@technomoron/api-server-base 2.0.0-beta.12 → 2.0.0-beta.15

package/dist/esm/api-server-base.d.ts

@@ -6,7 +6,7 @@
  */
 import { Application, Request, Response, type ErrorRequestHandler, type RequestHandler } from 'express';
 import { ApiModule } from './api-module.js';
-import { TokenStore, type JwtDecodeResult, type JwtSignResult, type JwtVerifyResult } from './token/base.js';
+import { TokenStore, type JwtDecodeResult, type JwtSignPayload, type JwtSignResult, type JwtVerifyResult } from './token/base.js';
 import type { ApiAuthClass, ApiAuthType, ApiKey } from './api-module.js';
 import type { AuthProviderModule } from './auth-api/module.js';
 import type { AuthAdapter, AuthIdentifier } from './auth-api/types.js';
@@ -32,7 +32,7 @@ export interface ApiTokenData extends JwtPayload, Partial<Token> {
     exp?: number;
 }
 export interface ApiRequest {
-    server: any;
+    server: ApiServer;
     req: ExtendedReq;
     res: Response;
     tokenData?: ApiTokenData | null;
@@ -64,7 +64,7 @@ export interface ClientInfo extends ClientAgentProfile {
     ipchain: string[];
 }
 export interface ApiServerAuthStores {
-    userStore: UserStore<any, any>;
+    userStore: UserStore<unknown, unknown>;
     tokenStore: TokenStore;
     passkeyService?: PasskeyService;
     oauthStore?: OAuthStore;
@@ -77,13 +77,13 @@ export { ApiModule } from './api-module.js';
 export type { ApiHandler, ApiAuthType, ApiAuthClass, ApiRoute, ApiKey } from './api-module.js';
 export interface ApiErrorParams {
     code?: number;
-    message?: any;
-    data?: any;
+    message?: unknown;
+    data?: unknown;
     errors?: Record<string, string>;
 }
 export declare class ApiError extends Error {
     code: number;
-    data: any;
+    data: unknown;
     errors: Record<string, string>;
     constructor({ code, message, data, errors }: ApiErrorParams);
 }
@@ -95,6 +95,8 @@ export interface ApiServerConf {
     origins: string[];
     debug: boolean;
     apiBasePath: string;
+    swaggerEnabled?: boolean;
+    swaggerPath?: string;
     accessSecret: string;
     refreshSecret: string;
     cookieDomain: string;
@@ -121,6 +123,7 @@ export declare class ApiServer {
     private readonly apiBasePath;
     private storageAdapter;
     private moduleAdapter;
+    private serverAuthAdapter;
     private apiNotFoundHandler;
     private tokenStoreAdapter;
     private userStoreAdapter;
@@ -139,8 +142,8 @@ export declare class ApiServer {
      * @deprecated Use {@link ApiServer.authModule} instead.
      */
     useAuthModule<UserRow>(module: AuthProviderModule<UserRow>): this;
-    getAuthStorage(): AuthAdapter<any, any>;
-    getAuthModule(): AuthProviderModule<any>;
+    getAuthStorage<UserRow = unknown, SafeUser = unknown>(): AuthAdapter<UserRow, SafeUser>;
+    getAuthModule<UserRow = unknown>(): AuthProviderModule<UserRow>;
     setTokenStore(store: TokenStore): this;
     getTokenStore(): TokenStore | null;
     private ensureUserStore;
@@ -149,10 +152,11 @@ export declare class ApiServer {
     listUserCredentials(userId: AuthIdentifier): Promise<StoredPasskeyCredential[]>;
     deletePasskeyCredential(credentialId: Buffer | string): Promise<boolean>;
     private ensureOAuthStore;
-    getUser(identifier: AuthIdentifier): Promise<any | null>;
-    getUserPasswordHash(user: any): string;
-    getUserId(user: any): AuthIdentifier;
-    filterUser(user: any): any;
+    private getServerAuthAdapter;
+    getUser(identifier: AuthIdentifier): Promise<unknown | null>;
+    getUserPasswordHash(user: unknown): string;
+    getUserId(user: unknown): AuthIdentifier;
+    filterUser(user: unknown): unknown;
     verifyPassword(password: string, hash: string): Promise<boolean>;
     storeToken(data: Token): Promise<void>;
     getToken(query: Partial<Token> & {
@@ -175,7 +179,7 @@ export declare class ApiServer {
         realUserId: AuthIdentifier;
         effectiveUserId: AuthIdentifier;
     }): Promise<boolean>;
-    jwtSign(payload: any, secret: string, expiresInSeconds: number, options?: SignOptions): JwtSignResult;
+    jwtSign(payload: JwtSignPayload, secret: string, expiresInSeconds: number, options?: SignOptions): JwtSignResult;
     jwtVerify<T>(token: string, secret: string, options?: VerifyOptions): JwtVerifyResult<T>;
     jwtDecode<T>(token: string, options?: import('jsonwebtoken').DecodeOptions): JwtDecodeResult<T>;
     getApiKey<T = ApiKey>(token: string): Promise<T | null>;
@@ -186,10 +190,12 @@ export declare class ApiServer {
     updateToken(updates: Partial<Token> & {
         refreshToken: string;
     }): Promise<boolean>;
-    guessExceptionText(error: any, defMsg?: string): string;
+    guessExceptionText(error: unknown, defMsg?: string): string;
     protected authorize(apiReq: ApiRequest, requiredClass: ApiAuthClass): Promise<void>;
     private middlewares;
     private installPingHandler;
+    private loadSwaggerSpec;
+    private installSwaggerHandler;
     private normalizeApiBasePath;
     private installApiNotFoundHandler;
     private ensureApiNotFoundOrdering;
@@ -216,7 +222,7 @@ export declare class ApiServer {
     }): RequestHandler;
     expressErrorHandler(): ErrorRequestHandler;
     private handle_request;
-    api<T extends ApiModule<any>>(module: T): this;
+    api<T extends ApiModule<unknown>>(module: T): this;
     dumpRequest(apiReq: ApiRequest): void;
     private formatDebugValue;
     dumpResponse(apiReq: ApiRequest, payload: unknown, status: number): void;

package/dist/esm/api-server-base.js

@@ -5,6 +5,9 @@
  * LICENSE file in the root directory of this source tree.
  */
 import { randomUUID } from 'node:crypto';
+import fs from 'node:fs';
+import { createRequire } from 'node:module';
+import path from 'node:path';
 import cookieParser from 'cookie-parser';
 import cors from 'cors';
 import express from 'express';
@@ -39,11 +42,14 @@ function guess_exception_text(error, defMsg = 'Unknown Error') {
         msg.push(error);
     }
     else if (error && typeof error === 'object') {
-        if (typeof error.message === 'string' && error.message.trim() !== '') {
-            msg.push(error.message);
+        const errorDetails = error;
+        if (typeof errorDetails.message === 'string' && errorDetails.message.trim() !== '') {
+            msg.push(errorDetails.message);
         }
-        if (error.parent && typeof error.parent.message === 'string' && error.parent.message.trim() !== '') {
-            msg.push(error.parent.message);
+        if (errorDetails.parent &&
+            typeof errorDetails.parent.message === 'string' &&
+            errorDetails.parent.message.trim() !== '') {
+            msg.push(errorDetails.parent.message);
         }
     }
     return msg.length > 0 ? msg.join(' / ') : defMsg;
@@ -332,6 +338,8 @@ function fillConfig(config) {
         origins: config.origins ?? [],
         debug: config.debug ?? false,
         apiBasePath: config.apiBasePath ?? '/api',
+        swaggerEnabled: config.swaggerEnabled ?? false,
+        swaggerPath: config.swaggerPath ?? '',
         accessSecret: config.accessSecret ?? '',
         refreshSecret: config.refreshSecret ?? '',
         cookieDomain: config.cookieDomain ?? '.somewhere-over-the-rainbow.com',
@@ -354,6 +362,7 @@ function fillConfig(config) {
 export class ApiServer {
     constructor(config = {}) {
         this.currReq = null;
+        this.serverAuthAdapter = null;
         this.apiNotFoundHandler = null;
         this.tokenStoreAdapter = null;
         this.userStoreAdapter = null;
@@ -374,7 +383,7 @@ export class ApiServer {
             this.passkeyServiceAdapter = passkeyService ?? null;
             this.oauthStoreAdapter = oauthStore ?? null;
             this.canImpersonateAdapter = canImpersonate ?? null;
-            this.storageAdapter = this;
+            this.storageAdapter = this.getServerAuthAdapter();
         }
         this.app = express();
         if (config.uploadPath) {
@@ -383,6 +392,7 @@ export class ApiServer {
         }
         this.middlewares();
         this.installPingHandler();
+        this.installSwaggerHandler();
         // addSwaggerUi(this.app);
         this.installApiNotFoundHandler();
     }
@@ -414,9 +424,9 @@ export class ApiServer {
     }
     setTokenStore(store) {
         this.tokenStoreAdapter = store;
-        // If using direct stores, expose self as the auth storage.
+        // If using direct stores, expose the server-backed auth adapter.
         if (this.userStoreAdapter) {
-            this.storageAdapter = this;
+            this.storageAdapter = this.getServerAuthAdapter();
         }
         return this;
     }
@@ -453,6 +463,33 @@ export class ApiServer {
         }
         return this.oauthStoreAdapter;
     }
+    getServerAuthAdapter() {
+        if (this.serverAuthAdapter) {
+            return this.serverAuthAdapter;
+        }
+        const server = this;
+        this.serverAuthAdapter = {
+            getUser: (identifier) => server.getUser(identifier),
+            getUserPasswordHash: (user) => server.getUserPasswordHash(user),
+            getUserId: (user) => server.getUserId(user),
+            filterUser: (user) => server.filterUser(user),
+            verifyPassword: (password, hash) => server.verifyPassword(password, hash),
+            storeToken: (data) => server.storeToken(data),
+            getToken: (query, opts) => server.getToken(query, opts),
+            deleteToken: (query) => server.deleteToken(query),
+            updateToken: (updates) => server.updateToken(updates),
+            createPasskeyChallenge: (params) => server.createPasskeyChallenge(params),
+            verifyPasskeyResponse: (params) => server.verifyPasskeyResponse(params),
+            listUserCredentials: (userId) => server.listUserCredentials(userId),
+            deletePasskeyCredential: (credentialId) => server.deletePasskeyCredential(credentialId),
+            getClient: (clientId) => server.getClient(clientId),
+            verifyClientSecret: (client, clientSecret) => server.verifyClientSecret(client, clientSecret),
+            createAuthCode: (request) => server.createAuthCode(request),
+            consumeAuthCode: (code, clientId) => server.consumeAuthCode(code, clientId),
+            canImpersonate: (params) => server.canImpersonate(params)
+        };
+        return this.serverAuthAdapter;
+    }
     // AuthAdapter-compatible helpers (used by AuthModule)
     async getUser(identifier) {
         return this.userStoreAdapter ? this.userStoreAdapter.findUser(identifier) : null;
@@ -473,8 +510,9 @@ export class ApiServer {
         if (this.tokenStoreAdapter) {
             return this.tokenStoreAdapter.save(data);
         }
-        if (typeof this.storageAdapter.storeToken === 'function') {
-            return this.storageAdapter.storeToken(data);
+        const storage = this.storageAdapter;
+        if (typeof storage.storeToken === 'function') {
+            return storage.storeToken(data);
         }
         throw new Error('Token store is not configured');
     }
@@ -487,8 +525,9 @@ export class ApiServer {
         if (this.tokenStoreAdapter) {
             return this.tokenStoreAdapter.get(normalized, opts);
         }
-        if (typeof this.storageAdapter.getToken === 'function') {
-            return this.storageAdapter.getToken(normalized, opts);
+        const storage = this.storageAdapter;
+        if (typeof storage.getToken === 'function') {
+            return storage.getToken(normalized, opts);
         }
         return null;
     }
@@ -501,8 +540,9 @@ export class ApiServer {
         if (this.tokenStoreAdapter) {
             return this.tokenStoreAdapter.delete(normalized);
         }
-        if (typeof this.storageAdapter.deleteToken === 'function') {
-            return this.storageAdapter.deleteToken(normalized);
+        const storage = this.storageAdapter;
+        if (typeof storage.deleteToken === 'function') {
+            return storage.deleteToken(normalized);
         }
         return 0;
     }
@@ -575,8 +615,9 @@ export class ApiServer {
         if (this.tokenStoreAdapter) {
             return this.tokenStoreAdapter.update(updates);
         }
-        if (typeof this.storageAdapter.updateToken === 'function') {
-            return this.storageAdapter.updateToken(updates);
+        const storage = this.storageAdapter;
+        if (typeof storage.updateToken === 'function') {
+            return storage.updateToken(updates);
         }
         return false;
     }
@@ -622,6 +663,58 @@ export class ApiServer {
             res.status(200).json({ success: true, code: 200, message: 'Success', data: payload, errors: {} });
         });
     }
+    loadSwaggerSpec() {
+        const candidates = [path.resolve(process.cwd(), 'docs/swagger/openapi.json')];
+        if (typeof __dirname === 'string') {
+            candidates.push(path.resolve(__dirname, '../../docs/swagger/openapi.json'));
+        }
+        try {
+            const require = createRequire(path.join(process.cwd(), 'package.json'));
+            const entry = require.resolve('@technomoron/api-server-base');
+            const packageRoot = path.resolve(path.dirname(entry), '..', '..');
+            candidates.push(path.join(packageRoot, 'docs/swagger/openapi.json'));
+        }
+        catch {
+            // Ignore resolution failures; fall back to any existing candidate.
+        }
+        for (const candidate of candidates) {
+            if (!fs.existsSync(candidate)) {
+                continue;
+            }
+            try {
+                const raw = fs.readFileSync(candidate, 'utf8');
+                return JSON.parse(raw);
+            }
+            catch {
+                return null;
+            }
+        }
+        return null;
+    }
+    installSwaggerHandler() {
+        const rawPath = typeof this.config.swaggerPath === 'string' ? this.config.swaggerPath.trim() : '';
+        const enabled = Boolean(this.config.swaggerEnabled) || rawPath.length > 0;
+        if (!enabled) {
+            return;
+        }
+        const base = this.apiBasePath === '/' ? '' : this.apiBasePath;
+        const resolved = rawPath.length > 0 ? rawPath : `${base}/swagger`;
+        const path = resolved.startsWith('/') ? resolved : `/${resolved}`;
+        const spec = this.loadSwaggerSpec();
+        this.app.get(path, (_req, res) => {
+            if (!spec) {
+                res.status(500).json({
+                    success: false,
+                    code: 500,
+                    message: 'Swagger spec is unavailable',
+                    data: null,
+                    errors: {}
+                });
+                return;
+            }
+            res.status(200).json(spec);
+        });
+    }
     normalizeApiBasePath(path) {
         if (!path || typeof path !== 'string') {
             return '/api';
@@ -657,7 +750,7 @@ export class ApiServer {
         if (!this.apiNotFoundHandler) {
             return;
         }
-        const stack = this.app?._router?.stack;
+        const stack = this.app._router?.stack;
         if (!stack) {
             return;
         }
@@ -1150,7 +1243,8 @@ export class ApiServer {
     api(module) {
         const router = express.Router();
         module.server = this;
-        if (module?.moduleType === 'auth') {
+        const moduleType = module.moduleType;
+        if (moduleType === 'auth') {
             this.authModule(module);
         }
         module.checkConfig();
@@ -1160,7 +1254,20 @@ export class ApiServer {
         module.mountpath = mountPath;
         module.defineRoutes().forEach((r) => {
             const handler = this.handle_request(r.handler, r.auth);
-            router[r.method](r.path, handler);
+            switch (r.method) {
+                case 'get':
+                    router.get(r.path, handler);
+                    break;
+                case 'post':
+                    router.post(r.path, handler);
+                    break;
+                case 'put':
+                    router.put(r.path, handler);
+                    break;
+                case 'delete':
+                    router.delete(r.path, handler);
+                    break;
+            }
             if (this.config.debug) {
                 console.log(`Adding ${mountPath}${r.path} (${r.method.toUpperCase()})`);
             }

package/dist/esm/auth-api/auth-module.js

@@ -1050,26 +1050,26 @@ class AuthModule extends BaseAuthModule {
         throw new ApiError({ code: 401, message: 'Authorization requires user authentication' });
     }
     hasPasskeyService() {
-        const storageAny = this.storage;
-        if (storageAny.passkeyService || storageAny.passkeyStore) {
+        const storageHints = this.storage;
+        if (storageHints.passkeyService || storageHints.passkeyStore) {
             return true;
         }
-        if (storageAny.adapter?.passkeyService || storageAny.adapter?.passkeyStore) {
+        if (storageHints.adapter?.passkeyService || storageHints.adapter?.passkeyStore) {
             return true;
         }
-        const serverAny = this.server;
-        return !!serverAny.passkeyServiceAdapter;
+        const serverHints = this.server;
+        return !!serverHints.passkeyServiceAdapter;
     }
     hasOAuthStore() {
-        const storageAny = this.storage;
-        if (storageAny.oauthStore) {
+        const storageHints = this.storage;
+        if (storageHints.oauthStore) {
             return true;
         }
-        if (storageAny.adapter?.oauthStore) {
+        if (storageHints.adapter?.oauthStore) {
             return true;
         }
-        const serverAny = this.server;
-        return !!serverAny.oauthStoreAdapter;
+        const serverHints = this.server;
+        return !!serverHints.oauthStoreAdapter;
     }
     storageImplements(key) {
         const candidate = this.storage[key];

package/dist/esm/auth-api/module.d.ts

@@ -8,7 +8,7 @@ export interface AuthProviderModule<UserRow = unknown> {
         expires?: Date;
     }): Promise<TokenPair>;
 }
-export declare abstract class BaseAuthModule<UserRow = unknown> extends ApiModule<any> implements AuthProviderModule<UserRow> {
+export declare abstract class BaseAuthModule<UserRow = unknown> extends ApiModule implements AuthProviderModule<UserRow> {
     readonly moduleType: "auth";
     protected constructor(opts: {
         namespace: string;

package/dist/esm/index.d.ts

@@ -11,22 +11,17 @@ export { nullAuthAdapter, BaseAuthAdapter } from './auth-api/storage.js';
 export { nullAuthModule, BaseAuthModule } from './auth-api/module.js';
 export { CompositeAuthAdapter } from './auth-api/compat-auth-storage.js';
 export { MemAuthStore } from './auth-api/mem-auth-store.js';
-export { SqlAuthStore } from './auth-api/sql-auth-store.js';
 export { default as AuthModule } from './auth-api/auth-module.js';
 export type { OAuthStartParams, OAuthStartResult, OAuthCallbackParams, OAuthCallbackResult } from './oauth/types.js';
 export type { BcryptHasherOptions, CreateUserInput, UpdateUserInput, PublicUserMapper } from './user/types.js';
 export { UserStore } from './user/base.js';
 export { MemoryUserStore } from './user/memory.js';
-export { SequelizeUserStore } from './user/sequelize.js';
 export type { MemoryUserAttributes, MemoryUserStoreOptions } from './user/memory.js';
 export { TokenStore } from './token/base.js';
 export { MemoryTokenStore } from './token/memory.js';
-export { SequelizeTokenStore } from './token/sequelize.js';
 export { PasskeyService } from './passkey/service.js';
 export { PasskeyStore } from './passkey/base.js';
 export { MemoryPasskeyStore } from './passkey/memory.js';
-export { SequelizePasskeyStore } from './passkey/sequelize.js';
 export type { PasskeyServiceConfig, PasskeyChallengeRecord, PasskeyUserDescriptor, StoredPasskeyCredential, PasskeyChallenge, PasskeyChallengeParams, PasskeyVerificationParams, PasskeyVerificationResult } from './passkey/types.js';
 export { OAuthStore } from './oauth/base.js';
 export { MemoryOAuthStore } from './oauth/memory.js';
-export { SequelizeOAuthStore } from './oauth/sequelize.js';

package/dist/esm/index.js

@@ -5,18 +5,13 @@ export { nullAuthAdapter, BaseAuthAdapter } from './auth-api/storage.js';
 export { nullAuthModule, BaseAuthModule } from './auth-api/module.js';
 export { CompositeAuthAdapter } from './auth-api/compat-auth-storage.js';
 export { MemAuthStore } from './auth-api/mem-auth-store.js';
-export { SqlAuthStore } from './auth-api/sql-auth-store.js';
 export { default as AuthModule } from './auth-api/auth-module.js';
 export { UserStore } from './user/base.js';
 export { MemoryUserStore } from './user/memory.js';
-export { SequelizeUserStore } from './user/sequelize.js';
 export { TokenStore } from './token/base.js';
 export { MemoryTokenStore } from './token/memory.js';
-export { SequelizeTokenStore } from './token/sequelize.js';
 export { PasskeyService } from './passkey/service.js';
 export { PasskeyStore } from './passkey/base.js';
 export { MemoryPasskeyStore } from './passkey/memory.js';
-export { SequelizePasskeyStore } from './passkey/sequelize.js';
 export { OAuthStore } from './oauth/base.js';
 export { MemoryOAuthStore } from './oauth/memory.js';
-export { SequelizeOAuthStore } from './oauth/sequelize.js';

package/dist/esm/passkey/service.js

@@ -60,11 +60,13 @@ function toBufferOrNull(value) {
 }
 async function spkiToCosePublicKey(spki) {
     try {
-        const subtle = globalThis.crypto?.subtle ?? (await import('crypto')).webcrypto?.subtle;
+        const subtle = (globalThis.crypto?.subtle ??
+            (await import('crypto')).webcrypto?.subtle);
         if (!subtle) {
             return null;
         }
-        const key = await subtle.importKey('spki', spki, { name: 'ECDSA', namedCurve: 'P-256' }, true, ['verify']);
+        const spkiView = new Uint8Array(spki);
+        const key = await subtle.importKey('spki', spkiView, { name: 'ECDSA', namedCurve: 'P-256' }, true, ['verify']);
         const raw = Buffer.from(await subtle.exportKey('raw', key));
         if (raw.length !== 65 || raw[0] !== 0x04) {
             return null;
@@ -212,15 +214,16 @@ export class PasskeyService {
             return { verified: false };
         }
         const registrationInfo = result.registrationInfo;
-        const attestationResponse = params.response?.response;
+        const attestationResponse = params.response.response;
         const credentialIdPrimary = toBufferOrNull(registrationInfo.credentialID);
-        const credentialIdFallback = toBufferOrNull(params.response?.id);
+        const credentialIdFallback = toBufferOrNull(params.response.id);
         const credentialId = credentialIdPrimary && credentialIdPrimary.length > 0 ? credentialIdPrimary : credentialIdFallback;
         const publicKeyPrimary = toBufferOrNull(registrationInfo.credentialPublicKey);
         let publicKeyFallback = toBufferOrNull(attestationResponse?.publicKey);
         if ((!publicKeyPrimary || publicKeyPrimary.length === 0) && attestationResponse?.attestationObject) {
             try {
-                const attObj = decodeAttestationObject(isoBase64URL.toBuffer(attestationResponse.attestationObject));
+                const attestationObject = String(attestationResponse.attestationObject);
+                const attObj = decodeAttestationObject(isoBase64URL.toBuffer(attestationObject));
                 const parsedAuth = parseAuthenticatorData(attObj.get('authData'));
                 publicKeyFallback = toBufferOrNull(parsedAuth.credentialPublicKey) ?? publicKeyFallback;
             }
@@ -282,13 +285,10 @@ export class PasskeyService {
         }
         const user = await this.requireUser({ userId: credential.userId, login: record.login });
         const storedAuthData = {
-            id: credential.credentialId,
-            publicKey: toBuffer(credential.publicKey),
-            credentialPublicKey: toBuffer(credential.publicKey),
+            id: toBase64Url(credential.credentialId),
+            publicKey: new Uint8Array(toBuffer(credential.publicKey)),
             counter: credential.counter,
-            transports: credential.transports ?? undefined,
-            credentialBackedUp: credential.backedUp,
-            credentialDeviceType: credential.deviceType
+            transports: credential.transports ?? undefined
             // simplewebauthn accepts either Uint8Array or Buffer; ensure Buffer
             // see https://github.com/MasterKale/SimpleWebAuthn/blob/master/packages/server/src/authentication/verifyAuthenticationResponse.ts
         };

package/dist/esm/token/base.d.ts

@@ -5,6 +5,7 @@ export interface JwtSignResult {
     token?: string;
     error?: string;
 }
+export type JwtSignPayload = string | Buffer | Record<string, unknown>;
 export interface JwtVerifyResult<T> {
     success: boolean;
     data?: T;
@@ -32,7 +33,7 @@ export declare abstract class TokenStore {
     }): Promise<Token[]>;
     abstract close(): Promise<void>;
     normalizeToken(token: Partial<Token>): Token;
-    jwtSign(payload: any, secret: string, expiresInSeconds: number, options?: SignOptions): JwtSignResult;
+    jwtSign(payload: JwtSignPayload, secret: string, expiresInSeconds: number, options?: SignOptions): JwtSignResult;
     jwtVerify<T>(token: string, secret: string, options?: VerifyOptions): JwtVerifyResult<T>;
     jwtDecode<T>(token: string, options?: DecodeOptions): JwtDecodeResult<T>;
 }