npm - @qwickapps/server - Versions diffs - 1.2.0 → 1.3.1 - Mend

@qwickapps/server 1.2.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (299) hide show

package/README.md +392 -0
package/dist/core/control-panel.d.ts +7 -2
package/dist/core/control-panel.d.ts.map +1 -1
package/dist/core/control-panel.js +120 -54
package/dist/core/control-panel.js.map +1 -1
package/dist/core/gateway.d.ts +159 -79
package/dist/core/gateway.d.ts.map +1 -1
package/dist/core/gateway.js +679 -319
package/dist/core/gateway.js.map +1 -1
package/dist/core/index.d.ts +3 -1
package/dist/core/index.d.ts.map +1 -1
package/dist/core/index.js +2 -0
package/dist/core/index.js.map +1 -1
package/dist/core/plugin-registry.d.ts +307 -0
package/dist/core/plugin-registry.d.ts.map +1 -0
package/dist/core/plugin-registry.js +352 -0
package/dist/core/plugin-registry.js.map +1 -0
package/dist/core/types.d.ts +16 -33
package/dist/core/types.d.ts.map +1 -1
package/dist/index.d.ts +8 -5
package/dist/index.d.ts.map +1 -1
package/dist/index.js +15 -7
package/dist/index.js.map +1 -1
package/dist/plugins/auth/adapters/auth0-adapter.d.ts +14 -0
package/dist/plugins/auth/adapters/auth0-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/auth0-adapter.js +179 -0
package/dist/plugins/auth/adapters/auth0-adapter.js.map +1 -0
package/dist/plugins/auth/adapters/basic-adapter.d.ts +13 -0
package/dist/plugins/auth/adapters/basic-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/basic-adapter.js +51 -0
package/dist/plugins/auth/adapters/basic-adapter.js.map +1 -0
package/dist/plugins/auth/adapters/index.d.ts +10 -0
package/dist/plugins/auth/adapters/index.d.ts.map +1 -0
package/dist/plugins/auth/adapters/index.js +10 -0
package/dist/plugins/auth/adapters/index.js.map +1 -0
package/dist/plugins/auth/adapters/supabase-adapter.d.ts +13 -0
package/dist/plugins/auth/adapters/supabase-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/supabase-adapter.js +109 -0
package/dist/plugins/auth/adapters/supabase-adapter.js.map +1 -0
package/dist/plugins/auth/adapters/supertokens-adapter.d.ts +18 -0
package/dist/plugins/auth/adapters/supertokens-adapter.d.ts.map +1 -0
package/dist/plugins/auth/adapters/supertokens-adapter.js +267 -0
package/dist/plugins/auth/adapters/supertokens-adapter.js.map +1 -0
package/dist/plugins/auth/auth-plugin.d.ts +40 -0
package/dist/plugins/auth/auth-plugin.d.ts.map +1 -0
package/dist/plugins/auth/auth-plugin.js +255 -0
package/dist/plugins/auth/auth-plugin.js.map +1 -0
package/dist/plugins/auth/auth-plugin.test.d.ts +9 -0
package/dist/plugins/auth/auth-plugin.test.d.ts.map +1 -0
package/dist/plugins/auth/auth-plugin.test.js +147 -0
package/dist/plugins/auth/auth-plugin.test.js.map +1 -0
package/dist/plugins/auth/env-config.d.ts +88 -0
package/dist/plugins/auth/env-config.d.ts.map +1 -0
package/dist/plugins/auth/env-config.js +489 -0
package/dist/plugins/auth/env-config.js.map +1 -0
package/dist/plugins/auth/index.d.ts +14 -0
package/dist/plugins/auth/index.d.ts.map +1 -0
package/dist/plugins/auth/index.js +16 -0
package/dist/plugins/auth/index.js.map +1 -0
package/dist/plugins/auth/supertokens-adapter.test.d.ts +10 -0
package/dist/plugins/auth/supertokens-adapter.test.d.ts.map +1 -0
package/dist/plugins/auth/supertokens-adapter.test.js +486 -0
package/dist/plugins/auth/supertokens-adapter.test.js.map +1 -0
package/dist/plugins/auth/types.d.ts +218 -0
package/dist/plugins/auth/types.d.ts.map +1 -0
package/dist/plugins/auth/types.js +14 -0
package/dist/plugins/auth/types.js.map +1 -0
package/dist/plugins/bans/bans-plugin.d.ts +59 -0
package/dist/plugins/bans/bans-plugin.d.ts.map +1 -0
package/dist/plugins/bans/bans-plugin.js +428 -0
package/dist/plugins/bans/bans-plugin.js.map +1 -0
package/dist/plugins/bans/index.d.ts +9 -0
package/dist/plugins/bans/index.d.ts.map +1 -0
package/dist/plugins/bans/index.js +10 -0
package/dist/plugins/bans/index.js.map +1 -0
package/dist/plugins/bans/stores/index.d.ts +7 -0
package/dist/plugins/bans/stores/index.d.ts.map +1 -0
package/dist/plugins/bans/stores/index.js +7 -0
package/dist/plugins/bans/stores/index.js.map +1 -0
package/dist/plugins/bans/stores/postgres-store.d.ts +29 -0
package/dist/plugins/bans/stores/postgres-store.d.ts.map +1 -0
package/dist/plugins/bans/stores/postgres-store.js +132 -0
package/dist/plugins/bans/stores/postgres-store.js.map +1 -0
package/dist/plugins/bans/types.d.ts +128 -0
package/dist/plugins/bans/types.d.ts.map +1 -0
package/dist/plugins/bans/types.js +11 -0
package/dist/plugins/bans/types.js.map +1 -0
package/dist/plugins/cache-plugin.d.ts +14 -3
package/dist/plugins/cache-plugin.d.ts.map +1 -1
package/dist/plugins/cache-plugin.js +27 -7
package/dist/plugins/cache-plugin.js.map +1 -1
package/dist/plugins/cache-plugin.test.js +99 -32
package/dist/plugins/cache-plugin.test.js.map +1 -1
package/dist/plugins/config-plugin.d.ts +3 -2
package/dist/plugins/config-plugin.d.ts.map +1 -1
package/dist/plugins/config-plugin.js +17 -10
package/dist/plugins/config-plugin.js.map +1 -1
package/dist/plugins/diagnostics-plugin.d.ts +2 -2
package/dist/plugins/diagnostics-plugin.d.ts.map +1 -1
package/dist/plugins/diagnostics-plugin.js +17 -10
package/dist/plugins/diagnostics-plugin.js.map +1 -1
package/dist/plugins/entitlements/entitlements-plugin.d.ts +95 -0
package/dist/plugins/entitlements/entitlements-plugin.d.ts.map +1 -0
package/dist/plugins/entitlements/entitlements-plugin.js +707 -0
package/dist/plugins/entitlements/entitlements-plugin.js.map +1 -0
package/dist/plugins/entitlements/index.d.ts +12 -0
package/dist/plugins/entitlements/index.d.ts.map +1 -0
package/dist/plugins/entitlements/index.js +16 -0
package/dist/plugins/entitlements/index.js.map +1 -0
package/dist/plugins/entitlements/sources/index.d.ts +9 -0
package/dist/plugins/entitlements/sources/index.d.ts.map +1 -0
package/dist/plugins/entitlements/sources/index.js +9 -0
package/dist/plugins/entitlements/sources/index.js.map +1 -0
package/dist/plugins/entitlements/sources/postgres-source.d.ts +29 -0
package/dist/plugins/entitlements/sources/postgres-source.d.ts.map +1 -0
package/dist/plugins/entitlements/sources/postgres-source.js +169 -0
package/dist/plugins/entitlements/sources/postgres-source.js.map +1 -0
package/dist/plugins/entitlements/types.d.ts +232 -0
package/dist/plugins/entitlements/types.d.ts.map +1 -0
package/dist/plugins/entitlements/types.js +11 -0
package/dist/plugins/entitlements/types.js.map +1 -0
package/dist/plugins/frontend-app-plugin.d.ts +9 -3
package/dist/plugins/frontend-app-plugin.d.ts.map +1 -1
package/dist/plugins/frontend-app-plugin.js +14 -9
package/dist/plugins/frontend-app-plugin.js.map +1 -1
package/dist/plugins/health-plugin.d.ts +5 -2
package/dist/plugins/health-plugin.d.ts.map +1 -1
package/dist/plugins/health-plugin.js +20 -5
package/dist/plugins/health-plugin.js.map +1 -1
package/dist/plugins/index.d.ts +10 -2
package/dist/plugins/index.d.ts.map +1 -1
package/dist/plugins/index.js +10 -2
package/dist/plugins/index.js.map +1 -1
package/dist/plugins/logs-plugin.d.ts +3 -2
package/dist/plugins/logs-plugin.d.ts.map +1 -1
package/dist/plugins/logs-plugin.js +21 -12
package/dist/plugins/logs-plugin.js.map +1 -1
package/dist/plugins/postgres-plugin.d.ts +3 -3
package/dist/plugins/postgres-plugin.d.ts.map +1 -1
package/dist/plugins/postgres-plugin.js +9 -7
package/dist/plugins/postgres-plugin.js.map +1 -1
package/dist/plugins/postgres-plugin.test.js +50 -29
package/dist/plugins/postgres-plugin.test.js.map +1 -1
package/dist/plugins/preferences/__tests__/deep-merge.test.d.ts +7 -0
package/dist/plugins/preferences/__tests__/deep-merge.test.d.ts.map +1 -0
package/dist/plugins/preferences/__tests__/deep-merge.test.js +215 -0
package/dist/plugins/preferences/__tests__/deep-merge.test.js.map +1 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.d.ts +7 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.d.ts.map +1 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.js +265 -0
package/dist/plugins/preferences/__tests__/preferences-plugin.test.js.map +1 -0
package/dist/plugins/preferences/index.d.ts +12 -0
package/dist/plugins/preferences/index.d.ts.map +1 -0
package/dist/plugins/preferences/index.js +13 -0
package/dist/plugins/preferences/index.js.map +1 -0
package/dist/plugins/preferences/preferences-plugin.d.ts +39 -0
package/dist/plugins/preferences/preferences-plugin.d.ts.map +1 -0
package/dist/plugins/preferences/preferences-plugin.js +226 -0
package/dist/plugins/preferences/preferences-plugin.js.map +1 -0
package/dist/plugins/preferences/stores/index.d.ts +9 -0
package/dist/plugins/preferences/stores/index.d.ts.map +1 -0
package/dist/plugins/preferences/stores/index.js +9 -0
package/dist/plugins/preferences/stores/index.js.map +1 -0
package/dist/plugins/preferences/stores/postgres-store.d.ts +41 -0
package/dist/plugins/preferences/stores/postgres-store.d.ts.map +1 -0
package/dist/plugins/preferences/stores/postgres-store.js +181 -0
package/dist/plugins/preferences/stores/postgres-store.js.map +1 -0
package/dist/plugins/preferences/types.d.ts +91 -0
package/dist/plugins/preferences/types.d.ts.map +1 -0
package/dist/plugins/preferences/types.js +10 -0
package/dist/plugins/preferences/types.js.map +1 -0
package/dist/plugins/users/__tests__/users-plugin.test.d.ts +9 -0
package/dist/plugins/users/__tests__/users-plugin.test.d.ts.map +1 -0
package/dist/plugins/users/__tests__/users-plugin.test.js +546 -0
package/dist/plugins/users/__tests__/users-plugin.test.js.map +1 -0
package/dist/plugins/users/index.d.ts +12 -0
package/dist/plugins/users/index.d.ts.map +1 -0
package/dist/plugins/users/index.js +13 -0
package/dist/plugins/users/index.js.map +1 -0
package/dist/plugins/users/stores/index.d.ts +7 -0
package/dist/plugins/users/stores/index.d.ts.map +1 -0
package/dist/plugins/users/stores/index.js +7 -0
package/dist/plugins/users/stores/index.js.map +1 -0
package/dist/plugins/users/stores/postgres-store.d.ts +28 -0
package/dist/plugins/users/stores/postgres-store.d.ts.map +1 -0
package/dist/plugins/users/stores/postgres-store.js +157 -0
package/dist/plugins/users/stores/postgres-store.js.map +1 -0
package/dist/plugins/users/types.d.ts +225 -0
package/dist/plugins/users/types.d.ts.map +1 -0
package/dist/plugins/users/types.js +12 -0
package/dist/plugins/users/types.js.map +1 -0
package/dist/plugins/users/users-plugin.d.ts +45 -0
package/dist/plugins/users/users-plugin.d.ts.map +1 -0
package/dist/plugins/users/users-plugin.js +359 -0
package/dist/plugins/users/users-plugin.js.map +1 -0
package/dist-ui/assets/index-BY8OxNgO.js +465 -0
package/dist-ui/assets/index-BY8OxNgO.js.map +1 -0
package/dist-ui/index.html +1 -1
package/dist-ui-lib/api/controlPanelApi.d.ts +278 -0
package/dist-ui-lib/components/ControlPanelApp.d.ts +61 -0
package/dist-ui-lib/components/index.d.ts +18 -0
package/dist-ui-lib/config/AppConfig.d.ts +7 -0
package/dist-ui-lib/dashboard/DashboardWidgetRegistry.d.ts +62 -0
package/dist-ui-lib/dashboard/DashboardWidgetRenderer.d.ts +8 -0
package/dist-ui-lib/dashboard/PluginWidgetRenderer.d.ts +19 -0
package/dist-ui-lib/dashboard/WidgetComponentRegistry.d.ts +48 -0
package/dist-ui-lib/dashboard/builtInWidgets.d.ts +25 -0
package/dist-ui-lib/dashboard/index.d.ts +13 -0
package/dist-ui-lib/dashboard/widgets/ServiceHealthWidget.d.ts +12 -0
package/dist-ui-lib/dashboard/widgets/index.d.ts +6 -0
package/dist-ui-lib/index.js +5172 -0
package/dist-ui-lib/index.js.map +1 -0
package/dist-ui-lib/pages/AuthPage.d.ts +1 -0
package/dist-ui-lib/pages/ConfigPage.d.ts +1 -0
package/dist-ui-lib/pages/DashboardPage.d.ts +1 -0
package/dist-ui-lib/pages/DiagnosticsPage.d.ts +1 -0
package/dist-ui-lib/pages/EntitlementsPage.d.ts +17 -0
package/dist-ui-lib/pages/LogsPage.d.ts +1 -0
package/dist-ui-lib/pages/NotFoundPage.d.ts +1 -0
package/dist-ui-lib/pages/PluginPage.d.ts +15 -0
package/dist-ui-lib/pages/PluginsPage.d.ts +1 -0
package/dist-ui-lib/pages/SystemPage.d.ts +1 -0
package/dist-ui-lib/pages/UsersPage.d.ts +22 -0
package/package.json +24 -7
package/src/core/control-panel.ts +145 -61
package/src/core/gateway.ts +863 -403
package/src/core/index.ts +21 -2
package/src/core/plugin-registry.ts +716 -0
package/src/core/types.ts +31 -37
package/src/index.ts +125 -19
package/src/plugins/auth/adapters/auth0-adapter.ts +214 -0
package/src/plugins/auth/adapters/basic-adapter.ts +61 -0
package/src/plugins/auth/adapters/index.ts +10 -0
package/src/plugins/auth/adapters/supabase-adapter.ts +149 -0
package/src/plugins/auth/adapters/supertokens-adapter.ts +326 -0
package/src/plugins/auth/auth-plugin.test.ts +176 -0
package/src/plugins/auth/auth-plugin.ts +303 -0
package/src/plugins/auth/env-config.ts +572 -0
package/src/plugins/auth/index.ts +42 -0
package/src/plugins/auth/supertokens-adapter.test.ts +621 -0
package/src/plugins/auth/types.ts +245 -0
package/src/plugins/bans/bans-plugin.ts +485 -0
package/src/plugins/bans/index.ts +31 -0
package/src/plugins/bans/stores/index.ts +7 -0
package/src/plugins/bans/stores/postgres-store.ts +195 -0
package/src/plugins/bans/types.ts +141 -0
package/src/plugins/cache-plugin.test.ts +108 -32
package/src/plugins/cache-plugin.ts +40 -9
package/src/plugins/config-plugin.ts +23 -12
package/src/plugins/diagnostics-plugin.ts +22 -12
package/src/plugins/entitlements/entitlements-plugin.ts +820 -0
package/src/plugins/entitlements/index.ts +51 -0
package/src/plugins/entitlements/sources/index.ts +9 -0
package/src/plugins/entitlements/sources/postgres-source.ts +253 -0
package/src/plugins/entitlements/types.ts +256 -0
package/src/plugins/frontend-app-plugin.ts +24 -12
package/src/plugins/health-plugin.ts +27 -7
package/src/plugins/index.ts +132 -4
package/src/plugins/logs-plugin.ts +28 -14
package/src/plugins/postgres-plugin.test.ts +52 -29
package/src/plugins/postgres-plugin.ts +11 -9
package/src/plugins/preferences/__tests__/deep-merge.test.ts +242 -0
package/src/plugins/preferences/__tests__/preferences-plugin.test.ts +350 -0
package/src/plugins/preferences/index.ts +30 -0
package/src/plugins/preferences/preferences-plugin.ts +270 -0
package/src/plugins/preferences/stores/index.ts +9 -0
package/src/plugins/preferences/stores/postgres-store.ts +252 -0
package/src/plugins/preferences/types.ts +100 -0
package/src/plugins/users/__tests__/users-plugin.test.ts +690 -0
package/src/plugins/users/index.ts +38 -0
package/src/plugins/users/stores/index.ts +7 -0
package/src/plugins/users/stores/postgres-store.ts +225 -0
package/src/plugins/users/types.ts +247 -0
package/src/plugins/users/users-plugin.ts +418 -0
package/ui/src/App.tsx +188 -31
package/ui/src/api/controlPanelApi.ts +453 -1
package/ui/src/components/ControlPanelApp.tsx +212 -0
package/ui/src/components/index.ts +62 -0
package/ui/src/dashboard/DashboardWidgetRegistry.tsx +129 -0
package/ui/src/dashboard/DashboardWidgetRenderer.tsx +34 -0
package/ui/src/dashboard/PluginWidgetRenderer.tsx +118 -0
package/ui/src/dashboard/WidgetComponentRegistry.tsx +120 -0
package/ui/src/dashboard/builtInWidgets.tsx +35 -0
package/ui/src/dashboard/index.ts +35 -0
package/ui/src/dashboard/widgets/ServiceHealthWidget.tsx +140 -0
package/ui/src/dashboard/widgets/index.ts +7 -0
package/ui/src/pages/AuthPage.tsx +259 -0
package/ui/src/pages/DashboardPage.tsx +28 -149
package/ui/src/pages/EntitlementsPage.tsx +557 -0
package/ui/src/pages/LogsPage.tsx +174 -8
package/ui/src/pages/PluginPage.tsx +148 -0
package/ui/src/pages/PluginsPage.tsx +394 -0
package/ui/src/pages/SystemPage.tsx +445 -0
package/ui/src/pages/UsersPage.tsx +837 -0
package/ui/tsconfig.lib.json +11 -0
package/ui/vite.lib.config.ts +56 -0
package/dist-ui/assets/index-CW1BviRn.js +0 -465
package/dist-ui/assets/index-CW1BviRn.js.map +0 -1
package/ui/src/pages/HealthPage.tsx +0 -204

package/src/plugins/auth/types.ts ADDED Viewed

@@ -0,0 +1,245 @@
+/**
+ * Auth Plugin Types
+ *
+ * Type definitions for the pluggable authentication system.
+ *
+ * Copyright (c) 2025 QwickApps.com. All rights reserved.
+ */
+import type { Request, Response, NextFunction, RequestHandler } from 'express';
+/**
+ * Authenticated user information
+ */
+export interface AuthenticatedUser {
+  /** Unique user ID from the provider */
+  id: string;
+  /** User's email address */
+  email: string;
+  /** User's display name */
+  name?: string;
+  /** User's profile picture URL */
+  picture?: string;
+  /** Whether the email is verified */
+  emailVerified?: boolean;
+  /** User's roles from the provider */
+  roles?: string[];
+  /** Raw user object from the provider */
+  raw?: Record<string, unknown>;
+}
+/**
+ * Auth adapter interface - all adapters must implement this
+ */
+export interface AuthAdapter {
+  /** Adapter name (e.g., 'auth0', 'supabase', 'basic') */
+  name: string;
+  /**
+   * Initialize the adapter - called once during plugin setup
+   * Returns middleware to apply to the Express app
+   */
+  initialize(): RequestHandler | RequestHandler[];
+  /**
+   * Check if the request is authenticated
+   */
+  isAuthenticated(req: Request): boolean;
+  /**
+   * Get the authenticated user from the request
+   * Can be async for adapters that need to validate tokens
+   */
+  getUser(req: Request): AuthenticatedUser | null | Promise<AuthenticatedUser | null>;
+  /**
+   * Check if user has required roles (optional)
+   */
+  hasRoles?(req: Request, roles: string[]): boolean;
+  /**
+   * Get the access token for downstream API calls (optional)
+   */
+  getAccessToken?(req: Request): string | null;
+  /**
+   * Handler for unauthorized requests (optional custom behavior)
+   */
+  onUnauthorized?(req: Request, res: Response): void;
+  /**
+   * Cleanup resources on shutdown (optional)
+   */
+  shutdown?(): Promise<void>;
+}
+/**
+ * Auth0 adapter configuration
+ */
+export interface Auth0AdapterConfig {
+  /** Auth0 domain (e.g., 'myapp.auth0.com') */
+  domain: string;
+  /** Auth0 client ID */
+  clientId: string;
+  /** Auth0 client secret */
+  clientSecret: string;
+  /** Base URL of the application */
+  baseUrl: string;
+  /** Session secret for cookie encryption */
+  secret: string;
+  /** API audience for access tokens (optional) */
+  audience?: string;
+  /** Scopes to request (default: ['openid', 'profile', 'email']) */
+  scopes?: string[];
+  /** Allowed roles - only these roles can access (optional) */
+  allowedRoles?: string[];
+  /** Allowed email domains - only these domains can access (optional) */
+  allowedDomains?: string[];
+  /** Whether to expose the access token to handlers (default: false) */
+  exposeAccessToken?: boolean;
+  /** Auth routes configuration */
+  routes?: {
+    login?: string;
+    logout?: string;
+    callback?: string;
+  };
+}
+/**
+ * Supabase adapter configuration
+ */
+export interface SupabaseAdapterConfig {
+  /** Supabase project URL */
+  url: string;
+  /** Supabase anon key */
+  anonKey: string;
+}
+/**
+ * Basic auth adapter configuration
+ */
+export interface BasicAdapterConfig {
+  /** Username for basic auth */
+  username: string;
+  /** Password for basic auth */
+  password: string;
+  /** Realm name for the WWW-Authenticate header */
+  realm?: string;
+}
+/**
+ * Supertokens adapter configuration
+ */
+export interface SupertokensAdapterConfig {
+  /** Supertokens connection URI (e.g., 'http://localhost:3567') */
+  connectionUri: string;
+  /** Supertokens API key (for managed service) */
+  apiKey?: string;
+  /** App name for branding */
+  appName: string;
+  /** API domain (e.g., 'http://localhost:3000') */
+  apiDomain: string;
+  /** Website domain (e.g., 'http://localhost:3000') */
+  websiteDomain: string;
+  /** API base path (default: '/auth') */
+  apiBasePath?: string;
+  /** Website base path (default: '/auth') */
+  websiteBasePath?: string;
+  /** Enable email/password auth (default: true) */
+  enableEmailPassword?: boolean;
+  /** Social login providers */
+  socialProviders?: {
+    google?: { clientId: string; clientSecret: string };
+    apple?: {
+      clientId: string;
+      clientSecret: string;
+      keyId: string;
+      teamId: string;
+    };
+    github?: { clientId: string; clientSecret: string };
+  };
+}
+/**
+ * Auth plugin configuration
+ */
+export interface AuthPluginConfig {
+  /** Primary adapter for authentication */
+  adapter: AuthAdapter;
+  /** Fallback adapters checked in order if primary fails (optional) */
+  fallback?: AuthAdapter[];
+  /** Paths to exclude from authentication */
+  excludePaths?: string[];
+  /** Whether auth is required for all routes (default: true) */
+  authRequired?: boolean;
+  /** Custom unauthorized handler */
+  onUnauthorized?: (req: Request, res: Response) => void;
+  /** Enable debug logging */
+  debug?: boolean;
+}
+/**
+ * Extended Express Request with auth info
+ */
+export interface AuthenticatedRequest extends Request {
+  auth: {
+    isAuthenticated: boolean;
+    user: AuthenticatedUser | null;
+    adapter: string;
+    accessToken?: string;
+  };
+}
+/**
+ * Helper type guard for authenticated requests
+ */
+export function isAuthenticatedRequest(req: Request): req is AuthenticatedRequest {
+  return 'auth' in req && (req as AuthenticatedRequest).auth?.isAuthenticated === true;
+}
+// ═══════════════════════════════════════════════════════════════════════════
+// Environment Configuration Types
+// ═══════════════════════════════════════════════════════════════════════════
+/**
+ * Auth plugin state
+ */
+export type AuthPluginState = 'disabled' | 'enabled' | 'error';
+/**
+ * Options for createAuthPluginFromEnv (overrides only)
+ */
+export interface AuthEnvPluginOptions {
+  /** Paths to exclude from authentication (can also use AUTH_EXCLUDE_PATHS env var) */
+  excludePaths?: string[];
+  /** Whether auth is required (can also use AUTH_REQUIRED env var, default: true) */
+  authRequired?: boolean;
+  /** Enable debug logging (can also use AUTH_DEBUG env var) */
+  debug?: boolean;
+  /** Custom unauthorized handler */
+  onUnauthorized?: (req: Request, res: Response) => void;
+}
+/**
+ * Auth configuration status returned by getAuthStatus()
+ */
+export interface AuthConfigStatus {
+  /** Current plugin state */
+  state: AuthPluginState;
+  /** Active adapter name (null if disabled or error) */
+  adapter: string | null;
+  /** Error message if state is 'error' */
+  error?: string;
+  /** List of missing environment variables if state is 'error' */
+  missingVars?: string[];
+  /** Current configuration with secrets masked */
+  config?: Record<string, string>;
+}