@riligar/auth-elysia 1.4.0 → 1.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +45 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -8,6 +8,19 @@ Auth SDK for ElysiaJS with JWT and JWKS
|
|
|
8
8
|
bun add @riligar/auth-elysia
|
|
9
9
|
```
|
|
10
10
|
|
|
11
|
+
## 🔑 Environment Variables
|
|
12
|
+
|
|
13
|
+
| Variable | Description | Default |
|
|
14
|
+
| ----------------- | --------------------------------- | ------------------------------ |
|
|
15
|
+
| `AUTH_SECRET_KEY` | Your RiLiGar Secret Key (sk\_...) | `your-secret-key` |
|
|
16
|
+
| `AUTH_API_URL` | Auth Manager API URL | `https://manager.myauth.click` |
|
|
17
|
+
|
|
18
|
+
```bash
|
|
19
|
+
# .env
|
|
20
|
+
AUTH_SECRET_KEY=sk_your_secret_key_here
|
|
21
|
+
AUTH_API_URL=https://manager.myauth.click
|
|
22
|
+
```
|
|
23
|
+
|
|
11
24
|
## 🚀 Basic Usage
|
|
12
25
|
|
|
13
26
|
```javascript
|
|
@@ -123,7 +136,7 @@ const config = {
|
|
|
123
136
|
httpOnly: true,
|
|
124
137
|
secure: process.env.NODE_ENV === 'production',
|
|
125
138
|
sameSite: 'lax',
|
|
126
|
-
maxAge:
|
|
139
|
+
maxAge: 604800, // 7 days (same as JWT TTL)
|
|
127
140
|
},
|
|
128
141
|
onUnauthorized: set => {
|
|
129
142
|
set.status = 401
|
|
@@ -140,6 +153,37 @@ const config = {
|
|
|
140
153
|
- `GET /auth/session` - Check current session
|
|
141
154
|
- `GET /auth/me` - User data
|
|
142
155
|
|
|
156
|
+
## 👤 User Object
|
|
157
|
+
|
|
158
|
+
The `user` object is available in all protected routes and contains:
|
|
159
|
+
|
|
160
|
+
```typescript
|
|
161
|
+
interface User {
|
|
162
|
+
id: string // Unique user ID (UUID)
|
|
163
|
+
email: string // User email
|
|
164
|
+
name: string // User display name
|
|
165
|
+
image?: string // Avatar URL (optional)
|
|
166
|
+
emailVerified: boolean // Email verification status
|
|
167
|
+
applicationId?: string // Application ID (if multi-tenant)
|
|
168
|
+
role?: string // User role from JWT claims
|
|
169
|
+
iat: number // Issued at (Unix timestamp)
|
|
170
|
+
exp: number // Expiration (Unix timestamp)
|
|
171
|
+
iss: string // Issuer (e.g., 'riligar-auth')
|
|
172
|
+
sub: string // Subject (user ID)
|
|
173
|
+
}
|
|
174
|
+
```
|
|
175
|
+
|
|
176
|
+
### authMeta Object
|
|
177
|
+
|
|
178
|
+
Performance metadata available alongside user:
|
|
179
|
+
|
|
180
|
+
```typescript
|
|
181
|
+
interface AuthMeta {
|
|
182
|
+
verified_locally: boolean // True if JWT was verified locally via JWKS
|
|
183
|
+
cached: boolean // True if JWKS was retrieved from cache
|
|
184
|
+
}
|
|
185
|
+
```
|
|
186
|
+
|
|
143
187
|
## ⚡ Performance Features
|
|
144
188
|
|
|
145
189
|
✅ **Local JWKS Verification**: Public keys cache (1h TTL)
|