@robelest/convex-auth 0.0.2-preview.1 → 0.0.2

package/dist/providers/{Email.js → email.js}

@@ -15,19 +15,19 @@
  * you can override the `authorize` method to skip the check:
  *
  * ```ts
- * import Email from "@robelest/convex-auth/providers/Email";
- * import { convexAuth } from "@robelest/convex-auth/component";
+ * import email from "@robelest/convex-auth/providers/email";
+ * import { Auth } from "@robelest/convex-auth/component";
  *
- * export const { auth, signIn, signOut, store } = convexAuth({
+ * export const { auth, signIn, signOut, store } = Auth({
  *   providers: [
- *     Email({ authorize: undefined }),
+ *     email({ authorize: undefined }),
  *   ],
  * });
  * ```
  *
  * Make sure the token has high enough entropy to be secure.
  */
-export function Email(config) {
+export default function email(config) {
     return {
         id: "email",
         type: "email",
@@ -47,4 +47,4 @@ export function Email(config) {
         options: config,
     };
 }
-//# sourceMappingURL=Email.js.map
+//# sourceMappingURL=email.js.map

package/dist/providers/email.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"email.js","sourceRoot":"","sources":["../../src/providers/email.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,OAAO,UAAU,KAAK,CAC3B,MAC8C;IAE9C,OAAO;QACL,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,+BAA+B;QACrC,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,SAAS;QAC1B,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE;YACnC,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CACb,+DAA+D,CAChE,CAAC;YACJ,CAAC;YACD,IAAI,OAAO,CAAC,iBAAiB,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CACb,sDAAsD;oBACpD,wBAAwB,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QACD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC"}

package/dist/providers/passkey.d.ts

@@ -0,0 +1,20 @@
+import { PasskeyProviderConfig } from "../server/types.js";
+/**
+ * Passkey (WebAuthn) authentication provider.
+ *
+ * Enables passwordless authentication via biometrics, security keys,
+ * and synced passkeys using the Web Authentication API.
+ *
+ * ```ts
+ * import passkey from "@robelest/convex-auth/providers/passkey";
+ *
+ * export const { auth, signIn, signOut, store } = Auth({
+ *   component: components.auth,
+ *   providers: [passkey()],
+ * });
+ * ```
+ *
+ * @param config Optional configuration for the relying party and credential options.
+ */
+export default function passkey(config?: Partial<PasskeyProviderConfig["options"]>): PasskeyProviderConfig;
+//# sourceMappingURL=passkey.d.ts.map

package/dist/providers/passkey.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.d.ts","sourceRoot":"","sources":["../../src/providers/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAE3D;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,OAAO,UAAU,OAAO,CAC7B,MAAM,CAAC,EAAE,OAAO,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC,GACjD,qBAAqB,CAavB"}

package/dist/providers/passkey.js

@@ -0,0 +1,32 @@
+/**
+ * Passkey (WebAuthn) authentication provider.
+ *
+ * Enables passwordless authentication via biometrics, security keys,
+ * and synced passkeys using the Web Authentication API.
+ *
+ * ```ts
+ * import passkey from "@robelest/convex-auth/providers/passkey";
+ *
+ * export const { auth, signIn, signOut, store } = Auth({
+ *   component: components.auth,
+ *   providers: [passkey()],
+ * });
+ * ```
+ *
+ * @param config Optional configuration for the relying party and credential options.
+ */
+export default function passkey(config) {
+    return {
+        id: "passkey",
+        type: "passkey",
+        options: {
+            attestation: "none",
+            userVerification: "required",
+            residentKey: "preferred",
+            algorithms: [-7, -257], // ES256, RS256
+            challengeExpirationMs: 300_000, // 5 minutes
+            ...config,
+        },
+    };
+}
+//# sourceMappingURL=passkey.js.map

package/dist/providers/passkey.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/providers/passkey.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,OAAO,UAAU,OAAO,CAC7B,MAAkD;IAElD,OAAO;QACL,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,SAAS;QACf,OAAO,EAAE;YACP,WAAW,EAAE,MAAM;YACnB,gBAAgB,EAAE,UAAU;YAC5B,WAAW,EAAE,WAAW;YACxB,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,eAAe;YACvC,qBAAqB,EAAE,OAAO,EAAE,YAAY;YAC5C,GAAG,MAAM;SACV;KACF,CAAC;AACJ,CAAC"}

package/dist/providers/{Password.d.ts → password.d.ts}

@@ -1,7 +1,7 @@
 /**
- * Configure {@link Password} provider given a {@link PasswordConfig}.
+ * Configure {@link password} provider given a {@link PasswordConfig}.
  *
- * The `Password` provider supports the following flows, determined
+ * The `password` provider supports the following flows, determined
  * by the `flow` parameter:
  *
  * - `"signUp"`: Create a new account with a password.
@@ -12,22 +12,22 @@
  *    included in params, verify an OTP.
  *
  * ```ts
- * import Password from "@robelest/convex-auth/providers/Password";
- * import { convexAuth } from "@robelest/convex-auth/component";
+ * import password from "@robelest/convex-auth/providers/password";
+ * import { Auth } from "@robelest/convex-auth/component";
  *
- * export const { auth, signIn, signOut, store } = convexAuth({
- *   providers: [Password],
+ * export const { auth, signIn, signOut, store } = Auth({
+ *   providers: [password],
  * });
  * ```
  *
  * @module
  */
-import { ConvexCredentialsUserConfig } from "@robelest/convex-auth/providers/ConvexCredentials";
+import { CredentialsUserConfig } from "@robelest/convex-auth/providers/credentials";
 import { EmailConfig, GenericActionCtxWithAuthConfig } from "@robelest/convex-auth/component";
 import { DocumentByName, GenericDataModel, WithoutSystemFields } from "convex/server";
 import { Value } from "convex/values";
 /**
- * The available options to a {@link Password} provider for Convex Auth.
+ * The available options to a {@link password} provider for Convex Auth.
  */
 export interface PasswordConfig<DataModel extends GenericDataModel> {
     /**
@@ -70,7 +70,7 @@ export interface PasswordConfig<DataModel extends GenericDataModel> {
      * Provide hashing and verification functions if you want to control
      * how passwords are hashed.
      */
-    crypto?: ConvexCredentialsUserConfig["crypto"];
+    crypto?: CredentialsUserConfig["crypto"];
     /**
      * An Auth.js email provider used to require verification
      * before password reset.
@@ -92,4 +92,4 @@ export interface PasswordConfig<DataModel extends GenericDataModel> {
  * an email provider to the `verify` option.
  */
 export default function password<DataModel extends GenericDataModel>(config?: PasswordConfig<DataModel>): import("@robelest/convex-auth/component").ConvexCredentialsConfig;
-//# sourceMappingURL=Password.d.ts.map
+//# sourceMappingURL=password.d.ts.map

package/dist/providers/{Password.d.ts.map → password.d.ts.map}

@@ -1 +1 @@
-{"version":3,"file":"Password.d.ts","sourceRoot":"","sources":["../../src/providers/Password.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAA0B,EACxB,2BAA2B,EAC5B,MAAM,mDAAmD,CAAC;AAC3D,OAAO,EACL,WAAW,EACX,8BAA8B,EAO/B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACpB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAGtC;;GAEG;AACH,MAAM,WAAW,cAAc,CAAC,SAAS,SAAS,gBAAgB;IAChE;;;OAGG;IACH,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ;;;;;;OAMG;IACH,OAAO,CAAC,EAAE;IACR;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,GAAG,SAAS,CAAC;IACzC;;;OAGG;IACH,GAAG,EAAE,8BAA8B,CAAC,SAAS,CAAC,KAC3C,mBAAmB,CAAC,cAAc,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,GAAG;QAC5D,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IACF;;;;;;;;;;OAUG;IACH,4BAA4B,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;IAC1D;;;OAGG;IACH,MAAM,CAAC,EAAE,2BAA2B,CAAC,QAAQ,CAAC,CAAC;IAC/C;;;OAGG;IACH,KAAK,CAAC,EAAE,WAAW,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,WAAW,CAAC,CAAC;IACtD;;;OAGG;IACH,MAAM,CAAC,EAAE,WAAW,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,WAAW,CAAC,CAAC;CACxD;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,OAAO,UAAU,QAAQ,CAAC,SAAS,SAAS,gBAAgB,EACjE,MAAM,GAAE,cAAc,CAAC,SAAS,CAAM,qEA8HvC"}
+{"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../src/providers/password.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAoB,EAClB,qBAAqB,EACtB,MAAM,6CAA6C,CAAC;AACrD,OAAO,EACL,WAAW,EACX,8BAA8B,EAE/B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACpB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAGtC;;GAEG;AACH,MAAM,WAAW,cAAc,CAAC,SAAS,SAAS,gBAAgB;IAChE;;;OAGG;IACH,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ;;;;;;OAMG;IACH,OAAO,CAAC,EAAE;IACR;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,GAAG,SAAS,CAAC;IACzC;;;OAGG;IACH,GAAG,EAAE,8BAA8B,CAAC,SAAS,CAAC,KAC3C,mBAAmB,CAAC,cAAc,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,GAAG;QAC5D,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IACF;;;;;;;;;;OAUG;IACH,4BAA4B,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;IAC1D;;;OAGG;IACH,MAAM,CAAC,EAAE,qBAAqB,CAAC,QAAQ,CAAC,CAAC;IACzC;;;OAGG;IACH,KAAK,CAAC,EAAE,WAAW,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,WAAW,CAAC,CAAC;IACtD;;;OAGG;IACH,MAAM,CAAC,EAAE,WAAW,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,WAAW,CAAC,CAAC;CACxD;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,OAAO,UAAU,QAAQ,CAAC,SAAS,SAAS,gBAAgB,EACjE,MAAM,GAAE,cAAc,CAAC,SAAS,CAAM,qEA8HvC"}

package/dist/providers/{Password.js → password.js}

@@ -1,7 +1,7 @@
 /**
- * Configure {@link Password} provider given a {@link PasswordConfig}.
+ * Configure {@link password} provider given a {@link PasswordConfig}.
  *
- * The `Password` provider supports the following flows, determined
+ * The `password` provider supports the following flows, determined
  * by the `flow` parameter:
  *
  * - `"signUp"`: Create a new account with a password.
@@ -12,18 +12,17 @@
  *    included in params, verify an OTP.
  *
  * ```ts
- * import Password from "@robelest/convex-auth/providers/Password";
- * import { convexAuth } from "@robelest/convex-auth/component";
+ * import password from "@robelest/convex-auth/providers/password";
+ * import { Auth } from "@robelest/convex-auth/component";
  *
- * export const { auth, signIn, signOut, store } = convexAuth({
- *   providers: [Password],
+ * export const { auth, signIn, signOut, store } = Auth({
+ *   providers: [password],
  * });
  * ```
  *
  * @module
  */
-import convexCredentials from "@robelest/convex-auth/providers/ConvexCredentials";
-import { createAccount, invalidateSessions, modifyAccountCredentials, retrieveAccount, signInViaProvider, } from "@robelest/convex-auth/component";
+import credentials from "@robelest/convex-auth/providers/credentials";
 import { Scrypt } from "lucia";
 /**
  * Email and password authentication provider.
@@ -36,7 +35,7 @@ import { Scrypt } from "lucia";
  */
 export default function password(config = {}) {
     const provider = config.id ?? "password";
-    return convexCredentials({
+    return credentials({
         id: "password",
         authorize: async (params, ctx) => {
             const flow = params.flow;
@@ -62,7 +61,7 @@ export default function password(config = {}) {
                 if (secret === undefined) {
                     throw new Error("Missing `password` param for `signUp` flow");
                 }
-                const created = await createAccount(ctx, {
+                const created = await ctx.auth.account.create(ctx, {
                     provider,
                     account: { id: email, secret },
                     profile: profile,
@@ -75,7 +74,7 @@ export default function password(config = {}) {
                 if (secret === undefined) {
                     throw new Error("Missing `password` param for `signIn` flow");
                 }
-                const retrieved = await retrieveAccount(ctx, {
+                const retrieved = await ctx.auth.account.get(ctx, {
                     provider,
                     account: { id: email, secret },
                 });
@@ -89,11 +88,11 @@ export default function password(config = {}) {
                 if (!config.reset) {
                     throw new Error(`Password reset is not enabled for ${provider}`);
                 }
-                const { account } = await retrieveAccount(ctx, {
+                const { account } = await ctx.auth.account.get(ctx, {
                     provider,
                     account: { id: email },
                 });
-                return await signInViaProvider(ctx, config.reset, {
+                return await ctx.auth.provider.signIn(ctx, config.reset, {
                     accountId: account._id,
                     params,
                 });
@@ -105,17 +104,17 @@ export default function password(config = {}) {
                 if (params.newPassword === undefined) {
                     throw new Error("Missing `newPassword` param for `reset-verification` flow");
                 }
-                const result = await signInViaProvider(ctx, config.reset, { params });
+                const result = await ctx.auth.provider.signIn(ctx, config.reset, { params });
                 if (result === null) {
                     throw new Error("Invalid code");
                 }
                 const { userId, sessionId } = result;
                 const secret = params.newPassword;
-                await modifyAccountCredentials(ctx, {
+                await ctx.auth.account.updateCredentials(ctx, {
                     provider,
                     account: { id: email, secret },
                 });
-                await invalidateSessions(ctx, { userId, except: [sessionId] });
+                await ctx.auth.session.invalidate(ctx, { userId, except: [sessionId] });
                 return { userId, sessionId };
                 // END
                 // START: Optional, email verification during sign in
@@ -124,11 +123,11 @@ export default function password(config = {}) {
                 if (!config.verify) {
                     throw new Error(`Email verification is not enabled for ${provider}`);
                 }
-                const { account } = await retrieveAccount(ctx, {
+                const { account } = await ctx.auth.account.get(ctx, {
                     provider,
                     account: { id: email },
                 });
-                return await signInViaProvider(ctx, config.verify, {
+                return await ctx.auth.provider.signIn(ctx, config.verify, {
                     accountId: account._id,
                     params,
                 });
@@ -141,7 +140,7 @@ export default function password(config = {}) {
             }
             // START: Optional, email verification during sign in
             if (config.verify && !account.emailVerified) {
-                return await signInViaProvider(ctx, config.verify, {
+                return await ctx.auth.provider.signIn(ctx, config.verify, {
                     accountId: account._id,
                     params,
                 });
@@ -171,4 +170,4 @@ function defaultProfile(params) {
         email: params.email,
     };
 }
-//# sourceMappingURL=Password.js.map
+//# sourceMappingURL=password.js.map

package/dist/providers/password.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"password.js","sourceRoot":"","sources":["../../src/providers/password.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,WAEN,MAAM,6CAA6C,CAAC;AAYrD,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AA4D/B;;;;;;;;GAQG;AACH,MAAM,CAAC,OAAO,UAAU,QAAQ,CAC9B,SAAoC,EAAE;IAEtC,MAAM,QAAQ,GAAG,MAAM,CAAC,EAAE,IAAI,UAAU,CAAC;IACzC,OAAO,WAAW,CAAY;QAC5B,EAAE,EAAE,UAAU;QACd,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YAC/B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAc,CAAC;YACnC,MAAM,kBAAkB,GACtB,IAAI,KAAK,QAAQ;gBACf,CAAC,CAAE,MAAM,CAAC,QAAmB;gBAC7B,CAAC,CAAC,IAAI,KAAK,oBAAoB;oBAC7B,CAAC,CAAE,MAAM,CAAC,WAAsB;oBAChC,CAAC,CAAC,IAAI,CAAC;YACb,IAAI,kBAAkB,KAAK,IAAI,EAAE,CAAC;gBAChC,IAAI,MAAM,CAAC,4BAA4B,KAAK,SAAS,EAAE,CAAC;oBACtD,MAAM,CAAC,4BAA4B,CAAC,kBAAkB,CAAC,CAAC;gBAC1D,CAAC;qBAAM,CAAC;oBACN,mCAAmC,CAAC,kBAAkB,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;YACxE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;YAC1B,MAAM,MAAM,GAAG,MAAM,CAAC,QAAkB,CAAC;YACzC,IAAI,OAAyC,CAAC;YAC9C,IAAI,IAAmC,CAAC;YACxC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtB,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE;oBACjD,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;oBAC9B,OAAO,EAAE,OAAc;oBACvB,kBAAkB,EAAE,MAAM,CAAC,MAAM,KAAK,SAAS;oBAC/C,kBAAkB,EAAE,KAAK;iBAC1B,CAAC,CAAC;gBACH,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,CAAC;YAChC,CAAC;iBAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC7B,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE;oBAChD,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC/B,CAAC,CAAC;gBACH,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;gBACzC,CAAC;gBACD,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;gBAChC,0CAA0C;YAC5C,CAAC;iBAAM,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;gBAC5B,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,qCAAqC,QAAQ,EAAE,CAAC,CAAC;gBACnE,CAAC;gBACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE;oBAClD,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE;iBACvB,CAAC,CAAC;gBACH,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE;oBACvD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,KAAK,oBAAoB,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,qCAAqC,QAAQ,EAAE,CAAC,CAAC;gBACnE,CAAC;gBACD,IAAI,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;oBACrC,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAC;gBACJ,CAAC;gBACD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;gBAC7E,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;oBACpB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;gBAClC,CAAC;gBACD,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;gBACrC,MAAM,MAAM,GAAG,MAAM,CAAC,WAAqB,CAAC;gBAC5C,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,EAAE;oBAC5C,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC/B,CAAC,CAAC;gBACH,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;gBACxE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;gBAC7B,MAAM;gBACN,qDAAqD;YACvD,CAAC;iBAAM,IAAI,IAAI,KAAK,oBAAoB,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,yCAAyC,QAAQ,EAAE,CAAC,CAAC;gBACvE,CAAC;gBACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE;oBAClD,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE;iBACvB,CAAC,CAAC;gBACH,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE;oBACxD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;gBACH,MAAM;YACR,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CACb,0CAA0C;oBACxC,uDAAuD;oBACvD,uBAAuB,CAC1B,CAAC;YACJ,CAAC;YACD,qDAAqD;YACrD,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC5C,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE;oBACxD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;YACD,MAAM;YACN,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC9B,CAAC;QACD,MAAM,EAAE;YACN,KAAK,CAAC,UAAU,CAAC,QAAgB;gBAC/B,OAAO,MAAM,IAAI,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,KAAK,CAAC,YAAY,CAAC,QAAgB,EAAE,IAAY;gBAC/C,OAAO,MAAM,IAAI,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YACnD,CAAC;SACF;QACD,cAAc,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC;QAC7C,GAAG,MAAM;KACV,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mCAAmC,CAAC,QAAgB;IAC3D,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,MAA+B;IACrD,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAe;KAC9B,CAAC;AACJ,CAAC"}

package/dist/providers/{Phone.d.ts → phone.d.ts}

@@ -1,9 +1,9 @@
 /**
- * Configure {@link Phone} provider given a {@link PhoneUserConfig}.
+ * Configure {@link phone} provider given a {@link PhoneUserConfig}.
  *
  * Simplifies creating phone providers.
  *
- * By default checks that there is an `phone` field during token verification
+ * By default checks that there is a `phone` field during token verification
  * that matches the `phone` used during the initial `signIn` call.
  *
  * @module
@@ -19,4 +19,4 @@ import { PhoneConfig, PhoneUserConfig } from "../server/types.js";
  * that matches the `phone` used during the initial `signIn` call.
  */
 export default function phone<DataModel extends GenericDataModel>(config: PhoneUserConfig & Pick<PhoneConfig, "sendVerificationRequest">): PhoneConfig<DataModel>;
-//# sourceMappingURL=Phone.d.ts.map
+//# sourceMappingURL=phone.d.ts.map

package/dist/providers/{Phone.d.ts.map → phone.d.ts.map}

@@ -1 +1 @@
-{"version":3,"file":"Phone.d.ts","sourceRoot":"","sources":["../../src/providers/Phone.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAElE;;;;;;;GAOG;AACH,MAAM,CAAC,OAAO,UAAU,KAAK,CAAC,SAAS,SAAS,gBAAgB,EAC9D,MAAM,EAAE,eAAe,GAAG,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,GACrE,WAAW,CAAC,SAAS,CAAC,CAqBxB"}
+{"version":3,"file":"phone.d.ts","sourceRoot":"","sources":["../../src/providers/phone.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAElE;;;;;;;GAOG;AACH,MAAM,CAAC,OAAO,UAAU,KAAK,CAAC,SAAS,SAAS,gBAAgB,EAC9D,MAAM,EAAE,eAAe,GAAG,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,GACrE,WAAW,CAAC,SAAS,CAAC,CAqBxB"}

package/dist/providers/{Phone.js → phone.js}

@@ -1,9 +1,9 @@
 /**
- * Configure {@link Phone} provider given a {@link PhoneUserConfig}.
+ * Configure {@link phone} provider given a {@link PhoneUserConfig}.
  *
  * Simplifies creating phone providers.
  *
- * By default checks that there is an `phone` field during token verification
+ * By default checks that there is a `phone` field during token verification
  * that matches the `phone` used during the initial `signIn` call.
  *
  * @module
@@ -34,4 +34,4 @@ export default function phone(config) {
         options: config,
     };
 }
-//# sourceMappingURL=Phone.js.map
+//# sourceMappingURL=phone.js.map

package/dist/providers/{Phone.js.map → phone.js.map}

@@ -1 +1 @@
-{"version":3,"file":"Phone.js","sourceRoot":"","sources":["../../src/providers/Phone.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH;;;;;;;GAOG;AACH,MAAM,CAAC,OAAO,UAAU,KAAK,CAC3B,MAAsE;IAEtE,OAAO;QACL,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,OAAO;QACb,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,aAAa;QAC9B,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE;YACnC,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CACb,+DAA+D,CAChE,CAAC;YACJ,CAAC;YACD,IAAI,OAAO,CAAC,iBAAiB,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CACb,sDAAsD;oBACpD,wBAAwB,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QACD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC"}
+{"version":3,"file":"phone.js","sourceRoot":"","sources":["../../src/providers/phone.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH;;;;;;;GAOG;AACH,MAAM,CAAC,OAAO,UAAU,KAAK,CAC3B,MAAsE;IAEtE,OAAO;QACL,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,OAAO;QACb,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,aAAa;QAC9B,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE;YACnC,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CACb,+DAA+D,CAChE,CAAC;YACJ,CAAC;YACD,IAAI,OAAO,CAAC,iBAAiB,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CACb,sDAAsD;oBACpD,wBAAwB,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QACD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC"}

package/dist/providers/totp.d.ts

@@ -0,0 +1,14 @@
+import { TotpProviderConfig } from "../server/types.js";
+/**
+ * Add TOTP (Time-based One-Time Password) authentication.
+ *
+ * ```ts
+ * import TOTP from "@robelest/convex-auth/providers/totp";
+ *
+ * export const { auth, signIn, signOut, store } = Auth({
+ *   providers: [TOTP({ issuer: "My App" })],
+ * });
+ * ```
+ */
+export default function totp(config?: Partial<TotpProviderConfig["options"]>): TotpProviderConfig;
+//# sourceMappingURL=totp.d.ts.map

package/dist/providers/totp.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"totp.d.ts","sourceRoot":"","sources":["../../src/providers/totp.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAExD;;;;;;;;;;GAUG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,MAAM,CAAC,EAAE,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,GAC9C,kBAAkB,CAUpB"}

package/dist/providers/totp.js

@@ -0,0 +1,23 @@
+/**
+ * Add TOTP (Time-based One-Time Password) authentication.
+ *
+ * ```ts
+ * import TOTP from "@robelest/convex-auth/providers/totp";
+ *
+ * export const { auth, signIn, signOut, store } = Auth({
+ *   providers: [TOTP({ issuer: "My App" })],
+ * });
+ * ```
+ */
+export default function totp(config) {
+    return {
+        id: "totp",
+        type: "totp",
+        options: {
+            issuer: config?.issuer ?? "ConvexAuth",
+            digits: config?.digits ?? 6,
+            period: config?.period ?? 30,
+        },
+    };
+}
+//# sourceMappingURL=totp.js.map

package/dist/providers/totp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"totp.js","sourceRoot":"","sources":["../../src/providers/totp.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;GAUG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,MAA+C;IAE/C,OAAO;QACL,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE;YACP,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,YAAY;YACtC,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;YAC3B,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,EAAE;SAC7B;KACF,CAAC;AACJ,CAAC"}

package/dist/server/convex-auth.d.ts

@@ -0,0 +1,243 @@
+/**
+ * The `Auth` class — the main entry point for Convex Auth.
+ *
+ * Combines authentication and portal admin functionality:
+ *
+ * ```ts
+ * // convex/auth.ts
+ * import { Auth, Portal } from "@robelest/convex-auth/component";
+ * import github from "@auth/core/providers/github";
+ * import { components } from "./_generated/api";
+ *
+ * export const auth = new Auth(components.auth, {
+ *   providers: [github],
+ * });
+ * export const { signIn, signOut, store } = auth;
+ * export const { portalQuery, portalMutation, portalInternal } = Portal(auth);
+ * ```
+ *
+ * @module
+ */
+import type { HttpRouter } from "convex/server";
+import type { ComponentApi as AuthComponentApi } from "../component/_generated/component.js";
+import { Auth as AuthFactory } from "./implementation/index.js";
+import type { ConvexAuthConfig } from "./types.js";
+/**
+ * Config for the ConvexAuth class. Extends the standard auth config.
+ *
+ * Portal functionality (admin dashboard, magic link provider, static hosting)
+ * is always available — no configuration flag needed. The portal UI works
+ * when you export `portalQuery`, `portalMutation`, `portalInternal` from
+ * your `convex/auth.ts` and upload the portal static files via CLI.
+ */
+export type AuthClassConfig = Omit<ConvexAuthConfig, "component">;
+/**
+ * Main entry point for Convex Auth. Instantiate with your component
+ * reference and config to get all the exports you need.
+ *
+ * ```ts
+ * export const auth = new Auth(components.auth, {
+ *   providers: [github, resend({ ... })],
+ * });
+ * export const { signIn, signOut, store } = auth;
+ * export const { portalQuery, portalMutation, portalInternal } = Portal(auth);
+ * ```
+ */
+export declare class Auth {
+    /** The inner `auth` helper object from AuthFactory() */
+    private readonly _auth;
+    /** The signIn action — export this from your convex/auth.ts */
+    readonly signIn: ReturnType<typeof AuthFactory>["signIn"];
+    /** The signOut action — export this from your convex/auth.ts */
+    readonly signOut: ReturnType<typeof AuthFactory>["signOut"];
+    /** The store internal mutation — export this from your convex/auth.ts */
+    readonly store: ReturnType<typeof AuthFactory>["store"];
+    /** @internal */
+    readonly component: AuthComponentApi;
+    /** @internal */
+    readonly portalUrl: string;
+    /** User helpers: `.current(ctx)`, `.require(ctx)`, `.get(ctx, userId)`, `.viewer(ctx)` */
+    get user(): {
+        current: (ctx: {
+            auth: import("convex/server").Auth;
+        }) => Promise<import("convex/values").GenericId<"user"> | null>;
+        require: (ctx: {
+            auth: import("convex/server").Auth;
+        }) => Promise<import("convex/values").GenericId<"user">>;
+        get: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, userId: string) => Promise<any>;
+        viewer: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery"> & {
+            auth: import("convex/server").Auth;
+        }) => Promise<any>;
+        group: {
+            list: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, opts: {
+                userId: string;
+            }) => Promise<any>;
+            get: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, opts: {
+                userId: string;
+                groupId: string;
+            }) => Promise<any>;
+        };
+    };
+    /** Session helpers */
+    get session(): {
+        current: (ctx: {
+            auth: import("convex/server").Auth;
+        }) => Promise<import("convex/values").GenericId<"session"> | null>;
+        invalidate: <DataModel extends import("convex/server").GenericDataModel>(ctx: import("convex/server").GenericActionCtx<DataModel>, args: {
+            userId: import("convex/values").GenericId<"user">;
+            except?: import("convex/values").GenericId<"session">[];
+        }) => Promise<void>;
+    };
+    /** Provider helpers */
+    get provider(): {
+        signIn: <DataModel extends import("convex/server").GenericDataModel>(ctx: import("convex/server").GenericActionCtx<DataModel>, provider: import("./types.js").AuthProviderConfig, args: {
+            accountId?: import("convex/values").GenericId<"account">;
+            params?: Record<string, unknown>;
+        }) => Promise<{
+            userId: import("convex/values").GenericId<"user">;
+            sessionId: import("convex/values").GenericId<"session">;
+        } | null>;
+    };
+    /** Account helpers */
+    get account(): {
+        create: <DataModel extends import("convex/server").GenericDataModel>(ctx: import("convex/server").GenericActionCtx<DataModel>, args: {
+            provider: string;
+            account: {
+                id: string;
+                secret?: string;
+            };
+            profile: Record<string, unknown>;
+            shouldLinkViaEmail?: boolean;
+            shouldLinkViaPhone?: boolean;
+        }) => Promise<{
+            account: import("./implementation/types.js").Doc<"account">;
+            user: import("./implementation/types.js").Doc<"user">;
+        }>;
+        get: <DataModel extends import("convex/server").GenericDataModel>(ctx: import("convex/server").GenericActionCtx<DataModel>, args: {
+            provider: string;
+            account: {
+                id: string;
+                secret?: string;
+            };
+        }) => Promise<{
+            account: import("./implementation/types.js").Doc<"account">;
+            user: import("./implementation/types.js").Doc<"user">;
+        }>;
+        updateCredentials: <DataModel extends import("convex/server").GenericDataModel>(ctx: import("convex/server").GenericActionCtx<DataModel>, args: {
+            provider: string;
+            account: {
+                id: string;
+                secret: string;
+            };
+        }) => Promise<void>;
+    };
+    /** Group helpers */
+    get group(): {
+        create: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, data: {
+            name: string;
+            slug?: string;
+            parentGroupId?: string;
+            extend?: Record<string, unknown>;
+        }) => Promise<string>;
+        get: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, groupId: string) => Promise<any>;
+        list: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, opts?: {
+            parentGroupId?: string;
+        }) => Promise<any>;
+        update: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, groupId: string, data: Record<string, unknown>) => Promise<void>;
+        delete: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, groupId: string) => Promise<void>;
+        member: {
+            add: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, data: {
+                groupId: string;
+                userId: string;
+                role?: string;
+                status?: string;
+                extend?: Record<string, unknown>;
+            }) => Promise<string>;
+            get: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, memberId: string) => Promise<any>;
+            list: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, opts: {
+                groupId: string;
+            }) => Promise<any>;
+            remove: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, memberId: string) => Promise<void>;
+            update: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, memberId: string, data: Record<string, unknown>) => Promise<void>;
+        };
+    };
+    /** Invite helpers */
+    get invite(): {
+        create: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, data: {
+            groupId?: string;
+            invitedByUserId?: string;
+            email?: string;
+            tokenHash: string;
+            role?: string;
+            status: "pending" | "accepted" | "revoked" | "expired";
+            expiresTime?: number;
+            extend?: Record<string, unknown>;
+        }) => Promise<string>;
+        get: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, inviteId: string) => Promise<any>;
+        getByTokenHash: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, tokenHash: string) => Promise<any>;
+        list: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, opts?: {
+            groupId?: string;
+            status?: "pending" | "accepted" | "revoked" | "expired";
+        }) => Promise<any>;
+        accept: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, inviteId: string, acceptedByUserId?: string) => Promise<void>;
+        revoke: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, inviteId: string) => Promise<void>;
+    };
+    /** Passkey helpers */
+    get passkey(): {
+        list: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, opts: {
+            userId: string;
+        }) => Promise<any>;
+        rename: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, passkeyId: string, name: string) => Promise<void>;
+        remove: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, passkeyId: string) => Promise<void>;
+    };
+    /** TOTP helpers */
+    get totp(): {
+        list: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery">, opts: {
+            userId: string;
+        }) => Promise<any>;
+        remove: (ctx: Pick<import("convex/server").GenericActionCtx<import("convex/server").GenericDataModel>, "runQuery" | "runMutation">, totpId: string) => Promise<void>;
+    };
+    constructor(component: AuthComponentApi, config: AuthClassConfig);
+    /**
+     * Register HTTP routes for OAuth, JWT well-known endpoints, and portal
+     * static file serving.
+     *
+     * ```ts
+     * // convex/http.ts
+     * import { httpRouter } from "convex/server";
+     * import { auth } from "./auth";
+     *
+     * const http = httpRouter();
+     * auth.addHttpRoutes(http);
+     * export default http;
+     * ```
+     */
+    addHttpRoutes(http: HttpRouter, opts?: {
+        pathPrefix?: string;
+        spaFallback?: boolean;
+    }): void;
+}
+/**
+ * Create portal function definitions from a ConvexAuth instance.
+ *
+ * This is a standalone function (not a class method) because Convex's
+ * bundler can trace through `export const { x } = fn(instance)` but
+ * cannot trace through `instance.method()`.
+ *
+ * ```ts
+ * export const { portalQuery, portalMutation, portalInternal } = Portal(auth);
+ * ```
+ */
+export declare function Portal(auth: Auth): {
+    portalQuery: import("convex/server").RegisteredQuery<"public", {
+        action: string;
+        userId?: string;
+    }, Promise<any>>;
+    portalMutation: import("convex/server").RegisteredMutation<"public", {
+        action: string;
+        sessionId?: string;
+        tokenHash?: string;
+    }, Promise<void>>;
+    portalInternal: import("convex/server").RegisteredMutation<"internal", any, Promise<any>>;
+};
+//# sourceMappingURL=convex-auth.d.ts.map

package/dist/server/convex-auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"convex-auth.d.ts","sourceRoot":"","sources":["../../src/server/convex-auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAOH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEhD,OAAO,KAAK,EAAE,YAAY,IAAI,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAC7F,OAAO,EAAE,IAAI,IAAI,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AASnD;;;;;;;GAOG;AACH,MAAM,MAAM,eAAe,GAAG,IAAI,CAAC,gBAAgB,EAAE,WAAW,CAAC,CAAC;AAiClE;;;;;;;;;;;GAWG;AACH,qBAAa,IAAI;IACf,wDAAwD;IACxD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAyC;IAC/D,+DAA+D;IAC/D,SAAgB,MAAM,EAAE,UAAU,CAAC,OAAO,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC;IACjE,gEAAgE;IAChE,SAAgB,OAAO,EAAE,UAAU,CAAC,OAAO,WAAW,CAAC,CAAC,SAAS,CAAC,CAAC;IACnE,yEAAyE;IACzE,SAAgB,KAAK,EAAE,UAAU,CAAC,OAAO,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC;IAE/D,gBAAgB;IAChB,QAAQ,CAAC,SAAS,EAAE,gBAAgB,CAAC;IACrC,gBAAgB;IAChB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAG3B,0FAA0F;IAC1F,IAAI,IAAI;;;;;;;;;;;;;;;;;;;;MAA8B;IACtC,sBAAsB;IACtB,IAAI,OAAO;;;;;;kBAgHJ,CAAC;;MAhHoC;IAC5C,uBAAuB;IACvB,IAAI,QAAQ;;qBAoKR,CAAD;kBAE+B,CAAC;;;;;MAtKW;IAC9C,sBAAsB;IACtB,IAAI,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAiC;IAC5C,oBAAoB;IACpB,IAAI,KAAK;;;gBAoMoB,CAAC;yBACpB,CAAD;kBACD,CAAC;;;;yBAyBc,CAAC;;;;;;;;oBA6Db,CAAC;sBAA4B,CAAC;sBACjB,CAAC;;;;;;;;;MA7Re;IACxC,qBAAqB;IACrB,IAAI,MAAM;;mBA+V+nB,CAAC;2BAAmC,CAAC;iBAAyB,CAAC;;gBAAqD,CAAC;;uBAAiG,CAAC;kBAA0B,CAAC;;;;;mBAAi2B,CAAC;kBAA0B,CAAC;;;;MA/V9sD;IAC1C,sBAAsB;IACtB,IAAI,OAAO;;;;;;MAAiC;IAC5C,mBAAmB;IACnB,IAAI,IAAI;;;;;MAA8B;gBAE1B,SAAS,EAAE,gBAAgB,EAAE,MAAM,EAAE,eAAe;IAmEhE;;;;;;;;;;;;;OAaG;IACH,aAAa,CACX,IAAI,EAAE,UAAU,EAChB,IAAI,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,OAAO,CAAA;KAAE,GACpD,IAAI;CA2BR;AAMD;;;;;;;;;;GAUG;AACH,wBAAgB,MAAM,CAAC,IAAI,EAAE,IAAI;;gBAYG,MAAM;iBAAW,MAAM;;;gBAmFxC,MAAM;oBAAc,MAAM;oBAAc,MAAM;;;EAyHhE"}