+import type { TokenEndpointResponse } from "oauth4webapi";
+import type { Cookie } from "./lib/utils/cookie.js";
+import type { LoggerInstance } from "./lib/utils/logger.js";
+import type { WarningCode } from "./warnings.js";
+import type { ProviderType } from "./providers/index.js";
+export type { WebAuthnOptionsResponseBody } from "./lib/utils/webauthn-utils.js";
+export type { AuthConfig } from "./index.js";
+export type { LoggerInstance, WarningCode };
+export type Awaitable<T> = T | PromiseLike<T>;
+export type Awaited<T> = T extends Promise<infer U> ? U : T;
+export type SemverString = `v${number}` | `v${number}.${number}` | `v${number}.${number}.${number}`;
+/**
+ * Change the theme of the built-in pages.
+ *
+ * [Documentation](https://authjs.dev/reference/core#theme) |
+ * [Pages](https://authjs.dev/guides/pages/signin)
+ */
+export interface Theme {
+    colorScheme?: "auto" | "dark" | "light";
+    logo?: string;
+    brandColor?: string;
+    buttonText?: string;
+}
+/**
+ * Different tokens returned by OAuth Providers.
+ * Some of them are available with different casing,
+ * but they refer to the same value.
+ */
+export type TokenSet = Partial<TokenEndpointResponse> & {
+    /**
+     * Date of when the `access_token` expires in seconds.
+     * This value is calculated from the `expires_in` value.
+     *
+     * @see https://www.ietf.org/rfc/rfc6749.html#section-4.2.2
+     */
+    expires_at?: number;
+};
+/**
+ * Usually contains information about the provider being used
+ * and also extends `TokenSet`, which is different tokens returned by OAuth Providers.
+ */
+export interface Account extends Partial<TokenEndpointResponse> {
+    /** Provider's id for this account. E.g. "google". See the full list at https://authjs.dev/reference/core/providers */
+    provider: string;
+    /**
+     * This value depends on the type of the provider being used to create the account.
+     * - oauth/oidc: The OAuth account's id, returned from the `profile()` callback.
+     * - email: The user's email address.
+     * - credentials: `id` returned from the `authorize()` callback
+     */
+    providerAccountId: string;
+    /** Provider's type for this account */
+    type: ProviderType;
+    /**
+     * id of the user this account belongs to
+     *
+     * @see https://authjs.dev/reference/core/adapters#adapteruser
+     */
+    userId?: string;
+    /**
+     * Calculated value based on {@link TokenEndpointResponse.expires_in}.
+     *
+     * It is the absolute timestamp (in seconds) when the {@link TokenEndpointResponse.access_token} expires.
+     *
+     * This value can be used for implementing token rotation together with {@link TokenEndpointResponse.refresh_token}.
+     *
+     * @see https://authjs.dev/guides/refresh-token-rotation#database-strategy
+     * @see https://www.rfc-editor.org/rfc/rfc6749#section-5.1
+     */
+    expires_at?: number;
+}
+/**
+ * The user info returned from your OAuth provider.
+ *
+ * @see https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
+ */
+export interface Profile {
+    id?: string | null;
+    sub?: string | null;
+    name?: string | null;
+    given_name?: string | null;
+    family_name?: string | null;
+    middle_name?: string | null;
+    nickname?: string | null;
+    preferred_username?: string | null;
+    profile?: string | null;
+    picture?: string | null | any;
+    website?: string | null;
+    email?: string | null;
+    email_verified?: boolean | null;
+    gender?: string | null;
+    birthdate?: string | null;
+    zoneinfo?: string | null;
+    locale?: string | null;
+    phone_number?: string | null;
+    updated_at?: Date | string | number | null;
+    address?: {
+        formatted?: string | null;
+        street_address?: string | null;
+        locality?: string | null;
+        region?: string | null;
+        postal_code?: string | null;
+        country?: string | null;
+    } | null;
+    [claim: string]: unknown;
+}
+/** [Documentation](https://authjs.dev/reference/core#cookies) */
+export interface CookieOption {
+    name: string;
+    options: SerializeOptions;
+}
+/** [Documentation](https://authjs.dev/reference/core#cookies) */
+export interface CookiesOptions {
+    sessionToken: Partial<CookieOption>;
+    callbackUrl: Partial<CookieOption>;
+    csrfToken: Partial<CookieOption>;
+    pkceCodeVerifier: Partial<CookieOption>;
+    state: Partial<CookieOption>;
+    nonce: Partial<CookieOption>;
+    webauthnChallenge: Partial<CookieOption>;
+}
+/** TODO: Check if all these are used/correct */
+export type ErrorPageParam = "Configuration" | "AccessDenied" | "Verification";
+/** TODO: Check if all these are used/correct */
+export type SignInPageErrorParam = "Signin" | "OAuthSignin" | "OAuthCallbackError" | "OAuthCreateAccount" | "EmailCreateAccount" | "Callback" | "OAuthAccountNotLinked" | "EmailSignin" | "CredentialsSignin" | "SessionRequired";
+export interface PagesOptions {
+    /**
+     * The path to the sign in page.
+     *
+     * The optional "error" query parameter is set to
+     * one of the {@link SignInPageErrorParam available} values.
+     *
+     * @default "/signin"
+     */
+    signIn: string;
+    signOut: string;
+    /**
+     * The path to the error page.
+     *
+     * The optional "error" query parameter is set to
+     * one of the {@link ErrorPageParam available} values.
+     *
+     * @default "/error"
+     */
+    error: string;
+    verifyRequest: string;
+    /** If set, new users will be directed here on first sign in */
+    newUser: string;
+}
+type ISODateString = string;
+export interface DefaultSession {
+    user?: User;
+    expires: ISODateString;
+}
+/** The active session of the logged in user. */
+export interface Session extends DefaultSession {
+}
+export interface DefaultUser {
+    id?: string;
+    name?: string | null;
+    email?: string | null;
+    image?: string | null;
+}
+/**
+ * The shape of the returned object in the OAuth providers' `profile` callback,
+ * available in the `jwt` and `session` callbacks,
+ * or the second parameter of the `session` callback, when using a database.
+ */
+export interface User extends DefaultUser {
+}
+export interface PublicProvider {
+    id: string;
+    name: string;
+    type: string;
+    signinUrl: string;
+    callbackUrl: string;
+}
+/**
+ * Supported actions by Auth.js. Each action map to a REST API endpoint.
+ * Some actions have a `GET` and `POST` variant, depending on if the action
+ * changes the state of the server.
+ *
+ * - **`"callback"`**:
+ *   - **`GET`**: Handles the callback from an [OAuth provider](https://authjs.dev/reference/core/providers#oauth2configprofile).
+ *   - **`POST`**: Handles the callback from a [Credentials provider](https://authjs.dev/getting-started/providers/credentials#credentialsconfigcredentialsinputs).
+ * - **`"csrf"`**: Returns the raw CSRF token, which is saved in a cookie (encrypted).
+ * It is used for CSRF protection, implementing the [double submit cookie](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie) technique.
+ * :::note
+ * Some frameworks have built-in CSRF protection and can therefore disable this action. In this case, the corresponding endpoint will return a 404 response. Read more at [`skipCSRFCheck`](https://authjs.dev/reference/core#skipcsrfcheck).
+ * _⚠ We don't recommend manually disabling CSRF protection, unless you know what you're doing._
+ * :::
+ * - **`"error"`**: Renders the built-in error page.
+ * - **`"providers"`**: Returns a client-safe list of all configured providers.
+ * - **`"session"`**:
+ *   - **`GET`**: Returns the user's session if it exists, otherwise `null`.
+ *   - **`POST`**: Updates the user's session and returns the updated session.
+ * - **`"signin"`**:
+ *   - **`GET`**: Renders the built-in sign-in page.
+ *   - **`POST`**: Initiates the sign-in flow.
+ * - **`"signout"`**:
+ *   - **`GET`**: Renders the built-in sign-out page.
+ *   - **`POST`**: Initiates the sign-out flow. This will invalidate the user's session (deleting the cookie, and if there is a session in the database, it will be deleted as well).
+ * - **`"verify-request"`**: Renders the built-in verification request page.
+ * - **`"webauthn-options"`**:
+ *   - **`GET`**: Returns the options for the WebAuthn authentication and registration flows.
+ */
+export type AuthAction = "callback" | "csrf" | "error" | "providers" | "session" | "signin" | "signout" | "verify-request" | "webauthn-options";
+export interface ResponseInternal<Body extends string | Record<string, any> | any[] | null = any> {
+    status?: number;
+    headers?: Headers | HeadersInit;
+    body?: Body;
+    redirect?: string;
+    cookies?: Cookie[];
+}
+/**
+ * A webauthn authenticator.
+ * Represents an entity capable of authenticating the account it references,
+ * and contains the auhtenticator's credentials and related information.
+ *
+ * @see https://www.w3.org/TR/webauthn/#authenticator
+ */
+export interface Authenticator {
+    /**
+     * ID of the user this authenticator belongs to.
+     */
+    userId?: string;
+    /**
+     * The provider account ID connected to the authenticator.
+     */
+    providerAccountId: string;
+    /**
+     * Number of times the authenticator has been used.
+     */
+    counter: number;
+    /**
+     * Whether the client authenticator backed up the credential.
+     */
+    credentialBackedUp: boolean;
+    /**
+     * Base64 encoded credential ID.
+     */
+    credentialID: string;
+    /**
+     * Base64 encoded credential public key.
+     */
+    credentialPublicKey: string;
+    /**
+     * Concatenated transport flags.
+     */
+    transports?: string | null;
+    /**
+     * Device type of the authenticator.
+     */
+    credentialDeviceType: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["src/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmDG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAA;AAChE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAA;AAIzD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAA;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AAC3D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAA;AAChD,OAAO,KAAK,EAKV,YAAY,EACb,MAAM,sBAAsB,CAAA;AAM7B,YAAY,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAA;AAChF,YAAY,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAC5C,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,CAAA;AAC3C,MAAM,MAAM,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;AAC7C,MAAM,MAAM,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;AAE3D,MAAM,MAAM,YAAY,GACpB,IAAI,MAAM,EAAE,GACZ,IAAI,MAAM,IAAI,MAAM,EAAE,GACtB,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,CAAA;AAEpC;;;;;GAKG;AACH,MAAM,WAAW,KAAK;IACpB,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAA;IACvC,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED;;;;GAIG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,CAAC,qBAAqB,CAAC,GAAG;IACtD;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED;;;GAGG;AACH,MAAM,WAAW,OAAQ,SAAQ,OAAO,CAAC,qBAAqB,CAAC;IAC7D,sHAAsH;IACtH,QAAQ,EAAE,MAAM,CAAA;IAChB;;;;;OAKG;IACH,iBAAiB,EAAE,MAAM,CAAA;IACzB,uCAAuC;IACvC,IAAI,EAAE,YAAY,CAAA;IAClB;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IACf;;;;;;;;;OASG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED;;;;GAIG;AACH,MAAM,WAAW,OAAO;IACtB,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAClB,GAAG,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACnB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAClC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,GAAG,CAAA;IAC7B,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,cAAc,CAAC,EAAE,OAAO,GAAG,IAAI,CAAA;IAC/B,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACtB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACtB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,UAAU,CAAC,EAAE,IAAI,GAAG,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;IAC1C,OAAO,CAAC,EAAE;QACR,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;QACzB,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;QAC9B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;QACxB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;QACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;QAC3B,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;KACxB,GAAG,IAAI,CAAA;IACR,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAA;CACzB;AAED,iEAAiE;AACjE,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,gBAAgB,CAAA;CAC1B;AAED,iEAAiE;AACjE,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IACnC,WAAW,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IAClC,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IACvC,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IAC5B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IAC5B,iBAAiB,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;CACzC;AAED,gDAAgD;AAChD,MAAM,MAAM,cAAc,GAAG,eAAe,GAAG,cAAc,GAAG,cAAc,CAAA;AAE9E,gDAAgD;AAChD,MAAM,MAAM,oBAAoB,GAC5B,QAAQ,GACR,aAAa,GACb,oBAAoB,GACpB,oBAAoB,GACpB,oBAAoB,GACpB,UAAU,GACV,uBAAuB,GACvB,aAAa,GACb,mBAAmB,GACnB,iBAAiB,CAAA;AAErB,MAAM,WAAW,YAAY;IAC3B;;;;;;;OAOG;IACH,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,MAAM,CAAA;IACf;;;;;;;OAOG;IACH,KAAK,EAAE,MAAM,CAAA;IACb,aAAa,EAAE,MAAM,CAAA;IACrB,+DAA+D;IAC/D,OAAO,EAAE,MAAM,CAAA;CAChB;AAED,KAAK,aAAa,GAAG,MAAM,CAAA;AAE3B,MAAM,WAAW,cAAc;IAC7B,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,OAAO,EAAE,aAAa,CAAA;CACvB;AAED,gDAAgD;AAChD,MAAM,WAAW,OAAQ,SAAQ,cAAc;CAAG;AAElD,MAAM,WAAW,WAAW;IAC1B,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACtB;AAED;;;;GAIG;AACH,MAAM,WAAW,IAAK,SAAQ,WAAW;CAAG;AAqB5C,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,EAAE,MAAM,CAAA;CACpB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,MAAM,UAAU,GAClB,UAAU,GACV,MAAM,GACN,OAAO,GACP,WAAW,GACX,SAAS,GACT,QAAQ,GACR,SAAS,GACT,gBAAgB,GAChB,kBAAkB,CAAA;AAgBtB,MAAM,WAAW,gBAAgB,CAC/B,IAAI,SAAS,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,EAAE,GAAG,IAAI,GAAG,GAAG;IAE9D,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,OAAO,CAAC,EAAE,OAAO,GAAG,WAAW,CAAA;IAC/B,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CACnB;AAED;;;;;;GAMG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IACf;;OAEG;IACH,iBAAiB,EAAE,MAAM,CAAA;IACzB;;OAEG;IACH,OAAO,EAAE,MAAM,CAAA;IACf;;OAEG;IACH,kBAAkB,EAAE,OAAO,CAAA;IAC3B;;OAEG;IACH,YAAY,EAAE,MAAM,CAAA;IACpB;;OAEG;IACH,mBAAmB,EAAE,MAAM,CAAA;IAC3B;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B;;OAEG;IACH,oBAAoB,EAAE,MAAM,CAAA;CAC7B"}

package/types.js

@@ -0,0 +1,53 @@
+/**
+ *
+ * This module contains public types and interfaces of the core package.
+ *
+ * ## Installation
+ *
+ * ```bash npm2yarn
+ * npm install @auth/core
+ * ```
+ *
+ * You can then import this submodule from `@auth/core/types`.
+ *
+ * ## Usage
+ *
+ * Even if you don't use TypeScript, IDEs like VS Code will pick up types to provide you with a better developer experience.
+ * While you are typing, you will get suggestions about what certain objects/functions look like,
+ * and sometimes links to documentation, examples, and other valuable resources.
+ *
+ * Generally, you will not need to import types from this module.
+ * Mostly when using the `Auth` function and optionally the `AuthConfig` interface,
+ * everything inside there will already be typed.
+ *
+ * :::tip
+ * Inside the `Auth` function, you won't need to use a single type from this module.
+ *
+ * @example
+ * ```ts title=index.ts
+ * import { Auth } from "@auth/core"
+ *
+ * const request = new Request("https://example.com")
+ * const response = await Auth(request, {
+ *   callbacks: {
+ *     jwt(): JWT { // <-- This is unnecessary!
+ *       return { foo: "bar" }
+ *     },
+ *     session(
+ *        { session, token }: { session: Session; token: JWT } // <-- This is unnecessary!
+ *     ) {
+ *       return session
+ *     },
+ *   }
+ * })
+ * ```
+ * :::
+ *
+ * ## Resources
+ *
+ * - [TypeScript - The Basics](https://www.typescriptlang.org/docs/handbook/2/basic-types.html)
+ * - [Extending built-in types](https://authjs.dev/getting-started/typescript#module-augmentation)
+ *
+ * @module types
+ */
+export {};

package/warnings.d.ts

@@ -0,0 +1,17 @@
+/**
+ * - `debug-enabled`: The `debug` option was evaluated to `true`. It adds extra logs in the terminal which is useful in development,
+ *   but since it can print sensitive information about users, make sure to set this to `false` in production.
+ *   In Node.js environments, you can for example set `debug: process.env.NODE_ENV !== "production"`.
+ *   Consult with your runtime/framework on how to set this value correctly.
+ * - `csrf-disabled`: You were trying to get a CSRF response from Auth.js (eg.: by calling a `/csrf` endpoint),
+ *   but in this setup, CSRF protection via Auth.js was turned off. This is likely if you are not directly using `@auth/core`
+ *   but a framework library (like `@auth/sveltekit`) that already has CSRF protection built-in. You likely won't need the CSRF response.
+ * - `env-url-basepath-redundant`: `AUTH_URL` (or `NEXTAUTH_URL`) and `authConfig.basePath` are both declared. This is a configuration mistake - you should either remove the `authConfig.basePath` configuration,
+ *   or remove the `pathname` of `AUTH_URL` (or `NEXTAUTH_URL`). Only one of them is needed.
+ * - `env-url-basepath-mismatch`: `AUTH_URL` (or `NEXTAUTH_URL`) and `authConfig.basePath` are both declared, but they don't match. This is a configuration mistake.
+ *   `@auth/core` will use `basePath` to construct the full URL to the corresponding action (/signin, /signout, etc.) in this case.
+ * - `experimental-webauthn`: Experimental WebAuthn feature is enabled.
+ *
+ */
+export type WarningCode = "debug-enabled" | "csrf-disabled" | "env-url-basepath-redundant" | "env-url-basepath-mismatch" | "experimental-webauthn";
+//# sourceMappingURL=warnings.d.ts.map

package/warnings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"warnings.d.ts","sourceRoot":"","sources":["src/warnings.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,eAAe,GACf,4BAA4B,GAC5B,2BAA2B,GAC3B,uBAAuB,CAAA"}

package/warnings.js

@@ -0,0 +1 @@
+export {};