npm - @niledatabase/server - Versions diffs - 5.0.0-alpha.1 → 5.0.0-alpha.3 - Mend

@niledatabase/server 5.0.0-alpha.1 → 5.0.0-alpha.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/index.mjs CHANGED Viewed

@@ -27,7 +27,8 @@ var LoginUserResponseTokenTypeEnum = {
 // src/api/utils/routes/index.ts
 var NILEDB_API_URL = process.env.NILEDB_API_URL;
-var appRoutes = (prefix = "/api") => ({
+var DEFAULT_PREFIX = "/api";
+var appRoutes = (prefix = DEFAULT_PREFIX) => ({
   SIGNIN: `${prefix}${"/auth/signin" /* SIGNIN */}`,
   PROVIDERS: `${prefix}${"/auth/providers" /* PROVIDERS */}`,
   SESSION: `${prefix}${"/auth/session" /* SESSION */}`,
@@ -36,7 +37,8 @@ var appRoutes = (prefix = "/api") => ({
   SIGNOUT: `${prefix}${"/auth/signout" /* SIGNOUT */}`,
   ERROR: `${prefix}/auth/error`,
   VERIFY_REQUEST: `${prefix}/auth/verify-request`,
-  PASSWORD_RESET: `${prefix}/auth/reset-password`,
+  VERIFY_EMAIL: `${prefix}${"/auth/verify-email" /* VERIFY_EMAIL */}`,
+  PASSWORD_RESET: `${prefix}${"/auth/reset-password" /* PASSWORD_RESET */}`,
   ME: `${prefix}${"/me" /* ME */}`,
   USERS: `${prefix}${"/users" /* USERS */}`,
   USER_TENANTS: `${prefix}${"/users/{userId}/tenants" /* USER_TENANTS */}`,
@@ -70,7 +72,8 @@ var proxyRoutes = (config) => ({
   SIGNOUT: makeRestUrl(config, "/auth/signout" /* SIGNOUT */),
   ERROR: makeRestUrl(config, "/auth/error"),
   VERIFY_REQUEST: makeRestUrl(config, "/auth/verify-request"),
-  PASSWORD_RESET: makeRestUrl(config, "/auth/reset-password")
+  PASSWORD_RESET: makeRestUrl(config, "/auth/reset-password" /* PASSWORD_RESET */),
+  VERIFY_EMAIL: makeRestUrl(config, "/auth/verify-email" /* VERIFY_EMAIL */)
 });
 function filterNullUndefined(obj) {
   if (!obj) {
@@ -95,9 +98,9 @@ function makeRestUrl(config, path, qp) {
   const strParams = params.toString();
   return `${[url, path.substring(1, path.length)].join("/")}${strParams ? `?${strParams}` : ""}`;
 }
-function urlMatches(requestUrl, route16) {
+function urlMatches(requestUrl, route17) {
   const url = new URL(requestUrl);
-  return url.pathname.startsWith(route16);
+  return url.pathname.startsWith(route17);
 }
 function isUUID(value) {
   if (!value) {
@@ -167,9 +170,9 @@ function matchesLog(configRoutes, request2) {
 }
 // src/utils/constants.ts
-var X_NILE_TENANT = "nile.tenant_id";
-var X_NILE_ORIGIN = "nile.origin";
-var X_NILE_SECURECOOKIES = "nile.secure_cookies";
+var X_NILE_TENANT = "nile-tenant-id";
+var X_NILE_ORIGIN = "nile-origin";
+var X_NILE_SECURECOOKIES = "nile-secure-cookies";
 // src/api/utils/request.ts
 async function request(url, _init, config) {
@@ -188,15 +191,29 @@ async function request(url, _init, config) {
   }
   if (config.secureCookies != null) {
     updatedHeaders.set(X_NILE_SECURECOOKIES, String(config.secureCookies));
+  } else {
+    updatedHeaders.set(
+      X_NILE_SECURECOOKIES,
+      process.env.NODE_ENV === "production" ? "true" : "false"
+    );
   }
   updatedHeaders.set("host", requestUrl.host);
   if (config.callbackUrl) {
     const cbUrl = new URL(config.callbackUrl);
     debug(`Obtained origin from config.callbackUrl ${config.callbackUrl}`);
     updatedHeaders.set(X_NILE_ORIGIN, cbUrl.origin);
+  } else if (config.origin) {
+    debug(`Obtained origin from config.origin ${config.origin}`);
+    updatedHeaders.set(X_NILE_ORIGIN, config.origin);
   } else {
-    updatedHeaders.set(X_NILE_ORIGIN, requestUrl.origin);
-    debug(`Obtained origin from request ${requestUrl.origin}`);
+    const passedOrigin = request2.headers.get(X_NILE_ORIGIN);
+    if (passedOrigin) {
+      updatedHeaders.set(X_NILE_ORIGIN, passedOrigin);
+    } else {
+      const reqOrigin = config.routePrefix !== DEFAULT_PREFIX ? `${requestUrl.origin}${config.routePrefix}` : requestUrl.origin;
+      updatedHeaders.set(X_NILE_ORIGIN, reqOrigin);
+      debug(`Obtained origin from request ${reqOrigin}`);
+    }
   }
   const params = { ...init };
   if (params.method?.toLowerCase() === "post" || params.method?.toLowerCase() === "put") {
@@ -300,7 +317,7 @@ function matches(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes[key]);
 }
 async function fetchMe(config, method, body) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/me" /* ME */}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/me" /* ME */}`;
   const init = {
     headers: config.headers,
     method: method ?? "GET"
@@ -330,47 +347,6 @@ async function GET(url, init, config) {
   return res;
 }
-// src/utils/Event/index.ts
-var Eventer = class {
-  events = {};
-  publish(eventName, value) {
-    const callbacks = this.events[eventName];
-    if (callbacks) {
-      for (const callback of callbacks) {
-        callback(value);
-      }
-    }
-  }
-  subscribe(eventName, callback) {
-    if (!this.events[eventName]) {
-      this.events[eventName] = [];
-    }
-    this.events[eventName].push(callback);
-  }
-  unsubscribe(eventName, callback) {
-    const callbacks = this.events[eventName];
-    if (!callbacks) return;
-    const index = callbacks.indexOf(callback);
-    if (index !== -1) {
-      callbacks.splice(index, 1);
-    }
-    if (callbacks.length === 0) {
-      delete this.events[eventName];
-    }
-  }
-};
-var eventer = new Eventer();
-var watchTenantId = (cb) => eventer.subscribe("tenantId" /* Tenant */, cb);
-var watchUserId = (cb) => eventer.subscribe("userId" /* User */, cb);
-var evictPool = (val) => {
-  eventer.publish("EvictPool" /* EvictPool */, val);
-};
-var watchEvictPool = (cb) => eventer.subscribe("EvictPool" /* EvictPool */, cb);
-var updateHeaders = (val) => {
-  eventer.publish("headers" /* Headers */, val);
-};
-var watchHeaders = (cb) => eventer.subscribe("headers" /* Headers */, cb);
 // src/utils/fetch.ts
 function getTokenFromCookie(headers, cookieKey) {
   const cookie = headers.get("cookie")?.split("; ");
@@ -509,11 +485,11 @@ async function route3(request2, config) {
 function matches3(configRoutes, request2) {
   const url = new URL(request2.url);
   const [userId, possibleTenantId, tenantId] = url.pathname.split("/").reverse();
-  let route16 = configRoutes[key3].replace("{tenantId}", tenantId).replace("{userId}", userId);
+  let route17 = configRoutes[key3].replace("{tenantId}", tenantId).replace("{userId}", userId);
   if (userId === "users") {
-    route16 = configRoutes[key3].replace("{tenantId}", possibleTenantId);
+    route17 = configRoutes[key3].replace("{tenantId}", possibleTenantId);
   }
-  return urlMatches(request2.url, route16);
+  return urlMatches(request2.url, route17);
 }
 async function fetchTenantUsers(config, method, payload) {
   const { body, params } = {};
@@ -534,7 +510,7 @@ async function fetchTenantUsers(config, method, payload) {
   if (params?.tenantId) {
     q.set("tenantId", params.tenantId);
   }
-  const clientUrl = `${config.origin}${config.routePrefix}${"/tenants/{tenantId}/users" /* TENANT_USERS */.replace(
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/tenants/{tenantId}/users" /* TENANT_USERS */.replace(
     "{tenantId}",
     config.tenantId
   )}`;
@@ -636,7 +612,7 @@ function matches4(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes[key4]);
 }
 async function fetchTenants(config, method, body) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/tenants" /* TENANTS */}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/tenants" /* TENANTS */}`;
   const init = {
     method,
     headers: config.headers
@@ -658,7 +634,7 @@ async function fetchTenant(config, method, body) {
       "nile.tenantId is not a valid UUID. This may lead to unexpected behavior in your application."
     );
   }
-  const clientUrl = `${config.origin}${config.routePrefix}${"/tenants/{tenantId}" /* TENANT */.replace("{tenantId}", config.tenantId)}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/tenants/{tenantId}" /* TENANT */.replace("{tenantId}", config.tenantId)}`;
   const m = method ?? "GET";
   const init = {
     method: m,
@@ -682,7 +658,7 @@ async function fetchTenantsByUser(config) {
       );
     }
   }
-  const clientUrl = `${config.origin}${config.routePrefix}${"/users/{userId}/tenants" /* USER_TENANTS */.replace(
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/users/{userId}/tenants" /* USER_TENANTS */.replace(
     "{userId}",
     config.userId ?? "WARN_NOT_SET"
   )}`;
@@ -712,7 +688,7 @@ function matches5(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes[key5]);
 }
 async function fetchSignIn(config, provider, body) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/auth/signin" /* SIGNIN */}/${provider}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/signin" /* SIGNIN */}/${provider}`;
   const req = new Request(clientUrl, {
     method: "POST",
     headers: config.headers,
@@ -736,7 +712,7 @@ function matches6(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes.SESSION);
 }
 async function fetchSession(config) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/auth/session" /* SESSION */}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/session" /* SESSION */}`;
   const req = new Request(clientUrl, {
     method: "GET",
     headers: config.headers
@@ -759,7 +735,7 @@ function matches7(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes.PROVIDERS);
 }
 async function fetchProviders(config) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/auth/providers" /* PROVIDERS */}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/providers" /* PROVIDERS */}`;
   const req = new Request(clientUrl, {
     method: "GET",
     headers: config.headers
@@ -782,7 +758,7 @@ function matches8(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes.CSRF);
 }
 async function fetchCsrf(config) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/auth/csrf" /* CSRF */}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/csrf" /* CSRF */}`;
   const req = new Request(clientUrl, {
     method: "GET",
     headers: config.headers
@@ -831,10 +807,10 @@ async function route9(req, config) {
 function matches9(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes.CALLBACK);
 }
-async function fetchCallback(config, provider, body) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/auth/callback" /* CALLBACK */}/${provider}`;
+async function fetchCallback(config, provider, body, request2, method = "POST") {
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/callback" /* CALLBACK */}/${provider}${request2 ? `?${new URL(request2.url).searchParams}` : ""}`;
   const req = new Request(clientUrl, {
-    method: "POST",
+    method,
     headers: config.headers,
     body
   });
@@ -860,7 +836,7 @@ function matches10(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes[key7]);
 }
 async function fetchSignOut(config, body) {
-  const clientUrl = `${config.origin}${config.routePrefix}${"/auth/signout" /* SIGNOUT */}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/signout" /* SIGNOUT */}`;
   const req = new Request(clientUrl, {
     method: "POST",
     body,
@@ -928,6 +904,62 @@ async function route13(req, config) {
 function matches13(configRoutes, request2) {
   return urlMatches(request2.url, configRoutes.PASSWORD_RESET);
 }
+async function fetchResetPassword(config, method, body, params, useJson = true) {
+  const authParams = new URLSearchParams(params ?? {});
+  if (useJson) {
+    authParams?.set("json", "true");
+  }
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/reset-password" /* PASSWORD_RESET */}?${authParams?.toString()}`;
+  const init = {
+    method,
+    headers: config.headers
+  };
+  if (body && method !== "GET") {
+    init.body = body;
+  }
+  const req = new Request(clientUrl, init);
+  return await config.handlers[method](req);
+}
+// src/api/routes/auth/verify-email.ts
+var key11 = "VERIFY_EMAIL";
+async function route14(req, config) {
+  const url = proxyRoutes(config)[key11];
+  const res = await request(
+    url,
+    {
+      method: req.method,
+      request: req
+    },
+    config
+  );
+  const location = res?.headers.get("location");
+  if (location) {
+    return new Response(res?.body, {
+      status: 302,
+      headers: res?.headers
+    });
+  }
+  return new Response(res?.body, {
+    status: res?.status,
+    headers: res?.headers
+  });
+}
+function matches14(configRoutes, request2) {
+  return urlMatches(request2.url, configRoutes[key11]);
+}
+async function fetchVerifyEmail(config, method, body) {
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/auth/verify-email" /* VERIFY_EMAIL */}`;
+  const init = {
+    method,
+    headers: config.headers
+  };
+  if (body) {
+    init.body = body;
+  }
+  const req = new Request(clientUrl, init);
+  return await config.handlers[method](req);
+}
 // src/api/handlers/GET.ts
 function GETTER(configRoutes, config) {
@@ -981,6 +1013,10 @@ function GETTER(configRoutes, config) {
       info("matches verify-request");
       return route12(req, config);
     }
+    if (matches14(configRoutes, req)) {
+      info("matches verify-email");
+      return route14(req, config);
+    }
     if (matches11(configRoutes, req)) {
       info("matches error");
       return route11(req, config);
@@ -999,8 +1035,8 @@ async function POST4(config, init) {
 }
 // src/api/routes/signup/index.tsx
-var key11 = "SIGNUP";
-async function route14(request2, config) {
+var key12 = "SIGNUP";
+async function route15(request2, config) {
   switch (request2.method) {
     case "POST":
       return await POST4(config, { request: request2 });
@@ -1008,8 +1044,8 @@ async function route14(request2, config) {
       return new Response("method not allowed", { status: 405 });
   }
 }
-function matches14(configRoutes, request2) {
-  return urlMatches(request2.url, configRoutes[key11]);
+function matches15(configRoutes, request2) {
+  return urlMatches(request2.url, configRoutes[key12]);
 }
 async function fetchSignUp(config, payload) {
   const { body, params } = payload ?? {};
@@ -1020,7 +1056,7 @@ async function fetchSignUp(config, payload) {
   if (params?.tenantId) {
     q.set("tenantId", params.tenantId);
   }
-  const clientUrl = `${config.origin}${config.routePrefix}${"/signup" /* SIGNUP */}${q.size > 0 ? `?${q}` : ""}`;
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/signup" /* SIGNUP */}${q.size > 0 ? `?${q}` : ""}`;
   const req = new Request(clientUrl, {
     method: "POST",
     headers: config.headers,
@@ -1034,24 +1070,21 @@ function POSTER(configRoutes, config) {
   const { info, warn, error } = Logger(config, "[POST MATCHER]");
   return async function POST5(req) {
     if (matchesLog(configRoutes, req)) {
-      if (req.body) {
-        try {
-          const text = await req.text();
-          error(text);
-          return new Response(null, {
-            status: 200
-          });
-        } catch (e) {
-        }
+      try {
+        const json = await req.clone().json();
+        error(req.body && json);
+      } catch {
+        error(await req.text());
       }
+      return new Response(null, { status: 200 });
     }
     if (matches3(configRoutes, req)) {
       info("matches tenant users");
       return route3(req, config);
     }
-    if (matches14(configRoutes, req)) {
+    if (matches15(configRoutes, req)) {
       info("matches signup");
-      return route14(req, config);
+      return route15(req, config);
     }
     if (matches2(configRoutes, req)) {
       info("matches users");
@@ -1089,6 +1122,10 @@ function POSTER(configRoutes, config) {
       info("matches signout");
       return route10(req, config);
     }
+    if (matches14(configRoutes, req)) {
+      info("matches verify-email");
+      return route14(req, config);
+    }
     warn(`No POST routes matched ${req.url}`);
     return new Response(null, { status: 404 });
   };
@@ -1117,11 +1154,11 @@ async function PUT4(config, init) {
 }
 // src/api/routes/tenants/[tenantId]/users/[userId]/index.ts
-var key12 = "TENANT_USER";
-async function route15(request2, config) {
+var key13 = "TENANT_USER";
+async function route16(request2, config) {
   const { info } = Logger(
     { ...config, debug: config.debug },
-    `[ROUTES][${key12}]`
+    `[ROUTES][${key13}]`
   );
   const session = await auth(request2, config);
   if (!session) {
@@ -1143,14 +1180,14 @@ async function route15(request2, config) {
       return new Response("method not allowed", { status: 405 });
   }
 }
-function matches15(configRoutes, request2) {
+function matches16(configRoutes, request2) {
   const url = new URL(request2.url);
   const [, userId, possibleTenantId, tenantId] = url.pathname.split("/").reverse();
-  let route16 = configRoutes[key12].replace("{tenantId}", tenantId).replace("{userId}", userId);
+  let route17 = configRoutes[key13].replace("{tenantId}", tenantId).replace("{userId}", userId);
   if (userId === "users") {
-    route16 = configRoutes[key12].replace("{tenantId}", possibleTenantId);
+    route17 = configRoutes[key13].replace("{tenantId}", possibleTenantId);
   }
-  return urlMatches(request2.url, route16);
+  return urlMatches(request2.url, route17);
 }
 async function fetchTenantUser(config, method) {
   if (!config.tenantId) {
@@ -1163,7 +1200,7 @@ async function fetchTenantUser(config, method) {
       "the userId context is missing. Call nile.setContext({ userId })"
     );
   }
-  const clientUrl = `${config.origin}${config.routePrefix}${"/tenants/{tenantId}/users/{userId}" /* TENANT_USER */.replace(
+  const clientUrl = `${config.serverOrigin}${config.routePrefix}${"/tenants/{tenantId}/users/{userId}" /* TENANT_USER */.replace(
     "{tenantId}",
     config.tenantId
   ).replace("{userId}", config.userId)}/link`;
@@ -1178,9 +1215,9 @@ async function fetchTenantUser(config, method) {
 function DELETER(configRoutes, config) {
   const { info, warn } = Logger(config, "[DELETE MATCHER]");
   return async function DELETE4(req) {
-    if (matches15(configRoutes, req)) {
+    if (matches16(configRoutes, req)) {
       info("matches tenant user");
-      return route15(req, config);
+      return route16(req, config);
     }
     if (matches3(configRoutes, req)) {
       info("matches tenant users");
@@ -1203,9 +1240,9 @@ function DELETER(configRoutes, config) {
 function PUTER(configRoutes, config) {
   const { info, warn } = Logger(config, "[PUT MATCHER]");
   return async function PUT5(req) {
-    if (matches15(configRoutes, req)) {
+    if (matches16(configRoutes, req)) {
       info("matches tenant user");
-      return route15(req, config);
+      return route16(req, config);
     }
     if (matches3(configRoutes, req)) {
       info("matches tenant users");
@@ -1423,7 +1460,6 @@ var stringCheck = (str) => {
 // src/utils/Config/index.ts
 var Config = class {
   routes;
-  // handlersWithContext;
   handlers;
   paths;
   logger;
@@ -1444,6 +1480,10 @@ var Config = class {
    */
   apiUrl;
   origin;
+  /**
+   * important for separating the `origin` config value from a default in order to make requests
+   */
+  serverOrigin;
   debug;
   /**
    * To use secure cookies or not in the fetch
@@ -1462,7 +1502,8 @@ var Config = class {
     this.secureCookies = getSecureCookies(envVarConfig);
     this.callbackUrl = getCallbackUrl(envVarConfig);
     this.debug = config?.debug;
-    this.origin = config?.origin ?? "http://localhost:3000";
+    this.origin = config?.origin;
+    this.serverOrigin = config?.origin ?? "http://localhost:3000";
     this.apiUrl = getApiUrl(envVarConfig);
     const user = getUsername(envVarConfig);
     const password = getPassword(envVarConfig);
@@ -1533,6 +1574,47 @@ var Config = class {
   }
 };
+// src/utils/Event/index.ts
+var Eventer = class {
+  events = {};
+  publish(eventName, value) {
+    const callbacks = this.events[eventName];
+    if (callbacks) {
+      for (const callback of callbacks) {
+        callback(value);
+      }
+    }
+  }
+  subscribe(eventName, callback) {
+    if (!this.events[eventName]) {
+      this.events[eventName] = [];
+    }
+    this.events[eventName].push(callback);
+  }
+  unsubscribe(eventName, callback) {
+    const callbacks = this.events[eventName];
+    if (!callbacks) return;
+    const index = callbacks.indexOf(callback);
+    if (index !== -1) {
+      callbacks.splice(index, 1);
+    }
+    if (callbacks.length === 0) {
+      delete this.events[eventName];
+    }
+  }
+};
+var eventer = new Eventer();
+var watchTenantId = (cb) => eventer.subscribe("tenantId" /* Tenant */, cb);
+var watchUserId = (cb) => eventer.subscribe("userId" /* User */, cb);
+var evictPool = (val) => {
+  eventer.publish("EvictPool" /* EvictPool */, val);
+};
+var watchEvictPool = (cb) => eventer.subscribe("EvictPool" /* EvictPool */, cb);
+var updateHeaders = (val) => {
+  eventer.publish("headers" /* Headers */, val);
+};
+var watchHeaders = (cb) => eventer.subscribe("headers" /* Headers */, cb);
 // src/db/PoolProxy.ts
 function createProxyForPool(pool, config) {
   const { info, error } = Logger(config, "[pool]");
@@ -1757,336 +1839,265 @@ var DBManager = class {
   };
 };
-// src/users/index.ts
-var Users = class {
+// src/auth/index.ts
+var Auth = class {
+  #logger;
   #config;
   constructor(config) {
     this.#config = config;
+    this.#logger = Logger(config, "[auth]");
   }
-  async updateSelf(req, rawResponse) {
-    const res = await fetchMe(this.#config, "PUT", JSON.stringify(req));
+  async getSession(rawResponse = false) {
+    const res = await fetchSession(this.#config);
     if (rawResponse) {
       return res;
     }
     try {
-      return await res?.clone().json();
+      const session = await res.clone().json();
+      if (Object.keys(session).length === 0) {
+        return void 0;
+      }
+      return session;
     } catch {
       return res;
     }
   }
-  async removeSelf() {
-    const me = await this.getSelf();
-    if ("id" in me) {
-      this.#config.userId = me.id;
-    }
-    const res = await fetchMe(this.#config, "DELETE");
-    updateHeaders(new Headers());
-    return res;
+  async getCsrf(rawResponse = false) {
+    return await getCsrf(this.#config, rawResponse);
   }
-  async getSelf(rawResponse) {
-    const res = await fetchMe(this.#config);
+  async listProviders(rawResponse = false) {
+    const res = await fetchProviders(this.#config);
     if (rawResponse) {
       return res;
     }
     try {
-      return await res?.clone().json();
+      return await res.clone().json();
     } catch {
       return res;
     }
   }
-};
-// src/tenants/index.ts
-var Tenants = class {
-  #logger;
-  #config;
-  constructor(config) {
-    this.#logger = Logger(config, "[tenants]");
-    this.#config = config;
+  async signOut() {
+    const csrfRes = await this.getCsrf();
+    if (!("csrfToken" in csrfRes)) {
+      throw new Error("Unable to obtain CSRF token. Sign out failed.");
+    }
+    const body = JSON.stringify({
+      csrfToken: csrfRes.csrfToken,
+      json: true
+    });
+    const res = await fetchSignOut(this.#config, body);
+    updateHeaders(new Headers({}));
+    this.#config.headers = new Headers();
+    return res;
   }
-  async create(req, rawResponse) {
-    let res;
-    if (typeof req === "string") {
-      res = await fetchTenants(
-        this.#config,
-        "POST",
-        JSON.stringify({ name: req })
+  async signUp(payload, rawResponse) {
+    this.#config.headers = new Headers();
+    const { email, password, ...params } = payload;
+    if (!email || !password) {
+      throw new Error(
+        "Server side sign up requires a user email and password."
       );
-    } else if (typeof req === "object" && ("name" in req || "id" in req)) {
-      res = await fetchTenants(this.#config, "POST", JSON.stringify(req));
-    }
-    if (rawResponse) {
-      return res;
-    }
-    try {
-      return await res?.clone().json();
-    } catch {
-      return res;
     }
-  }
-  async delete(req) {
-    if (typeof req === "string") {
-      this.#config.tenantId = req;
+    const providers = await this.listProviders();
+    const { credentials } = providers ?? {};
+    if (!credentials) {
+      throw new Error(
+        "Unable to obtain credential provider. Aborting server side sign up."
+      );
     }
-    if (typeof req === "object" && "id" in req) {
-      this.#config.tenantId = req.id;
+    const csrf = await this.getCsrf();
+    let csrfToken;
+    if ("csrfToken" in csrf) {
+      csrfToken = csrf.csrfToken;
+    } else {
+      throw new Error("Unable to obtain parse CSRF. Request blocked.");
     }
-    const res = await fetchTenant(this.#config, "DELETE");
-    return res;
-  }
-  async get(req, rawResponse) {
-    if (typeof req === "string") {
-      this.#config.tenantId = req;
-    } else if (typeof req === "object" && "id" in req) {
-      this.#config.tenantId = req.id;
-    }
-    const res = await fetchTenant(this.#config, "GET");
-    if (rawResponse === true || req === true) {
-      return res;
-    }
-    try {
-      return await res?.clone().json();
-    } catch {
-      return res;
+    const body = JSON.stringify({
+      email,
+      password,
+      csrfToken,
+      callbackUrl: credentials.callbackUrl
+    });
+    const res = await fetchSignUp(this.#config, { body, params });
+    if (res.status > 299) {
+      this.#logger.error(await res.clone().text());
+      return void 0;
     }
-  }
-  async update(req, rawResponse) {
-    let res;
-    if (typeof req === "object" && ("name" in req || "id" in req)) {
-      const { id, ...remaining } = req;
-      if (id) {
-        this.#config.tenantId = id;
-      }
-      res = await fetchTenant(this.#config, "PUT", JSON.stringify(remaining));
+    const token = parseToken(res.headers);
+    if (!token) {
+      throw new Error("Server side sign up failed. Session token not found");
     }
+    this.#config.headers?.append("cookie", token);
+    updateHeaders(this.#config.headers);
     if (rawResponse) {
       return res;
     }
     try {
-      return await res?.clone().json();
+      return await res.clone().json();
     } catch {
       return res;
     }
   }
-  async list(req) {
-    const res = await fetchTenantsByUser(this.#config);
-    if (req === true) {
-      return res;
+  async forgotPassword(req) {
+    let email = "";
+    const defaults = defaultCallbackUrl({
+      config: this.#config
+    });
+    let callbackUrl = defaults.callbackUrl;
+    let redirectUrl = defaults.redirectUrl;
+    if ("email" in req) {
+      email = req.email;
     }
-    try {
-      return await res?.clone().json();
-    } catch {
-      return res;
+    if ("callbackUrl" in req) {
+      callbackUrl = req.callbackUrl ? req.callbackUrl : null;
     }
-  }
-  async leaveTenant(req) {
-    const me = await fetchMe(this.#config);
-    try {
-      const json = await me.json();
-      if ("id" in json) {
-        this.#config.userId = json.id;
-      }
-    } catch {
+    if ("redirectUrl" in req) {
+      redirectUrl = req.redirectUrl ? req.redirectUrl : null;
     }
-    if (typeof req === "string") {
-      this.#config.tenantId = req;
-    } else {
-      this.#handleContext(req);
-    }
-    return await fetchTenantUser(this.#config, "DELETE");
-  }
-  async addMember(req, rawResponse) {
-    if (typeof req === "string") {
-      this.#config.userId = req;
-    } else {
-      this.#handleContext(req);
-    }
-    const res = await fetchTenantUser(this.#config, "PUT");
-    return responseHandler(res, rawResponse);
-  }
-  async removeMember(req, rawResponse) {
-    this.#handleContext(req);
-    const res = await fetchTenantUser(this.#config, "DELETE");
-    return responseHandler(res, rawResponse);
-  }
-  async users(req, rawResponse) {
-    this.#handleContext(req);
-    const res = await fetchTenantUsers(this.#config, "GET");
-    return responseHandler(
-      res,
-      rawResponse || typeof req === "boolean" && req
+    const body = JSON.stringify({
+      email,
+      redirectUrl,
+      callbackUrl
+    });
+    const data = await fetchResetPassword(
+      this.#config,
+      "POST",
+      body,
+      new URLSearchParams(),
+      false
     );
-  }
-  #handleContext(req) {
-    if (typeof req === "object") {
-      if ("tenantId" in req) {
-        this.#config.tenantId = req.tenantId;
+    return data;
+  }
+  async resetPassword(req) {
+    let email = "";
+    let password = "";
+    const defaults = defaultCallbackUrl({ config: this.#config });
+    let callbackUrl = defaults.callbackUrl;
+    let redirectUrl = defaults.redirectUrl;
+    if (req instanceof Request) {
+      const body2 = await req.json();
+      email = body2.email;
+      password = body2.password;
+      const cbFromHeaders = parseCallback(req.headers);
+      if (cbFromHeaders) {
+        callbackUrl = cbFromHeaders;
       }
-      if ("userId" in req) {
-        this.#config.tenantId = req.tenantId;
+      if (body2.callbackUrl) {
+        callbackUrl = body2.callbackUrl;
       }
-    }
-  }
-};
-async function responseHandler(res, rawResponse) {
-  if (rawResponse) {
-    return res;
-  }
-  try {
-    return await res?.clone().json();
-  } catch {
-    return res;
-  }
-}
-// src/auth/index.ts
-var Auth = class {
-  #logger;
-  #config;
-  constructor(config) {
-    this.#config = config;
-    this.#logger = Logger(config, "[auth]");
-  }
-  async getSession(rawResponse = false) {
-    const res = await fetchSession(this.#config);
-    if (rawResponse) {
-      return res;
-    }
-    try {
-      const session = await res.clone().json();
-      if (Object.keys(session).length === 0) {
-        return void 0;
+      if (body2.redirectUrl) {
+        redirectUrl = body2.redirectUrl;
       }
-      return session;
-    } catch {
-      return res;
-    }
-  }
-  async getCsrf(rawResponse = false) {
-    const res = await fetchCsrf(this.#config);
-    const csrfCook = parseCSRF(res.headers);
-    if (csrfCook) {
-      const [, value] = csrfCook.split("=");
-      const [token] = decodeURIComponent(value).split("|");
-      const setCookie = res.headers.get("set-cookie");
-      if (setCookie) {
-        const cookie = [
-          csrfCook,
-          parseCallback(res.headers),
-          parseToken(res.headers)
-        ].filter(Boolean).join("; ");
-        this.#config.headers.set("cookie", cookie);
-        updateHeaders(new Headers({ cookie }));
+    } else {
+      if ("email" in req) {
+        email = req.email;
       }
-      if (!rawResponse) {
-        return { csrfToken: token };
+      if ("password" in req) {
+        password = req.password;
       }
-    } else {
-      const existingCookie = this.#config.headers.get("cookie");
-      const cookieParts = [];
-      if (existingCookie) {
-        cookieParts.push(
-          parseToken(this.#config.headers),
-          parseCallback(this.#config.headers)
-        );
+      if ("callbackUrl" in req) {
+        callbackUrl = req.callbackUrl ? req.callbackUrl : null;
+      }
+      if ("redirectUrl" in req) {
+        redirectUrl = req.redirectUrl ? req.redirectUrl : null;
       }
-      cookieParts.push(csrfCook);
-      const cookie = cookieParts.filter(Boolean).join("; ");
-      this.#config.headers.set("cookie", cookie);
-      updateHeaders(new Headers({ cookie }));
-    }
-    if (rawResponse) {
-      return res;
     }
+    await this.getCsrf();
+    const body = JSON.stringify({
+      email,
+      password,
+      redirectUrl,
+      callbackUrl
+    });
+    let urlWithParams;
     try {
-      return await res.clone().json();
+      const data = await fetchResetPassword(this.#config, "POST", body);
+      const cloned = data.clone();
+      if (data.status === 400) {
+        const text = await cloned.text();
+        this.#logger.error(text);
+        return data;
+      }
+      const { url } = await data.json();
+      urlWithParams = url;
     } catch {
-      return res;
-    }
-  }
-  async listProviders(rawResponse = false) {
-    const res = await fetchProviders(this.#config);
-    if (rawResponse) {
-      return res;
     }
+    let token;
     try {
-      return await res.clone().json();
+      const worthyParams = new URL(urlWithParams).searchParams;
+      const answer = await fetchResetPassword(
+        this.#config,
+        "GET",
+        null,
+        worthyParams
+      );
+      token = parseResetToken(answer.headers);
     } catch {
-      return res;
-    }
-  }
-  async signOut() {
-    const csrfRes = await this.getCsrf();
-    if (!("csrfToken" in csrfRes)) {
-      throw new Error("Unable to obtain CSRF token. Sign out failed.");
-    }
-    const body = JSON.stringify({
-      csrfToken: csrfRes.csrfToken,
-      json: true
-    });
-    const res = await fetchSignOut(this.#config, body);
-    updateHeaders(new Headers({}));
-    this.#config.headers = new Headers();
-    return res;
-  }
-  async signUp(payload, rawResponse) {
-    this.#config.headers = new Headers();
-    const { email, password, ...params } = payload;
-    if (!email || !password) {
-      throw new Error(
-        "Server side sign up requires a user email and password."
+      this.#logger.warn(
+        "Unable to parse reset password url. Password not reset."
       );
     }
-    const providers = await this.listProviders();
-    const { credentials } = providers ?? {};
-    if (!credentials) {
+    const cookie = this.#config.headers.get("cookie")?.split("; ");
+    if (token) {
+      cookie?.push(token);
+    } else {
       throw new Error(
-        "Unable to obtain credential provider. Aborting server side sign up."
+        "Unable to reset password, reset token is missing from response"
       );
     }
-    const csrf = await this.getCsrf();
-    let csrfToken;
-    if ("csrfToken" in csrf) {
-      csrfToken = csrf.csrfToken;
-    } else {
-      throw new Error("Unable to obtain parse CSRF. Request blocked.");
-    }
-    const body = JSON.stringify({
-      email,
-      password,
-      csrfToken,
-      callbackUrl: credentials.callbackUrl
+    this.#config.headers = new Headers({
+      ...this.#config.headers,
+      cookie: cookie?.join("; ")
     });
-    const res = await fetchSignUp(this.#config, { body, params });
-    if (res.status > 299) {
-      this.#logger.error(await res.clone().text());
-      return void 0;
-    }
-    const token = parseToken(res.headers);
-    if (!token) {
-      throw new Error("Server side sign up failed. Session token not found");
-    }
-    this.#config.headers?.append("cookie", token);
-    updateHeaders(this.#config.headers);
-    if (rawResponse) {
-      return res;
-    }
-    try {
-      return await res.clone().json();
-    } catch {
-      return res;
+    const res = await fetchResetPassword(this.#config, "PUT", body);
+    cookie?.pop();
+    const cleaned = cookie?.filter((c) => !c.includes("nile.session")) ?? [];
+    cleaned.push(String(parseToken(res.headers)));
+    const updatedHeaders = new Headers({ cookie: cleaned.join("; ") });
+    updateHeaders(updatedHeaders);
+    return res;
+  }
+  async callback(provider, body) {
+    if (body instanceof Request) {
+      this.#config.headers = body.headers;
+      return await fetchCallback(
+        this.#config,
+        provider,
+        void 0,
+        body,
+        "GET"
+      );
     }
+    return await fetchCallback(this.#config, provider, body);
   }
   async signIn(provider, payload, rawResponse) {
-    this.#config.headers = new Headers();
-    const { info, error } = this.#logger;
-    const { email, password } = payload ?? {};
-    if (provider === "email" && (!email || !password)) {
-      throw new Error(
-        "Server side sign in requires a user email and password."
+    if (payload instanceof Request) {
+      const body2 = new URLSearchParams(await payload.text());
+      const origin = new URL(payload.url).origin;
+      const payloadUrl = body2?.get("callbackUrl");
+      const csrfToken2 = body2?.get("csrfToken");
+      const callbackUrl = `${!payloadUrl?.startsWith("http") ? origin : ""}${payloadUrl}`;
+      if (!csrfToken2) {
+        throw new Error(
+          "CSRF token in missing from request. Request it by the client before calling sign in"
+        );
+      }
+      this.#config.headers = new Headers(payload.headers);
+      this.#config.headers.set(
+        "Content-Type",
+        "application/x-www-form-urlencoded"
       );
+      const params = new URLSearchParams({
+        csrfToken: csrfToken2,
+        json: String(true)
+      });
+      if (payloadUrl) {
+        params.set("callbackUrl", callbackUrl);
+      }
+      return await fetchSignIn(this.#config, provider, params);
     }
-    info(`Obtaining providers for ${email}`);
+    this.#config.headers = new Headers();
+    const { info, error } = this.#logger;
     const providers = await this.listProviders();
     info("Obtaining csrf");
     const csrf = await this.getCsrf();
@@ -2102,13 +2113,13 @@ var Auth = class {
         "Unable to obtain credential provider. Aborting server side sign in."
       );
     }
-    if (provider !== "credentials") {
-      return await fetchSignIn(
-        this.#config,
-        provider,
-        JSON.stringify({ csrfToken })
+    const { email, password } = payload ?? {};
+    if (provider === "email" && (!email || !password)) {
+      throw new Error(
+        "Server side sign in requires a user email and password."
       );
     }
+    info(`Obtaining providers for ${email}`);
     info(`Attempting sign in with email ${email}`);
     const body = JSON.stringify({
       email,
@@ -2116,7 +2127,7 @@ var Auth = class {
       csrfToken,
       callbackUrl: credentials.callbackUrl
     });
-    const signInRes = await fetchCallback(this.#config, provider, body);
+    const signInRes = await this.callback(provider, body);
     const authCookie = signInRes?.headers.get("set-cookie");
     if (!authCookie) {
       throw new Error("authentication failed");
@@ -2198,6 +2209,296 @@ function parseToken(headers) {
   const [, token] = /((__Secure-)?nile\.session-token=[^;]+)/.exec(authCookie) ?? [];
   return token;
 }
+function parseResetToken(headers) {
+  let authCookie = headers?.get("set-cookie");
+  if (!authCookie) {
+    authCookie = headers?.get("cookie");
+  }
+  if (!authCookie) {
+    return void 0;
+  }
+  const [, token] = /((__Secure-)?nile\.reset=[^;]+)/.exec(authCookie) ?? [];
+  return token;
+}
+function defaultCallbackUrl({ config }) {
+  let cb = null;
+  let redirect = null;
+  const fallbackCb = parseCallback(config.headers);
+  if (fallbackCb) {
+    const [, value] = fallbackCb.split("=");
+    cb = decodeURIComponent(value);
+    if (value) {
+      redirect = `${new URL(cb).origin}${"/auth/reset-password" /* PASSWORD_RESET */}`;
+    }
+  }
+  return { callbackUrl: cb, redirectUrl: redirect };
+}
+// src/auth/getCsrf.ts
+async function getCsrf(config, rawResponse = false) {
+  const res = await fetchCsrf(config);
+  const csrfCook = parseCSRF(res.headers);
+  if (csrfCook) {
+    const [, value] = csrfCook.split("=");
+    const [token] = decodeURIComponent(value).split("|");
+    const setCookie = res.headers.get("set-cookie");
+    if (setCookie) {
+      const cookie = [
+        csrfCook,
+        parseCallback(res.headers),
+        parseToken(res.headers)
+      ].filter(Boolean).join("; ");
+      config.headers.set("cookie", cookie);
+      updateHeaders(new Headers({ cookie }));
+    }
+    if (!rawResponse) {
+      return { csrfToken: token };
+    }
+  } else {
+    const existingCookie = config.headers.get("cookie");
+    const cookieParts = [];
+    if (existingCookie) {
+      cookieParts.push(
+        parseToken(config.headers),
+        parseCallback(config.headers)
+      );
+    }
+    if (csrfCook) {
+      cookieParts.push(csrfCook);
+    } else {
+      cookieParts.push(parseCSRF(config.headers));
+    }
+    const cookie = cookieParts.filter(Boolean).join("; ");
+    config.headers.set("cookie", cookie);
+    updateHeaders(new Headers({ cookie }));
+  }
+  if (rawResponse) {
+    return res;
+  }
+  try {
+    return await res.clone().json();
+  } catch {
+    return res;
+  }
+}
+// src/users/index.ts
+var Users = class {
+  #config;
+  #logger;
+  constructor(config) {
+    this.#config = config;
+    this.#logger = Logger(config, "[me]");
+  }
+  async updateSelf(req, rawResponse) {
+    const res = await fetchMe(this.#config, "PUT", JSON.stringify(req));
+    if (rawResponse) {
+      return res;
+    }
+    try {
+      return await res?.clone().json();
+    } catch {
+      return res;
+    }
+  }
+  async removeSelf() {
+    const me = await this.getSelf();
+    if ("id" in me) {
+      this.#config.userId = me.id;
+    }
+    const res = await fetchMe(this.#config, "DELETE");
+    updateHeaders(new Headers());
+    return res;
+  }
+  async getSelf(rawResponse) {
+    const res = await fetchMe(this.#config);
+    if (rawResponse) {
+      return res;
+    }
+    try {
+      return await res?.clone().json();
+    } catch {
+      return res;
+    }
+  }
+  async verifySelf(bypassEmail = process.env.NODE_ENV !== "production", rawResponse = false) {
+    try {
+      const me = await this.getSelf();
+      if (me instanceof Response) {
+        return me;
+      }
+      const res = await verifyEmailAddress(this.#config, me);
+      return res;
+    } catch {
+      this.#logger?.warn(
+        "Unable to verify email. The current user's email will be set to verified any way. Be sure to configure emails for production."
+      );
+    }
+    if (bypassEmail) {
+      return await this.updateSelf({ emailVerified: true }, rawResponse);
+    }
+    this.#logger.error(
+      "Unable to verify email address. Configure your SMTP server in the console."
+    );
+    return void 0;
+  }
+};
+async function verifyEmailAddress(config, user) {
+  config.headers.set("content-type", "application/x-www-form-urlencoded");
+  const { csrfToken } = await getCsrf(config);
+  const res = await fetchVerifyEmail(
+    config,
+    "POST",
+    new URLSearchParams({ csrfToken, email: user.email }).toString()
+  );
+  if (res.status > 299) {
+    throw new Error(await res.text());
+  }
+  return res;
+}
+// src/tenants/index.ts
+var Tenants = class {
+  #logger;
+  #config;
+  constructor(config) {
+    this.#logger = Logger(config, "[tenants]");
+    this.#config = config;
+  }
+  async create(req, rawResponse) {
+    let res;
+    if (typeof req === "string") {
+      res = await fetchTenants(
+        this.#config,
+        "POST",
+        JSON.stringify({ name: req })
+      );
+    } else if (typeof req === "object" && ("name" in req || "id" in req)) {
+      res = await fetchTenants(this.#config, "POST", JSON.stringify(req));
+    }
+    if (rawResponse) {
+      return res;
+    }
+    try {
+      return await res?.clone().json();
+    } catch {
+      return res;
+    }
+  }
+  async delete(req) {
+    if (typeof req === "string") {
+      this.#config.tenantId = req;
+    }
+    if (typeof req === "object" && "id" in req) {
+      this.#config.tenantId = req.id;
+    }
+    const res = await fetchTenant(this.#config, "DELETE");
+    return res;
+  }
+  async get(req, rawResponse) {
+    if (typeof req === "string") {
+      this.#config.tenantId = req;
+    } else if (typeof req === "object" && "id" in req) {
+      this.#config.tenantId = req.id;
+    }
+    const res = await fetchTenant(this.#config, "GET");
+    if (rawResponse === true || req === true) {
+      return res;
+    }
+    try {
+      return await res?.clone().json();
+    } catch {
+      return res;
+    }
+  }
+  async update(req, rawResponse) {
+    let res;
+    if (typeof req === "object" && ("name" in req || "id" in req)) {
+      const { id, ...remaining } = req;
+      if (id) {
+        this.#config.tenantId = id;
+      }
+      res = await fetchTenant(this.#config, "PUT", JSON.stringify(remaining));
+    }
+    if (rawResponse) {
+      return res;
+    }
+    try {
+      return await res?.clone().json();
+    } catch {
+      return res;
+    }
+  }
+  async list(req) {
+    const res = await fetchTenantsByUser(this.#config);
+    if (req === true) {
+      return res;
+    }
+    try {
+      return await res?.clone().json();
+    } catch {
+      return res;
+    }
+  }
+  async leaveTenant(req) {
+    const me = await fetchMe(this.#config);
+    try {
+      const json = await me.json();
+      if ("id" in json) {
+        this.#config.userId = json.id;
+      }
+    } catch {
+    }
+    if (typeof req === "string") {
+      this.#config.tenantId = req;
+    } else {
+      this.#handleContext(req);
+    }
+    return await fetchTenantUser(this.#config, "DELETE");
+  }
+  async addMember(req, rawResponse) {
+    if (typeof req === "string") {
+      this.#config.userId = req;
+    } else {
+      this.#handleContext(req);
+    }
+    const res = await fetchTenantUser(this.#config, "PUT");
+    return responseHandler(res, rawResponse);
+  }
+  async removeMember(req, rawResponse) {
+    this.#handleContext(req);
+    const res = await fetchTenantUser(this.#config, "DELETE");
+    return responseHandler(res, rawResponse);
+  }
+  async users(req, rawResponse) {
+    this.#handleContext(req);
+    const res = await fetchTenantUsers(this.#config, "GET");
+    return responseHandler(
+      res,
+      rawResponse || typeof req === "boolean" && req
+    );
+  }
+  #handleContext(req) {
+    if (typeof req === "object") {
+      if ("tenantId" in req) {
+        this.#config.tenantId = req.tenantId;
+      }
+      if ("userId" in req) {
+        this.#config.tenantId = req.tenantId;
+      }
+    }
+  }
+};
+async function responseHandler(res, rawResponse) {
+  if (rawResponse) {
+    return res;
+  }
+  try {
+    return await res?.clone().json();
+  } catch {
+    return res;
+  }
+}
 // src/api/handlers/withContext/index.ts
 function handlersWithContext(config) {
@@ -2234,14 +2535,14 @@ function updateConfig(response, config) {
   if (response?.status === 302) {
     const location = response.headers.get("location");
     if (location) {
-      const normalized = location.endsWith("/") ? location.slice(0, -1) : location;
-      origin = normalized;
+      const urlLocation = new URL(location);
+      origin = urlLocation.origin;
     }
   }
   const setCookies = [];
   if (response?.headers) {
-    for (const [key13, value] of response.headers) {
-      if (key13.toLowerCase() === "set-cookie") {
+    for (const [key14, value] of response.headers) {
+      if (key14.toLowerCase() === "set-cookie") {
         setCookies.push(value);
       }
     }
@@ -2400,25 +2701,25 @@ var Server = class {
       }
     }
     if (headers instanceof Headers) {
-      headers.forEach((value, key13) => {
-        updates.push([key13.toLowerCase(), value]);
+      headers.forEach((value, key14) => {
+        updates.push([key14.toLowerCase(), value]);
       });
     } else {
-      for (const [key13, value] of Object.entries(headers ?? {})) {
-        updates.push([key13.toLowerCase(), value]);
+      for (const [key14, value] of Object.entries(headers ?? {})) {
+        updates.push([key14.toLowerCase(), value]);
       }
     }
     const merged = {};
-    this.#headers?.forEach((value, key13) => {
-      if (key13.toLowerCase() !== "cookie") {
-        merged[key13.toLowerCase()] = value;
+    this.#headers?.forEach((value, key14) => {
+      if (key14.toLowerCase() !== "cookie") {
+        merged[key14.toLowerCase()] = value;
       }
     });
-    for (const [key13, value] of updates) {
-      merged[key13] = value;
+    for (const [key14, value] of updates) {
+      merged[key14] = value;
     }
-    for (const [key13, value] of Object.entries(merged)) {
-      this.#headers.set(key13, value);
+    for (const [key14, value] of Object.entries(merged)) {
+      this.#headers.set(key14, value);
     }
     this.#config.headers = this.#headers;
   }