@supabase/server 0.1.1-rc.24 → 0.1.1-rc.26

package/dist/adapters/hono/index.cjs

@@ -1,9 +1,35 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
-const require_create_supabase_context = require('../../create-supabase-context-DNWor6i_.cjs');
+const require_create_supabase_context = require('../../create-supabase-context-DcVorGKG.cjs');
 let hono_http_exception = require("hono/http-exception");
 let hono_factory = require("hono/factory");
 
 //#region src/adapters/hono/middleware.ts
+/**
+* Hono middleware that creates a {@link SupabaseContext} and stores it in `c.var.supabaseContext`.
+*
+* Skips if a previous middleware already set the context, enabling route-level overrides.
+* Throws a Hono `HTTPException` on auth failure.
+*
+* @param config - Auth modes and optional environment overrides. CORS is excluded — use Hono's `cors()`.
+* @returns A Hono middleware that sets `c.var.supabaseContext`.
+*
+* @example
+* ```ts
+* import { Hono } from 'hono'
+* import { withSupabase } from '@supabase/server/adapters/hono'
+*
+* const app = new Hono()
+* app.use('*', withSupabase({ allow: 'user' }))
+*
+* app.get('/profile', async (c) => {
+*   const { supabase } = c.var.supabaseContext
+*   const { data } = await supabase.rpc('get_profile')
+*   return c.json(data)
+* })
+*
+* export default { fetch: app.fetch }
+* ```
+*/
 function withSupabase(config) {
 	return (0, hono_factory.createMiddleware)(async (c, next) => {
 		if (c.var.supabaseContext) {

package/dist/adapters/hono/index.d.cts

@@ -1,7 +1,33 @@
-import { l as WithSupabaseConfig, o as SupabaseContext } from "../../types-C9J9JcPD.cjs";
+import { l as WithSupabaseConfig, o as SupabaseContext } from "../../types-CnKoFCMX.cjs";
 import * as hono_types0 from "hono/types";
 
 //#region src/adapters/hono/middleware.d.ts
+/**
+ * Hono middleware that creates a {@link SupabaseContext} and stores it in `c.var.supabaseContext`.
+ *
+ * Skips if a previous middleware already set the context, enabling route-level overrides.
+ * Throws a Hono `HTTPException` on auth failure.
+ *
+ * @param config - Auth modes and optional environment overrides. CORS is excluded — use Hono's `cors()`.
+ * @returns A Hono middleware that sets `c.var.supabaseContext`.
+ *
+ * @example
+ * ```ts
+ * import { Hono } from 'hono'
+ * import { withSupabase } from '@supabase/server/adapters/hono'
+ *
+ * const app = new Hono()
+ * app.use('*', withSupabase({ allow: 'user' }))
+ *
+ * app.get('/profile', async (c) => {
+ *   const { supabase } = c.var.supabaseContext
+ *   const { data } = await supabase.rpc('get_profile')
+ *   return c.json(data)
+ * })
+ *
+ * export default { fetch: app.fetch }
+ * ```
+ */
 declare function withSupabase(config?: Omit<WithSupabaseConfig, 'cors'>): hono_types0.MiddlewareHandler<{
   Variables: {
     supabaseContext: SupabaseContext;

package/dist/adapters/hono/index.d.mts

@@ -1,7 +1,33 @@
-import { l as WithSupabaseConfig, o as SupabaseContext } from "../../types-Ceetds5F.mjs";
+import { l as WithSupabaseConfig, o as SupabaseContext } from "../../types-ClmJ8pi8.mjs";
 import * as hono_types0 from "hono/types";
 
 //#region src/adapters/hono/middleware.d.ts
+/**
+ * Hono middleware that creates a {@link SupabaseContext} and stores it in `c.var.supabaseContext`.
+ *
+ * Skips if a previous middleware already set the context, enabling route-level overrides.
+ * Throws a Hono `HTTPException` on auth failure.
+ *
+ * @param config - Auth modes and optional environment overrides. CORS is excluded — use Hono's `cors()`.
+ * @returns A Hono middleware that sets `c.var.supabaseContext`.
+ *
+ * @example
+ * ```ts
+ * import { Hono } from 'hono'
+ * import { withSupabase } from '@supabase/server/adapters/hono'
+ *
+ * const app = new Hono()
+ * app.use('*', withSupabase({ allow: 'user' }))
+ *
+ * app.get('/profile', async (c) => {
+ *   const { supabase } = c.var.supabaseContext
+ *   const { data } = await supabase.rpc('get_profile')
+ *   return c.json(data)
+ * })
+ *
+ * export default { fetch: app.fetch }
+ * ```
+ */
 declare function withSupabase(config?: Omit<WithSupabaseConfig, 'cors'>): hono_types0.MiddlewareHandler<{
   Variables: {
     supabaseContext: SupabaseContext;

package/dist/adapters/hono/index.mjs

@@ -1,8 +1,34 @@
-import { t as createSupabaseContext } from "../../create-supabase-context-BrSIe29v.mjs";
+import { t as createSupabaseContext } from "../../create-supabase-context-CmWaH3s6.mjs";
 import { HTTPException } from "hono/http-exception";
 import { createMiddleware } from "hono/factory";
 
 //#region src/adapters/hono/middleware.ts
+/**
+* Hono middleware that creates a {@link SupabaseContext} and stores it in `c.var.supabaseContext`.
+*
+* Skips if a previous middleware already set the context, enabling route-level overrides.
+* Throws a Hono `HTTPException` on auth failure.
+*
+* @param config - Auth modes and optional environment overrides. CORS is excluded — use Hono's `cors()`.
+* @returns A Hono middleware that sets `c.var.supabaseContext`.
+*
+* @example
+* ```ts
+* import { Hono } from 'hono'
+* import { withSupabase } from '@supabase/server/adapters/hono'
+*
+* const app = new Hono()
+* app.use('*', withSupabase({ allow: 'user' }))
+*
+* app.get('/profile', async (c) => {
+*   const { supabase } = c.var.supabaseContext
+*   const { data } = await supabase.rpc('get_profile')
+*   return c.json(data)
+* })
+*
+* export default { fetch: app.fetch }
+* ```
+*/
 function withSupabase(config) {
 	return createMiddleware(async (c, next) => {
 		if (c.var.supabaseContext) {

package/dist/core/index.cjs

@@ -1,5 +1,5 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
-const require_verify_auth = require('../verify-auth-6a1UPrFz.cjs');
+const require_verify_auth = require('../verify-auth-DvRVnjdq.cjs');
 
 exports.createAdminClient = require_verify_auth.createAdminClient;
 exports.createContextClient = require_verify_auth.createContextClient;

package/dist/core/index.d.cts

@@ -1,3 +1,195 @@
-import "../types-C9J9JcPD.cjs";
-import { a as extractCredentials, i as verifyCredentials, n as createContextClient, o as resolveEnv, r as verifyAuth, t as createAdminClient } from "../create-admin-client-CnuiHPpV.cjs";
+import { i as Credentials, n as AllowWithKey, r as AuthResult, s as SupabaseEnv } from "../types-CnKoFCMX.cjs";
+import { n as EnvError, t as AuthError } from "../errors-BmSsOAvx.cjs";
+import { SupabaseClient } from "@supabase/supabase-js";
+
+//#region src/core/resolve-env.d.ts
+/**
+ * Resolves Supabase environment configuration from runtime environment variables.
+ *
+ * Reads `SUPABASE_URL`, keys (`SUPABASE_PUBLISHABLE_KEYS` / `SUPABASE_SECRET_KEYS`),
+ * and `SUPABASE_JWKS`. Works across Deno, Node.js, and Bun. For Cloudflare Workers,
+ * use `overrides` or enable node-compat.
+ *
+ * @param overrides - Partial values that take precedence over env vars.
+ * @returns `{ data: SupabaseEnv, error: null }` on success, `{ data: null, error: EnvError }` on failure.
+ *
+ * @example
+ * ```ts
+ * const { data: env, error } = resolveEnv()
+ * if (error) throw error
+ *
+ * // Override for tests
+ * const { data: env } = resolveEnv({ url: 'http://localhost:54321' })
+ * ```
+ */
+declare function resolveEnv(overrides?: Partial<SupabaseEnv>): {
+  data: SupabaseEnv;
+  error: null;
+} | {
+  data: null;
+  error: EnvError;
+};
+//#endregion
+//#region src/core/extract-credentials.d.ts
+/**
+ * Extracts authentication credentials from an incoming HTTP request.
+ *
+ * Reads two headers:
+ * - `Authorization: Bearer <token>` → extracted as `token`
+ * - `apikey: <key>` → extracted as `apikey`
+ *
+ * This is a pure extraction step — no validation or verification is performed.
+ * Pass the result to {@link verifyCredentials} to validate against allowed auth modes.
+ *
+ * @param request - The incoming HTTP request.
+ * @returns The extracted {@link Credentials}. Fields are `null` when the corresponding header is absent.
+ *
+ * @example
+ * ```ts
+ * import { extractCredentials } from '@supabase/server/core'
+ *
+ * const creds = extractCredentials(request)
+ * console.log(creds.token)  // "eyJhbGci..." or null
+ * console.log(creds.apikey) // "sb-abc123-publishable-..." or null
+ * ```
+ */
+declare function extractCredentials(request: Request): Credentials;
+//#endregion
+//#region src/core/verify-credentials.d.ts
+/**
+ * Options for {@link verifyCredentials}.
+ */
+interface VerifyCredentialsOptions {
+  /**
+   * Auth mode(s) to try. Modes are attempted in order — the first match wins.
+   *
+   * @see {@link AllowWithKey} for the full syntax including named keys.
+   */
+  allow: AllowWithKey | AllowWithKey[];
+  /** Optional environment overrides (passed through to {@link resolveEnv}). */
+  env?: Partial<SupabaseEnv>;
+}
+/**
+ * Verifies pre-extracted credentials against one or more allowed auth modes.
+ *
+ * Tries each mode in order — first match wins. Use {@link verifyAuth} to extract
+ * and verify in a single call.
+ *
+ * @param credentials - The credentials to verify (from {@link extractCredentials}).
+ * @param options - Allowed auth modes and optional env overrides.
+ * @returns `{ data: AuthResult, error: null }` on success, `{ data: null, error: AuthError }` on failure.
+ *
+ * @example
+ * ```ts
+ * const credentials = extractCredentials(request)
+ * const { data: auth, error } = await verifyCredentials(credentials, {
+ *   allow: ['user', 'public'],
+ * })
+ * if (error) {
+ *   return Response.json({ error: error.message }, { status: error.status })
+ * }
+ * ```
+ */
+declare function verifyCredentials(credentials: Credentials, options: VerifyCredentialsOptions): Promise<{
+  data: AuthResult;
+  error: null;
+} | {
+  data: null;
+  error: AuthError;
+}>;
+//#endregion
+//#region src/core/verify-auth.d.ts
+/**
+ * Options for {@link verifyAuth}.
+ */
+interface VerifyAuthOptions {
+  /**
+   * Auth mode(s) to try. Modes are attempted in order — the first match wins.
+   *
+   * @see {@link AllowWithKey} for the full syntax including named keys.
+   */
+  allow: AllowWithKey | AllowWithKey[];
+  /** Optional environment overrides (passed through to {@link resolveEnv}). */
+  env?: Partial<SupabaseEnv>;
+}
+/**
+ * Extracts credentials from a request and verifies them in a single step.
+ *
+ * This is a convenience function that combines {@link extractCredentials} and
+ * {@link verifyCredentials}. Use it when you want the full auth flow without
+ * needing to inspect the raw credentials.
+ *
+ * @param request - The incoming HTTP request.
+ * @param options - Auth modes to accept and optional environment overrides.
+ *
+ * @returns A result tuple: `{ data, error }`.
+ *   - On success: `{ data: AuthResult, error: null }`
+ *   - On failure: `{ data: null, error: AuthError }`
+ *
+ * @example
+ * ```ts
+ * import { verifyAuth } from '@supabase/server/core'
+ *
+ * const { data: auth, error } = await verifyAuth(request, {
+ *   allow: 'user',
+ * })
+ *
+ * if (error) {
+ *   return Response.json({ error: error.message }, { status: error.status })
+ * }
+ *
+ * console.log(auth.userClaims!.id) // "d0f1a2b3-..."
+ * ```
+ */
+declare function verifyAuth(request: Request, options: VerifyAuthOptions): Promise<{
+  data: AuthResult;
+  error: null;
+} | {
+  data: null;
+  error: AuthError;
+}>;
+//#endregion
+//#region src/core/create-context-client.d.ts
+/**
+ * Creates a Supabase client scoped to the caller's context.
+ *
+ * Configured with a publishable key and (optionally) the caller's JWT,
+ * so Row-Level Security policies apply. Session persistence is disabled
+ * (stateless, one client per request).
+ *
+ * @param token - The caller's JWT, or `null` for anonymous access.
+ * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
+ * @param keyName - Name of the publishable key to use. Falls back to `"default"`, then first available.
+ * @returns A configured {@link SupabaseClient} with RLS enforced.
+ * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified publishable key is not found.
+ *
+ * @example
+ * ```ts
+ * const { data: auth } = await verifyAuth(request, { allow: 'user' })
+ * const supabase = createContextClient(auth.token)
+ * const { data } = await supabase.rpc('get_my_items')
+ * ```
+ */
+declare function createContextClient<Database = unknown>(token?: string | null, env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+//#endregion
+//#region src/core/create-admin-client.d.ts
+/**
+ * Creates an admin Supabase client that bypasses Row-Level Security.
+ *
+ * Uses a secret key for authentication, giving full access to all data.
+ * Session persistence is disabled (stateless, one client per request).
+ *
+ * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
+ * @param keyName - Name of the secret key to use. Falls back to `"default"`, then first available.
+ * @returns A configured {@link SupabaseClient} with admin (service-role) privileges.
+ * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified secret key is not found.
+ *
+ * @example
+ * ```ts
+ * const supabaseAdmin = createAdminClient()
+ * const { data } = await supabaseAdmin.from('audit_log').insert({ action: 'user_login' })
+ * ```
+ */
+declare function createAdminClient<Database = unknown>(env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+//#endregion
 export { createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };

package/dist/core/index.d.mts

@@ -1,3 +1,195 @@
-import "../types-Ceetds5F.mjs";
-import { a as extractCredentials, i as verifyCredentials, n as createContextClient, o as resolveEnv, r as verifyAuth, t as createAdminClient } from "../create-admin-client-BQEHqeFW.mjs";
+import { i as Credentials, n as AllowWithKey, r as AuthResult, s as SupabaseEnv } from "../types-ClmJ8pi8.mjs";
+import { n as EnvError, t as AuthError } from "../errors-5ivL23qo.mjs";
+import { SupabaseClient } from "@supabase/supabase-js";
+
+//#region src/core/resolve-env.d.ts
+/**
+ * Resolves Supabase environment configuration from runtime environment variables.
+ *
+ * Reads `SUPABASE_URL`, keys (`SUPABASE_PUBLISHABLE_KEYS` / `SUPABASE_SECRET_KEYS`),
+ * and `SUPABASE_JWKS`. Works across Deno, Node.js, and Bun. For Cloudflare Workers,
+ * use `overrides` or enable node-compat.
+ *
+ * @param overrides - Partial values that take precedence over env vars.
+ * @returns `{ data: SupabaseEnv, error: null }` on success, `{ data: null, error: EnvError }` on failure.
+ *
+ * @example
+ * ```ts
+ * const { data: env, error } = resolveEnv()
+ * if (error) throw error
+ *
+ * // Override for tests
+ * const { data: env } = resolveEnv({ url: 'http://localhost:54321' })
+ * ```
+ */
+declare function resolveEnv(overrides?: Partial<SupabaseEnv>): {
+  data: SupabaseEnv;
+  error: null;
+} | {
+  data: null;
+  error: EnvError;
+};
+//#endregion
+//#region src/core/extract-credentials.d.ts
+/**
+ * Extracts authentication credentials from an incoming HTTP request.
+ *
+ * Reads two headers:
+ * - `Authorization: Bearer <token>` → extracted as `token`
+ * - `apikey: <key>` → extracted as `apikey`
+ *
+ * This is a pure extraction step — no validation or verification is performed.
+ * Pass the result to {@link verifyCredentials} to validate against allowed auth modes.
+ *
+ * @param request - The incoming HTTP request.
+ * @returns The extracted {@link Credentials}. Fields are `null` when the corresponding header is absent.
+ *
+ * @example
+ * ```ts
+ * import { extractCredentials } from '@supabase/server/core'
+ *
+ * const creds = extractCredentials(request)
+ * console.log(creds.token)  // "eyJhbGci..." or null
+ * console.log(creds.apikey) // "sb-abc123-publishable-..." or null
+ * ```
+ */
+declare function extractCredentials(request: Request): Credentials;
+//#endregion
+//#region src/core/verify-credentials.d.ts
+/**
+ * Options for {@link verifyCredentials}.
+ */
+interface VerifyCredentialsOptions {
+  /**
+   * Auth mode(s) to try. Modes are attempted in order — the first match wins.
+   *
+   * @see {@link AllowWithKey} for the full syntax including named keys.
+   */
+  allow: AllowWithKey | AllowWithKey[];
+  /** Optional environment overrides (passed through to {@link resolveEnv}). */
+  env?: Partial<SupabaseEnv>;
+}
+/**
+ * Verifies pre-extracted credentials against one or more allowed auth modes.
+ *
+ * Tries each mode in order — first match wins. Use {@link verifyAuth} to extract
+ * and verify in a single call.
+ *
+ * @param credentials - The credentials to verify (from {@link extractCredentials}).
+ * @param options - Allowed auth modes and optional env overrides.
+ * @returns `{ data: AuthResult, error: null }` on success, `{ data: null, error: AuthError }` on failure.
+ *
+ * @example
+ * ```ts
+ * const credentials = extractCredentials(request)
+ * const { data: auth, error } = await verifyCredentials(credentials, {
+ *   allow: ['user', 'public'],
+ * })
+ * if (error) {
+ *   return Response.json({ error: error.message }, { status: error.status })
+ * }
+ * ```
+ */
+declare function verifyCredentials(credentials: Credentials, options: VerifyCredentialsOptions): Promise<{
+  data: AuthResult;
+  error: null;
+} | {
+  data: null;
+  error: AuthError;
+}>;
+//#endregion
+//#region src/core/verify-auth.d.ts
+/**
+ * Options for {@link verifyAuth}.
+ */
+interface VerifyAuthOptions {
+  /**
+   * Auth mode(s) to try. Modes are attempted in order — the first match wins.
+   *
+   * @see {@link AllowWithKey} for the full syntax including named keys.
+   */
+  allow: AllowWithKey | AllowWithKey[];
+  /** Optional environment overrides (passed through to {@link resolveEnv}). */
+  env?: Partial<SupabaseEnv>;
+}
+/**
+ * Extracts credentials from a request and verifies them in a single step.
+ *
+ * This is a convenience function that combines {@link extractCredentials} and
+ * {@link verifyCredentials}. Use it when you want the full auth flow without
+ * needing to inspect the raw credentials.
+ *
+ * @param request - The incoming HTTP request.
+ * @param options - Auth modes to accept and optional environment overrides.
+ *
+ * @returns A result tuple: `{ data, error }`.
+ *   - On success: `{ data: AuthResult, error: null }`
+ *   - On failure: `{ data: null, error: AuthError }`
+ *
+ * @example
+ * ```ts
+ * import { verifyAuth } from '@supabase/server/core'
+ *
+ * const { data: auth, error } = await verifyAuth(request, {
+ *   allow: 'user',
+ * })
+ *
+ * if (error) {
+ *   return Response.json({ error: error.message }, { status: error.status })
+ * }
+ *
+ * console.log(auth.userClaims!.id) // "d0f1a2b3-..."
+ * ```
+ */
+declare function verifyAuth(request: Request, options: VerifyAuthOptions): Promise<{
+  data: AuthResult;
+  error: null;
+} | {
+  data: null;
+  error: AuthError;
+}>;
+//#endregion
+//#region src/core/create-context-client.d.ts
+/**
+ * Creates a Supabase client scoped to the caller's context.
+ *
+ * Configured with a publishable key and (optionally) the caller's JWT,
+ * so Row-Level Security policies apply. Session persistence is disabled
+ * (stateless, one client per request).
+ *
+ * @param token - The caller's JWT, or `null` for anonymous access.
+ * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
+ * @param keyName - Name of the publishable key to use. Falls back to `"default"`, then first available.
+ * @returns A configured {@link SupabaseClient} with RLS enforced.
+ * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified publishable key is not found.
+ *
+ * @example
+ * ```ts
+ * const { data: auth } = await verifyAuth(request, { allow: 'user' })
+ * const supabase = createContextClient(auth.token)
+ * const { data } = await supabase.rpc('get_my_items')
+ * ```
+ */
+declare function createContextClient<Database = unknown>(token?: string | null, env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+//#endregion
+//#region src/core/create-admin-client.d.ts
+/**
+ * Creates an admin Supabase client that bypasses Row-Level Security.
+ *
+ * Uses a secret key for authentication, giving full access to all data.
+ * Session persistence is disabled (stateless, one client per request).
+ *
+ * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
+ * @param keyName - Name of the secret key to use. Falls back to `"default"`, then first available.
+ * @returns A configured {@link SupabaseClient} with admin (service-role) privileges.
+ * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified secret key is not found.
+ *
+ * @example
+ * ```ts
+ * const supabaseAdmin = createAdminClient()
+ * const { data } = await supabaseAdmin.from('audit_log').insert({ action: 'user_login' })
+ * ```
+ */
+declare function createAdminClient<Database = unknown>(env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+//#endregion
 export { createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };

package/dist/core/index.mjs

@@ -1,3 +1,3 @@
-import { a as createAdminClient, i as createContextClient, n as verifyCredentials, o as resolveEnv, r as extractCredentials, t as verifyAuth } from "../verify-auth-DxUT0XoT.mjs";
+import { a as createAdminClient, i as createContextClient, n as verifyCredentials, o as resolveEnv, r as extractCredentials, t as verifyAuth } from "../verify-auth-2S7zFfR-.mjs";
 
 export { createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };

package/dist/{create-supabase-context-BrSIe29v.mjs → create-supabase-context-CmWaH3s6.mjs}

@@ -1,6 +1,26 @@
-import { a as createAdminClient, c as EnvError, i as createContextClient, s as AuthError, t as verifyAuth } from "./verify-auth-DxUT0XoT.mjs";
+import { a as createAdminClient, c as EnvError, i as createContextClient, s as AuthError, t as verifyAuth } from "./verify-auth-2S7zFfR-.mjs";
 
 //#region src/create-supabase-context.ts
+/**
+* Creates a {@link SupabaseContext} directly from a request.
+*
+* Use this when you need the context without the full {@link withSupabase} wrapper —
+* e.g., inside framework route handlers or custom middleware. Returns a result tuple
+* instead of producing a `Response`.
+*
+* @param request - The incoming HTTP request.
+* @param options - Auth modes, environment overrides. The `cors` option is ignored here.
+* @returns `{ data: SupabaseContext, error: null }` on success, `{ data: null, error: AuthError }` on failure.
+*
+* @example
+* ```ts
+* const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
+* if (error) {
+*   return Response.json({ error: error.message }, { status: error.status })
+* }
+* const { data } = await ctx.supabase.rpc('get_my_items')
+* ```
+*/
 async function createSupabaseContext(request, options) {
 	const { data: auth, error } = await verifyAuth(request, {
 		allow: options?.allow ?? "user",

package/dist/{create-supabase-context-DNWor6i_.cjs → create-supabase-context-DcVorGKG.cjs}

@@ -1,6 +1,26 @@
-const require_verify_auth = require('./verify-auth-6a1UPrFz.cjs');
+const require_verify_auth = require('./verify-auth-DvRVnjdq.cjs');
 
 //#region src/create-supabase-context.ts
+/**
+* Creates a {@link SupabaseContext} directly from a request.
+*
+* Use this when you need the context without the full {@link withSupabase} wrapper —
+* e.g., inside framework route handlers or custom middleware. Returns a result tuple
+* instead of producing a `Response`.
+*
+* @param request - The incoming HTTP request.
+* @param options - Auth modes, environment overrides. The `cors` option is ignored here.
+* @returns `{ data: SupabaseContext, error: null }` on success, `{ data: null, error: AuthError }` on failure.
+*
+* @example
+* ```ts
+* const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
+* if (error) {
+*   return Response.json({ error: error.message }, { status: error.status })
+* }
+* const { data } = await ctx.supabase.rpc('get_my_items')
+* ```
+*/
 async function createSupabaseContext(request, options) {
 	const { data: auth, error } = await require_verify_auth.verifyAuth(request, {
 		allow: options?.allow ?? "user",