@payez/next-mvp 4.0.1 → 4.0.3

package/dist/routes/auth/nextauth.js

@@ -0,0 +1,40 @@
+"use strict";
+/**
+ * Ready-to-Use Auth Route Handler (Better Auth)
+ *
+ * Provides a pre-configured Better Auth handler that uses dynamic OAuth providers
+ * loaded from IDP at startup.
+ *
+ * Replaces the former NextAuth handler. The file name is kept as nextauth.ts
+ * to avoid breaking re-exports in routes/auth/index.ts.
+ *
+ * @version 4.0.0 - Better Auth migration
+ * @since better-auth-4.0
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GET = GET;
+exports.POST = POST;
+const better_auth_1 = require("../../auth/better-auth");
+const server_1 = require("next/server");
+/**
+ * GET handler for auth routes
+ * Delegates to Better Auth instance.
+ */
+async function GET(request) {
+    const handler = await (0, better_auth_1.getBetterAuthHandler)();
+    if (!handler) {
+        return server_1.NextResponse.json({ error: 'Auth handler not available' }, { status: 503 });
+    }
+    return handler.GET(request);
+}
+/**
+ * POST handler for auth routes
+ * Delegates to Better Auth instance.
+ */
+async function POST(request) {
+    const handler = await (0, better_auth_1.getBetterAuthHandler)();
+    if (!handler) {
+        return server_1.NextResponse.json({ error: 'Auth handler not available' }, { status: 503 });
+    }
+    return handler.POST(request);
+}

package/dist/routes/auth/refresh.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Ready-to-Use Refresh Token Route
+ *
+ * Provides a pre-configured refresh handler that can be imported directly
+ * into your app's API routes with zero configuration.
+ *
+ * @example
+ * ```typescript
+ * // app/api/auth/refresh/route.ts
+ * export { POST } from '@payez/next-mvp/routes/auth/refresh';
+ * ```
+ *
+ * @version 2.0.0
+ * @since auth-ready-v2
+ */
+import { NextRequest } from 'next/server';
+export declare function POST(req: NextRequest): Promise<import("next/server").NextResponse<{
+    error: string;
+    code: string;
+}> | import("next/server").NextResponse<{
+    error: any;
+    code: any;
+    discardToken: boolean;
+    retryable: boolean;
+    resolution: any;
+}> | import("next/server").NextResponse<{
+    refreshed: boolean;
+    accessTokenExpires: number;
+    hasRefreshToken: boolean;
+}>>;

package/dist/routes/auth/refresh.js

@@ -0,0 +1,51 @@
+"use strict";
+/**
+ * Ready-to-Use Refresh Token Route
+ *
+ * Provides a pre-configured refresh handler that can be imported directly
+ * into your app's API routes with zero configuration.
+ *
+ * @example
+ * ```typescript
+ * // app/api/auth/refresh/route.ts
+ * export { POST } from '@payez/next-mvp/routes/auth/refresh';
+ * ```
+ *
+ * @version 2.0.0
+ * @since auth-ready-v2
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.POST = POST;
+const refresh_1 = require("../../api-handlers/auth/refresh");
+const idp_client_config_1 = require("../../lib/idp-client-config");
+// Configuration is read at runtime from IDP config (cached)
+async function getConfig() {
+    const idpConfig = await (0, idp_client_config_1.getIDPClientConfig)();
+    const idpBaseUrl = process.env.IDP_URL;
+    if (!idpBaseUrl) {
+        throw new Error('[IDP_URL] FATAL: IDP_URL environment variable is REQUIRED.');
+    }
+    return {
+        idpBaseUrl,
+        clientId: process.env.CLIENT_ID || process.env.NEXT_PUBLIC_IDP_CLIENT_ID || '',
+        nextAuthSecret: idpConfig.nextAuthSecret || '',
+        refreshEndpoint: process.env.REFRESH_ENDPOINT || '/api/ExternalAuth/refresh',
+    };
+}
+/**
+ * Pre-configured POST handler for token refresh
+ *
+ * Environment variables used:
+ * - IDP_URL (REQUIRED)
+ * - CLIENT_ID or NEXT_PUBLIC_IDP_CLIENT_ID (required)
+ * - NEXTAUTH_SECRET (required)
+ * - REFRESH_ENDPOINT (default: /api/ExternalAuth/refresh)
+ */
+let _handler = null;
+async function POST(req) {
+    if (!_handler) {
+        const config = await getConfig();
+        _handler = (0, refresh_1.createRefreshHandler)(config);
+    }
+    return _handler(req);
+}

package/dist/routes/auth/session.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Ready-to-Use Session Management Route
+ *
+ * Provides pre-configured session handlers for checking and updating session state.
+ *
+ * @example
+ * ```typescript
+ * // app/api/auth/session/route.ts
+ * export { GET, POST } from '@payez/next-mvp/routes/auth/session';
+ * ```
+ *
+ * @version 2.0.0
+ * @since auth-ready-v2
+ */
+import { NextRequest, NextResponse } from 'next/server';
+/**
+ * GET /api/auth/session - Check current session status
+ *
+ * Returns the current session information including:
+ * - User details
+ * - Token expiry status
+ * - Session validity
+ */
+export declare function GET(req: NextRequest): Promise<NextResponse<{}>>;
+/**
+ * POST /api/auth/session - Update session data
+ *
+ * Allows updating session metadata (not tokens).
+ * Token refresh should use the /api/auth/refresh endpoint.
+ *
+ * Body:
+ * - metadata: object - Custom metadata to store in session
+ */
+export declare function POST(req: NextRequest): Promise<NextResponse<{
+    error: string;
+    code: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}> | NextResponse<{
+    error: string;
+    details: string;
+}>>;

package/dist/routes/auth/session.js

@@ -0,0 +1,157 @@
+"use strict";
+/**
+ * Ready-to-Use Session Management Route
+ *
+ * Provides pre-configured session handlers for checking and updating session state.
+ *
+ * @example
+ * ```typescript
+ * // app/api/auth/session/route.ts
+ * export { GET, POST } from '@payez/next-mvp/routes/auth/session';
+ * ```
+ *
+ * @version 2.0.0
+ * @since auth-ready-v2
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GET = GET;
+exports.POST = POST;
+const server_1 = require("next/server");
+const auth_1 = require("../../server/auth");
+const session_store_1 = require("../../lib/session-store");
+/**
+ * GET /api/auth/session - Check current session status
+ *
+ * Returns the current session information including:
+ * - User details
+ * - Token expiry status
+ * - Session validity
+ */
+async function GET(req) {
+    try {
+        const authSession = await (0, auth_1.getSession)(req);
+        if (!authSession) {
+            console.warn('[SESSION_ROUTE] Better Auth session not found');
+            // MUST return empty {} — useSession() treats any non-empty
+            // response object as "authenticated", causing redirect loops on login page.
+            return server_1.NextResponse.json({});
+        }
+        const redisSessionId = authSession.session?.token;
+        console.log('[SESSION_ROUTE] Session found:', {
+            userId: authSession.user?.id,
+            email: authSession.user?.email,
+            name: authSession.user?.name,
+            redisSessionId: redisSessionId ? redisSessionId.substring(0, 8) + '...' : 'MISSING',
+        });
+        // Fetch full session data from Redis
+        const session = redisSessionId ? await (0, session_store_1.getSession)(redisSessionId) : null;
+        console.log('[SESSION_ROUTE] Redis session:', {
+            found: !!session,
+            userId: session?.userId,
+            roles: session?.roles,
+            hasAccessToken: !!session?.idpAccessToken,
+        });
+        // Return session format with Redis data
+        // useSession() expects: { user: {...}, expires: "..." }
+        // We enrich with all session data from Redis
+        return server_1.NextResponse.json({
+            user: {
+                id: session?.userId || authSession.user?.id,
+                email: session?.email || authSession.user?.email,
+                name: session?.name || authSession.user?.name,
+                image: authSession.user?.image || null,
+                // Redis session data
+                roles: session?.roles || [],
+                twoFactorSessionVerified: session?.mfaVerified || false,
+                requiresTwoFactor: !session?.mfaVerified,
+                authenticationMethods: session?.authenticationMethods,
+                authenticationLevel: session?.authenticationLevel,
+                mfaCompletedAt: session?.mfaCompletedAt,
+                mfaExpiresAt: session?.mfaExpiresAt,
+                mfaValidityHours: session?.mfaValidityHours,
+                oauthProvider: session?.oauthProvider,
+                idpClientId: session?.idpClientId,
+                merchantId: session?.merchantId,
+            },
+            // Session tokens
+            sessionToken: redisSessionId,
+            accessToken: session?.idpAccessToken,
+            refreshToken: session?.idpRefreshToken,
+            accessTokenExpires: session?.idpAccessTokenExpires,
+            expires: authSession.session?.expiresAt
+                ? new Date(authSession.session.expiresAt).toISOString()
+                : new Date(Date.now() + 30 * 24 * 60 * 60 * 1000).toISOString(),
+        });
+    }
+    catch (error) {
+        console.error('[SESSION_ROUTE] Error checking session:', error);
+        return server_1.NextResponse.json({
+            error: 'Failed to check session',
+            details: error instanceof Error ? error.message : 'Unknown error'
+        }, { status: 500 });
+    }
+}
+/**
+ * POST /api/auth/session - Update session data
+ *
+ * Allows updating session metadata (not tokens).
+ * Token refresh should use the /api/auth/refresh endpoint.
+ *
+ * Body:
+ * - metadata: object - Custom metadata to store in session
+ */
+async function POST(req) {
+    try {
+        const authSession = await (0, auth_1.getSession)(req);
+        if (!authSession) {
+            return server_1.NextResponse.json({
+                error: 'No session found',
+                code: 'UNAUTHORIZED'
+            }, { status: 401 });
+        }
+        const sessionToken = authSession.session?.token;
+        if (!sessionToken) {
+            return server_1.NextResponse.json({
+                error: 'Invalid session',
+                code: 'INVALID_SESSION'
+            }, { status: 400 });
+        }
+        const body = await req.json();
+        const { metadata, access_token, refresh_token, twoFactorComplete, twoFactorMethod } = body;
+        // Get current session from Redis
+        const session = await (0, session_store_1.getSession)(sessionToken);
+        if (!session) {
+            return server_1.NextResponse.json({
+                error: 'Session not found',
+                code: 'SESSION_NOT_FOUND'
+            }, { status: 404 });
+        }
+        // Update session with new data
+        const updatedSession = {
+            ...session,
+            ...(access_token ? { accessToken: access_token } : {}),
+            ...(refresh_token ? { refreshToken: refresh_token } : {}),
+            ...(typeof twoFactorComplete === 'boolean' ? { twoFactorComplete } : {}),
+            ...(twoFactorMethod ? { twoFactorMethod } : {}),
+            ...(metadata ? {
+                metadata: {
+                    ...(session.metadata || {}),
+                    ...metadata,
+                    updatedAt: new Date().toISOString()
+                }
+            } : {})
+        };
+        await (0, session_store_1.updateSession)(sessionToken, updatedSession);
+        return server_1.NextResponse.json({
+            success: true,
+            message: 'Session updated successfully'
+        });
+    }
+    catch (error) {
+        console.error('[SESSION_ROUTE] Error updating session:', error);
+        return server_1.NextResponse.json({
+            error: 'Failed to update session',
+            details: error instanceof Error ? error.message : 'Unknown error'
+        }, { status: 500 });
+    }
+}

package/dist/routes/auth/settings.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Public Auth Settings Route
+ *
+ * Returns client auth settings for pre-login pages (signup, login).
+ * Does NOT require authentication - these are public client settings.
+ */
+import { NextResponse } from 'next/server';
+export interface PublicAuthSettings {
+    enabledProviders: string[];
+    allowPublicRegistration: boolean;
+    allowSocialLogin: boolean;
+    enablePasswordReset: boolean;
+    require2FA: boolean;
+    allowed2FAMethods: string[];
+}
+/**
+ * GET /api/auth/settings
+ *
+ * Returns public auth settings for the current client.
+ * Used by login/signup pages to determine what options to show.
+ */
+export declare function GET(): Promise<NextResponse<{
+    success: boolean;
+    data: PublicAuthSettings;
+}>>;

package/dist/routes/auth/settings.js

@@ -0,0 +1,55 @@
+"use strict";
+/**
+ * Public Auth Settings Route
+ *
+ * Returns client auth settings for pre-login pages (signup, login).
+ * Does NOT require authentication - these are public client settings.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GET = GET;
+const server_1 = require("next/server");
+const idp_client_config_1 = require("../../lib/idp-client-config");
+/**
+ * GET /api/auth/settings
+ *
+ * Returns public auth settings for the current client.
+ * Used by login/signup pages to determine what options to show.
+ */
+async function GET() {
+    try {
+        const config = await (0, idp_client_config_1.getIDPClientConfig)();
+        const settings = {
+            // Get enabled OAuth provider names
+            enabledProviders: config.oauthProviders
+                ?.filter(p => p.enabled)
+                .map(p => p.provider) ?? [],
+            // Registration - default to true if not specified
+            allowPublicRegistration: true, // Could come from config.authSettings in future
+            allowSocialLogin: config.oauthProviders?.some(p => p.enabled) ?? false,
+            // Password reset
+            enablePasswordReset: true, // Could come from config.authSettings in future
+            // 2FA
+            require2FA: config.authSettings?.require2FA ?? true,
+            allowed2FAMethods: config.authSettings?.allowed2FAMethods ?? ['email', 'sms'],
+        };
+        return server_1.NextResponse.json({
+            success: true,
+            data: settings,
+        });
+    }
+    catch (error) {
+        console.error('[AUTH_SETTINGS] Failed to get settings:', error);
+        // Return safe defaults on error
+        return server_1.NextResponse.json({
+            success: true,
+            data: {
+                enabledProviders: [],
+                allowPublicRegistration: true,
+                allowSocialLogin: false,
+                enablePasswordReset: true,
+                require2FA: true,
+                allowed2FAMethods: ['email', 'sms'],
+            },
+        });
+    }
+}

package/dist/routes/auth/viability.d.ts

@@ -0,0 +1,52 @@
+/**
+ * Ready-to-Use Session Viability Route
+ *
+ * Checks if the current session is viable (valid and not expired).
+ * Used by client-side code to determine if a refresh is needed.
+ *
+ * @example
+ * ```typescript
+ * // app/api/session/viability/route.ts
+ * export { GET } from '@payez/next-mvp/routes/auth/viability';
+ * ```
+ *
+ * @version 2.0.0
+ * @since auth-ready-v2
+ */
+import { NextRequest, NextResponse } from 'next/server';
+/**
+ * GET /api/session/viability - Check if session is viable
+ *
+ * Returns:
+ * - viable: boolean - Whether the session can be used
+ * - needsRefresh: boolean - Whether a refresh is recommended
+ * - expiresIn: number - Seconds until token expires
+ */
+export declare function GET(req: NextRequest): Promise<NextResponse<{
+    viable: boolean;
+    needsRefresh: boolean;
+    authenticated: boolean;
+    reason: string;
+}> | NextResponse<{
+    viable: boolean;
+    needsRefresh: boolean;
+    expiresIn: number;
+    hasRefreshToken: boolean;
+    authenticated: boolean;
+    sessionToken: any;
+    tenantRequiresTwoFactor: boolean;
+    userHasCompletedTenantTwoFactorRequirements: any;
+    userStillNeedsTwoFactor: boolean;
+    requires2FA: boolean;
+    twoFactorComplete: any;
+    accessTokenExpired: boolean;
+    expiresAt: string;
+    roles: string[];
+    clientId: string;
+}> | NextResponse<{
+    viable: boolean;
+    needsRefresh: boolean;
+    authenticated: boolean;
+    error: string;
+    details: string;
+}>>;

package/dist/routes/auth/viability.js

@@ -0,0 +1,190 @@
+"use strict";
+/**
+ * Ready-to-Use Session Viability Route
+ *
+ * Checks if the current session is viable (valid and not expired).
+ * Used by client-side code to determine if a refresh is needed.
+ *
+ * @example
+ * ```typescript
+ * // app/api/session/viability/route.ts
+ * export { GET } from '@payez/next-mvp/routes/auth/viability';
+ * ```
+ *
+ * @version 2.0.0
+ * @since auth-ready-v2
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GET = GET;
+const server_1 = require("next/server");
+const auth_1 = require("../../server/auth");
+const session_store_1 = require("../../lib/session-store");
+const idp_client_config_1 = require("../../lib/idp-client-config");
+/**
+ * Get tenant-wide 2FA requirement from cached client config (from broker handshake)
+ */
+async function getTenantRequiresTwoFactor() {
+    try {
+        const config = await (0, idp_client_config_1.getIDPClientConfig)();
+        return config.authSettings?.require2FA ?? true; // Default to true for security
+    }
+    catch {
+        console.warn('[VIABILITY] Could not get client config, defaulting tenantRequiresTwoFactor to true');
+        return true;
+    }
+}
+/**
+ * GET /api/session/viability - Check if session is viable
+ *
+ * Returns:
+ * - viable: boolean - Whether the session can be used
+ * - needsRefresh: boolean - Whether a refresh is recommended
+ * - expiresIn: number - Seconds until token expires
+ */
+async function GET(req) {
+    try {
+        const baSession = await (0, auth_1.getSession)(req);
+        if (!baSession) {
+            return server_1.NextResponse.json({
+                viable: false,
+                needsRefresh: false,
+                authenticated: false,
+                reason: 'No session found'
+            });
+        }
+        const token = baSession;
+        const sessionToken = baSession.session?.token;
+        const session = sessionToken ? await (0, session_store_1.getSession)(sessionToken) : null;
+        // CRITICAL: Detect stale cookie state (JWT exists but Redis session missing)
+        if (sessionToken && !session) {
+            console.warn('[VIABILITY] Stale cookie detected - session not in Redis');
+            return server_1.NextResponse.json({
+                viable: false,
+                needsRefresh: false,
+                authenticated: false,
+                sessionToken, // Return sessionToken so middleware can detect and clear stale cookie
+                reason: 'Stale session - cookie exists but session not found in Redis'
+            });
+        }
+        // Check access token expiry
+        const now = Math.floor(Date.now() / 1000);
+        const accessTokenExpires = token.accessTokenExpires || token.exp;
+        if (!accessTokenExpires) {
+            // No expiry info, assume viable but recommend refresh
+            const tenantRequiresTwoFactor = await getTenantRequiresTwoFactor();
+            // CRITICAL: Check if MFA has expired (2FA TTL enforcement)
+            const mfaExpiresAt = session?.mfaExpiresAt || 0;
+            const mfaExpired = mfaExpiresAt > 0 && mfaExpiresAt < Date.now();
+            // Check mfaVerified (normalized name) with fallback to twoFactorComplete for compatibility
+            const mfaVerifiedInSession = session?.mfaVerified ?? session?.twoFactorComplete ?? false;
+            // User has completed 2FA requirements if: they verified AND it hasn't expired
+            const userHasCompletedTenantTwoFactorRequirements = mfaVerifiedInSession && !mfaExpired;
+            // userStillNeedsTwoFactor = inverse of completed (matches session callback logic)
+            const userStillNeedsTwoFactor = !userHasCompletedTenantTwoFactorRequirements;
+            return server_1.NextResponse.json({
+                viable: true,
+                needsRefresh: true,
+                authenticated: true,
+                sessionToken,
+                // Clear names for middleware decision-making
+                tenantRequiresTwoFactor,
+                userHasCompletedTenantTwoFactorRequirements,
+                userStillNeedsTwoFactor,
+                // Legacy field names for backwards compatibility
+                requires2FA: tenantRequiresTwoFactor,
+                twoFactorComplete: userHasCompletedTenantTwoFactorRequirements,
+                accessTokenExpired: false,
+                reason: 'No expiry information'
+            });
+        }
+        // Convert to seconds if needed
+        const expiryTime = accessTokenExpires > 1000000000000
+            ? Math.floor(accessTokenExpires / 1000)
+            : accessTokenExpires;
+        const expiresIn = expiryTime - now;
+        const isExpired = expiresIn <= 0;
+        const needsRefresh = expiresIn <= 300; // 5 minutes buffer
+        // Check if we have refresh capability (check normalized field name first)
+        const hasRefreshToken = !!(session?.idpRefreshToken || session?.refreshToken || token.refreshToken);
+        // CLEAR NAMING: Tenant-wide 2FA requirement from client config
+        const tenantRequiresTwoFactor = await getTenantRequiresTwoFactor();
+        // CRITICAL: Check if MFA has expired (2FA TTL enforcement)
+        // The session may have mfaVerified=true from days ago, but if mfaExpiresAt
+        // has passed, we must treat 2FA as incomplete to force re-verification.
+        const mfaExpiresAt = session?.mfaExpiresAt || 0;
+        const mfaExpired = mfaExpiresAt > 0 && mfaExpiresAt < Date.now();
+        // Check mfaVerified (normalized name) with fallback to twoFactorComplete for compatibility
+        const mfaVerifiedInSession = session?.mfaVerified ?? session?.twoFactorComplete ?? false;
+        // DEBUG: Log what we're reading from the session
+        console.log('[VIABILITY] Session 2FA state:', {
+            sessionToken: sessionToken?.substring(0, 8) + '...',
+            'session.mfaVerified': session?.mfaVerified,
+            'session.twoFactorComplete': session?.twoFactorComplete,
+            mfaVerifiedInSession,
+            mfaExpiresAt,
+            mfaExpired,
+            hasRefreshToken,
+            'session.idpRefreshToken': !!session?.idpRefreshToken,
+            'session.refreshToken': !!session?.refreshToken,
+        });
+        // CLEAR NAMING: User has completed 2FA requirements if: they verified AND it hasn't expired
+        const userHasCompletedTenantTwoFactorRequirements = mfaVerifiedInSession && !mfaExpired;
+        // userStillNeedsTwoFactor = inverse of completed (matches session callback logic)
+        const userStillNeedsTwoFactor = !userHasCompletedTenantTwoFactorRequirements;
+        if (mfaExpired && mfaVerifiedInSession) {
+            console.warn('[VIABILITY] MFA expired - forcing 2FA re-verification');
+        }
+        if (isExpired) {
+            return server_1.NextResponse.json({
+                viable: false,
+                needsRefresh: hasRefreshToken,
+                expiresIn: 0,
+                hasRefreshToken,
+                authenticated: true,
+                sessionToken,
+                // Clear names
+                tenantRequiresTwoFactor,
+                userHasCompletedTenantTwoFactorRequirements,
+                userStillNeedsTwoFactor,
+                // Legacy names for backwards compatibility
+                requires2FA: tenantRequiresTwoFactor,
+                twoFactorComplete: userHasCompletedTenantTwoFactorRequirements,
+                accessTokenExpired: true,
+                reason: 'Token expired',
+                // RBAC fields
+                roles: session?.roles || [],
+                clientId: session?.idpClientId || process.env.IDP_CLIENT_ID || '',
+            });
+        }
+        return server_1.NextResponse.json({
+            viable: true,
+            needsRefresh,
+            expiresIn,
+            hasRefreshToken,
+            authenticated: true,
+            sessionToken,
+            // Clear names
+            tenantRequiresTwoFactor,
+            userHasCompletedTenantTwoFactorRequirements,
+            userStillNeedsTwoFactor,
+            // Legacy names for backwards compatibility
+            requires2FA: tenantRequiresTwoFactor,
+            twoFactorComplete: userHasCompletedTenantTwoFactorRequirements,
+            accessTokenExpired: false,
+            expiresAt: new Date(expiryTime * 1000).toISOString(),
+            // RBAC fields
+            roles: session?.roles || [],
+            clientId: session?.idpClientId || process.env.IDP_CLIENT_ID || '',
+        });
+    }
+    catch (error) {
+        console.error('[VIABILITY_ROUTE] Error checking session viability:', error);
+        return server_1.NextResponse.json({
+            viable: false,
+            needsRefresh: false,
+            authenticated: false,
+            error: 'Failed to check session',
+            details: error instanceof Error ? error.message : 'Unknown error'
+        }, { status: 500 });
+    }
+}

package/dist/routes/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * @payez/next-mvp Route Module Exports
+ *
+ * Ready-to-use route handlers for quick integration
+ *
+ * @version 2.3.0
+ * @since auth-ready-v2
+ */
+export * from './auth';
+export * from './account';
+export * as auth from './auth';
+export * as account from './account';