npm - @qwickapps/server - Versions diffs - 1.2.0 → 1.3.1 - Mend

@qwickapps/server 1.2.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (299) hide show

package/README.md +392 -0
package/dist/core/control-panel.d.ts +7 -2
package/dist/core/control-panel.d.ts.map +1 -1
package/dist/core/control-panel.js +120 -54
package/dist/core/control-panel.js.map +1 -1
package/dist/core/gateway.d.ts +159 -79
package/dist/core/gateway.d.ts.map +1 -1
package/dist/core/gateway.js +679 -319
package/dist/core/gateway.js.map +1 -1
package/dist/core/index.d.ts +3 -1
package/dist/core/index.d.ts.map +1 -1
package/dist/core/index.js +2 -0
package/dist/core/index.js.map +1 -1
package/dist/core/plugin-registry.d.ts +307 -0
package/dist/core/plugin-registry.d.ts.map +1 -0
package/dist/core/plugin-registry.js +352 -0
package/dist/core/plugin-registry.js.map +1 -0
package/dist/core/types.d.ts +16 -33
package/dist/core/types.d.ts.map +1 -1
package/dist/index.d.ts +8 -5
package/dist/index.d.ts.map +1 -1
package/dist/index.js +15 -7
package/dist/index.js.map +1 -1
package/dist/plugins/auth/adapters/auth0-adapter.d.ts +14 -0
package/dist/plugins/auth/adapters/auth0-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/auth0-adapter.js +179 -0
package/dist/plugins/auth/adapters/auth0-adapter.js.map +1 -0
package/dist/plugins/auth/adapters/basic-adapter.d.ts +13 -0
package/dist/plugins/auth/adapters/basic-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/basic-adapter.js +51 -0
package/dist/plugins/auth/adapters/basic-adapter.js.map +1 -0
package/dist/plugins/auth/adapters/index.d.ts +10 -0
package/dist/plugins/auth/adapters/index.d.ts.map +1 -0
package/dist/plugins/auth/adapters/index.js +10 -0
package/dist/plugins/auth/adapters/index.js.map +1 -0
package/dist/plugins/auth/adapters/supabase-adapter.d.ts +13 -0
package/dist/plugins/auth/adapters/supabase-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/supabase-adapter.js +109 -0
package/dist/plugins/auth/adapters/supabase-adapter.js.map +1 -0
package/dist/plugins/auth/adapters/supertokens-adapter.d.ts +18 -0
package/dist/plugins/auth/adapters/supertokens-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/supertokens-adapter.js +267 -0
package/dist/plugins/auth/adapters/supertokens-adapter.js.map +1 -0
package/dist/plugins/auth/auth-plugin.d.ts +40 -0
package/dist/plugins/auth/auth-plugin.d.ts.map +1 -0
package/dist/plugins/auth/auth-plugin.js +255 -0
package/dist/plugins/auth/auth-plugin.js.map +1 -0
package/dist/plugins/auth/auth-plugin.test.d.ts +9 -0
package/dist/plugins/auth/auth-plugin.test.d.ts.map +1 -0
package/dist/plugins/auth/auth-plugin.test.js +147 -0
package/dist/plugins/auth/auth-plugin.test.js.map +1 -0
package/dist/plugins/auth/env-config.d.ts +88 -0
package/dist/plugins/auth/env-config.d.ts.map +1 -0
package/dist/plugins/auth/env-config.js +489 -0
package/dist/plugins/auth/env-config.js.map +1 -0
package/dist/plugins/auth/index.d.ts +14 -0
package/dist/plugins/auth/index.d.ts.map +1 -0
package/dist/plugins/auth/index.js +16 -0
package/dist/plugins/auth/index.js.map +1 -0
package/dist/plugins/auth/supertokens-adapter.test.d.ts +10 -0
package/dist/plugins/auth/supertokens-adapter.test.d.ts.map +1 -0
package/dist/plugins/auth/supertokens-adapter.test.js +486 -0
package/dist/plugins/auth/supertokens-adapter.test.js.map +1 -0
package/dist/plugins/auth/types.d.ts +218 -0
package/dist/plugins/auth/types.d.ts.map +1 -0
package/dist/plugins/auth/types.js +14 -0
package/dist/plugins/auth/types.js.map +1 -0
package/dist/plugins/bans/bans-plugin.d.ts +59 -0
package/dist/plugins/bans/bans-plugin.d.ts.map +1 -0
package/dist/plugins/bans/bans-plugin.js +428 -0
package/dist/plugins/bans/bans-plugin.js.map +1 -0
package/dist/plugins/bans/index.d.ts +9 -0
package/dist/plugins/bans/index.d.ts.map +1 -0
package/dist/plugins/bans/index.js +10 -0
package/dist/plugins/bans/index.js.map +1 -0
package/dist/plugins/bans/stores/index.d.ts +7 -0
package/dist/plugins/bans/stores/index.d.ts.map +1 -0
package/dist/plugins/bans/stores/index.js +7 -0
package/dist/plugins/bans/stores/index.js.map +1 -0
package/dist/plugins/bans/stores/postgres-store.d.ts +29 -0
package/dist/plugins/bans/stores/postgres-store.d.ts.map +1 -0
package/dist/plugins/bans/stores/postgres-store.js +132 -0
package/dist/plugins/bans/stores/postgres-store.js.map +1 -0
package/dist/plugins/bans/types.d.ts +128 -0
package/dist/plugins/bans/types.d.ts.map +1 -0
package/dist/plugins/bans/types.js +11 -0
package/dist/plugins/bans/types.js.map +1 -0
package/dist/plugins/cache-plugin.d.ts +14 -3
package/dist/plugins/cache-plugin.d.ts.map +1 -1
package/dist/plugins/cache-plugin.js +27 -7
package/dist/plugins/cache-plugin.js.map +1 -1
package/dist/plugins/cache-plugin.test.js +99 -32
package/dist/plugins/cache-plugin.test.js.map +1 -1
package/dist/plugins/config-plugin.d.ts +3 -2
package/dist/plugins/config-plugin.d.ts.map +1 -1
package/dist/plugins/config-plugin.js +17 -10
package/dist/plugins/config-plugin.js.map +1 -1
package/dist/plugins/diagnostics-plugin.d.ts +2 -2
package/dist/plugins/diagnostics-plugin.d.ts.map +1 -1
package/dist/plugins/diagnostics-plugin.js +17 -10
package/dist/plugins/diagnostics-plugin.js.map +1 -1
package/dist/plugins/entitlements/entitlements-plugin.d.ts +95 -0
package/dist/plugins/entitlements/entitlements-plugin.d.ts.map +1 -0
package/dist/plugins/entitlements/entitlements-plugin.js +707 -0
package/dist/plugins/entitlements/entitlements-plugin.js.map +1 -0
package/dist/plugins/entitlements/index.d.ts +12 -0
package/dist/plugins/entitlements/index.d.ts.map +1 -0
package/dist/plugins/entitlements/index.js +16 -0
package/dist/plugins/entitlements/index.js.map +1 -0
package/dist/plugins/entitlements/sources/index.d.ts +9 -0
package/dist/plugins/entitlements/sources/index.d.ts.map +1 -0
package/dist/plugins/entitlements/sources/index.js +9 -0
package/dist/plugins/entitlements/sources/index.js.map +1 -0
package/dist/plugins/entitlements/sources/postgres-source.d.ts +29 -0
package/dist/plugins/entitlements/sources/postgres-source.d.ts.map +1 -0
package/dist/plugins/entitlements/sources/postgres-source.js +169 -0
package/dist/plugins/entitlements/sources/postgres-source.js.map +1 -0
package/dist/plugins/entitlements/types.d.ts +232 -0
package/dist/plugins/entitlements/types.d.ts.map +1 -0
package/dist/plugins/entitlements/types.js +11 -0
package/dist/plugins/entitlements/types.js.map +1 -0
package/dist/plugins/frontend-app-plugin.d.ts +9 -3
package/dist/plugins/frontend-app-plugin.d.ts.map +1 -1
package/dist/plugins/frontend-app-plugin.js +14 -9
package/dist/plugins/frontend-app-plugin.js.map +1 -1
package/dist/plugins/health-plugin.d.ts +5 -2
package/dist/plugins/health-plugin.d.ts.map +1 -1
package/dist/plugins/health-plugin.js +20 -5
package/dist/plugins/health-plugin.js.map +1 -1
package/dist/plugins/index.d.ts +10 -2
package/dist/plugins/index.d.ts.map +1 -1
package/dist/plugins/index.js +10 -2
package/dist/plugins/index.js.map +1 -1
package/dist/plugins/logs-plugin.d.ts +3 -2
package/dist/plugins/logs-plugin.d.ts.map +1 -1
package/dist/plugins/logs-plugin.js +21 -12
package/dist/plugins/logs-plugin.js.map +1 -1
package/dist/plugins/postgres-plugin.d.ts +3 -3
package/dist/plugins/postgres-plugin.d.ts.map +1 -1
package/dist/plugins/postgres-plugin.js +9 -7
package/dist/plugins/postgres-plugin.js.map +1 -1
package/dist/plugins/postgres-plugin.test.js +50 -29
package/dist/plugins/postgres-plugin.test.js.map +1 -1
package/dist/plugins/preferences/__tests__/deep-merge.test.d.ts +7 -0
package/dist/plugins/preferences/__tests__/deep-merge.test.d.ts.map +1 -0
package/dist/plugins/preferences/__tests__/deep-merge.test.js +215 -0
package/dist/plugins/preferences/__tests__/deep-merge.test.js.map +1 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.d.ts +7 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.d.ts.map +1 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.js +265 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.js.map +1 -0
package/dist/plugins/preferences/index.d.ts +12 -0
package/dist/plugins/preferences/index.d.ts.map +1 -0
package/dist/plugins/preferences/index.js +13 -0
package/dist/plugins/preferences/index.js.map +1 -0
package/dist/plugins/preferences/preferences-plugin.d.ts +39 -0
package/dist/plugins/preferences/preferences-plugin.d.ts.map +1 -0
package/dist/plugins/preferences/preferences-plugin.js +226 -0
package/dist/plugins/preferences/preferences-plugin.js.map +1 -0
package/dist/plugins/preferences/stores/index.d.ts +9 -0
package/dist/plugins/preferences/stores/index.d.ts.map +1 -0
package/dist/plugins/preferences/stores/index.js +9 -0
package/dist/plugins/preferences/stores/index.js.map +1 -0
package/dist/plugins/preferences/stores/postgres-store.d.ts +41 -0
package/dist/plugins/preferences/stores/postgres-store.d.ts.map +1 -0
package/dist/plugins/preferences/stores/postgres-store.js +181 -0
package/dist/plugins/preferences/stores/postgres-store.js.map +1 -0
package/dist/plugins/preferences/types.d.ts +91 -0
package/dist/plugins/preferences/types.d.ts.map +1 -0
package/dist/plugins/preferences/types.js +10 -0
package/dist/plugins/preferences/types.js.map +1 -0
package/dist/plugins/users/__tests__/users-plugin.test.d.ts +9 -0
package/dist/plugins/users/__tests__/users-plugin.test.d.ts.map +1 -0
package/dist/plugins/users/__tests__/users-plugin.test.js +546 -0
package/dist/plugins/users/__tests__/users-plugin.test.js.map +1 -0
package/dist/plugins/users/index.d.ts +12 -0
package/dist/plugins/users/index.d.ts.map +1 -0
package/dist/plugins/users/index.js +13 -0
package/dist/plugins/users/index.js.map +1 -0
package/dist/plugins/users/stores/index.d.ts +7 -0
package/dist/plugins/users/stores/index.d.ts.map +1 -0
package/dist/plugins/users/stores/index.js +7 -0
package/dist/plugins/users/stores/index.js.map +1 -0
package/dist/plugins/users/stores/postgres-store.d.ts +28 -0
package/dist/plugins/users/stores/postgres-store.d.ts.map +1 -0
package/dist/plugins/users/stores/postgres-store.js +157 -0
package/dist/plugins/users/stores/postgres-store.js.map +1 -0
package/dist/plugins/users/types.d.ts +225 -0
package/dist/plugins/users/types.d.ts.map +1 -0
package/dist/plugins/users/types.js +12 -0
package/dist/plugins/users/types.js.map +1 -0
package/dist/plugins/users/users-plugin.d.ts +45 -0
package/dist/plugins/users/users-plugin.d.ts.map +1 -0
package/dist/plugins/users/users-plugin.js +359 -0
package/dist/plugins/users/users-plugin.js.map +1 -0
package/dist-ui/assets/index-BY8OxNgO.js +465 -0
package/dist-ui/assets/index-BY8OxNgO.js.map +1 -0
package/dist-ui/index.html +1 -1
package/dist-ui-lib/api/controlPanelApi.d.ts +278 -0
package/dist-ui-lib/components/ControlPanelApp.d.ts +61 -0
package/dist-ui-lib/components/index.d.ts +18 -0
package/dist-ui-lib/config/AppConfig.d.ts +7 -0
package/dist-ui-lib/dashboard/DashboardWidgetRegistry.d.ts +62 -0
package/dist-ui-lib/dashboard/DashboardWidgetRenderer.d.ts +8 -0
package/dist-ui-lib/dashboard/PluginWidgetRenderer.d.ts +19 -0
package/dist-ui-lib/dashboard/WidgetComponentRegistry.d.ts +48 -0
package/dist-ui-lib/dashboard/builtInWidgets.d.ts +25 -0
package/dist-ui-lib/dashboard/index.d.ts +13 -0
package/dist-ui-lib/dashboard/widgets/ServiceHealthWidget.d.ts +12 -0
package/dist-ui-lib/dashboard/widgets/index.d.ts +6 -0
package/dist-ui-lib/index.js +5172 -0
package/dist-ui-lib/index.js.map +1 -0
package/dist-ui-lib/pages/AuthPage.d.ts +1 -0
package/dist-ui-lib/pages/ConfigPage.d.ts +1 -0
package/dist-ui-lib/pages/DashboardPage.d.ts +1 -0
package/dist-ui-lib/pages/DiagnosticsPage.d.ts +1 -0
package/dist-ui-lib/pages/EntitlementsPage.d.ts +17 -0
package/dist-ui-lib/pages/LogsPage.d.ts +1 -0
package/dist-ui-lib/pages/NotFoundPage.d.ts +1 -0
package/dist-ui-lib/pages/PluginPage.d.ts +15 -0
package/dist-ui-lib/pages/PluginsPage.d.ts +1 -0
package/dist-ui-lib/pages/SystemPage.d.ts +1 -0
package/dist-ui-lib/pages/UsersPage.d.ts +22 -0
package/package.json +24 -7
package/src/core/control-panel.ts +145 -61
package/src/core/gateway.ts +863 -403
package/src/core/index.ts +21 -2
package/src/core/plugin-registry.ts +716 -0
package/src/core/types.ts +31 -37
package/src/index.ts +125 -19
package/src/plugins/auth/adapters/auth0-adapter.ts +214 -0
package/src/plugins/auth/adapters/basic-adapter.ts +61 -0
package/src/plugins/auth/adapters/index.ts +10 -0
package/src/plugins/auth/adapters/supabase-adapter.ts +149 -0
package/src/plugins/auth/adapters/supertokens-adapter.ts +326 -0
package/src/plugins/auth/auth-plugin.test.ts +176 -0
package/src/plugins/auth/auth-plugin.ts +303 -0
package/src/plugins/auth/env-config.ts +572 -0
package/src/plugins/auth/index.ts +42 -0
package/src/plugins/auth/supertokens-adapter.test.ts +621 -0
package/src/plugins/auth/types.ts +245 -0
package/src/plugins/bans/bans-plugin.ts +485 -0
package/src/plugins/bans/index.ts +31 -0
package/src/plugins/bans/stores/index.ts +7 -0
package/src/plugins/bans/stores/postgres-store.ts +195 -0
package/src/plugins/bans/types.ts +141 -0
package/src/plugins/cache-plugin.test.ts +108 -32
package/src/plugins/cache-plugin.ts +40 -9
package/src/plugins/config-plugin.ts +23 -12
package/src/plugins/diagnostics-plugin.ts +22 -12
package/src/plugins/entitlements/entitlements-plugin.ts +820 -0
package/src/plugins/entitlements/index.ts +51 -0
package/src/plugins/entitlements/sources/index.ts +9 -0
package/src/plugins/entitlements/sources/postgres-source.ts +253 -0
package/src/plugins/entitlements/types.ts +256 -0
package/src/plugins/frontend-app-plugin.ts +24 -12
package/src/plugins/health-plugin.ts +27 -7
package/src/plugins/index.ts +132 -4
package/src/plugins/logs-plugin.ts +28 -14
package/src/plugins/postgres-plugin.test.ts +52 -29
package/src/plugins/postgres-plugin.ts +11 -9
package/src/plugins/preferences/__tests__/deep-merge.test.ts +242 -0
package/src/plugins/preferences/__tests__/preferences-plugin.test.ts +350 -0
package/src/plugins/preferences/index.ts +30 -0
package/src/plugins/preferences/preferences-plugin.ts +270 -0
package/src/plugins/preferences/stores/index.ts +9 -0
package/src/plugins/preferences/stores/postgres-store.ts +252 -0
package/src/plugins/preferences/types.ts +100 -0
package/src/plugins/users/__tests__/users-plugin.test.ts +690 -0
package/src/plugins/users/index.ts +38 -0
package/src/plugins/users/stores/index.ts +7 -0
package/src/plugins/users/stores/postgres-store.ts +225 -0
package/src/plugins/users/types.ts +247 -0
package/src/plugins/users/users-plugin.ts +418 -0
package/ui/src/App.tsx +188 -31
package/ui/src/api/controlPanelApi.ts +453 -1
package/ui/src/components/ControlPanelApp.tsx +212 -0
package/ui/src/components/index.ts +62 -0
package/ui/src/dashboard/DashboardWidgetRegistry.tsx +129 -0
package/ui/src/dashboard/DashboardWidgetRenderer.tsx +34 -0
package/ui/src/dashboard/PluginWidgetRenderer.tsx +118 -0
package/ui/src/dashboard/WidgetComponentRegistry.tsx +120 -0
package/ui/src/dashboard/builtInWidgets.tsx +35 -0
package/ui/src/dashboard/index.ts +35 -0
package/ui/src/dashboard/widgets/ServiceHealthWidget.tsx +140 -0
package/ui/src/dashboard/widgets/index.ts +7 -0
package/ui/src/pages/AuthPage.tsx +259 -0
package/ui/src/pages/DashboardPage.tsx +28 -149
package/ui/src/pages/EntitlementsPage.tsx +557 -0
package/ui/src/pages/LogsPage.tsx +174 -8
package/ui/src/pages/PluginPage.tsx +148 -0
package/ui/src/pages/PluginsPage.tsx +394 -0
package/ui/src/pages/SystemPage.tsx +445 -0
package/ui/src/pages/UsersPage.tsx +837 -0
package/ui/tsconfig.lib.json +11 -0
package/ui/vite.lib.config.ts +56 -0
package/dist-ui/assets/index-CW1BviRn.js +0 -465
package/dist-ui/assets/index-CW1BviRn.js.map +0 -1
package/ui/src/pages/HealthPage.tsx +0 -204

package/src/plugins/auth/auth-plugin.ts ADDED Viewed

@@ -0,0 +1,303 @@
+/**
+ * Auth Plugin
+ *
+ * Pluggable authentication plugin for @qwickapps/server.
+ * Supports multiple adapters (Auth0, Supabase, Basic) with fallback chain.
+ *
+ * Copyright (c) 2025 QwickApps.com. All rights reserved.
+ */
+import type { Request, Response, NextFunction, RequestHandler } from 'express';
+import type { Plugin, PluginConfig, PluginRegistry } from '../../core/plugin-registry.js';
+import type {
+  AuthPluginConfig,
+  AuthAdapter,
+  AuthenticatedUser,
+  AuthenticatedRequest,
+} from './types.js';
+// Store the plugin instance for helper access
+let currentAdapter: AuthAdapter | null = null;
+let fallbackAdapters: AuthAdapter[] = [];
+/**
+ * Create the Auth plugin
+ */
+export function createAuthPlugin(config: AuthPluginConfig): Plugin {
+  const excludePaths = config.excludePaths || [];
+  const authRequired = config.authRequired !== false;
+  const debug = config.debug || false;
+  function log(message: string, data?: Record<string, unknown>) {
+    if (debug) {
+      console.log(`[AuthPlugin] ${message}`, data || '');
+    }
+  }
+  return {
+    id: 'auth',
+    name: 'Auth Plugin',
+    version: '1.0.0',
+    async onStart(_pluginConfig: PluginConfig, registry: PluginRegistry): Promise<void> {
+      const app = registry.getApp();
+      // Store adapters for helper access
+      currentAdapter = config.adapter;
+      fallbackAdapters = config.fallback || [];
+      log('Initializing auth plugin', {
+        adapter: config.adapter.name,
+        fallback: fallbackAdapters.map((a) => a.name),
+        excludePaths,
+        authRequired,
+      });
+      // Initialize the primary adapter
+      const primaryMiddleware = config.adapter.initialize();
+      if (Array.isArray(primaryMiddleware)) {
+        primaryMiddleware.forEach((mw) => app.use(mw));
+      } else {
+        app.use(primaryMiddleware);
+      }
+      // Initialize fallback adapters
+      for (const fallback of fallbackAdapters) {
+        const fallbackMiddleware = fallback.initialize();
+        if (Array.isArray(fallbackMiddleware)) {
+          fallbackMiddleware.forEach((mw) => app.use(mw));
+        } else {
+          app.use(fallbackMiddleware);
+        }
+      }
+      // Add the auth checking middleware
+      app.use(createAuthMiddleware());
+      // Register auth status route
+      registry.addRoute({
+        method: 'get',
+        path: '/api/auth/status',
+        handler: (_req: Request, res: Response) => {
+          const authReq = _req as AuthenticatedRequest;
+          res.json({
+            authenticated: authReq.auth?.isAuthenticated || false,
+            user: authReq.auth?.user
+              ? {
+                  id: authReq.auth.user.id,
+                  email: authReq.auth.user.email,
+                  name: authReq.auth.user.name,
+                  picture: authReq.auth.user.picture,
+                  roles: authReq.auth.user.roles,
+                }
+              : null,
+            adapter: authReq.auth?.adapter,
+          });
+        },
+        pluginId: 'auth',
+      });
+      log('Auth plugin initialized');
+    },
+    async onStop(): Promise<void> {
+      log('Shutting down auth plugin');
+      // Cleanup adapters
+      if (currentAdapter?.shutdown) {
+        await currentAdapter.shutdown();
+      }
+      for (const fallback of fallbackAdapters) {
+        if (fallback.shutdown) {
+          await fallback.shutdown();
+        }
+      }
+      currentAdapter = null;
+      fallbackAdapters = [];
+    },
+  };
+  /**
+   * Create the auth checking middleware
+   */
+  function createAuthMiddleware(): RequestHandler {
+    return async (req: Request, res: Response, next: NextFunction) => {
+      const authReq = req as AuthenticatedRequest;
+      // Initialize auth object
+      authReq.auth = {
+        isAuthenticated: false,
+        user: null,
+        adapter: 'none',
+      };
+      // Check if path is excluded
+      const isExcluded = excludePaths.some((path) => {
+        if (path.endsWith('*')) {
+          return req.path.startsWith(path.slice(0, -1));
+        }
+        return req.path === path || req.path.startsWith(path + '/');
+      });
+      if (isExcluded) {
+        log('Path excluded from auth', { path: req.path });
+        return next();
+      }
+      // Try primary adapter
+      let authenticated = false;
+      let user: AuthenticatedUser | null = null;
+      let activeAdapter = config.adapter;
+      if (config.adapter.isAuthenticated(req)) {
+        user = await Promise.resolve(config.adapter.getUser(req));
+        if (user) {
+          authenticated = true;
+          log('Authenticated via primary adapter', { adapter: config.adapter.name });
+        }
+      }
+      // Try fallback adapters if primary didn't authenticate
+      if (!authenticated && fallbackAdapters.length > 0) {
+        for (const fallback of fallbackAdapters) {
+          if (fallback.isAuthenticated(req)) {
+            user = await Promise.resolve(fallback.getUser(req));
+            if (user) {
+              authenticated = true;
+              activeAdapter = fallback;
+              log('Authenticated via fallback adapter', { adapter: fallback.name });
+              break;
+            }
+          }
+        }
+      }
+      // Set auth info on request
+      authReq.auth = {
+        isAuthenticated: authenticated,
+        user,
+        adapter: activeAdapter.name,
+        accessToken: activeAdapter.getAccessToken?.(req) || undefined,
+      };
+      // Check if auth is required but user is not authenticated
+      if (authRequired && !authenticated) {
+        log('Auth required but not authenticated', { path: req.path });
+        // Use custom handler if provided
+        if (config.onUnauthorized) {
+          return config.onUnauthorized(req, res);
+        }
+        // Use adapter's unauthorized handler
+        if (activeAdapter.onUnauthorized) {
+          return activeAdapter.onUnauthorized(req, res);
+        }
+        // Default unauthorized response
+        return res.status(401).json({
+          error: 'Unauthorized',
+          message: 'Authentication required',
+        });
+      }
+      next();
+    };
+  }
+}
+/**
+ * Check if the current request is authenticated
+ */
+export function isAuthenticated(req: Request): boolean {
+  const authReq = req as AuthenticatedRequest;
+  return authReq.auth?.isAuthenticated || false;
+}
+/**
+ * Get the authenticated user from the request
+ */
+export function getAuthenticatedUser(req: Request): AuthenticatedUser | null {
+  const authReq = req as AuthenticatedRequest;
+  return authReq.auth?.user || null;
+}
+/**
+ * Get the access token from the request
+ */
+export function getAccessToken(req: Request): string | null {
+  const authReq = req as AuthenticatedRequest;
+  return authReq.auth?.accessToken || null;
+}
+/**
+ * Middleware to require authentication
+ */
+export function requireAuth(): RequestHandler {
+  return (req: Request, res: Response, next: NextFunction) => {
+    if (!isAuthenticated(req)) {
+      return res.status(401).json({
+        error: 'Unauthorized',
+        message: 'Authentication required',
+      });
+    }
+    next();
+  };
+}
+/**
+ * Middleware to require specific roles
+ */
+export function requireRoles(...roles: string[]): RequestHandler {
+  return (req: Request, res: Response, next: NextFunction) => {
+    const user = getAuthenticatedUser(req);
+    if (!user) {
+      return res.status(401).json({
+        error: 'Unauthorized',
+        message: 'Authentication required',
+      });
+    }
+    const userRoles = user.roles || [];
+    const hasAllRoles = roles.every((role) => userRoles.includes(role));
+    if (!hasAllRoles) {
+      return res.status(403).json({
+        error: 'Forbidden',
+        message: `Required roles: ${roles.join(', ')}`,
+      });
+    }
+    next();
+  };
+}
+/**
+ * Middleware to require any of the specified roles
+ */
+export function requireAnyRole(...roles: string[]): RequestHandler {
+  return (req: Request, res: Response, next: NextFunction) => {
+    const user = getAuthenticatedUser(req);
+    if (!user) {
+      return res.status(401).json({
+        error: 'Unauthorized',
+        message: 'Authentication required',
+      });
+    }
+    const userRoles = user.roles || [];
+    const hasAnyRole = roles.some((role) => userRoles.includes(role));
+    if (!hasAnyRole) {
+      return res.status(403).json({
+        error: 'Forbidden',
+        message: `Required one of roles: ${roles.join(', ')}`,
+      });
+    }
+    next();
+  };
+}