@technomoron/api-server-base 1.1.0 → 1.1.1

package/README.txt

@@ -27,18 +27,32 @@ All runtime dependencies and `@types/*` packages are bundled with the distributi
 
 Quick Start
 -----------
-import { ApiServer, ApiModule, ApiError } from '@technomoron/api-server-base';
+import { ApiServer, ApiModule, ApiError, BaseAuthStorage } from '@technomoron/api-server-base';
+
+type DemoUser = { id: string; email: string; password: string };
+
+class DemoStorage extends BaseAuthStorage<DemoUser, Omit<DemoUser, 'password'>> {
+	private readonly users = new Map<string, DemoUser>([
+		['1', { id: '1', email: 'demo@example.com', password: 'secret' }]
+	]);
 
-class AppServer extends ApiServer {
 	async getUser(uid: unknown) {
-		return { id: uid, email: 'demo@example.com' };
+		return this.users.get(String(uid)) ?? null;
 	}
 
-	filterUser(user: any) {
-		return { id: user.id, email: user.email };
+	getUserPasswordHash(user: DemoUser) {
+		return user.password;
+	}
+
+	filterUser(user: DemoUser) {
+		const { password: _password, ...safe } = user;
+		void _password;
+		return safe;
 	}
 }
 
+class AppServer extends ApiServer {}
+
 class UserModule extends ApiModule<AppServer> {
 	constructor() {
 		super({ namespace: '/users' });
@@ -51,18 +65,19 @@ class UserModule extends ApiModule<AppServer> {
 				path: '/',
 				auth: { type: 'yes', req: 'any' },
 				handler: async ({ server, tokenData }) => {
-					const user = await server.getUser(tokenData?.uid);
+					const storage = server.getAuthStorage();
+					const user = tokenData ? await storage.getUser(tokenData.uid) : null;
 					if (!user) {
 						throw new ApiError({ code: 404, message: 'User not found' });
 					}
-					return [200, server.filterUser(user)];
+					return [200, storage.filterUser(user)];
 				},
 			},
 		];
 	}
 }
 
-const yourStorageAdapter = new YourStorageAdapter();
+const yourStorageAdapter = new DemoStorage();
 
 const server = new AppServer({
 	apiPort: 3101,
@@ -116,8 +131,8 @@ Use getClientIp(req) to obtain the most likely client address, skipping loopback
 
 Extending the Base Classes
 --------------------------
-Override getApiKey, getUser, authenticateUser, storeToken, getToken, updateToken, deleteToken, and verifyPassword to integrate with your persistence layer.
-Customize filterUser to trim sensitive data before sending it to the client.
+Implement the AuthStorage contract (getUser, verifyPassword, storeToken, updateToken, etc.) to integrate with your persistence layer, then supply it via authStorage().
+Use your storage adapter's filterUser helper to trim sensitive data before returning responses.
 Provide your own authorize method to enforce role based access control using the ApiAuthClass enum.
 Create feature modules by extending ApiModule. Use the optional checkConfig hook to validate prerequisites before routes mount.
 

package/dist/cjs/api-module.cjs

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiModule = void 0;
+class ApiModule {
+    constructor(opts = {}) {
+        this.mountpath = '';
+        this.namespace = opts.namespace ?? this.constructor.defaultNamespace ?? '';
+    }
+    checkConfig() {
+        return true;
+    }
+    defineRoutes() {
+        return [];
+    }
+}
+exports.ApiModule = ApiModule;
+ApiModule.defaultNamespace = '';

package/dist/cjs/api-module.d.ts

@@ -0,0 +1,27 @@
+import type { ApiRequest } from './api-server-base.js';
+export type ApiHandler = (apiReq: ApiRequest) => Promise<[number] | [number, any] | [number, any, string]>;
+export type ApiAuthType = 'none' | 'maybe' | 'yes';
+export type ApiAuthClass = 'any' | 'admin';
+export interface ApiKey {
+    uid: unknown;
+}
+export type ApiRoute = {
+    method: 'get' | 'post' | 'put' | 'delete';
+    path: string;
+    handler: ApiHandler;
+    auth: {
+        type: ApiAuthType;
+        req: ApiAuthClass;
+    };
+};
+export declare class ApiModule<T> {
+    server: T;
+    namespace: string;
+    mountpath: string;
+    static defaultNamespace: string;
+    constructor(opts?: {
+        namespace?: string;
+    });
+    checkConfig(): boolean;
+    defineRoutes(): ApiRoute[];
+}

package/dist/cjs/api-server-base.cjs

@@ -17,20 +17,8 @@ const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
 const multer_1 = __importDefault(require("multer"));
 const auth_module_js_1 = require("./auth-module.cjs");
 const auth_storage_js_1 = require("./auth-storage.cjs");
-class ApiModule {
-    constructor(opts = {}) {
-        this.mountpath = '';
-        this.namespace = opts.namespace ?? this.constructor.defaultNamespace ?? '';
-    }
-    checkConfig() {
-        return true;
-    }
-    defineRoutes() {
-        return [];
-    }
-}
-exports.ApiModule = ApiModule;
-ApiModule.defaultNamespace = '';
+var api_module_js_1 = require("./api-module.cjs");
+Object.defineProperty(exports, "ApiModule", { enumerable: true, get: function () { return api_module_js_1.ApiModule; } });
 function guess_exception_text(error, defMsg = 'Unknown Error') {
     const msg = [];
     if (typeof error === 'string' && error.trim() !== '') {
@@ -277,31 +265,16 @@ class ApiServer {
         void token;
         return null;
     }
-    async getUser(uid) {
-        return this.storageAdapter.getUser(uid);
-    }
-    getUserPasswordHash(user) {
-        return this.storageAdapter.getUserPasswordHash(user);
-    }
-    getUserId(user) {
-        return this.storageAdapter.getUserId(user);
-    }
     async authenticateUser(params) {
         if (!params?.login || !params?.password) {
             return false;
         }
-        const user = await this.getUser(params.login);
+        const user = await this.storageAdapter.getUser(params.login);
         if (!user) {
             return false;
         }
         const hash = this.storageAdapter.getUserPasswordHash(user);
-        return this.verifyPassword(params.password, hash);
-    }
-    async storeToken(data) {
-        await this.storageAdapter.storeToken(data);
-    }
-    async getToken(query) {
-        return this.storageAdapter.getToken(query);
+        return this.storageAdapter.verifyPassword(params.password, hash);
     }
     async updateToken(updates) {
         if (typeof this.storageAdapter.updateToken !== 'function') {
@@ -315,15 +288,6 @@ class ApiServer {
             scope: updates.scope
         });
     }
-    async deleteToken(query) {
-        return this.storageAdapter.deleteToken(query);
-    }
-    async verifyPassword(password, hash) {
-        return this.storageAdapter.verifyPassword(password, hash);
-    }
-    filterUser(fullUser) {
-        return this.storageAdapter.filterUser(fullUser);
-    }
     guessExceptionText(error, defMsg = 'Unkown Error') {
         return guess_exception_text(error, defMsg);
     }

package/dist/cjs/api-server-base.d.ts

@@ -6,8 +6,10 @@
  */
 import { Application, Request, Response } from 'express';
 import jwt, { JwtPayload, SignOptions, VerifyOptions } from 'jsonwebtoken';
+import { ApiModule } from './api-module.js';
+import type { ApiAuthClass, ApiKey } from './api-module.js';
 import type { AuthProviderModule } from './auth-module.js';
-import type { AuthIdentifier, AuthStorage, AuthTokenData, AuthTokenQuery } from './auth-storage.js';
+import type { AuthStorage } from './auth-storage.js';
 export type { Application, Request, Response, NextFunction, Router } from 'express';
 export type { Multer } from 'multer';
 export type { JwtPayload, SignOptions, VerifyOptions } from 'jsonwebtoken';
@@ -45,32 +47,8 @@ export interface ApiRequest {
     tokenData?: ApiTokenData | null;
     token?: string;
 }
-export type ApiHandler = (apiReq: ApiRequest) => Promise<[number] | [number, any] | [number, any, string]>;
-export type ApiAuthType = 'none' | 'maybe' | 'yes';
-export type ApiAuthClass = 'any' | 'admin';
-export interface ApiKey {
-    uid: unknown;
-}
-export type ApiRoute = {
-    method: 'get' | 'post' | 'put' | 'delete';
-    path: string;
-    handler: ApiHandler;
-    auth: {
-        type: ApiAuthType;
-        req: ApiAuthClass;
-    };
-};
-export declare class ApiModule<T> {
-    server: T;
-    namespace: string;
-    mountpath: string;
-    static defaultNamespace: string;
-    constructor(opts?: {
-        namespace?: string;
-    });
-    checkConfig(): boolean;
-    defineRoutes(): ApiRoute[];
-}
+export { ApiModule } from './api-module.js';
+export type { ApiHandler, ApiAuthType, ApiAuthClass, ApiRoute, ApiKey } from './api-module.js';
 export interface ApiErrorParams {
     code?: number;
     message?: any;
@@ -114,26 +92,21 @@ export declare class ApiServer {
      * @deprecated Use {@link ApiServer.authStorage} instead.
      */
     useAuthStorage<UserRow, SafeUser>(storage: AuthStorage<UserRow, SafeUser>): this;
-    authModule<UserRow, SafeUser>(module: AuthProviderModule<UserRow, SafeUser>): this;
+    authModule<UserRow>(module: AuthProviderModule<UserRow>): this;
     /**
      * @deprecated Use {@link ApiServer.authModule} instead.
      */
-    useAuthModule<UserRow, SafeUser>(module: AuthProviderModule<UserRow, SafeUser>): this;
+    useAuthModule<UserRow>(module: AuthProviderModule<UserRow>): this;
     getAuthStorage(): AuthStorage<any, any>;
-    getAuthModule(): AuthProviderModule<any, any>;
+    getAuthModule(): AuthProviderModule<any>;
     jwtSign(payload: any, secret: string, expiresInSeconds: number, options?: SignOptions): JwtSignResult;
     jwtVerify<T>(token: string, secret: string, options?: VerifyOptions): JwtVerifyResult<T>;
     jwtDecode<T>(token: string, options?: jwt.DecodeOptions): JwtDecodeResult<T>;
     getApiKey<T = ApiKey>(token: string): Promise<T | null>;
-    getUser(uid: AuthIdentifier): Promise<unknown>;
-    getUserPasswordHash(user: unknown): string;
-    getUserId(user: unknown): AuthIdentifier;
     authenticateUser(params: {
         login: string;
         password: string;
     }): Promise<boolean>;
-    storeToken(data: AuthTokenData): Promise<void>;
-    getToken(query: AuthTokenQuery): Promise<AuthTokenData | null>;
     updateToken(updates: {
         accessToken: string;
         refreshToken: string;
@@ -141,9 +114,6 @@ export declare class ApiServer {
         clientId?: string;
         scope?: string[];
     }): Promise<boolean>;
-    deleteToken(query: AuthTokenQuery): Promise<number>;
-    verifyPassword(password: string, hash: string): Promise<boolean>;
-    filterUser<T = any, U = any>(fullUser: T): U;
     guessExceptionText(error: any, defMsg?: string): string;
     protected authorize(apiReq: ApiRequest, requiredClass: ApiAuthClass): Promise<void>;
     private middlewares;

package/dist/cjs/auth-module.cjs

@@ -1,26 +1,25 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.nullAuthModule = exports.BaseAuthModule = void 0;
+const api_module_js_1 = require("./api-module.cjs");
 // Handy base that you can extend when wiring a real auth module. Subclasses
-// must provide their namespace. Methods throw by default so unimplemented
-// hooks fail loudly.
-class BaseAuthModule {
-    constructor() {
+// must supply a namespace via the constructor and implement token issuance.
+class BaseAuthModule extends api_module_js_1.ApiModule {
+    constructor(opts) {
+        super(opts);
         this.moduleType = 'auth';
     }
-    // Override to mint tokens for the provided user and request context
-    async issueTokens(apiReq, user, metadata) {
-        void apiReq;
-        void user;
-        void metadata;
-        throw new Error('Auth module not configured');
-    }
 }
 exports.BaseAuthModule = BaseAuthModule;
 class NullAuthModule extends BaseAuthModule {
     constructor() {
-        super(...arguments);
-        this.namespace = '__null__';
+        super({ namespace: '__null__' });
+    }
+    async issueTokens(apiReq, user, metadata) {
+        void apiReq;
+        void user;
+        void metadata;
+        throw new Error('Auth module not configured. Inject a real auth module before issuing tokens.');
     }
 }
 exports.nullAuthModule = new NullAuthModule();

package/dist/cjs/auth-module.d.ts

@@ -1,17 +1,20 @@
+import { ApiModule } from './api-module.js';
 import type { ApiRequest } from './api-server-base.js';
 import type { AuthTokenMetadata, AuthTokenPair } from './auth-storage.js';
-export interface AuthProviderModule<UserRow, SafeUser> {
+export interface AuthProviderModule<UserRow = unknown> {
     readonly moduleType: 'auth';
     readonly namespace: string;
     issueTokens(apiReq: ApiRequest, user: UserRow, metadata?: AuthTokenMetadata & {
         expires?: Date;
     }): Promise<AuthTokenPair>;
 }
-export declare abstract class BaseAuthModule implements AuthProviderModule<unknown, unknown> {
+export declare abstract class BaseAuthModule<UserRow = unknown> extends ApiModule<any> implements AuthProviderModule<UserRow> {
     readonly moduleType: "auth";
-    abstract readonly namespace: string;
-    issueTokens(apiReq: ApiRequest, user: unknown, metadata?: AuthTokenMetadata & {
+    protected constructor(opts: {
+        namespace: string;
+    });
+    abstract issueTokens(apiReq: ApiRequest, user: UserRow, metadata?: AuthTokenMetadata & {
         expires?: Date;
     }): Promise<AuthTokenPair>;
 }
-export declare const nullAuthModule: AuthProviderModule<unknown, unknown>;
+export declare const nullAuthModule: AuthProviderModule<unknown>;

package/dist/cjs/index.cjs

@@ -3,12 +3,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.BaseAuthModule = exports.nullAuthModule = exports.BaseAuthStorage = exports.nullAuthStorage = exports.ApiError = exports.ApiModule = exports.ApiServer = void 0;
+exports.BaseAuthModule = exports.nullAuthModule = exports.BaseAuthStorage = exports.nullAuthStorage = exports.ApiModule = exports.ApiError = exports.ApiServer = void 0;
 var api_server_base_js_1 = require("./api-server-base.cjs");
 Object.defineProperty(exports, "ApiServer", { enumerable: true, get: function () { return __importDefault(api_server_base_js_1).default; } });
 var api_server_base_js_2 = require("./api-server-base.cjs");
-Object.defineProperty(exports, "ApiModule", { enumerable: true, get: function () { return api_server_base_js_2.ApiModule; } });
 Object.defineProperty(exports, "ApiError", { enumerable: true, get: function () { return api_server_base_js_2.ApiError; } });
+var api_module_js_1 = require("./api-module.cjs");
+Object.defineProperty(exports, "ApiModule", { enumerable: true, get: function () { return api_module_js_1.ApiModule; } });
 var auth_storage_js_1 = require("./auth-storage.cjs");
 Object.defineProperty(exports, "nullAuthStorage", { enumerable: true, get: function () { return auth_storage_js_1.nullAuthStorage; } });
 Object.defineProperty(exports, "BaseAuthStorage", { enumerable: true, get: function () { return auth_storage_js_1.BaseAuthStorage; } });

package/dist/cjs/index.d.ts

@@ -1,5 +1,6 @@
 export { default as ApiServer } from './api-server-base.js';
-export { ApiModule, ApiError } from './api-server-base.js';
+export { ApiError } from './api-server-base.js';
+export { ApiModule } from './api-module.js';
 export type { ApiErrorParams, ApiHandler, ApiKey, ApiServerConf, ApiRequest, ApiRoute, ApiAuthType, ApiAuthClass, ApiTokenData, RequestWithStuff } from './api-server-base.js';
 export type { AuthIdentifier, AuthTokenMetadata, AuthTokenData, AuthTokenQuery, AuthTokenPair, AuthTokenPayload, PasskeyChallengeParams, PasskeyChallenge, PasskeyVerificationParams, PasskeyVerificationResult, OAuthClient, AuthCodeData, AuthCodeRequest, AuthStorage } from './auth-storage.js';
 export type { AuthProviderModule } from './auth-module.js';

package/dist/esm/api-module.d.ts

@@ -0,0 +1,27 @@
+import type { ApiRequest } from './api-server-base.js';
+export type ApiHandler = (apiReq: ApiRequest) => Promise<[number] | [number, any] | [number, any, string]>;
+export type ApiAuthType = 'none' | 'maybe' | 'yes';
+export type ApiAuthClass = 'any' | 'admin';
+export interface ApiKey {
+    uid: unknown;
+}
+export type ApiRoute = {
+    method: 'get' | 'post' | 'put' | 'delete';
+    path: string;
+    handler: ApiHandler;
+    auth: {
+        type: ApiAuthType;
+        req: ApiAuthClass;
+    };
+};
+export declare class ApiModule<T> {
+    server: T;
+    namespace: string;
+    mountpath: string;
+    static defaultNamespace: string;
+    constructor(opts?: {
+        namespace?: string;
+    });
+    checkConfig(): boolean;
+    defineRoutes(): ApiRoute[];
+}

package/dist/esm/api-module.js

@@ -0,0 +1,13 @@
+export class ApiModule {
+    constructor(opts = {}) {
+        this.mountpath = '';
+        this.namespace = opts.namespace ?? this.constructor.defaultNamespace ?? '';
+    }
+    checkConfig() {
+        return true;
+    }
+    defineRoutes() {
+        return [];
+    }
+}
+ApiModule.defaultNamespace = '';

package/dist/esm/api-server-base.d.ts

@@ -6,8 +6,10 @@
  */
 import { Application, Request, Response } from 'express';
 import jwt, { JwtPayload, SignOptions, VerifyOptions } from 'jsonwebtoken';
+import { ApiModule } from './api-module.js';
+import type { ApiAuthClass, ApiKey } from './api-module.js';
 import type { AuthProviderModule } from './auth-module.js';
-import type { AuthIdentifier, AuthStorage, AuthTokenData, AuthTokenQuery } from './auth-storage.js';
+import type { AuthStorage } from './auth-storage.js';
 export type { Application, Request, Response, NextFunction, Router } from 'express';
 export type { Multer } from 'multer';
 export type { JwtPayload, SignOptions, VerifyOptions } from 'jsonwebtoken';
@@ -45,32 +47,8 @@ export interface ApiRequest {
     tokenData?: ApiTokenData | null;
     token?: string;
 }
-export type ApiHandler = (apiReq: ApiRequest) => Promise<[number] | [number, any] | [number, any, string]>;
-export type ApiAuthType = 'none' | 'maybe' | 'yes';
-export type ApiAuthClass = 'any' | 'admin';
-export interface ApiKey {
-    uid: unknown;
-}
-export type ApiRoute = {
-    method: 'get' | 'post' | 'put' | 'delete';
-    path: string;
-    handler: ApiHandler;
-    auth: {
-        type: ApiAuthType;
-        req: ApiAuthClass;
-    };
-};
-export declare class ApiModule<T> {
-    server: T;
-    namespace: string;
-    mountpath: string;
-    static defaultNamespace: string;
-    constructor(opts?: {
-        namespace?: string;
-    });
-    checkConfig(): boolean;
-    defineRoutes(): ApiRoute[];
-}
+export { ApiModule } from './api-module.js';
+export type { ApiHandler, ApiAuthType, ApiAuthClass, ApiRoute, ApiKey } from './api-module.js';
 export interface ApiErrorParams {
     code?: number;
     message?: any;
@@ -114,26 +92,21 @@ export declare class ApiServer {
      * @deprecated Use {@link ApiServer.authStorage} instead.
      */
     useAuthStorage<UserRow, SafeUser>(storage: AuthStorage<UserRow, SafeUser>): this;
-    authModule<UserRow, SafeUser>(module: AuthProviderModule<UserRow, SafeUser>): this;
+    authModule<UserRow>(module: AuthProviderModule<UserRow>): this;
     /**
      * @deprecated Use {@link ApiServer.authModule} instead.
      */
-    useAuthModule<UserRow, SafeUser>(module: AuthProviderModule<UserRow, SafeUser>): this;
+    useAuthModule<UserRow>(module: AuthProviderModule<UserRow>): this;
     getAuthStorage(): AuthStorage<any, any>;
-    getAuthModule(): AuthProviderModule<any, any>;
+    getAuthModule(): AuthProviderModule<any>;
     jwtSign(payload: any, secret: string, expiresInSeconds: number, options?: SignOptions): JwtSignResult;
     jwtVerify<T>(token: string, secret: string, options?: VerifyOptions): JwtVerifyResult<T>;
     jwtDecode<T>(token: string, options?: jwt.DecodeOptions): JwtDecodeResult<T>;
     getApiKey<T = ApiKey>(token: string): Promise<T | null>;
-    getUser(uid: AuthIdentifier): Promise<unknown>;
-    getUserPasswordHash(user: unknown): string;
-    getUserId(user: unknown): AuthIdentifier;
     authenticateUser(params: {
         login: string;
         password: string;
     }): Promise<boolean>;
-    storeToken(data: AuthTokenData): Promise<void>;
-    getToken(query: AuthTokenQuery): Promise<AuthTokenData | null>;
     updateToken(updates: {
         accessToken: string;
         refreshToken: string;
@@ -141,9 +114,6 @@ export declare class ApiServer {
         clientId?: string;
         scope?: string[];
     }): Promise<boolean>;
-    deleteToken(query: AuthTokenQuery): Promise<number>;
-    verifyPassword(password: string, hash: string): Promise<boolean>;
-    filterUser<T = any, U = any>(fullUser: T): U;
     guessExceptionText(error: any, defMsg?: string): string;
     protected authorize(apiReq: ApiRequest, requiredClass: ApiAuthClass): Promise<void>;
     private middlewares;

package/dist/esm/api-server-base.js

@@ -11,19 +11,7 @@ import jwt from 'jsonwebtoken';
 import multer from 'multer';
 import { nullAuthModule } from './auth-module.js';
 import { nullAuthStorage } from './auth-storage.js';
-export class ApiModule {
-    constructor(opts = {}) {
-        this.mountpath = '';
-        this.namespace = opts.namespace ?? this.constructor.defaultNamespace ?? '';
-    }
-    checkConfig() {
-        return true;
-    }
-    defineRoutes() {
-        return [];
-    }
-}
-ApiModule.defaultNamespace = '';
+export { ApiModule } from './api-module.js';
 function guess_exception_text(error, defMsg = 'Unknown Error') {
     const msg = [];
     if (typeof error === 'string' && error.trim() !== '') {
@@ -269,31 +257,16 @@ export class ApiServer {
         void token;
         return null;
     }
-    async getUser(uid) {
-        return this.storageAdapter.getUser(uid);
-    }
-    getUserPasswordHash(user) {
-        return this.storageAdapter.getUserPasswordHash(user);
-    }
-    getUserId(user) {
-        return this.storageAdapter.getUserId(user);
-    }
     async authenticateUser(params) {
         if (!params?.login || !params?.password) {
             return false;
         }
-        const user = await this.getUser(params.login);
+        const user = await this.storageAdapter.getUser(params.login);
         if (!user) {
             return false;
         }
         const hash = this.storageAdapter.getUserPasswordHash(user);
-        return this.verifyPassword(params.password, hash);
-    }
-    async storeToken(data) {
-        await this.storageAdapter.storeToken(data);
-    }
-    async getToken(query) {
-        return this.storageAdapter.getToken(query);
+        return this.storageAdapter.verifyPassword(params.password, hash);
     }
     async updateToken(updates) {
         if (typeof this.storageAdapter.updateToken !== 'function') {
@@ -307,15 +280,6 @@ export class ApiServer {
             scope: updates.scope
         });
     }
-    async deleteToken(query) {
-        return this.storageAdapter.deleteToken(query);
-    }
-    async verifyPassword(password, hash) {
-        return this.storageAdapter.verifyPassword(password, hash);
-    }
-    filterUser(fullUser) {
-        return this.storageAdapter.filterUser(fullUser);
-    }
     guessExceptionText(error, defMsg = 'Unkown Error') {
         return guess_exception_text(error, defMsg);
     }

package/dist/esm/auth-module.d.ts

@@ -1,17 +1,20 @@
+import { ApiModule } from './api-module.js';
 import type { ApiRequest } from './api-server-base.js';
 import type { AuthTokenMetadata, AuthTokenPair } from './auth-storage.js';
-export interface AuthProviderModule<UserRow, SafeUser> {
+export interface AuthProviderModule<UserRow = unknown> {
     readonly moduleType: 'auth';
     readonly namespace: string;
     issueTokens(apiReq: ApiRequest, user: UserRow, metadata?: AuthTokenMetadata & {
         expires?: Date;
     }): Promise<AuthTokenPair>;
 }
-export declare abstract class BaseAuthModule implements AuthProviderModule<unknown, unknown> {
+export declare abstract class BaseAuthModule<UserRow = unknown> extends ApiModule<any> implements AuthProviderModule<UserRow> {
     readonly moduleType: "auth";
-    abstract readonly namespace: string;
-    issueTokens(apiReq: ApiRequest, user: unknown, metadata?: AuthTokenMetadata & {
+    protected constructor(opts: {
+        namespace: string;
+    });
+    abstract issueTokens(apiReq: ApiRequest, user: UserRow, metadata?: AuthTokenMetadata & {
         expires?: Date;
     }): Promise<AuthTokenPair>;
 }
-export declare const nullAuthModule: AuthProviderModule<unknown, unknown>;
+export declare const nullAuthModule: AuthProviderModule<unknown>;

package/dist/esm/auth-module.js

@@ -1,22 +1,21 @@
+import { ApiModule } from './api-module.js';
 // Handy base that you can extend when wiring a real auth module. Subclasses
-// must provide their namespace. Methods throw by default so unimplemented
-// hooks fail loudly.
-export class BaseAuthModule {
-    constructor() {
+// must supply a namespace via the constructor and implement token issuance.
+export class BaseAuthModule extends ApiModule {
+    constructor(opts) {
+        super(opts);
         this.moduleType = 'auth';
     }
-    // Override to mint tokens for the provided user and request context
+}
+class NullAuthModule extends BaseAuthModule {
+    constructor() {
+        super({ namespace: '__null__' });
+    }
     async issueTokens(apiReq, user, metadata) {
         void apiReq;
         void user;
         void metadata;
-        throw new Error('Auth module not configured');
-    }
-}
-class NullAuthModule extends BaseAuthModule {
-    constructor() {
-        super(...arguments);
-        this.namespace = '__null__';
+        throw new Error('Auth module not configured. Inject a real auth module before issuing tokens.');
     }
 }
 export const nullAuthModule = new NullAuthModule();

package/dist/esm/index.d.ts

@@ -1,5 +1,6 @@
 export { default as ApiServer } from './api-server-base.js';
-export { ApiModule, ApiError } from './api-server-base.js';
+export { ApiError } from './api-server-base.js';
+export { ApiModule } from './api-module.js';
 export type { ApiErrorParams, ApiHandler, ApiKey, ApiServerConf, ApiRequest, ApiRoute, ApiAuthType, ApiAuthClass, ApiTokenData, RequestWithStuff } from './api-server-base.js';
 export type { AuthIdentifier, AuthTokenMetadata, AuthTokenData, AuthTokenQuery, AuthTokenPair, AuthTokenPayload, PasskeyChallengeParams, PasskeyChallenge, PasskeyVerificationParams, PasskeyVerificationResult, OAuthClient, AuthCodeData, AuthCodeRequest, AuthStorage } from './auth-storage.js';
 export type { AuthProviderModule } from './auth-module.js';

package/dist/esm/index.js

@@ -1,4 +1,5 @@
 export { default as ApiServer } from './api-server-base.js';
-export { ApiModule, ApiError } from './api-server-base.js';
+export { ApiError } from './api-server-base.js';
+export { ApiModule } from './api-module.js';
 export { nullAuthStorage, BaseAuthStorage } from './auth-storage.js';
 export { nullAuthModule, BaseAuthModule } from './auth-module.js';

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@technomoron/api-server-base",
-	"version": "1.1.0",
+	"version": "1.1.1",
 	"description": "Api Server Skeleton / Base Class",
 	"type": "module",
 	"main": "./dist/cjs/index.cjs",