@naman_deep_singh/security 1.5.1 → 1.7.0

package/dist/{esm/core/jwt/jwtManager.d.ts → types/core/jwt/JWTManager.d.ts}

@@ -1,5 +1,5 @@
 import { type JwtPayload, type Secret } from 'jsonwebtoken';
-import type { AccessToken, ITokenManager, JWTConfig, RefreshToken, TokenPair } from '../../interfaces/jwt.interface';
+import type { AccessToken, ITokenManager, JWTConfig, RefreshToken, TokenPair } from '../../interfaces/jwt.interface.js';
 export declare class JWTManager implements ITokenManager {
     private accessSecret;
     private refreshSecret;

package/dist/types/core/jwt/generateTokens.d.ts

@@ -1,4 +1,4 @@
 import type { Secret } from 'jsonwebtoken';
-import type { RefreshToken, TokenPair } from './types';
+import type { RefreshToken, TokenPair } from './types.js';
 export declare const generateTokens: (payload: Record<string, unknown>, accessSecret: Secret, refreshSecret: Secret, accessExpiry?: string | number, refreshExpiry?: string | number) => TokenPair;
 export declare function rotateRefreshToken(oldToken: string, secret: Secret): RefreshToken;

package/dist/types/core/jwt/index.d.ts

@@ -1,8 +1,9 @@
-export * from './decode';
-export * from './extractToken';
-export * from './generateTokens';
-export * from './parseDuration';
-export * from './signToken';
-export * from './types';
-export * from './validateToken';
-export * from './verify';
+export { decodeToken, decodeTokenStrict } from './decode.js';
+export { extractToken, type TokenSources } from './extractToken.js';
+export { generateTokens, rotateRefreshToken } from './generateTokens.js';
+export { parseDuration } from './parseDuration.js';
+export { signToken } from './signToken.js';
+export { type AccessToken, type RefreshToken, type TokenPair, type VerificationResult, type TokenValidationOptions, } from './types.js';
+export { validateTokenPayload, isTokenExpired, type TokenRequirements, } from './validateToken.js';
+export { verifyToken, verifyTokenWithOptions, safeVerifyToken, safeVerifyTokenWithOptions, } from './verify.js';
+export { JWTManager } from './JWTManager.js';

package/dist/types/core/jwt/verify.d.ts

@@ -1,5 +1,5 @@
 import { type JwtPayload, type Secret, type VerifyOptions } from 'jsonwebtoken';
-import type { VerificationResult } from './types';
+import type { VerificationResult } from './types.js';
 /**
  * Verify token (throws UnauthorizedError if invalid or expired)
  */

package/dist/types/core/password/{passwordManager.d.ts → PasswordManager.d.ts}

@@ -1,4 +1,4 @@
-import type { HashedPassword, IPasswordManager, PasswordConfig, PasswordStrength, PasswordValidationResult } from '../../interfaces/password.interface';
+import type { HashedPassword, IPasswordManager, PasswordConfig, PasswordStrength, PasswordValidationResult } from '../../interfaces/password.interface.js';
 export declare class PasswordManager implements IPasswordManager {
     private defaultConfig;
     constructor(config?: PasswordConfig);

package/dist/types/core/password/index.d.ts

@@ -1,3 +1,6 @@
-export * from './hash';
-export * from './strength';
-export * from './verify';
+export { hashPassword, hashPasswordWithPepper, hashPasswordSync, hashPasswordWithPepperSync, } from './hash.js';
+export { isPasswordStrong } from './strength.js';
+export { verifyPassword, verifyPasswordWithPepper, verifyPasswordSync, verifyPasswordWithPepperSync, } from './verify.js';
+export { PasswordManager } from './PasswordManager.js';
+export { type PasswordStrengthOptions } from './types.js';
+export { ensureValidPassword, safeCompare, estimatePasswordEntropy, normalizePassword, } from './utils.js';

package/dist/types/core/password/strength.d.ts

@@ -1,2 +1,2 @@
-import type { PasswordStrengthOptions } from './types';
+import type { PasswordStrengthOptions } from './types.js';
 export declare const isPasswordStrong: (password: string, options?: PasswordStrengthOptions) => boolean;

package/dist/types/index.d.ts

@@ -1,40 +1 @@
-export * from './core/password';
-export * from './core/jwt';
-export * from './core/crypto';
-export { BadRequestError, UnauthorizedError, ValidationError, InternalServerError, } from '@naman_deep_singh/errors-utils';
-import * as CryptoUtils from './core/crypto';
-import * as JWTUtils from './core/jwt';
-declare const _default: {
-    decrypt: (data: string, secret: string) => string;
-    encrypt: (text: string, secret: string) => string;
-    hmacSign: (message: string, secret: string) => string;
-    hmacVerify: (message: string, secret: string, signature: string) => boolean;
-    randomToken: (length?: number) => string;
-    generateStrongPassword: (length?: number) => string;
-    CryptoManager: typeof CryptoUtils.CryptoManager;
-    createCryptoManager: (config?: CryptoUtils.CryptoManagerConfig) => CryptoUtils.CryptoManager;
-    cryptoManager: CryptoUtils.CryptoManager;
-    decodeToken(token: string): null | string | import("node_modules/@types/jsonwebtoken").JwtPayload;
-    decodeTokenStrict(token: string): import("node_modules/@types/jsonwebtoken").JwtPayload;
-    extractToken(sources: JWTUtils.TokenSources): string | null;
-    rotateRefreshToken(oldToken: string, secret: import("node_modules/@types/jsonwebtoken").Secret): JWTUtils.RefreshToken;
-    generateTokens: (payload: Record<string, unknown>, accessSecret: import("node_modules/@types/jsonwebtoken").Secret, refreshSecret: import("node_modules/@types/jsonwebtoken").Secret, accessExpiry?: string | number, refreshExpiry?: string | number) => JWTUtils.TokenPair;
-    parseDuration(input: string | number): number;
-    signToken: (payload: Record<string, unknown>, secret: import("node_modules/@types/jsonwebtoken").Secret, expiresIn?: string | number, options?: import("node_modules/@types/jsonwebtoken").SignOptions) => string;
-    validateTokenPayload(payload: Record<string, unknown>, rules?: JWTUtils.TokenRequirements): void;
-    isTokenExpired(payload: import("node_modules/@types/jsonwebtoken").JwtPayload): boolean;
-    verifyToken: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret) => string | import("node_modules/@types/jsonwebtoken").JwtPayload;
-    verifyTokenWithOptions: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret, options?: import("node_modules/@types/jsonwebtoken").VerifyOptions) => string | import("node_modules/@types/jsonwebtoken").JwtPayload;
-    safeVerifyToken: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret) => JWTUtils.VerificationResult;
-    safeVerifyTokenWithOptions: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret, options?: import("node_modules/@types/jsonwebtoken").VerifyOptions) => JWTUtils.VerificationResult;
-    hashPasswordWithPepper(password: string, pepper: string): Promise<string>;
-    hashPasswordWithPepperSync(password: string, pepper: string): string;
-    hashPassword: (password: string, saltRounds?: number) => Promise<string>;
-    hashPasswordSync: (password: string, saltRounds?: number) => string;
-    isPasswordStrong: (password: string, options?: import("./core/password/types").PasswordStrengthOptions) => boolean;
-    verifyPasswordWithPepper(password: string, pepper: string, hash: string): Promise<boolean>;
-    verifyPasswordWithPepperSync(password: string, pepper: string, hash: string): Promise<boolean>;
-    verifyPassword: (password: string, hash: string) => Promise<boolean>;
-    verifyPasswordSync: (password: string, hash: string) => boolean;
-};
-export default _default;
+export * from './core/index.js';

package/dist/types/interfaces/index.d.ts

@@ -0,0 +1,2 @@
+export type { AccessToken, RefreshToken, TokenPair, JWTConfig, TokenValidationOptions, TokenGenerationOptions, ITokenManager, } from './jwt.interface.js';
+export type { PasswordConfig, PasswordRule, PasswordStrength, PasswordValidationResult, HashedPassword, IPasswordManager, IPasswordStrengthChecker, } from './password.interface.js';

package/package.json

@@ -1,15 +1,41 @@
 {
   "name": "@naman_deep_singh/security",
-  "version": "1.5.1",
+  "version": "1.7.0",
   "description": "Security utilities for password hashing and JWT token management with TypeScript",
   "type": "module",
   "main": "./dist/cjs/index.js",
   "module": "./dist/esm/index.js",
+  "types": "./dist/types/index.d.ts",
   "exports": {
     ".": {
       "import": "./dist/esm/index.js",
       "require": "./dist/cjs/index.js",
       "types": "./dist/types/index.d.ts"
+    },
+    "./core": {
+      "import": "./dist/esm/core/index.js",
+      "require": "./dist/cjs/core/index.js",
+      "types": "./dist/types/core/index.d.ts"
+    },
+    "./core/crypto": {
+      "import": "./dist/esm/core/crypto/index.js",
+      "require": "./dist/cjs/core/crypto/index.js",
+      "types": "./dist/types/core/crypto/index.d.ts"
+    },
+    "./core/jwt": {
+      "import": "./dist/esm/core/jwt/index.js",
+      "require": "./dist/cjs/core/jwt/index.js",
+      "types": "./dist/types/core/jwt/index.d.ts"
+    },
+    "./core/password": {
+      "import": "./dist/esm/core/password/index.js",
+      "require": "./dist/cjs/core/password/index.js",
+      "types": "./dist/types/core/password/index.d.ts"
+    },
+    "./interfaces": {
+      "import": "./dist/esm/interfaces/index.js",
+      "require": "./dist/cjs/interfaces/index.js",
+      "types": "./dist/types/interfaces/index.d.ts"
     }
   },
   "sideEffects": false,
@@ -28,8 +54,8 @@
   "author": "Naman Deep Singh",
   "license": "ISC",
   "dependencies": {
-    "@naman_deep_singh/errors-utils": "^1.4.2",
-    "@naman_deep_singh/js-extensions": "^1.4.0",
+    "@naman_deep_singh/errors": "^2.3.0",
+    "@naman_deep_singh/utils": "^2.4.0",
     "bcryptjs": "^3.0.3",
     "jsonwebtoken": "^9.0.2"
   },
@@ -39,9 +65,12 @@
     "rimraf": "^5.0.5",
     "typescript": "^5.9.3"
   },
+  "publishConfig": {
+    "access": "public"
+  },
   "scripts": {
     "build": "pnpm run build:types && tsc -p tsconfig.cjs.json && tsc -p tsconfig.esm.json",
-    "build:types": "tsc -p tsconfig.base.json --emitDeclarationOnly --outDir dist/types",
+    "build:types": "tsc -p tsconfig.types.json",
     "clean": "rimraf dist"
   }
 }

package/dist/cjs/core/crypto/cryptoManager.d.ts

@@ -1,111 +0,0 @@
-/**
- * Configuration options for CryptoManager
- */
-export interface CryptoManagerConfig {
-    defaultAlgorithm?: string;
-    defaultEncoding?: BufferEncoding;
-    hmacAlgorithm?: string;
-}
-/**
- * CryptoManager - Class-based wrapper for all cryptographic operations
- * Provides a consistent interface for encryption, decryption, HMAC generation, and secure random generation
- */
-export declare class CryptoManager {
-    private config;
-    constructor(config?: CryptoManagerConfig);
-    /**
-     * Update configuration
-     */
-    updateConfig(config: Partial<CryptoManagerConfig>): void;
-    /**
-     * Get current configuration
-     */
-    getConfig(): Required<CryptoManagerConfig>;
-    /**
-     * Encrypt data using the default or specified algorithm
-     */
-    encrypt(plaintext: string, key: string, _options?: {
-        algorithm?: string;
-        encoding?: BufferEncoding;
-        iv?: string;
-    }): string;
-    /**
-     * Decrypt data using the default or specified algorithm
-     */
-    decrypt(encryptedData: string, key: string, _options?: {
-        algorithm?: string;
-        encoding?: BufferEncoding;
-        iv?: string;
-    }): string;
-    /**
-     * Generate HMAC signature
-     */
-    generateHmac(data: string, secret: string, _options?: {
-        algorithm?: string;
-        encoding?: BufferEncoding;
-    }): string;
-    /**
-     * Generate cryptographically secure random bytes
-     */
-    generateSecureRandom(length: number, _encoding?: BufferEncoding): string;
-    /**
-     * Verify HMAC signature
-     */
-    verifyHmac(data: string, secret: string, signature: string, _options?: {
-        algorithm?: string;
-        encoding?: BufferEncoding;
-    }): boolean;
-    /**
-     * Create a key derivation function using PBKDF2
-     */
-    deriveKey(password: string, salt: string, iterations?: number, keyLength?: number): Promise<string>;
-    /**
-     * Hash data using SHA-256
-     */
-    sha256(data: string, encoding?: BufferEncoding): string;
-    /**
-     * Hash data using SHA-512
-     */
-    sha512(data: string, encoding?: BufferEncoding): string;
-    /**
-     * Generate a secure key pair for asymmetric encryption
-     */
-    generateKeyPair(options?: {
-        modulusLength?: number;
-        publicKeyEncoding?: {
-            type: string;
-            format: string;
-        };
-        privateKeyEncoding?: {
-            type: string;
-            format: string;
-        };
-    }): Promise<{
-        publicKey: string;
-        privateKey: string;
-    }>;
-    /**
-     * Encrypt data using RSA public key
-     */
-    rsaEncrypt(data: string, publicKey: string): Promise<string>;
-    /**
-     * Decrypt data using RSA private key
-     */
-    rsaDecrypt(encryptedData: string, privateKey: string): Promise<string>;
-    /**
-     * Create digital signature using RSA private key
-     */
-    rsaSign(data: string, privateKey: string, algorithm?: string): Promise<string>;
-    /**
-     * Verify digital signature using RSA public key
-     */
-    rsaVerify(data: string, signature: string, publicKey: string, algorithm?: string): Promise<boolean>;
-}
-/**
- * Create a CryptoManager instance with default configuration
- */
-export declare const createCryptoManager: (config?: CryptoManagerConfig) => CryptoManager;
-/**
- * Default CryptoManager instance
- */
-export declare const cryptoManager: CryptoManager;

package/dist/cjs/core/crypto/cryptoManager.js

@@ -1,208 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.cryptoManager = exports.createCryptoManager = exports.CryptoManager = void 0;
-const errors_utils_1 = require("@naman_deep_singh/errors-utils");
-const index_1 = require("./index");
-/**
- * Default configuration
- */
-const DEFAULT_CONFIG = {
-    defaultAlgorithm: 'aes-256-gcm',
-    defaultEncoding: 'utf8',
-    hmacAlgorithm: 'sha256',
-};
-/**
- * CryptoManager - Class-based wrapper for all cryptographic operations
- * Provides a consistent interface for encryption, decryption, HMAC generation, and secure random generation
- */
-class CryptoManager {
-    constructor(config = {}) {
-        this.config = { ...DEFAULT_CONFIG, ...config };
-    }
-    /**
-     * Update configuration
-     */
-    updateConfig(config) {
-        this.config = { ...this.config, ...config };
-    }
-    /**
-     * Get current configuration
-     */
-    getConfig() {
-        return { ...this.config };
-    }
-    /**
-     * Encrypt data using the default or specified algorithm
-     */
-    encrypt(plaintext, key, _options) {
-        try {
-            return (0, index_1.encrypt)(plaintext, key);
-        }
-        catch (error) {
-            throw new errors_utils_1.CryptoIntegrityError({
-                reason: 'Encryption failed',
-            }, error instanceof Error ? error : undefined);
-        }
-    }
-    /**
-     * Decrypt data using the default or specified algorithm
-     */
-    decrypt(encryptedData, key, _options) {
-        try {
-            return (0, index_1.decrypt)(encryptedData, key);
-        }
-        catch (error) {
-            throw new errors_utils_1.CryptoIntegrityError({
-                reason: 'Decryption failed',
-            }, error instanceof Error ? error : undefined);
-        }
-    }
-    /**
-     * Generate HMAC signature
-     */
-    generateHmac(data, secret, _options) {
-        // Use the basic HMAC sign function for now
-        // TODO: Add support for different algorithms
-        return (0, index_1.hmacSign)(data, secret);
-    }
-    /**
-     * Generate cryptographically secure random bytes
-     */
-    generateSecureRandom(length, _encoding = 'hex') {
-        // Use the basic random token function
-        return (0, index_1.randomToken)(length);
-    }
-    /**
-     * Verify HMAC signature
-     */
-    verifyHmac(data, secret, signature, _options) {
-        // Use the basic HMAC verify function
-        return (0, index_1.hmacVerify)(data, secret, signature);
-    }
-    /**
-     * Create a key derivation function using PBKDF2
-     */
-    deriveKey(password, salt, iterations = 100000, keyLength = 32) {
-        return new Promise((resolve, reject) => {
-            const crypto = require('crypto');
-            crypto.pbkdf2(password, salt, iterations, keyLength, 'sha256', (error, derivedKey) => {
-                if (error) {
-                    reject(new errors_utils_1.CryptoIntegrityError({
-                        reason: 'Key derivation failed',
-                    }, error instanceof Error ? error : undefined));
-                }
-                else {
-                    resolve(derivedKey.toString('hex'));
-                }
-            });
-        });
-    }
-    /**
-     * Hash data using SHA-256
-     */
-    sha256(data, encoding = 'hex') {
-        const crypto = require('crypto');
-        return crypto.createHash('sha256').update(data).digest(encoding);
-    }
-    /**
-     * Hash data using SHA-512
-     */
-    sha512(data, encoding = 'hex') {
-        const crypto = require('crypto');
-        return crypto.createHash('sha512').update(data).digest(encoding);
-    }
-    /**
-     * Generate a secure key pair for asymmetric encryption
-     */
-    generateKeyPair(options) {
-        return new Promise((resolve, _reject) => {
-            const crypto = require('crypto');
-            const keyPair = crypto.generateKeyPairSync('rsa', {
-                modulusLength: options?.modulusLength || 2048,
-                publicKeyEncoding: options?.publicKeyEncoding || {
-                    type: 'spki',
-                    format: 'pem',
-                },
-                privateKeyEncoding: options?.privateKeyEncoding || {
-                    type: 'pkcs8',
-                    format: 'pem',
-                },
-            });
-            resolve(keyPair);
-        });
-    }
-    /**
-     * Encrypt data using RSA public key
-     */
-    rsaEncrypt(data, publicKey) {
-        return new Promise((resolve, _reject) => {
-            const crypto = require('crypto');
-            const buffer = Buffer.from(data, 'utf8');
-            const encrypted = crypto.publicEncrypt(publicKey, buffer);
-            resolve(encrypted.toString('base64'));
-        });
-    }
-    /**
-     * Decrypt data using RSA private key
-     */
-    rsaDecrypt(encryptedData, privateKey) {
-        return new Promise((resolve, _reject) => {
-            const crypto = require('crypto');
-            const buffer = Buffer.from(encryptedData, 'base64');
-            const decrypted = crypto.privateDecrypt(privateKey, buffer);
-            resolve(decrypted.toString('utf8'));
-        });
-    }
-    /**
-     * Create digital signature using RSA private key
-     */
-    rsaSign(data, privateKey, algorithm = 'sha256') {
-        return new Promise((resolve, reject) => {
-            const crypto = require('crypto');
-            try {
-                const sign = crypto.createSign(algorithm);
-                sign.update(data);
-                sign.end();
-                const signature = sign.sign(privateKey, 'base64');
-                resolve(signature);
-            }
-            catch (error) {
-                reject(new errors_utils_1.CryptoIntegrityError({
-                    reason: 'RSA signing failed',
-                }, error instanceof Error ? error : undefined));
-            }
-        });
-    }
-    /**
-     * Verify digital signature using RSA public key
-     */
-    rsaVerify(data, signature, publicKey, algorithm = 'sha256') {
-        return new Promise((resolve, reject) => {
-            const crypto = require('crypto');
-            try {
-                const verify = crypto.createVerify(algorithm);
-                verify.update(data);
-                verify.end();
-                const isValid = verify.verify(publicKey, signature, 'base64');
-                resolve(isValid);
-            }
-            catch (error) {
-                reject(new errors_utils_1.CryptoIntegrityError({
-                    reason: 'RSA verification failed',
-                }, error instanceof Error ? error : undefined));
-            }
-        });
-    }
-}
-exports.CryptoManager = CryptoManager;
-/**
- * Create a CryptoManager instance with default configuration
- */
-const createCryptoManager = (config) => {
-    return new CryptoManager(config);
-};
-exports.createCryptoManager = createCryptoManager;
-/**
- * Default CryptoManager instance
- */
-exports.cryptoManager = new CryptoManager();

package/dist/cjs/core/crypto/decrypt.d.ts

@@ -1 +0,0 @@
-export declare const decrypt: (data: string, secret: string) => string;

package/dist/cjs/core/crypto/encrypt.d.ts

@@ -1 +0,0 @@
-export declare const encrypt: (text: string, secret: string) => string;

package/dist/cjs/core/crypto/hmac.d.ts

@@ -1,8 +0,0 @@
-/**
- * Sign message using HMAC SHA-256
- */
-export declare const hmacSign: (message: string, secret: string) => string;
-/**
- * Verify HMAC signature
- */
-export declare const hmacVerify: (message: string, secret: string, signature: string) => boolean;

package/dist/cjs/core/crypto/index.d.ts

@@ -1,5 +0,0 @@
-export { decrypt } from './decrypt';
-export { encrypt } from './encrypt';
-export { hmacSign, hmacVerify } from './hmac';
-export { randomToken, generateStrongPassword } from './random';
-export * from './cryptoManager';

package/dist/cjs/core/crypto/random.d.ts

@@ -1,8 +0,0 @@
-/**
- * Generate cryptographically secure random string
- */
-export declare const randomToken: (length?: number) => string;
-/**
- * Generate a strong random password
- */
-export declare const generateStrongPassword: (length?: number) => string;

package/dist/cjs/core/jwt/decode.d.ts

@@ -1,12 +0,0 @@
-import { type JwtPayload } from 'jsonwebtoken';
-/**
- * Flexible decode
- * Returns: null | string | JwtPayload
- * Mirrors jsonwebtoken.decode()
- */
-export declare function decodeToken(token: string): null | string | JwtPayload;
-/**
- * Strict decode
- * Always returns JwtPayload or throws error
- */
-export declare function decodeTokenStrict(token: string): JwtPayload;

package/dist/cjs/core/jwt/extractToken.d.ts

@@ -1,11 +0,0 @@
-export interface TokenSources {
-    header?: string | undefined | null;
-    cookies?: Record<string, string> | undefined;
-    query?: Record<string, string | undefined> | undefined;
-    body?: Record<string, unknown> | undefined;
-    wsMessage?: string | Record<string, unknown> | undefined;
-}
-/**
- * Universal token extractor
- */
-export declare function extractToken(sources: TokenSources): string | null;

package/dist/cjs/core/jwt/generateTokens.d.ts

@@ -1,4 +0,0 @@
-import type { Secret } from 'jsonwebtoken';
-import type { RefreshToken, TokenPair } from './types';
-export declare const generateTokens: (payload: Record<string, unknown>, accessSecret: Secret, refreshSecret: Secret, accessExpiry?: string | number, refreshExpiry?: string | number) => TokenPair;
-export declare function rotateRefreshToken(oldToken: string, secret: Secret): RefreshToken;

package/dist/cjs/core/jwt/index.d.ts

@@ -1,8 +0,0 @@
-export * from './decode';
-export * from './extractToken';
-export * from './generateTokens';
-export * from './parseDuration';
-export * from './signToken';
-export * from './types';
-export * from './validateToken';
-export * from './verify';

package/dist/cjs/core/jwt/jwtManager.d.ts

@@ -1,43 +0,0 @@
-import { type JwtPayload, type Secret } from 'jsonwebtoken';
-import type { AccessToken, ITokenManager, JWTConfig, RefreshToken, TokenPair } from '../../interfaces/jwt.interface';
-export declare class JWTManager implements ITokenManager {
-    private accessSecret;
-    private refreshSecret;
-    private accessExpiry;
-    private refreshExpiry;
-    private cache?;
-    private cacheTTL;
-    constructor(config: JWTConfig);
-    /** Generate both access and refresh tokens */
-    generateTokens(payload: Record<string, unknown>): Promise<TokenPair>;
-    /** Generate access token */
-    generateAccessToken(payload: Record<string, unknown>): Promise<AccessToken>;
-    /** Generate refresh token */
-    generateRefreshToken(payload: Record<string, unknown>): Promise<RefreshToken>;
-    /** Verify access token */
-    verifyAccessToken(token: string): Promise<JwtPayload>;
-    /** Verify refresh token */
-    verifyRefreshToken(token: string): Promise<JwtPayload>;
-    /** Decode token without verification */
-    decodeToken(token: string, complete?: boolean): JwtPayload | string | null;
-    /** Extract token from Authorization header */
-    extractTokenFromHeader(authHeader: string): string | null;
-    /** Validate token without throwing exceptions */
-    validateToken(token: string, secret: Secret): boolean;
-    /** Rotate refresh token */
-    rotateRefreshToken(oldToken: string): Promise<RefreshToken>;
-    /** Check if token is expired */
-    isTokenExpired(token: string): boolean;
-    /** Get token expiration date */
-    getTokenExpiration(token: string): Date | null;
-    /** Clear token cache */
-    clearCache(): void;
-    /** Get cache statistics */
-    getCacheStats(): {
-        size: number;
-        maxSize: number;
-    } | null;
-    /** Private helper methods */
-    private validatePayload;
-    private verifyTokenWithCache;
-}

package/dist/cjs/core/jwt/parseDuration.d.ts

@@ -1 +0,0 @@
-export declare function parseDuration(input: string | number): number;

package/dist/cjs/core/jwt/signToken.d.ts

@@ -1,2 +0,0 @@
-import { type Secret, type SignOptions } from 'jsonwebtoken';
-export declare const signToken: (payload: Record<string, unknown>, secret: Secret, expiresIn?: string | number, options?: SignOptions) => string;

package/dist/cjs/core/jwt/types.d.ts

@@ -1,22 +0,0 @@
-import type { JwtPayload } from 'jsonwebtoken';
-export interface AccessTokenBrand {
-    readonly access: unique symbol;
-}
-export interface RefreshTokenBrand {
-    readonly refresh: unique symbol;
-}
-export type AccessToken = string & AccessTokenBrand;
-export type RefreshToken = string & RefreshTokenBrand;
-export interface TokenPair {
-    accessToken: AccessToken;
-    refreshToken: RefreshToken;
-}
-export interface VerificationResult<T = JwtPayload> {
-    valid: boolean;
-    payload?: T | string;
-    error?: Error;
-}
-export interface TokenValidationOptions {
-    ignoreExpiration?: boolean;
-    ignoreIssuedAt?: boolean;
-}