@seamless-auth/express 0.1.2 → 0.3.0

package/dist/internal/buildAuthorization.d.ts

@@ -0,0 +1,6 @@
+import { Request } from "express";
+import { SeamlessAuthServerOptions } from "../createServer";
+export declare function buildServiceAuthorization(req: Request & {
+    cookiePayload?: any;
+}, opts: SeamlessAuthServerOptions): string | undefined;
+//# sourceMappingURL=buildAuthorization.d.ts.map

package/dist/internal/buildAuthorization.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"buildAuthorization.d.ts","sourceRoot":"","sources":["../../src/internal/buildAuthorization.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,yBAAyB,EAAE,MAAM,iBAAiB,CAAC;AAE5D,wBAAgB,yBAAyB,CACvC,GAAG,EAAE,OAAO,GAAG;IAAE,aAAa,CAAC,EAAE,GAAG,CAAA;CAAE,EACtC,IAAI,EAAE,yBAAyB,sBAiBhC"}

package/dist/internal/cookie.d.ts

@@ -0,0 +1,17 @@
+import { JwtPayload } from "jsonwebtoken";
+import { Response } from "express";
+export interface CookieSignerOptions {
+    secret: string;
+    secure: boolean;
+    sameSite: "lax" | "none";
+}
+export interface SetCookieOptions {
+    name: string;
+    payload: JwtPayload;
+    domain?: string;
+    ttlSeconds: number;
+}
+export declare function setSessionCookie(res: Response, opts: SetCookieOptions, signer: CookieSignerOptions): void;
+export declare function clearSessionCookie(res: Response, domain: string | undefined, name: string): void;
+export declare function clearAllCookies(res: Response, domain: string | undefined, ...cookieNames: string[]): void;
+//# sourceMappingURL=cookie.d.ts.map

package/dist/internal/cookie.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cookie.d.ts","sourceRoot":"","sources":["../../src/internal/cookie.ts"],"names":[],"mappings":"AAAA,OAAY,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEnC,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,KAAK,GAAG,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,UAAU,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,wBAAgB,gBAAgB,CAC9B,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,gBAAgB,EACtB,MAAM,EAAE,mBAAmB,QAe5B;AAED,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,QAAQ,EACb,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,IAAI,EAAE,MAAM,QAGb;AAED,wBAAgB,eAAe,CAC7B,GAAG,EAAE,QAAQ,EACb,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,GAAG,WAAW,EAAE,MAAM,EAAE,QAKzB"}

package/dist/internal/deliverAuthMessage.d.ts

@@ -0,0 +1,6 @@
+import { AuthDeliveryInstruction, SeamlessAuthMessagingOptions } from "../messaging";
+export declare function deliverAuthMessage(messaging: SeamlessAuthMessagingOptions | undefined, delivery: AuthDeliveryInstruction | undefined): Promise<void>;
+export declare function stripDelivery<T extends {
+    delivery?: unknown;
+}>(body: T): Omit<T, "delivery">;
+//# sourceMappingURL=deliverAuthMessage.d.ts.map

package/dist/internal/deliverAuthMessage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deliverAuthMessage.d.ts","sourceRoot":"","sources":["../../src/internal/deliverAuthMessage.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,uBAAuB,EAEvB,4BAA4B,EAE7B,MAAM,cAAc,CAAC;AA2HtB,wBAAsB,kBAAkB,CACtC,SAAS,EAAE,4BAA4B,GAAG,SAAS,EACnD,QAAQ,EAAE,uBAAuB,GAAG,SAAS,GAC5C,OAAO,CAAC,IAAI,CAAC,CA2Ef;AAED,wBAAgB,aAAa,CAAC,CAAC,SAAS;IAAE,QAAQ,CAAC,EAAE,OAAO,CAAA;CAAE,EAAE,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,UAAU,CAAC,CAG5F"}

package/dist/messaging.d.ts

@@ -0,0 +1,98 @@
+export type MessagingChannel = "email" | "sms";
+export interface DeliveryResult {
+    accepted: boolean;
+    provider: string;
+    channel: MessagingChannel;
+    messageId?: string;
+    raw?: unknown;
+}
+export interface EmailMessage {
+    to: string;
+    from?: string;
+    subject: string;
+    text: string;
+    html?: string;
+}
+export interface SmsMessage {
+    to: string;
+    from?: string;
+    body: string;
+}
+export interface EmailTransport {
+    readonly name: string;
+    send(message: EmailMessage): Promise<DeliveryResult>;
+}
+export interface SmsTransport {
+    readonly name: string;
+    send(message: SmsMessage): Promise<DeliveryResult>;
+}
+export interface SendOtpEmailInput {
+    to: string;
+    token: string;
+    from?: string;
+    subject?: string;
+}
+export interface SendOtpSmsInput {
+    to: string;
+    token: string | number;
+    from?: string;
+}
+export interface SendMagicLinkEmailInput {
+    to: string;
+    magicLinkUrl: string;
+    token?: string;
+    from?: string;
+    subject?: string;
+}
+export interface SendBootstrapInviteEmailInput {
+    to: string;
+    inviteUrl: string;
+    from?: string;
+    subject?: string;
+}
+export interface AuthMessageOverrideContext {
+    appName?: string;
+}
+export interface AuthMessageOverrides {
+    otpEmail?: (input: SendOtpEmailInput, defaults: EmailMessage, context: AuthMessageOverrideContext) => EmailMessage;
+    otpSms?: (input: SendOtpSmsInput, defaults: SmsMessage, context: AuthMessageOverrideContext) => SmsMessage;
+    magicLinkEmail?: (input: SendMagicLinkEmailInput, defaults: EmailMessage, context: AuthMessageOverrideContext) => EmailMessage;
+    bootstrapInviteEmail?: (input: SendBootstrapInviteEmailInput, defaults: EmailMessage, context: AuthMessageOverrideContext) => EmailMessage;
+}
+export interface AuthMessagingHandlers {
+    sendOtpEmail(input: SendOtpEmailInput): Promise<DeliveryResult>;
+    sendOtpSms(input: SendOtpSmsInput): Promise<DeliveryResult>;
+    sendMagicLinkEmail(input: SendMagicLinkEmailInput): Promise<DeliveryResult>;
+    sendBootstrapInviteEmail(input: SendBootstrapInviteEmailInput): Promise<DeliveryResult>;
+}
+export interface SeamlessAuthMessagingOptions {
+    email?: EmailTransport;
+    sms?: SmsTransport;
+    handlers?: Partial<AuthMessagingHandlers>;
+    overrides?: AuthMessageOverrides;
+    defaults?: {
+        appName?: string;
+        emailFrom?: string;
+        smsFrom?: string;
+    };
+}
+export type AuthDeliveryInstruction = {
+    kind: "otp_email";
+    to: string;
+    token: string;
+} | {
+    kind: "otp_sms";
+    to: string;
+    token: string | number;
+} | {
+    kind: "magic_link_email";
+    to: string;
+    token?: string;
+    magicLinkUrl: string;
+} | {
+    kind: "bootstrap_invite_email";
+    to: string;
+    token?: string;
+    inviteUrl: string;
+};
+//# sourceMappingURL=messaging.d.ts.map

package/dist/messaging.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"messaging.d.ts","sourceRoot":"","sources":["../src/messaging.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,KAAK,CAAC;AAE/C,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,gBAAgB,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;CACtD;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;CACpD;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,uBAAuB;IACtC,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,6BAA6B;IAC5C,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,0BAA0B;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,EAAE,CACT,KAAK,EAAE,iBAAiB,EACxB,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,0BAA0B,KAChC,YAAY,CAAC;IAClB,MAAM,CAAC,EAAE,CACP,KAAK,EAAE,eAAe,EACtB,QAAQ,EAAE,UAAU,EACpB,OAAO,EAAE,0BAA0B,KAChC,UAAU,CAAC;IAChB,cAAc,CAAC,EAAE,CACf,KAAK,EAAE,uBAAuB,EAC9B,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,0BAA0B,KAChC,YAAY,CAAC;IAClB,oBAAoB,CAAC,EAAE,CACrB,KAAK,EAAE,6BAA6B,EACpC,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,0BAA0B,KAChC,YAAY,CAAC;CACnB;AAED,MAAM,WAAW,qBAAqB;IACpC,YAAY,CAAC,KAAK,EAAE,iBAAiB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAChE,UAAU,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAC5D,kBAAkB,CAChB,KAAK,EAAE,uBAAuB,GAC7B,OAAO,CAAC,cAAc,CAAC,CAAC;IAC3B,wBAAwB,CACtB,KAAK,EAAE,6BAA6B,GACnC,OAAO,CAAC,cAAc,CAAC,CAAC;CAC5B;AAED,MAAM,WAAW,4BAA4B;IAC3C,KAAK,CAAC,EAAE,cAAc,CAAC;IACvB,GAAG,CAAC,EAAE,YAAY,CAAC;IACnB,QAAQ,CAAC,EAAE,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAC1C,SAAS,CAAC,EAAE,oBAAoB,CAAC;IACjC,QAAQ,CAAC,EAAE;QACT,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC;CACH;AAED,MAAM,MAAM,uBAAuB,GAC/B;IACE,IAAI,EAAE,WAAW,CAAC;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;CACf,GACD;IACE,IAAI,EAAE,SAAS,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;CACxB,GACD;IACE,IAAI,EAAE,kBAAkB,CAAC;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;CACtB,GACD;IACE,IAAI,EAAE,wBAAwB,CAAC;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC"}

package/dist/middleware/ensureCookies.d.ts

@@ -0,0 +1,16 @@
+import { Request, Response, NextFunction } from "express";
+export interface EnsureCookiesMiddlewareOptions {
+    authServerUrl: string;
+    cookieDomain?: string;
+    accessCookieName: string;
+    registrationCookieName: string;
+    refreshCookieName: string;
+    preAuthCookieName: string;
+    cookieSecret: string;
+    serviceSecret: string;
+    issuer: string;
+    audience: string;
+    keyId: string;
+}
+export declare function createEnsureCookiesMiddleware(opts: EnsureCookiesMiddlewareOptions): (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=ensureCookies.d.ts.map

package/dist/middleware/ensureCookies.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ensureCookies.d.ts","sourceRoot":"","sources":["../../src/middleware/ensureCookies.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK1D,MAAM,WAAW,8BAA8B;IAC7C,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,gBAAgB,EAAE,MAAM,CAAC;IACzB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,wBAAgB,6BAA6B,CAC3C,IAAI,EAAE,8BAA8B,IAmBlC,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,MAAM,YAAY,mBA0BrB"}

package/dist/middleware/requireAuth.d.ts

@@ -0,0 +1,69 @@
+import { Request, Response, NextFunction } from "express";
+export interface RequireAuthOptions {
+    cookieName?: string;
+    cookieSecret: string;
+}
+/**
+ * Express middleware that enforces authentication using Seamless Auth cookies.
+ *
+ * This guard verifies the signed access cookie generated by the Seamless Auth
+ * server. If the access cookie is valid and unexpired, the decoded session
+ * payload is attached to `req.user` and the request proceeds.
+ *
+ * If the access cookie is expired or missing *but* a valid refresh cookie is
+ * present, the middleware automatically attempts a silent token refresh using
+ * the Seamless Auth server. When successful, new session cookies are issued and
+ * the request continues with an updated `req.user`.
+ *
+ * If neither the access token nor refresh token can validate the session,
+ * the middleware returns a 401 Unauthorized error and prevents further
+ * route execution.
+ *
+ * ### Responsibilities
+ * - Validates the Seamless Auth session access cookie
+ * - Attempts refresh-token–based session renewal when necessary
+ * - Populates `req.user` with the verified session payload
+ * - Handles all cookie rewriting during refresh flows
+ * - Acts as a request-level authentication guard for API routes
+ *
+ * ### Cookie Parameters
+ * - **cookieName** — Name of the access cookie that holds the signed session JWT
+ * - **refreshCookieName** — Name of the refresh cookie used for silent token refresh
+ * - **cookieDomain** — Domain or path value applied to issued cookies
+ *
+ * ### Example
+ * ```ts
+ * // Protect a route
+ * app.get("/api/me", requireAuth(), (req, res) => {
+ *   res.json({ user: req.user });
+ * });
+ *
+ * // Custom cookie names (if your Seamless Auth server uses overrides)
+ * app.use(
+ *   "/internal",
+ *   requireAuth("sa_access", "sa_refresh", "mycompany.com"),
+ *   internalRouter
+ * );
+ * ```
+ *
+ * @param cookieName - The access cookie name. Defaults to `"seamless-access"`.
+ * @param refreshCookieName - The refresh cookie name used for session rotation. Defaults to `"seamless-refresh"`.
+ * @param cookieDomain - Domain or path used when rewriting cookies. Defaults to `"/"`.
+ *
+ * @returns An Express middleware function that enforces Seamless Auth
+ *          authentication on incoming requests.
+ */
+export interface RequireAuthOptions {
+    cookieName?: string;
+    cookieSecret: string;
+}
+/**
+ * Express middleware that enforces authentication
+ * using an already-issued Seamless Auth access cookie.
+ *
+ * NOTE:
+ * - This middleware does NOT attempt token refresh.
+ * - Refresh is handled upstream by ensureCookies().
+ */
+export declare function requireAuth(opts: RequireAuthOptions): (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=requireAuth.d.ts.map

package/dist/middleware/requireAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"requireAuth.d.ts","sourceRoot":"","sources":["../../src/middleware/requireAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAI1D,MAAM,WAAW,kBAAkB;IACjC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;CACtB;AACD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiDG;AAEH,MAAM,WAAW,kBAAkB;IACjC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;;;;;GAOG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,kBAAkB,IAOjC,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,UAoCjE"}

package/dist/middleware/requireRole.d.ts

@@ -0,0 +1,36 @@
+import { RequestHandler } from "express";
+/**
+ * Express middleware that enforces role-based authorization for Seamless Auth.
+ *
+ * This middleware assumes `requireAuth()` has already:
+ * - authenticated the request
+ * - populated `req.user` with the authenticated session payload
+ *
+ * `requireRole` performs **authorization only**. It does not inspect cookies,
+ * verify tokens, or read environment variables.
+ *
+ * If any of the required roles are present on the user, access is granted.
+ * Otherwise, a 403 Forbidden response is returned.
+ *
+ *  * ### Example
+ * ```ts
+ * // Require a single role
+ * app.get("/admin/users",
+ *   requireAuth(),
+ *   requireRole("admin"),
+ *   (req, res) => {
+ *     res.send("Welcome admin!");
+ *   }
+ * );
+ *
+ * // Allow any of multiple roles
+ * app.post("/settings",
+ *   requireAuth(),
+ *   requireRole(["admin", "supervisor"]),
+ *   updateSettingsHandler
+ * );
+ *
+ * @param requiredRoles - A role or list of roles required to access the route
+ */
+export declare function requireRole(requiredRoles: string | string[]): RequestHandler;
+//# sourceMappingURL=requireRole.d.ts.map

package/dist/middleware/requireRole.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"requireRole.d.ts","sourceRoot":"","sources":["../../src/middleware/requireRole.ts"],"names":[],"mappings":"AAAA,OAAO,EAAmC,cAAc,EAAE,MAAM,SAAS,CAAC;AAE1E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,wBAAgB,WAAW,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,cAAc,CAiC5E"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@seamless-auth/express",
-  "version": "0.1.2",
+  "version": "0.3.0",
   "description": "Express adapter for Seamless Auth passwordless authentication",
   "license": "AGPL-3.0-only",
   "type": "module",
@@ -23,10 +23,12 @@
     "node": ">=18"
   },
   "scripts": {
-    "build": "tsup src/index.ts --format esm --out-dir dist --dts --splitting",
+    "build": "npm run build:js && npm run build:types",
+    "build:js": "tsup src/index.ts --format esm --out-dir dist --splitting",
+    "build:types": "tsc -p tsconfig.build.json",
     "dev": "tsc --watch",
-    "test": "npm run build && NODE_OPTIONS=--experimental-vm-modules jest",
-    "test:watch": "npm run build && NODE_OPTIONS=--experimental-vm-modules jest --watch"
+    "test": "npm --prefix ../core run build && npm run build && NODE_OPTIONS=--experimental-vm-modules jest",
+    "test:watch": "npm --prefix ../core run build && npm run build && NODE_OPTIONS=--experimental-vm-modules jest --watch"
   },
   "repository": {
     "type": "git",
@@ -37,7 +39,7 @@
     "express": ">=4.18.0"
   },
   "dependencies": {
-    "@seamless-auth/core": "^0.2.1",
+    "@seamless-auth/core": "^0.4.0",
     "cookie-parser": "^1.4.6",
     "jsonwebtoken": "^9.0.3"
   },