@supabase/server 0.1.1-rc.26 → 0.1.1-rc.28

package/README.md

@@ -189,7 +189,7 @@ Extracts credentials from a Request and validates against the allow config.
 ```ts
 const { data: auth, error } = await verifyAuth(req, { allow: 'user' })
 if (error) {
-  return Response.json({ error: error.message }, { status: error.status })
+  return Response.json({ message: error.message }, { status: error.status })
 }
 ```
 
@@ -246,7 +246,10 @@ export default {
     if (url.pathname === '/todos') {
       const { data: auth, error } = await verifyAuth(req, { allow: 'user' })
       if (error)
-        return Response.json({ error: error.message }, { status: error.status })
+        return Response.json(
+          { message: error.message },
+          { status: error.status },
+        )
 
       const supabase = createContextClient(auth.token)
       const { data } = await supabase.from('todos').select()

package/dist/adapters/hono/index.cjs

@@ -1,5 +1,5 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
-const require_create_supabase_context = require('../../create-supabase-context-DcVorGKG.cjs');
+const require_create_supabase_context = require('../../create-supabase-context-DDIAxA8h.cjs');
 let hono_http_exception = require("hono/http-exception");
 let hono_factory = require("hono/factory");
 

package/dist/adapters/hono/index.d.cts

@@ -1,4 +1,4 @@
-import { l as WithSupabaseConfig, o as SupabaseContext } from "../../types-CnKoFCMX.cjs";
+import { f as WithSupabaseConfig, l as SupabaseContext } from "../../types-X7xYi2LN.cjs";
 import * as hono_types0 from "hono/types";
 
 //#region src/adapters/hono/middleware.d.ts

package/dist/adapters/hono/index.d.mts

@@ -1,4 +1,4 @@
-import { l as WithSupabaseConfig, o as SupabaseContext } from "../../types-ClmJ8pi8.mjs";
+import { f as WithSupabaseConfig, l as SupabaseContext } from "../../types-BmWSIuH7.mjs";
 import * as hono_types0 from "hono/types";
 
 //#region src/adapters/hono/middleware.d.ts

package/dist/adapters/hono/index.mjs

@@ -1,4 +1,4 @@
-import { t as createSupabaseContext } from "../../create-supabase-context-CmWaH3s6.mjs";
+import { t as createSupabaseContext } from "../../create-supabase-context-Bmwyha9p.mjs";
 import { HTTPException } from "hono/http-exception";
 import { createMiddleware } from "hono/factory";
 

package/dist/core/index.cjs

@@ -1,5 +1,5 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
-const require_verify_auth = require('../verify-auth-DvRVnjdq.cjs');
+const require_verify_auth = require('../verify-auth-DrgvEuKo.cjs');
 
 exports.createAdminClient = require_verify_auth.createAdminClient;
 exports.createContextClient = require_verify_auth.createContextClient;

package/dist/core/index.d.cts

@@ -1,5 +1,5 @@
-import { i as Credentials, n as AllowWithKey, r as AuthResult, s as SupabaseEnv } from "../types-CnKoFCMX.cjs";
-import { n as EnvError, t as AuthError } from "../errors-BmSsOAvx.cjs";
+import { a as CreateAdminClientOptions, i as ClientAuth, n as AllowWithKey, o as CreateContextClientOptions, r as AuthResult, s as Credentials, u as SupabaseEnv } from "../types-X7xYi2LN.cjs";
+import { i as EnvError, t as AuthError } from "../errors-O2ugIMec.cjs";
 import { SupabaseClient } from "@supabase/supabase-js";
 
 //#region src/core/resolve-env.d.ts
@@ -86,7 +86,7 @@ interface VerifyCredentialsOptions {
  *   allow: ['user', 'public'],
  * })
  * if (error) {
- *   return Response.json({ error: error.message }, { status: error.status })
+ *   return Response.json({ message: error.message }, { status: error.status })
  * }
  * ```
  */
@@ -135,7 +135,7 @@ interface VerifyAuthOptions {
  * })
  *
  * if (error) {
- *   return Response.json({ error: error.message }, { status: error.status })
+ *   return Response.json({ message: error.message }, { status: error.status })
  * }
  *
  * console.log(auth.userClaims!.id) // "d0f1a2b3-..."
@@ -154,34 +154,28 @@ declare function verifyAuth(request: Request, options: VerifyAuthOptions): Promi
  * Creates a Supabase client scoped to the caller's context.
  *
  * Configured with a publishable key and (optionally) the caller's JWT,
- * so Row-Level Security policies apply. Session persistence is disabled
- * (stateless, one client per request).
+ * so Row-Level Security policies apply. Stateless — one client per request.
  *
- * @param token - The caller's JWT, or `null` for anonymous access.
- * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
- * @param keyName - Name of the publishable key to use. Falls back to `"default"`, then first available.
- * @returns A configured {@link SupabaseClient} with RLS enforced.
  * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified publishable key is not found.
  *
  * @example
  * ```ts
  * const { data: auth } = await verifyAuth(request, { allow: 'user' })
- * const supabase = createContextClient(auth.token)
+ * const supabase = createContextClient({
+ *   auth: { token: auth.token, keyName: auth.keyName },
+ * })
  * const { data } = await supabase.rpc('get_my_items')
  * ```
  */
-declare function createContextClient<Database = unknown>(token?: string | null, env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+declare function createContextClient<Database = unknown>(options?: CreateContextClientOptions): SupabaseClient<Database>;
 //#endregion
 //#region src/core/create-admin-client.d.ts
 /**
  * Creates an admin Supabase client that bypasses Row-Level Security.
  *
  * Uses a secret key for authentication, giving full access to all data.
- * Session persistence is disabled (stateless, one client per request).
+ * Stateless — one client per request.
  *
- * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
- * @param keyName - Name of the secret key to use. Falls back to `"default"`, then first available.
- * @returns A configured {@link SupabaseClient} with admin (service-role) privileges.
  * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified secret key is not found.
  *
  * @example
@@ -190,6 +184,6 @@ declare function createContextClient<Database = unknown>(token?: string | null,
  * const { data } = await supabaseAdmin.from('audit_log').insert({ action: 'user_login' })
  * ```
  */
-declare function createAdminClient<Database = unknown>(env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+declare function createAdminClient<Database = unknown>(options?: CreateAdminClientOptions): SupabaseClient<Database>;
 //#endregion
-export { createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };
+export { type ClientAuth, type CreateAdminClientOptions, type CreateContextClientOptions, createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };

package/dist/core/index.d.mts

@@ -1,5 +1,5 @@
-import { i as Credentials, n as AllowWithKey, r as AuthResult, s as SupabaseEnv } from "../types-ClmJ8pi8.mjs";
-import { n as EnvError, t as AuthError } from "../errors-5ivL23qo.mjs";
+import { a as CreateAdminClientOptions, i as ClientAuth, n as AllowWithKey, o as CreateContextClientOptions, r as AuthResult, s as Credentials, u as SupabaseEnv } from "../types-BmWSIuH7.mjs";
+import { i as EnvError, t as AuthError } from "../errors-CAH-RRA3.mjs";
 import { SupabaseClient } from "@supabase/supabase-js";
 
 //#region src/core/resolve-env.d.ts
@@ -86,7 +86,7 @@ interface VerifyCredentialsOptions {
  *   allow: ['user', 'public'],
  * })
  * if (error) {
- *   return Response.json({ error: error.message }, { status: error.status })
+ *   return Response.json({ message: error.message }, { status: error.status })
  * }
  * ```
  */
@@ -135,7 +135,7 @@ interface VerifyAuthOptions {
  * })
  *
  * if (error) {
- *   return Response.json({ error: error.message }, { status: error.status })
+ *   return Response.json({ message: error.message }, { status: error.status })
  * }
  *
  * console.log(auth.userClaims!.id) // "d0f1a2b3-..."
@@ -154,34 +154,28 @@ declare function verifyAuth(request: Request, options: VerifyAuthOptions): Promi
  * Creates a Supabase client scoped to the caller's context.
  *
  * Configured with a publishable key and (optionally) the caller's JWT,
- * so Row-Level Security policies apply. Session persistence is disabled
- * (stateless, one client per request).
+ * so Row-Level Security policies apply. Stateless — one client per request.
  *
- * @param token - The caller's JWT, or `null` for anonymous access.
- * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
- * @param keyName - Name of the publishable key to use. Falls back to `"default"`, then first available.
- * @returns A configured {@link SupabaseClient} with RLS enforced.
  * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified publishable key is not found.
  *
  * @example
  * ```ts
  * const { data: auth } = await verifyAuth(request, { allow: 'user' })
- * const supabase = createContextClient(auth.token)
+ * const supabase = createContextClient({
+ *   auth: { token: auth.token, keyName: auth.keyName },
+ * })
  * const { data } = await supabase.rpc('get_my_items')
  * ```
  */
-declare function createContextClient<Database = unknown>(token?: string | null, env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+declare function createContextClient<Database = unknown>(options?: CreateContextClientOptions): SupabaseClient<Database>;
 //#endregion
 //#region src/core/create-admin-client.d.ts
 /**
  * Creates an admin Supabase client that bypasses Row-Level Security.
  *
  * Uses a secret key for authentication, giving full access to all data.
- * Session persistence is disabled (stateless, one client per request).
+ * Stateless — one client per request.
  *
- * @param env - Optional environment overrides (passed through to {@link resolveEnv}).
- * @param keyName - Name of the secret key to use. Falls back to `"default"`, then first available.
- * @returns A configured {@link SupabaseClient} with admin (service-role) privileges.
  * @throws {@link EnvError} If `SUPABASE_URL` is missing or the specified secret key is not found.
  *
  * @example
@@ -190,6 +184,6 @@ declare function createContextClient<Database = unknown>(token?: string | null,
  * const { data } = await supabaseAdmin.from('audit_log').insert({ action: 'user_login' })
  * ```
  */
-declare function createAdminClient<Database = unknown>(env?: Partial<SupabaseEnv>, keyName?: string | null): SupabaseClient<Database>;
+declare function createAdminClient<Database = unknown>(options?: CreateAdminClientOptions): SupabaseClient<Database>;
 //#endregion
-export { createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };
+export { type ClientAuth, type CreateAdminClientOptions, type CreateContextClientOptions, createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };

package/dist/core/index.mjs

@@ -1,3 +1,3 @@
-import { a as createAdminClient, i as createContextClient, n as verifyCredentials, o as resolveEnv, r as extractCredentials, t as verifyAuth } from "../verify-auth-2S7zFfR-.mjs";
+import { a as createAdminClient, i as createContextClient, n as verifyCredentials, o as resolveEnv, r as extractCredentials, t as verifyAuth } from "../verify-auth-Bt2uGltH.mjs";
 
 export { createAdminClient, createContextClient, extractCredentials, resolveEnv, verifyAuth, verifyCredentials };

package/dist/{create-supabase-context-CmWaH3s6.mjs → create-supabase-context-Bmwyha9p.mjs}

@@ -1,4 +1,4 @@
-import { a as createAdminClient, c as EnvError, i as createContextClient, s as AuthError, t as verifyAuth } from "./verify-auth-2S7zFfR-.mjs";
+import { a as createAdminClient, f as Errors, i as createContextClient, l as CreateSupabaseClientError, s as AuthError, t as verifyAuth, u as EnvError } from "./verify-auth-Bt2uGltH.mjs";
 
 //#region src/create-supabase-context.ts
 /**
@@ -16,7 +16,7 @@ import { a as createAdminClient, c as EnvError, i as createContextClient, s as A
 * ```ts
 * const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
 * if (error) {
-*   return Response.json({ error: error.message }, { status: error.status })
+*   return Response.json({ message: error.message }, { status: error.status })
 * }
 * const { data } = await ctx.supabase.rpc('get_my_items')
 * ```
@@ -31,12 +31,23 @@ async function createSupabaseContext(request, options) {
 		error
 	};
 	try {
-		const supabase = createContextClient(auth.token, options?.env, auth.keyName);
-		const adminKeyName = auth.authType === "secret" ? auth.keyName : void 0;
+		const config = {
+			env: options?.env,
+			supabaseOptions: options?.supabaseOptions
+		};
 		return {
 			data: {
-				supabase,
-				supabaseAdmin: createAdminClient(options?.env, adminKeyName),
+				supabase: createContextClient({
+					auth: {
+						token: auth.token,
+						keyName: auth.keyName
+					},
+					...config
+				}),
+				supabaseAdmin: createAdminClient({
+					auth: { keyName: auth.authType === "secret" ? auth.keyName : void 0 },
+					...config
+				}),
 				userClaims: auth.userClaims,
 				claims: auth.claims,
 				authType: auth.authType
@@ -46,7 +57,7 @@ async function createSupabaseContext(request, options) {
 	} catch (e) {
 		return {
 			data: null,
-			error: e instanceof EnvError ? new AuthError(e.message, e.code, 500) : new AuthError("Failed to create Supabase client", "CLIENT_ERROR", 500)
+			error: e instanceof EnvError ? new AuthError(e.message, e.code, 500) : Errors[CreateSupabaseClientError]()
 		};
 	}
 }

package/dist/{create-supabase-context-DcVorGKG.cjs → create-supabase-context-DDIAxA8h.cjs}

@@ -1,4 +1,4 @@
-const require_verify_auth = require('./verify-auth-DvRVnjdq.cjs');
+const require_verify_auth = require('./verify-auth-DrgvEuKo.cjs');
 
 //#region src/create-supabase-context.ts
 /**
@@ -16,7 +16,7 @@ const require_verify_auth = require('./verify-auth-DvRVnjdq.cjs');
 * ```ts
 * const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
 * if (error) {
-*   return Response.json({ error: error.message }, { status: error.status })
+*   return Response.json({ message: error.message }, { status: error.status })
 * }
 * const { data } = await ctx.supabase.rpc('get_my_items')
 * ```
@@ -31,12 +31,23 @@ async function createSupabaseContext(request, options) {
 		error
 	};
 	try {
-		const supabase = require_verify_auth.createContextClient(auth.token, options?.env, auth.keyName);
-		const adminKeyName = auth.authType === "secret" ? auth.keyName : void 0;
+		const config = {
+			env: options?.env,
+			supabaseOptions: options?.supabaseOptions
+		};
 		return {
 			data: {
-				supabase,
-				supabaseAdmin: require_verify_auth.createAdminClient(options?.env, adminKeyName),
+				supabase: require_verify_auth.createContextClient({
+					auth: {
+						token: auth.token,
+						keyName: auth.keyName
+					},
+					...config
+				}),
+				supabaseAdmin: require_verify_auth.createAdminClient({
+					auth: { keyName: auth.authType === "secret" ? auth.keyName : void 0 },
+					...config
+				}),
 				userClaims: auth.userClaims,
 				claims: auth.claims,
 				authType: auth.authType
@@ -46,7 +57,7 @@ async function createSupabaseContext(request, options) {
 	} catch (e) {
 		return {
 			data: null,
-			error: e instanceof require_verify_auth.EnvError ? new require_verify_auth.AuthError(e.message, e.code, 500) : new require_verify_auth.AuthError("Failed to create Supabase client", "CLIENT_ERROR", 500)
+			error: e instanceof require_verify_auth.EnvError ? new require_verify_auth.AuthError(e.message, e.code, 500) : require_verify_auth.Errors[require_verify_auth.CreateSupabaseClientError]()
 		};
 	}
 }

package/dist/errors-CAH-RRA3.d.mts

@@ -0,0 +1,109 @@
+//#region src/errors.d.ts
+/**
+ * Thrown when a required environment variable is missing or malformed.
+ *
+ * Always has `status: 500` — environment errors are server-side configuration issues.
+ *
+ * @example
+ * ```ts
+ * import { EnvError } from '@supabase/server'
+ *
+ * try {
+ *   const client = createAdminClient()
+ * } catch (e) {
+ *   if (e instanceof EnvError) {
+ *     console.error(`Config issue [${e.code}]: ${e.message}`)
+ *     // → "Config issue [MISSING_SUPABASE_URL]: SUPABASE_URL is required but not set"
+ *   }
+ * }
+ * ```
+ */
+declare class EnvError extends Error {
+  /** Always `500` — environment errors are server-side issues. */
+  readonly status = 500;
+  /**
+   * Machine-readable error code.
+   *
+   * @see {@link EnvGenericError}, {@link MissingSupabaseURLError},
+   *   {@link MissingPublishableKeyError}, {@link MissingDefaultPublishableKeyError},
+   *   {@link MissingSecretKeyError}, {@link MissingDefaultSecretKeyError}
+   */
+  readonly code: string;
+  constructor(message: string, code?: string);
+}
+/** Generic environment error code. */
+declare const EnvGenericError = "ENV_ERROR";
+/** `SUPABASE_URL` is not set. */
+declare const MissingSupabaseURLError = "MISSING_SUPABASE_URL";
+/** Named publishable key not found in `SUPABASE_PUBLISHABLE_KEYS`. */
+declare const MissingPublishableKeyError = "MISSING_PUBLISHABLE_KEY";
+/** No default publishable key found. */
+declare const MissingDefaultPublishableKeyError = "MISSING_DEFAULT_PUBLISHABLE_KEY";
+/** Named secret key not found in `SUPABASE_SECRET_KEYS`. */
+declare const MissingSecretKeyError = "MISSING_SECRET_KEY";
+/** No default secret key found. */
+declare const MissingDefaultSecretKeyError = "MISSING_DEFAULT_SECRET_KEY";
+/**
+ * Thrown when authentication or authorization fails.
+ *
+ * Carries an HTTP `status` code suitable for returning directly in a response
+ * (typically `401` for invalid credentials, `500` for server-side auth failures).
+ *
+ * @example
+ * ```ts
+ * import { AuthError, createSupabaseContext } from '@supabase/server'
+ *
+ * const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
+ * if (error) {
+ *   // error is an AuthError
+ *   return Response.json(
+ *     { message: error.message, code: error.code },
+ *     { status: error.status },
+ *   )
+ * }
+ * ```
+ */
+declare class AuthError extends Error {
+  /**
+   * HTTP status code.
+   *
+   * - `401` — Invalid or missing credentials
+   * - `500` — Server-side auth failure (e.g., missing JWKS, env misconfiguration)
+   */
+  readonly status: number;
+  /**
+   * Machine-readable error code.
+   *
+   * @see {@link AuthGenericError}, {@link InvalidCredentialsError},
+   *   {@link CreateSupabaseClientError}
+   */
+  readonly code: string;
+  constructor(message: string, code?: string, status?: number);
+}
+/** Generic authentication error code. */
+declare const AuthGenericError = "AUTH_ERROR";
+/** No credential matched any allowed auth mode. */
+declare const InvalidCredentialsError = "INVALID_CREDENTIALS";
+/** Failed to create a Supabase client after auth succeeded. */
+declare const CreateSupabaseClientError = "CREATE_SUPABASE_CLIENT_ERROR";
+/**
+ * Factory map for all error types. Keyed by error code constant, each entry
+ * returns a pre-configured {@link EnvError} or {@link AuthError}.
+ *
+ * @example
+ * ```ts
+ * throw Errors[MissingSupabaseURLError]()
+ * throw Errors[MissingPublishableKeyError]('mobile')
+ * ```
+ */
+declare const Errors: {
+  INVALID_CREDENTIALS: () => AuthError;
+  CREATE_SUPABASE_CLIENT_ERROR: () => AuthError;
+  MISSING_SUPABASE_URL: () => EnvError;
+  MISSING_SECRET_KEY: (name: string) => EnvError;
+  MISSING_DEFAULT_SECRET_KEY: () => EnvError;
+  MISSING_PUBLISHABLE_KEY: (name: string) => EnvError;
+  MISSING_DEFAULT_PUBLISHABLE_KEY: () => EnvError;
+};
+//#endregion
+export { EnvGenericError as a, MissingDefaultPublishableKeyError as c, MissingSecretKeyError as d, MissingSupabaseURLError as f, EnvError as i, MissingDefaultSecretKeyError as l, AuthGenericError as n, Errors as o, CreateSupabaseClientError as r, InvalidCredentialsError as s, AuthError as t, MissingPublishableKeyError as u };

package/dist/errors-O2ugIMec.d.cts

@@ -0,0 +1,109 @@
+//#region src/errors.d.ts
+/**
+ * Thrown when a required environment variable is missing or malformed.
+ *
+ * Always has `status: 500` — environment errors are server-side configuration issues.
+ *
+ * @example
+ * ```ts
+ * import { EnvError } from '@supabase/server'
+ *
+ * try {
+ *   const client = createAdminClient()
+ * } catch (e) {
+ *   if (e instanceof EnvError) {
+ *     console.error(`Config issue [${e.code}]: ${e.message}`)
+ *     // → "Config issue [MISSING_SUPABASE_URL]: SUPABASE_URL is required but not set"
+ *   }
+ * }
+ * ```
+ */
+declare class EnvError extends Error {
+  /** Always `500` — environment errors are server-side issues. */
+  readonly status = 500;
+  /**
+   * Machine-readable error code.
+   *
+   * @see {@link EnvGenericError}, {@link MissingSupabaseURLError},
+   *   {@link MissingPublishableKeyError}, {@link MissingDefaultPublishableKeyError},
+   *   {@link MissingSecretKeyError}, {@link MissingDefaultSecretKeyError}
+   */
+  readonly code: string;
+  constructor(message: string, code?: string);
+}
+/** Generic environment error code. */
+declare const EnvGenericError = "ENV_ERROR";
+/** `SUPABASE_URL` is not set. */
+declare const MissingSupabaseURLError = "MISSING_SUPABASE_URL";
+/** Named publishable key not found in `SUPABASE_PUBLISHABLE_KEYS`. */
+declare const MissingPublishableKeyError = "MISSING_PUBLISHABLE_KEY";
+/** No default publishable key found. */
+declare const MissingDefaultPublishableKeyError = "MISSING_DEFAULT_PUBLISHABLE_KEY";
+/** Named secret key not found in `SUPABASE_SECRET_KEYS`. */
+declare const MissingSecretKeyError = "MISSING_SECRET_KEY";
+/** No default secret key found. */
+declare const MissingDefaultSecretKeyError = "MISSING_DEFAULT_SECRET_KEY";
+/**
+ * Thrown when authentication or authorization fails.
+ *
+ * Carries an HTTP `status` code suitable for returning directly in a response
+ * (typically `401` for invalid credentials, `500` for server-side auth failures).
+ *
+ * @example
+ * ```ts
+ * import { AuthError, createSupabaseContext } from '@supabase/server'
+ *
+ * const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
+ * if (error) {
+ *   // error is an AuthError
+ *   return Response.json(
+ *     { message: error.message, code: error.code },
+ *     { status: error.status },
+ *   )
+ * }
+ * ```
+ */
+declare class AuthError extends Error {
+  /**
+   * HTTP status code.
+   *
+   * - `401` — Invalid or missing credentials
+   * - `500` — Server-side auth failure (e.g., missing JWKS, env misconfiguration)
+   */
+  readonly status: number;
+  /**
+   * Machine-readable error code.
+   *
+   * @see {@link AuthGenericError}, {@link InvalidCredentialsError},
+   *   {@link CreateSupabaseClientError}
+   */
+  readonly code: string;
+  constructor(message: string, code?: string, status?: number);
+}
+/** Generic authentication error code. */
+declare const AuthGenericError = "AUTH_ERROR";
+/** No credential matched any allowed auth mode. */
+declare const InvalidCredentialsError = "INVALID_CREDENTIALS";
+/** Failed to create a Supabase client after auth succeeded. */
+declare const CreateSupabaseClientError = "CREATE_SUPABASE_CLIENT_ERROR";
+/**
+ * Factory map for all error types. Keyed by error code constant, each entry
+ * returns a pre-configured {@link EnvError} or {@link AuthError}.
+ *
+ * @example
+ * ```ts
+ * throw Errors[MissingSupabaseURLError]()
+ * throw Errors[MissingPublishableKeyError]('mobile')
+ * ```
+ */
+declare const Errors: {
+  INVALID_CREDENTIALS: () => AuthError;
+  CREATE_SUPABASE_CLIENT_ERROR: () => AuthError;
+  MISSING_SUPABASE_URL: () => EnvError;
+  MISSING_SECRET_KEY: (name: string) => EnvError;
+  MISSING_DEFAULT_SECRET_KEY: () => EnvError;
+  MISSING_PUBLISHABLE_KEY: (name: string) => EnvError;
+  MISSING_DEFAULT_PUBLISHABLE_KEY: () => EnvError;
+};
+//#endregion
+export { EnvGenericError as a, MissingDefaultPublishableKeyError as c, MissingSecretKeyError as d, MissingSupabaseURLError as f, EnvError as i, MissingDefaultSecretKeyError as l, AuthGenericError as n, Errors as o, CreateSupabaseClientError as r, InvalidCredentialsError as s, AuthError as t, MissingPublishableKeyError as u };

package/dist/index.cjs

@@ -1,6 +1,6 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
-const require_verify_auth = require('./verify-auth-DvRVnjdq.cjs');
-const require_create_supabase_context = require('./create-supabase-context-DcVorGKG.cjs');
+const require_verify_auth = require('./verify-auth-DrgvEuKo.cjs');
+const require_create_supabase_context = require('./create-supabase-context-DDIAxA8h.cjs');
 let _supabase_supabase_js_cors = require("@supabase/supabase-js/cors");
 
 //#region src/cors.ts
@@ -70,7 +70,7 @@ function withSupabase(config, handler) {
 		});
 		const { data: ctx, error } = await require_create_supabase_context.createSupabaseContext(req, config);
 		if (error) return Response.json({
-			error: error.message,
+			message: error.message,
 			code: error.code
 		}, {
 			status: error.status,
@@ -84,6 +84,16 @@ function withSupabase(config, handler) {
 
 //#endregion
 exports.AuthError = require_verify_auth.AuthError;
+exports.AuthGenericError = require_verify_auth.AuthGenericError;
+exports.CreateSupabaseClientError = require_verify_auth.CreateSupabaseClientError;
 exports.EnvError = require_verify_auth.EnvError;
+exports.EnvGenericError = require_verify_auth.EnvGenericError;
+exports.Errors = require_verify_auth.Errors;
+exports.InvalidCredentialsError = require_verify_auth.InvalidCredentialsError;
+exports.MissingDefaultPublishableKeyError = require_verify_auth.MissingDefaultPublishableKeyError;
+exports.MissingDefaultSecretKeyError = require_verify_auth.MissingDefaultSecretKeyError;
+exports.MissingPublishableKeyError = require_verify_auth.MissingPublishableKeyError;
+exports.MissingSecretKeyError = require_verify_auth.MissingSecretKeyError;
+exports.MissingSupabaseURLError = require_verify_auth.MissingSupabaseURLError;
 exports.createSupabaseContext = require_create_supabase_context.createSupabaseContext;
 exports.withSupabase = withSupabase;

package/dist/index.d.cts

@@ -1,5 +1,5 @@
-import { a as JWTClaims, c as UserClaims, i as Credentials, l as WithSupabaseConfig, n as AllowWithKey, o as SupabaseContext, r as AuthResult, s as SupabaseEnv, t as Allow } from "./types-CnKoFCMX.cjs";
-import { n as EnvError, t as AuthError } from "./errors-BmSsOAvx.cjs";
+import { a as CreateAdminClientOptions, c as JWTClaims, d as UserClaims, f as WithSupabaseConfig, i as ClientAuth, l as SupabaseContext, n as AllowWithKey, o as CreateContextClientOptions, r as AuthResult, s as Credentials, t as Allow, u as SupabaseEnv } from "./types-X7xYi2LN.cjs";
+import { a as EnvGenericError, c as MissingDefaultPublishableKeyError, d as MissingSecretKeyError, f as MissingSupabaseURLError, i as EnvError, l as MissingDefaultSecretKeyError, n as AuthGenericError, o as Errors, r as CreateSupabaseClientError, s as InvalidCredentialsError, t as AuthError, u as MissingPublishableKeyError } from "./errors-O2ugIMec.cjs";
 
 //#region src/with-supabase.d.ts
 /**
@@ -43,7 +43,7 @@ declare function withSupabase<Database = unknown>(config: WithSupabaseConfig, ha
  * ```ts
  * const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
  * if (error) {
- *   return Response.json({ error: error.message }, { status: error.status })
+ *   return Response.json({ message: error.message }, { status: error.status })
  * }
  * const { data } = await ctx.supabase.rpc('get_my_items')
  * ```
@@ -56,4 +56,4 @@ declare function createSupabaseContext<Database = unknown>(request: Request, opt
   error: AuthError;
 }>;
 //#endregion
-export { type Allow, type AllowWithKey, AuthError, type AuthResult, type Credentials, EnvError, type JWTClaims, type SupabaseContext, type SupabaseEnv, type UserClaims, type WithSupabaseConfig, createSupabaseContext, withSupabase };
+export { type Allow, type AllowWithKey, AuthError, AuthGenericError, type AuthResult, type ClientAuth, type CreateAdminClientOptions, type CreateContextClientOptions, CreateSupabaseClientError, type Credentials, EnvError, EnvGenericError, Errors, InvalidCredentialsError, type JWTClaims, MissingDefaultPublishableKeyError, MissingDefaultSecretKeyError, MissingPublishableKeyError, MissingSecretKeyError, MissingSupabaseURLError, type SupabaseContext, type SupabaseEnv, type UserClaims, type WithSupabaseConfig, createSupabaseContext, withSupabase };

package/dist/index.d.mts

@@ -1,5 +1,5 @@
-import { a as JWTClaims, c as UserClaims, i as Credentials, l as WithSupabaseConfig, n as AllowWithKey, o as SupabaseContext, r as AuthResult, s as SupabaseEnv, t as Allow } from "./types-ClmJ8pi8.mjs";
-import { n as EnvError, t as AuthError } from "./errors-5ivL23qo.mjs";
+import { a as CreateAdminClientOptions, c as JWTClaims, d as UserClaims, f as WithSupabaseConfig, i as ClientAuth, l as SupabaseContext, n as AllowWithKey, o as CreateContextClientOptions, r as AuthResult, s as Credentials, t as Allow, u as SupabaseEnv } from "./types-BmWSIuH7.mjs";
+import { a as EnvGenericError, c as MissingDefaultPublishableKeyError, d as MissingSecretKeyError, f as MissingSupabaseURLError, i as EnvError, l as MissingDefaultSecretKeyError, n as AuthGenericError, o as Errors, r as CreateSupabaseClientError, s as InvalidCredentialsError, t as AuthError, u as MissingPublishableKeyError } from "./errors-CAH-RRA3.mjs";
 
 //#region src/with-supabase.d.ts
 /**
@@ -43,7 +43,7 @@ declare function withSupabase<Database = unknown>(config: WithSupabaseConfig, ha
  * ```ts
  * const { data: ctx, error } = await createSupabaseContext(request, { allow: 'user' })
  * if (error) {
- *   return Response.json({ error: error.message }, { status: error.status })
+ *   return Response.json({ message: error.message }, { status: error.status })
  * }
  * const { data } = await ctx.supabase.rpc('get_my_items')
  * ```
@@ -56,4 +56,4 @@ declare function createSupabaseContext<Database = unknown>(request: Request, opt
   error: AuthError;
 }>;
 //#endregion
-export { type Allow, type AllowWithKey, AuthError, type AuthResult, type Credentials, EnvError, type JWTClaims, type SupabaseContext, type SupabaseEnv, type UserClaims, type WithSupabaseConfig, createSupabaseContext, withSupabase };
+export { type Allow, type AllowWithKey, AuthError, AuthGenericError, type AuthResult, type ClientAuth, type CreateAdminClientOptions, type CreateContextClientOptions, CreateSupabaseClientError, type Credentials, EnvError, EnvGenericError, Errors, InvalidCredentialsError, type JWTClaims, MissingDefaultPublishableKeyError, MissingDefaultSecretKeyError, MissingPublishableKeyError, MissingSecretKeyError, MissingSupabaseURLError, type SupabaseContext, type SupabaseEnv, type UserClaims, type WithSupabaseConfig, createSupabaseContext, withSupabase };

package/dist/index.mjs

@@ -1,5 +1,5 @@
-import { c as EnvError, s as AuthError } from "./verify-auth-2S7zFfR-.mjs";
-import { t as createSupabaseContext } from "./create-supabase-context-CmWaH3s6.mjs";
+import { _ as MissingSecretKeyError, c as AuthGenericError, d as EnvGenericError, f as Errors, g as MissingPublishableKeyError, h as MissingDefaultSecretKeyError, l as CreateSupabaseClientError, m as MissingDefaultPublishableKeyError, p as InvalidCredentialsError, s as AuthError, u as EnvError, v as MissingSupabaseURLError } from "./verify-auth-Bt2uGltH.mjs";
+import { t as createSupabaseContext } from "./create-supabase-context-Bmwyha9p.mjs";
 import { corsHeaders } from "@supabase/supabase-js/cors";
 
 //#region src/cors.ts
@@ -69,7 +69,7 @@ function withSupabase(config, handler) {
 		});
 		const { data: ctx, error } = await createSupabaseContext(req, config);
 		if (error) return Response.json({
-			error: error.message,
+			message: error.message,
 			code: error.code
 		}, {
 			status: error.status,
@@ -82,4 +82,4 @@ function withSupabase(config, handler) {
 }
 
 //#endregion
-export { AuthError, EnvError, createSupabaseContext, withSupabase };
+export { AuthError, AuthGenericError, CreateSupabaseClientError, EnvError, EnvGenericError, Errors, InvalidCredentialsError, MissingDefaultPublishableKeyError, MissingDefaultSecretKeyError, MissingPublishableKeyError, MissingSecretKeyError, MissingSupabaseURLError, createSupabaseContext, withSupabase };