@tern-secure/nextjs 4.2.2 → 4.2.3

package/dist/esm/server/session-store.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/session-store.ts"],"sourcesContent":["import { cache } from \"react\"\nimport type { UserInfo } from \"./types\"\n\n/**\n * Simple in-memory session store\n * In a real app, this would be backed by Redis/etc\n */\nclass SessionStore {\n  private static instance: SessionStore\n  private sessions: Map<string, UserInfo>\n  private currentSessionId: string | null = null\n\n  private constructor() {\n    this.sessions = new Map()\n  }\n\n  static getInstance(): SessionStore {\n    if (!SessionStore.instance) {\n      SessionStore.instance = new SessionStore()\n    }\n    return SessionStore.instance\n  }\n\n  setUser(sessionId: string, user: UserInfo) {\n    console.log(\"SessionStore: Setting user:\", { sessionId, user })\n    this.sessions.set(sessionId, user)\n    this.currentSessionId = sessionId\n  }\n\n  getUser(sessionId: string): UserInfo | null {\n    return this.sessions.get(sessionId) || null\n  }\n\n  getCurrentUser(): UserInfo | null {\n    if (!this.currentSessionId) return null\n    return this.sessions.get(this.currentSessionId) || null\n  }\n\n  removeUser(sessionId: string) {\n    this.sessions.delete(sessionId)\n  }\n\n  clear() {\n    this.sessions.clear()\n  }\n\n  debug() {\n    return {\n      sessionsCount: this.sessions.size,\n      currentSessionId: this.currentSessionId,\n      sessions: Array.from(this.sessions.entries())\n    }\n}\n}\n\n// Export singleton instance\nexport const sessionStore = SessionStore.getInstance()\n\n/**\n * Cached function to get user from session store\n * Uses React cache for SSR optimization\n */\nexport const getVerifiedUser = cache((sessionId: string): UserInfo | null => {\n  return sessionStore.getUser(sessionId)\n})\n\n"],"mappings":"AAAA,SAAS,aAAa;AAOtB,MAAM,aAAa;AAAA,EAKT,cAAc;AAFtB,SAAQ,mBAAkC;AAGxC,SAAK,WAAW,oBAAI,IAAI;AAAA,EAC1B;AAAA,EAEA,OAAO,cAA4B;AACjC,QAAI,CAAC,aAAa,UAAU;AAC1B,mBAAa,WAAW,IAAI,aAAa;AAAA,IAC3C;AACA,WAAO,aAAa;AAAA,EACtB;AAAA,EAEA,QAAQ,WAAmB,MAAgB;AACzC,YAAQ,IAAI,+BAA+B,EAAE,WAAW,KAAK,CAAC;AAC9D,SAAK,SAAS,IAAI,WAAW,IAAI;AACjC,SAAK,mBAAmB;AAAA,EAC1B;AAAA,EAEA,QAAQ,WAAoC;AAC1C,WAAO,KAAK,SAAS,IAAI,SAAS,KAAK;AAAA,EACzC;AAAA,EAEA,iBAAkC;AAChC,QAAI,CAAC,KAAK,iBAAkB,QAAO;AACnC,WAAO,KAAK,SAAS,IAAI,KAAK,gBAAgB,KAAK;AAAA,EACrD;AAAA,EAEA,WAAW,WAAmB;AAC5B,SAAK,SAAS,OAAO,SAAS;AAAA,EAChC;AAAA,EAEA,QAAQ;AACN,SAAK,SAAS,MAAM;AAAA,EACtB;AAAA,EAEA,QAAQ;AACN,WAAO;AAAA,MACL,eAAe,KAAK,SAAS;AAAA,MAC7B,kBAAkB,KAAK;AAAA,MACvB,UAAU,MAAM,KAAK,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC9C;AAAA,EACJ;AACA;AAGO,MAAM,eAAe,aAAa,YAAY;AAM9C,MAAM,kBAAkB,MAAM,CAAC,cAAuC;AAC3E,SAAO,aAAa,QAAQ,SAAS;AACvC,CAAC;","names":[]}

package/dist/esm/server/ternSecureMiddleware.js

@@ -1,6 +1,5 @@
 import { NextResponse } from "next/server";
-import { verifySession } from "./edge-session";
-const runtime = "edge";
+import { TernSecureError } from "../errors";
 function createRouteMatcher(patterns) {
   return (request) => {
     const { pathname } = request.nextUrl;
@@ -12,60 +11,36 @@ function createRouteMatcher(patterns) {
     });
   };
 }
-async function edgeAuth(request) {
-  var _a, _b;
-  async function protect() {
-    throw new Error("Unauthorized access");
-  }
-  try {
-    const sessionResult = await verifySession(request);
-    if (sessionResult.isAuthenticated && sessionResult.user) {
-      return {
-        user: sessionResult.user,
-        token: ((_a = request.cookies.get("_session_cookie")) == null ? void 0 : _a.value) || ((_b = request.cookies.get("_session_token")) == null ? void 0 : _b.value) || null,
-        protect: async () => {
-        }
-      };
-    }
-    return {
-      user: null,
-      token: null,
-      protect
-    };
-  } catch (error) {
-    console.error("Auth check error:", error);
-    return {
-      user: null,
-      token: null,
-      protect
-    };
-  }
-}
 function ternSecureMiddleware(callback) {
   return async function middleware(request) {
     try {
-      const auth = await edgeAuth(request);
-      try {
-        await callback(auth, request);
-        const response = NextResponse.next();
-        if (auth.user) {
-          response.headers.set("x-user-id", auth.user.uid);
-          if (auth.user.email) {
-            response.headers.set("x-user-email", auth.user.email);
-          }
-          if (auth.user.emailVerified !== void 0) {
-            response.headers.set("x-email-verified", auth.user.emailVerified.toString());
-          }
-          if (auth.user.authTime) {
-            response.headers.set("x-auth-time", auth.user.authTime.toString());
+      const hasCookies = request.cookies.has("_session_cookie") || request.cookies.has("_session_token");
+      const auth = {
+        user: null,
+        sessionId: null,
+        protect: async () => {
+          if (!hasCookies) {
+            const currentPath = request.nextUrl.pathname;
+            if (currentPath !== "/sign-in") {
+              const redirectUrl = new URL("/sign-in", request.url);
+              redirectUrl.searchParams.set("redirect", currentPath);
+              throw new TernSecureError("UNAUTHENTICATED", redirectUrl.toString());
+            } else {
+              throw new Error("UNAUTHENTICATED");
+            }
           }
         }
-        return response;
+      };
+      if (!callback) {
+        return NextResponse.next();
+      }
+      try {
+        await callback(auth, request);
+        return NextResponse.next();
       } catch (error) {
         if (error instanceof Error && error.message === "Unauthorized access") {
-          const redirectUrl = new URL("/sign-in", request.url);
-          redirectUrl.searchParams.set("redirect", request.nextUrl.pathname);
-          return NextResponse.redirect(redirectUrl);
+          console.log("middleware: Unauthorized access, redirecting to sign-in");
+          return NextResponse.redirect(error.message);
         }
         throw error;
       }
@@ -78,14 +53,12 @@ function ternSecureMiddleware(callback) {
         } : error,
         path: request.nextUrl.pathname
       });
-      const redirectUrl = new URL("/sign-in", request.url);
-      return NextResponse.redirect(redirectUrl);
+      return NextResponse.redirect(new URL("/sign-in", request.url));
     }
   };
 }
 export {
   createRouteMatcher,
-  runtime,
   ternSecureMiddleware
 };
 //# sourceMappingURL=ternSecureMiddleware.js.map

package/dist/esm/server/ternSecureMiddleware.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/server/ternSecureMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport { verifySession } from './edge-session'\nimport type { UserInfo } from './types'\n\n\nexport const runtime = \"edge\"\n\n\ninterface Auth {\n  user: UserInfo | null\n  token: string | null\n  protect: () => Promise<void>\n}\n\ntype MiddlewareCallback = (\n  auth: Auth,\n  request: NextRequest\n) => Promise<void>\n\n\n/**\n * Create a route matcher function for public paths\n */\nexport function createRouteMatcher(patterns: string[]) {\n  return (request: NextRequest): boolean => {\n    const { pathname } = request.nextUrl\n    return patterns.some(pattern => {\n      // Convert route pattern to regex\n      const regexPattern = new RegExp(\n        `^${pattern.replace(/\\*/g, '.*').replace(/\\((.*)\\)/, '(?:$1)?')}$`\n      )\n      return regexPattern.test(pathname)\n    })\n  }\n}\n\n\n/**\n * Edge-compatible auth check\n */\nasync function edgeAuth(request: NextRequest): Promise<Auth> {\n  async function protect() {\n    throw new Error(\"Unauthorized access\")\n  }\n\n  try {\n    const sessionResult = await verifySession(request)\n\n    if (sessionResult.isAuthenticated && sessionResult.user) {\n      return {\n        user: sessionResult.user,\n        token: request.cookies.get(\"_session_cookie\")?.value || request.cookies.get(\"_session_token\")?.value || null,\n        protect: async () => {},\n      }\n    }\n\n    return {\n      user: null,\n      token: null,\n      protect,\n    }\n  } catch (error) {\n    console.error(\"Auth check error:\", error)\n    return {\n      user: null,\n      token: null,\n      protect,\n    }\n  }\n}\n\n\n\n/**\n * Middleware factory that handles authentication and custom logic\n * @param customHandler Optional function for additional custom logic\n */\n\nexport function ternSecureMiddleware(callback: MiddlewareCallback) {\n  return async function middleware(request: NextRequest) {\n    try {\n      const auth = await edgeAuth(request)\n\n      try {\n        \n        await callback(auth, request)\n\n        const response = NextResponse.next()\n\n        if (auth.user) {\n          // Set auth headers\n          response.headers.set(\"x-user-id\", auth.user.uid)\n          if (auth.user.email) {\n            response.headers.set(\"x-user-email\", auth.user.email)\n          }\n          if (auth.user.emailVerified !== undefined) {\n            response.headers.set(\"x-email-verified\", auth.user.emailVerified.toString())\n          }\n          if (auth.user.authTime) {\n            response.headers.set(\"x-auth-time\", auth.user.authTime.toString())\n          }\n        }\n\n        return response\n      } catch (error) {\n        // Handle unauthorized access\n        if (error instanceof Error && error.message === 'Unauthorized access') {\n          const redirectUrl = new URL('/sign-in', request.url)\n          redirectUrl.searchParams.set('redirect', request.nextUrl.pathname)\n          return NextResponse.redirect(redirectUrl)\n        }\n        throw error\n      }\n\n    } catch (error) {\n      console.error(\"Middleware error:\", {\n        error:\n          error instanceof Error\n            ? {\n                name: error.name,\n                message: error.message,\n                stack: error.stack,\n              }\n            : error,\n        path: request.nextUrl.pathname,\n      })\n\n      const redirectUrl = new URL(\"/sign-in\", request.url)\n      return NextResponse.redirect(redirectUrl)\n    }\n  }\n}"],"mappings":"AAAA,SAAsB,oBAAoB;AAC1C,SAAS,qBAAqB;AAIvB,MAAM,UAAU;AAkBhB,SAAS,mBAAmB,UAAoB;AACrD,SAAO,CAAC,YAAkC;AACxC,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,WAAO,SAAS,KAAK,aAAW;AAE9B,YAAM,eAAe,IAAI;AAAA,QACvB,IAAI,QAAQ,QAAQ,OAAO,IAAI,EAAE,QAAQ,YAAY,SAAS,CAAC;AAAA,MACjE;AACA,aAAO,aAAa,KAAK,QAAQ;AAAA,IACnC,CAAC;AAAA,EACH;AACF;AAMA,eAAe,SAAS,SAAqC;AAxC7D;AAyCE,iBAAe,UAAU;AACvB,UAAM,IAAI,MAAM,qBAAqB;AAAA,EACvC;AAEA,MAAI;AACF,UAAM,gBAAgB,MAAM,cAAc,OAAO;AAEjD,QAAI,cAAc,mBAAmB,cAAc,MAAM;AACvD,aAAO;AAAA,QACL,MAAM,cAAc;AAAA,QACpB,SAAO,aAAQ,QAAQ,IAAI,iBAAiB,MAArC,mBAAwC,YAAS,aAAQ,QAAQ,IAAI,gBAAgB,MAApC,mBAAuC,UAAS;AAAA,QACxG,SAAS,YAAY;AAAA,QAAC;AAAA,MACxB;AAAA,IACF;AAEA,WAAO;AAAA,MACL,MAAM;AAAA,MACN,OAAO;AAAA,MACP;AAAA,IACF;AAAA,EACF,SAAS,OAAO;AACd,YAAQ,MAAM,qBAAqB,KAAK;AACxC,WAAO;AAAA,MACL,MAAM;AAAA,MACN,OAAO;AAAA,MACP;AAAA,IACF;AAAA,EACF;AACF;AASO,SAAS,qBAAqB,UAA8B;AACjE,SAAO,eAAe,WAAW,SAAsB;AACrD,QAAI;AACF,YAAM,OAAO,MAAM,SAAS,OAAO;AAEnC,UAAI;AAEF,cAAM,SAAS,MAAM,OAAO;AAE5B,cAAM,WAAW,aAAa,KAAK;AAEnC,YAAI,KAAK,MAAM;AAEb,mBAAS,QAAQ,IAAI,aAAa,KAAK,KAAK,GAAG;AAC/C,cAAI,KAAK,KAAK,OAAO;AACnB,qBAAS,QAAQ,IAAI,gBAAgB,KAAK,KAAK,KAAK;AAAA,UACtD;AACA,cAAI,KAAK,KAAK,kBAAkB,QAAW;AACzC,qBAAS,QAAQ,IAAI,oBAAoB,KAAK,KAAK,cAAc,SAAS,CAAC;AAAA,UAC7E;AACA,cAAI,KAAK,KAAK,UAAU;AACtB,qBAAS,QAAQ,IAAI,eAAe,KAAK,KAAK,SAAS,SAAS,CAAC;AAAA,UACnE;AAAA,QACF;AAEA,eAAO;AAAA,MACT,SAAS,OAAO;AAEd,YAAI,iBAAiB,SAAS,MAAM,YAAY,uBAAuB;AACrE,gBAAM,cAAc,IAAI,IAAI,YAAY,QAAQ,GAAG;AACnD,sBAAY,aAAa,IAAI,YAAY,QAAQ,QAAQ,QAAQ;AACjE,iBAAO,aAAa,SAAS,WAAW;AAAA,QAC1C;AACA,cAAM;AAAA,MACR;AAAA,IAEF,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB;AAAA,QACjC,OACE,iBAAiB,QACb;AAAA,UACE,MAAM,MAAM;AAAA,UACZ,SAAS,MAAM;AAAA,UACf,OAAO,MAAM;AAAA,QACf,IACA;AAAA,QACN,MAAM,QAAQ,QAAQ;AAAA,MACxB,CAAC;AAED,YAAM,cAAc,IAAI,IAAI,YAAY,QAAQ,GAAG;AACnD,aAAO,aAAa,SAAS,WAAW;AAAA,IAC1C;AAAA,EACF;AACF;","names":[]}
+{"version":3,"sources":["../../../src/server/ternSecureMiddleware.ts"],"sourcesContent":["import { type NextRequest, NextResponse } from 'next/server';\nimport type { UserInfo } from './types'\nimport { TernSecureError } from '../errors';\n\n\n\ninterface Auth {\n  user: UserInfo | null\n  sessionId : string | null\n  protect: () => Promise<void>\n}\n\ntype MiddlewareCallback = (\n  auth: Auth,\n  request: NextRequest\n) => Promise<void>\n\n\n/**\n * Create a route matcher function for public paths\n */\nexport function createRouteMatcher(patterns: string[]) {\n  return (request: NextRequest): boolean => {\n    const { pathname } = request.nextUrl\n    return patterns.some(pattern => {\n      // Convert route pattern to regex\n      const regexPattern = new RegExp(\n        `^${pattern.replace(/\\*/g, '.*').replace(/\\((.*)\\)/, '(?:$1)?')}$`\n      )\n      return regexPattern.test(pathname)\n    })\n  }\n}\n\n\n/**\n * Middleware factory that handles authentication and custom logic\n * @param customHandler Optional function for additional custom logic\n */\n\nexport function ternSecureMiddleware(callback: MiddlewareCallback) {\n  return async function middleware(request: NextRequest) {\n    try {\n\n      const hasCookies = request.cookies.has('_session_cookie') || request.cookies.has('_session_token')\n\n      const auth: Auth = {\n        user: null,\n        sessionId: null,\n        protect: async () => {\n          if (!hasCookies) {\n            const currentPath = request.nextUrl.pathname\n            if (currentPath !== '/sign-in') {\n              const redirectUrl = new URL('/sign-in', request.url)\n              redirectUrl.searchParams.set('redirect', currentPath)\n              throw new TernSecureError('UNAUTHENTICATED', redirectUrl.toString())\n            } else {\n              throw new Error('UNAUTHENTICATED')\n            }\n          }\n        }\n      }\n\n      if (!callback) {\n        return NextResponse.next()\n      }\n\n\n\n      try {\n        await callback(auth, request)\n        return NextResponse.next()\n      } catch (error) {\n        if (error instanceof Error && error.message === 'Unauthorized access') {\n          console.log('middleware: Unauthorized access, redirecting to sign-in')\n          return NextResponse.redirect(error.message)\n        }\n        throw error\n      }\n\n    } catch (error) {\n      console.error(\"Middleware error:\", {\n        error:\n          error instanceof Error\n            ? {\n                name: error.name,\n                message: error.message,\n                stack: error.stack,\n              }\n            : error,\n        path: request.nextUrl.pathname,\n      })\n\n      return NextResponse.redirect(new URL('/sign-in', request.url))\n    }\n  }\n}"],"mappings":"AAAA,SAA2B,oBAAoB;AAE/C,SAAS,uBAAuB;AAmBzB,SAAS,mBAAmB,UAAoB;AACrD,SAAO,CAAC,YAAkC;AACxC,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,WAAO,SAAS,KAAK,aAAW;AAE9B,YAAM,eAAe,IAAI;AAAA,QACvB,IAAI,QAAQ,QAAQ,OAAO,IAAI,EAAE,QAAQ,YAAY,SAAS,CAAC;AAAA,MACjE;AACA,aAAO,aAAa,KAAK,QAAQ;AAAA,IACnC,CAAC;AAAA,EACH;AACF;AAQO,SAAS,qBAAqB,UAA8B;AACjE,SAAO,eAAe,WAAW,SAAsB;AACrD,QAAI;AAEF,YAAM,aAAa,QAAQ,QAAQ,IAAI,iBAAiB,KAAK,QAAQ,QAAQ,IAAI,gBAAgB;AAEjG,YAAM,OAAa;AAAA,QACjB,MAAM;AAAA,QACN,WAAW;AAAA,QACX,SAAS,YAAY;AACnB,cAAI,CAAC,YAAY;AACf,kBAAM,cAAc,QAAQ,QAAQ;AACpC,gBAAI,gBAAgB,YAAY;AAC9B,oBAAM,cAAc,IAAI,IAAI,YAAY,QAAQ,GAAG;AACnD,0BAAY,aAAa,IAAI,YAAY,WAAW;AACpD,oBAAM,IAAI,gBAAgB,mBAAmB,YAAY,SAAS,CAAC;AAAA,YACrE,OAAO;AACL,oBAAM,IAAI,MAAM,iBAAiB;AAAA,YACnC;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAEA,UAAI,CAAC,UAAU;AACb,eAAO,aAAa,KAAK;AAAA,MAC3B;AAIA,UAAI;AACF,cAAM,SAAS,MAAM,OAAO;AAC5B,eAAO,aAAa,KAAK;AAAA,MAC3B,SAAS,OAAO;AACd,YAAI,iBAAiB,SAAS,MAAM,YAAY,uBAAuB;AACrE,kBAAQ,IAAI,yDAAyD;AACrE,iBAAO,aAAa,SAAS,MAAM,OAAO;AAAA,QAC5C;AACA,cAAM;AAAA,MACR;AAAA,IAEF,SAAS,OAAO;AACd,cAAQ,MAAM,qBAAqB;AAAA,QACjC,OACE,iBAAiB,QACb;AAAA,UACE,MAAM,MAAM;AAAA,UACZ,SAAS,MAAM;AAAA,UACf,OAAO,MAAM;AAAA,QACf,IACA;AAAA,QACN,MAAM,QAAQ,QAAQ;AAAA,MACxB,CAAC;AAED,aAAO,aAAa,SAAS,IAAI,IAAI,YAAY,QAAQ,GAAG,CAAC;AAAA,IAC/D;AAAA,EACF;AACF;","names":[]}

package/dist/esm/server/utils.js

@@ -0,0 +1,84 @@
+const getGlobalObject = () => {
+  if (typeof process !== "undefined") {
+    return process;
+  }
+  return globalThis;
+};
+const STORE_KEY = "__TERN_AUTH_STORE__";
+class Store {
+  static getStore() {
+    const global = getGlobalObject();
+    if (!global[STORE_KEY]) {
+      global[STORE_KEY] = {
+        contexts: /* @__PURE__ */ new Map(),
+        sessions: /* @__PURE__ */ new Map(),
+        currentSession: null
+      };
+    }
+    return global[STORE_KEY];
+  }
+  static setContext(context) {
+    const store = this.getStore();
+    const { user, sessionId } = context;
+    console.log("Store: Setting context:", { sessionId, user });
+    store.contexts.set(sessionId, context);
+    store.sessions.set(sessionId, user);
+    store.currentSession = context;
+    console.log("Store: Updated state:", {
+      contextsSize: store.contexts.size,
+      sessionsSize: store.sessions.size,
+      currentSession: store.currentSession
+    });
+  }
+  static getContext() {
+    const store = this.getStore();
+    if (store.currentSession) {
+      const session = this.getSession(store.currentSession.sessionId);
+      if (session && session.uid === store.currentSession.user.uid) {
+        return store.currentSession;
+      }
+    }
+    for (const [sessionId, user] of store.sessions.entries()) {
+      const context = store.contexts.get(sessionId);
+      if (context && context.user.uid === user.uid) {
+        store.currentSession = context;
+        return context;
+      }
+    }
+    return null;
+  }
+  static setSession(sessionId, user) {
+    const store = this.getStore();
+    store.sessions.set(sessionId, user);
+  }
+  static getSession(sessionId) {
+    const store = this.getStore();
+    return store.sessions.get(sessionId) || null;
+  }
+  static debug() {
+    const store = this.getStore();
+    return {
+      contextsSize: store.contexts.size,
+      sessionsSize: store.sessions.size,
+      currentSession: store.currentSession,
+      contexts: Array.from(store.contexts.entries()),
+      sessions: Array.from(store.sessions.entries())
+    };
+  }
+  static cleanup() {
+    const store = this.getStore();
+    const MAX_ENTRIES = 1e3;
+    if (store.contexts.size > MAX_ENTRIES) {
+      const keys = Array.from(store.contexts.keys());
+      const toDelete = keys.slice(0, keys.length - MAX_ENTRIES);
+      toDelete.forEach((key) => {
+        store.contexts.delete(key);
+        store.sessions.delete(key);
+      });
+    }
+  }
+}
+export {
+  Store
+};
+//# sourceMappingURL=utils.js.map

package/dist/esm/server/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/utils.ts"],"sourcesContent":["import type { UserInfo } from \"./types\"\n\ninterface RequestContext {\n  user: UserInfo\n  sessionId: string\n}\n\n// Use process.env in Node.js and globalThis in Edge\nconst getGlobalObject = () => {\n  if (typeof process !== 'undefined') {\n    return process\n  }\n  return globalThis\n}\n\nconst STORE_KEY = '__TERN_AUTH_STORE__'\n\nexport class Store {\n  private static getStore() {\n    const global = getGlobalObject() as any\n    \n    if (!global[STORE_KEY]) {\n      global[STORE_KEY] = {\n        contexts: new Map<string, RequestContext>(),\n        sessions: new Map<string, UserInfo>(),\n        currentSession: null as RequestContext | null\n      }\n    }\n    \n    return global[STORE_KEY]\n  }\n\n  static setContext(context: RequestContext) {\n    const store = this.getStore()\n    const { user, sessionId } = context\n    \n    console.log(\"Store: Setting context:\", { sessionId, user })\n    \n    // Store in both maps\n    store.contexts.set(sessionId, context)\n    store.sessions.set(sessionId, user)\n    \n    // Set as current session\n    store.currentSession = context\n    \n    console.log(\"Store: Updated state:\", {\n      contextsSize: store.contexts.size,\n      sessionsSize: store.sessions.size,\n      currentSession: store.currentSession\n    })\n  }\n\n  static getContext(): RequestContext | null {\n    const store = this.getStore()\n    \n    // First try current session\n    if (store.currentSession) {\n      const session = this.getSession(store.currentSession.sessionId)\n      if (session && session.uid === store.currentSession.user.uid) {\n        return store.currentSession\n      }\n    }\n    \n    // Then try to find any valid context\n    for (const [sessionId, user] of store.sessions.entries()) {\n      const context = store.contexts.get(sessionId)\n      if (context && context.user.uid === user.uid) {\n        // Update current session\n        store.currentSession = context\n        return context\n      }\n    }\n    \n    return null\n  }\n\n  static setSession(sessionId: string, user: UserInfo) {\n    const store = this.getStore()\n    store.sessions.set(sessionId, user)\n  }\n\n  static getSession(sessionId: string): UserInfo | null {\n    const store = this.getStore()\n    return store.sessions.get(sessionId) || null\n  }\n\n  static debug() {\n    const store = this.getStore()\n    return {\n      contextsSize: store.contexts.size,\n      sessionsSize: store.sessions.size,\n      currentSession: store.currentSession,\n      contexts: Array.from(store.contexts.entries()),\n      sessions: Array.from(store.sessions.entries())\n    }\n  }\n\n  static cleanup() {\n    const store = this.getStore()\n    const MAX_ENTRIES = 1000\n    \n    if (store.contexts.size > MAX_ENTRIES) {\n      const keys = Array.from(store.contexts.keys())\n      const toDelete = keys.slice(0, keys.length - MAX_ENTRIES)\n      \n      toDelete.forEach(key => {\n        store.contexts.delete(key)\n        store.sessions.delete(key)\n      })\n    }\n  }\n}"],"mappings":"AAQA,MAAM,kBAAkB,MAAM;AAC5B,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEA,MAAM,YAAY;AAEX,MAAM,MAAM;AAAA,EACjB,OAAe,WAAW;AACxB,UAAM,SAAS,gBAAgB;AAE/B,QAAI,CAAC,OAAO,SAAS,GAAG;AACtB,aAAO,SAAS,IAAI;AAAA,QAClB,UAAU,oBAAI,IAA4B;AAAA,QAC1C,UAAU,oBAAI,IAAsB;AAAA,QACpC,gBAAgB;AAAA,MAClB;AAAA,IACF;AAEA,WAAO,OAAO,SAAS;AAAA,EACzB;AAAA,EAEA,OAAO,WAAW,SAAyB;AACzC,UAAM,QAAQ,KAAK,SAAS;AAC5B,UAAM,EAAE,MAAM,UAAU,IAAI;AAE5B,YAAQ,IAAI,2BAA2B,EAAE,WAAW,KAAK,CAAC;AAG1D,UAAM,SAAS,IAAI,WAAW,OAAO;AACrC,UAAM,SAAS,IAAI,WAAW,IAAI;AAGlC,UAAM,iBAAiB;AAEvB,YAAQ,IAAI,yBAAyB;AAAA,MACnC,cAAc,MAAM,SAAS;AAAA,MAC7B,cAAc,MAAM,SAAS;AAAA,MAC7B,gBAAgB,MAAM;AAAA,IACxB,CAAC;AAAA,EACH;AAAA,EAEA,OAAO,aAAoC;AACzC,UAAM,QAAQ,KAAK,SAAS;AAG5B,QAAI,MAAM,gBAAgB;AACxB,YAAM,UAAU,KAAK,WAAW,MAAM,eAAe,SAAS;AAC9D,UAAI,WAAW,QAAQ,QAAQ,MAAM,eAAe,KAAK,KAAK;AAC5D,eAAO,MAAM;AAAA,MACf;AAAA,IACF;AAGA,eAAW,CAAC,WAAW,IAAI,KAAK,MAAM,SAAS,QAAQ,GAAG;AACxD,YAAM,UAAU,MAAM,SAAS,IAAI,SAAS;AAC5C,UAAI,WAAW,QAAQ,KAAK,QAAQ,KAAK,KAAK;AAE5C,cAAM,iBAAiB;AACvB,eAAO;AAAA,MACT;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,OAAO,WAAW,WAAmB,MAAgB;AACnD,UAAM,QAAQ,KAAK,SAAS;AAC5B,UAAM,SAAS,IAAI,WAAW,IAAI;AAAA,EACpC;AAAA,EAEA,OAAO,WAAW,WAAoC;AACpD,UAAM,QAAQ,KAAK,SAAS;AAC5B,WAAO,MAAM,SAAS,IAAI,SAAS,KAAK;AAAA,EAC1C;AAAA,EAEA,OAAO,QAAQ;AACb,UAAM,QAAQ,KAAK,SAAS;AAC5B,WAAO;AAAA,MACL,cAAc,MAAM,SAAS;AAAA,MAC7B,cAAc,MAAM,SAAS;AAAA,MAC7B,gBAAgB,MAAM;AAAA,MACtB,UAAU,MAAM,KAAK,MAAM,SAAS,QAAQ,CAAC;AAAA,MAC7C,UAAU,MAAM,KAAK,MAAM,SAAS,QAAQ,CAAC;AAAA,IAC/C;AAAA,EACF;AAAA,EAEA,OAAO,UAAU;AACf,UAAM,QAAQ,KAAK,SAAS;AAC5B,UAAM,cAAc;AAEpB,QAAI,MAAM,SAAS,OAAO,aAAa;AACrC,YAAM,OAAO,MAAM,KAAK,MAAM,SAAS,KAAK,CAAC;AAC7C,YAAM,WAAW,KAAK,MAAM,GAAG,KAAK,SAAS,WAAW;AAExD,eAAS,QAAQ,SAAO;AACtB,cAAM,SAAS,OAAO,GAAG;AACzB,cAAM,SAAS,OAAO,GAAG;AAAA,MAC3B,CAAC;AAAA,IACH;AAAA,EACF;AACF;","names":[]}

package/dist/types/app-router/admin/sessionTernSecure.d.ts

@@ -1,3 +1,4 @@
+import { type AuthErrorResponse } from '../../errors';
 export interface User {
     uid: string | null;
     email: string | null;
@@ -7,6 +8,11 @@ export interface Session {
     token: string | null;
     error: Error | null;
 }
+interface TernVerificationResult extends User {
+    valid: boolean;
+    authTime?: number;
+    error?: AuthErrorResponse;
+}
 export declare function createSessionCookie(idToken: string): Promise<{
     success: boolean;
     message: string;
@@ -23,18 +29,11 @@ export declare function setServerSession(token: string): Promise<{
     success: boolean;
     message: string;
 }>;
-export declare function verifyTernIdToken(token: string): Promise<{
-    valid: boolean;
-    uid?: string;
-    error?: string;
-}>;
-export declare function verifyTernSessionCookie(session: string): Promise<{
-    valid: boolean;
-    uid?: any;
-    error?: any;
-}>;
+export declare function verifyTernIdToken(token: string): Promise<TernVerificationResult>;
+export declare function verifyTernSessionCookie(session: string): Promise<TernVerificationResult>;
 export declare function clearSessionCookie(): Promise<{
     success: boolean;
     message: string;
 }>;
+export {};
 //# sourceMappingURL=sessionTernSecure.d.ts.map

package/dist/types/app-router/admin/sessionTernSecure.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sessionTernSecure.d.ts","sourceRoot":"","sources":["../../../../src/app-router/admin/sessionTernSecure.ts"],"names":[],"mappings":"AASA,MAAM,WAAW,IAAI;IACjB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAEH,MAAM,WAAW,OAAO;IACpB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACvB;AAED,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,MAAM;;;GAgBxD;AAID,wBAAsB,sBAAsB;;;GAkB3C;AAGD,wBAAsB,UAAU;;;GAkB/B;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM;;;GAcnD;AAEC,wBAAsB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAuBhH;AAGD,wBAAsB,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,GAAG,CAAC,EAAE,GAAG,CAAC;IAAC,KAAK,CAAC,EAAE,GAAG,CAAA;CAAE,CAAC,CAWlH;AAGD,wBAAsB,kBAAkB;;;GAwBvC"}
+{"version":3,"file":"sessionTernSecure.d.ts","sourceRoot":"","sources":["../../../../src/app-router/admin/sessionTernSecure.ts"],"names":[],"mappings":"AAIA,OAAO,EAA2B,KAAK,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAM/E,MAAM,WAAW,IAAI;IACjB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAEH,MAAM,WAAW,OAAO;IACpB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACvB;AAED,UAAU,sBAAuB,SAAQ,IAAI;IAC3C,KAAK,EAAE,OAAO,CAAA;IACd,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,KAAK,CAAC,EAAE,iBAAiB,CAAA;CAC1B;AAED,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,MAAM;;;GAgBxD;AAID,wBAAsB,sBAAsB;;;GAkB3C;AAGD,wBAAsB,UAAU;;;GAkB/B;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM;;;GAcnD;AAEC,wBAAsB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAkBtF;AAGD,wBAAsB,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAkB9F;AAGD,wBAAsB,kBAAkB;;;GAwBvC"}

package/dist/types/components/sign-in.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sign-in.d.ts","sourceRoot":"","sources":["../../../src/components/sign-in.tsx"],"names":[],"mappings":"AA6BA,MAAM,WAAW,WAAW;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAA;IAChC,SAAS,CAAC,EAAE,MAAM,IAAI,CAAA;IACtB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,YAAY,CAAC,EAAE;QACb,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,WAAW,CAAC,EAAE,MAAM,CAAA;QACpB,YAAY,CAAC,EAAE,MAAM,CAAA;KACtB,CAAA;CACF;AAGD,wBAAgB,MAAM,CAAC,EACrB,WAAW,EACX,OAAO,EACP,SAAS,EACT,SAAS,EACT,YAAiB,EAClB,EAAE,WAAW,2CAgWb"}
+{"version":3,"file":"sign-in.d.ts","sourceRoot":"","sources":["../../../src/components/sign-in.tsx"],"names":[],"mappings":"AA8BA,MAAM,WAAW,WAAW;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAA;IAChC,SAAS,CAAC,EAAE,MAAM,IAAI,CAAA;IACtB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,YAAY,CAAC,EAAE;QACb,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,WAAW,CAAC,EAAE,MAAM,CAAA;QACpB,YAAY,CAAC,EAAE,MAAM,CAAA;KACtB,CAAA;CACF;AAOD,wBAAgB,MAAM,CAAC,EACrB,WAAW,EACX,OAAO,EACP,SAAS,EACT,SAAS,EACT,YAAiB,EAClB,EAAE,WAAW,2CAgWb"}

package/dist/types/server/auth.d.ts

@@ -1,19 +1,23 @@
 import type { UserInfo } from "./types";
 export interface AuthResult {
     user: UserInfo | null;
-    token: string | null;
     error: Error | null;
 }
 /**
  * Get the current authenticated user from the session or token
  */
-export declare function auth(): Promise<AuthResult>;
+export declare const auth: () => Promise<AuthResult>;
 /**
  * Type guard to check if user is authenticated
  */
-export declare function isAuthenticated(): Promise<boolean>;
+export declare const isAuthenticated: () => Promise<boolean>;
 /**
  * Get user info from auth result
  */
-export declare function getUserInfo(): Promise<UserInfo | null>;
+export declare const getUser: () => Promise<UserInfo | null>;
+/**
+ * Require authentication
+ * Throws error if not authenticated
+ */
+export declare const requireAuth: () => Promise<UserInfo>;
 //# sourceMappingURL=auth.d.ts.map

package/dist/types/server/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAGvC,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAA;CACpB;AAGC;;GAEG;AACH,wBAAsB,IAAI,IAAI,OAAO,CAAC,UAAU,CAAC,CAuClD;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC,CAGxD;AAED;;GAEG;AACH,wBAAsB,WAAW,IAAI,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAY1D"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAMvC,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAA;CACpB;AAEC;;GAEG;AACL,eAAO,MAAM,IAAI,QAAmB,OAAO,CAAC,UAAU,CAoDlD,CAAA;AAEJ;;GAEG;AACH,eAAO,MAAM,eAAe,QAAmB,OAAO,CAAC,OAAO,CAG5D,CAAA;AAEF;;GAEG;AACH,eAAO,MAAM,OAAO,QAAmB,OAAO,CAAC,QAAQ,GAAG,IAAI,CAG5D,CAAA;AAEF;;;GAGG;AACH,eAAO,MAAM,WAAW,QAAmB,OAAO,CAAC,QAAQ,CAQzD,CAAA"}

package/dist/types/server/crypto.d.ts

@@ -0,0 +1,3 @@
+export declare function encrypt(text: string): string;
+export declare function decrypt(encoded: string): string;
+//# sourceMappingURL=crypto.d.ts.map

package/dist/types/server/crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../src/server/crypto.ts"],"names":[],"mappings":"AAGA,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAI5C;AAED,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAM/C"}

package/dist/types/server/ctx-store.d.ts

@@ -0,0 +1,24 @@
+import type { UserInfo } from "./types";
+interface RequestContext {
+    user: UserInfo;
+    sessionId: string;
+}
+declare global {
+    var __ternSecure: {
+        context: RequestContext | null;
+        sessions: Map<string, UserInfo>;
+    };
+}
+export declare class ContextStore {
+    static setContext(context: RequestContext): void;
+    static getContext(): RequestContext | null;
+    static setSession(sessionId: string, user: UserInfo): void;
+    static getSession(sessionId: string): UserInfo | null;
+    static debug(): {
+        sessionsCount: number;
+        currentSessionId: string | null;
+        sessions: [string, UserInfo][];
+    };
+}
+export {};
+//# sourceMappingURL=ctx-store.d.ts.map

package/dist/types/server/ctx-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ctx-store.d.ts","sourceRoot":"","sources":["../../../src/server/ctx-store.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAEvC,UAAU,cAAc;IACtB,IAAI,EAAE,QAAQ,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAGD,OAAO,CAAC,MAAM,CAAC;IACb,IAAI,YAAY,EAAE;QAChB,OAAO,EAAE,cAAc,GAAG,IAAI,CAAA;QAC9B,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;KAChC,CAAA;CACF;AAWD,qBAAa,YAAY;IACvB,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,cAAc;IAMzC,MAAM,CAAC,UAAU,IAAI,cAAc,GAAG,IAAI;IAM1C,MAAM,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ;IAMnD,MAAM,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,QAAQ,GAAG,IAAI;IAMrD,MAAM,CAAC,KAAK;;;;;CAOb"}

package/dist/types/server/edge-session.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"edge-session.d.ts","sourceRoot":"","sources":["../../../src/server/edge-session.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAG5C,wBAAsB,aAAa,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,aAAa,CAAC,CAqDhF"}
+{"version":3,"file":"edge-session.d.ts","sourceRoot":"","sources":["../../../src/server/edge-session.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAY,MAAM,SAAS,CAAA;AAItD,wBAAsB,aAAa,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,aAAa,CAAC,CAgEhF"}

package/dist/types/server/index.d.ts

@@ -1,5 +1,4 @@
 export { ternSecureMiddleware, createRouteMatcher } from './ternSecureMiddleware';
-export { auth, getUserInfo } from './auth';
-export type { AuthResult } from './auth';
+export { auth, type AuthResult } from './auth';
 export type { UserInfo, SessionResult } from './types';
 //# sourceMappingURL=index.d.ts.map

package/dist/types/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AACjF,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAA;AAC1C,YAAY,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACxC,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AACjF,OAAO,EAAE,IAAI,EAAE,KAAK,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC9C,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA"}

package/dist/types/server/jwt-edge.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt-edge.d.ts","sourceRoot":"","sources":["../../../src/server/jwt-edge.ts"],"names":[],"mappings":"AAuDA,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,eAAe,UAAQ;;;;;;;;;;;;;;;;;;GA+E3E"}
+{"version":3,"file":"jwt-edge.d.ts","sourceRoot":"","sources":["../../../src/server/jwt-edge.ts"],"names":[],"mappings":"AAuDA,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,eAAe,UAAQ;;;;;;;;;;;;;;;;;;GAmE3E"}

package/dist/types/server/jwt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/server/jwt.ts"],"names":[],"mappings":"AAuDA,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,eAAe,UAAQ;;;;;;;;;;;;;;;;;;GAkG/E"}
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/server/jwt.ts"],"names":[],"mappings":"AAuDA,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,eAAe,UAAQ;;;;;;;;;;;;;;;;;;GAoF/E"}

package/dist/types/server/session-store.d.ts

@@ -0,0 +1,30 @@
+import type { UserInfo } from "./types";
+/**
+ * Simple in-memory session store
+ * In a real app, this would be backed by Redis/etc
+ */
+declare class SessionStore {
+    private static instance;
+    private sessions;
+    private currentSessionId;
+    private constructor();
+    static getInstance(): SessionStore;
+    setUser(sessionId: string, user: UserInfo): void;
+    getUser(sessionId: string): UserInfo | null;
+    getCurrentUser(): UserInfo | null;
+    removeUser(sessionId: string): void;
+    clear(): void;
+    debug(): {
+        sessionsCount: number;
+        currentSessionId: string | null;
+        sessions: [string, UserInfo][];
+    };
+}
+export declare const sessionStore: SessionStore;
+/**
+ * Cached function to get user from session store
+ * Uses React cache for SSR optimization
+ */
+export declare const getVerifiedUser: (sessionId: string) => UserInfo | null;
+export {};
+//# sourceMappingURL=session-store.d.ts.map

package/dist/types/server/session-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-store.d.ts","sourceRoot":"","sources":["../../../src/server/session-store.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAEvC;;;GAGG;AACH,cAAM,YAAY;IAChB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAc;IACrC,OAAO,CAAC,QAAQ,CAAuB;IACvC,OAAO,CAAC,gBAAgB,CAAsB;IAE9C,OAAO;IAIP,MAAM,CAAC,WAAW,IAAI,YAAY;IAOlC,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ;IAMzC,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,QAAQ,GAAG,IAAI;IAI3C,cAAc,IAAI,QAAQ,GAAG,IAAI;IAKjC,UAAU,CAAC,SAAS,EAAE,MAAM;IAI5B,KAAK;IAIL,KAAK;;;;;CAON;AAGD,eAAO,MAAM,YAAY,cAA6B,CAAA;AAEtD;;;GAGG;AACH,eAAO,MAAM,eAAe,cAAqB,MAAM,KAAG,QAAQ,GAAG,IAEnE,CAAA"}

package/dist/types/server/ternSecureMiddleware.d.ts

@@ -1,9 +1,8 @@
-import { NextRequest, NextResponse } from 'next/server';
+import { type NextRequest, NextResponse } from 'next/server';
 import type { UserInfo } from './types';
-export declare const runtime = "edge";
 interface Auth {
     user: UserInfo | null;
-    token: string | null;
+    sessionId: string | null;
     protect: () => Promise<void>;
 }
 type MiddlewareCallback = (auth: Auth, request: NextRequest) => Promise<void>;

package/dist/types/server/ternSecureMiddleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ternSecureMiddleware.d.ts","sourceRoot":"","sources":["../../../src/server/ternSecureMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAExD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAGvC,eAAO,MAAM,OAAO,SAAS,CAAA;AAG7B,UAAU,IAAI;IACZ,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC7B;AAED,KAAK,kBAAkB,GAAG,CACxB,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,WAAW,KACjB,OAAO,CAAC,IAAI,CAAC,CAAA;AAGlB;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,aAClC,WAAW,KAAG,OAAO,CAUvC;AAuCD;;;GAGG;AAEH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,kBAAkB,aACrB,WAAW,oCAoDtD"}
+{"version":3,"file":"ternSecureMiddleware.d.ts","sourceRoot":"","sources":["../../../src/server/ternSecureMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAKvC,UAAU,IAAI;IACZ,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,SAAS,EAAG,MAAM,GAAG,IAAI,CAAA;IACzB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC7B;AAED,KAAK,kBAAkB,GAAG,CACxB,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,WAAW,KACjB,OAAO,CAAC,IAAI,CAAC,CAAA;AAGlB;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,aAClC,WAAW,KAAG,OAAO,CAUvC;AAGD;;;GAGG;AAEH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,kBAAkB,aACrB,WAAW,oCAuDtD"}

package/dist/types/server/types.d.ts

@@ -6,8 +6,9 @@ export interface UserInfo {
     disabled?: boolean;
 }
 export interface SessionResult {
-    isAuthenticated: boolean;
     user: UserInfo | null;
+    token: string | null;
+    sessionId: string | null;
     error?: string;
 }
 //# sourceMappingURL=types.d.ts.map

package/dist/types/server/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/server/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACrB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAGD,MAAM,WAAW,aAAa;IAC5B,eAAe,EAAE,OAAO,CAAA;IACxB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/server/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACrB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAGD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf"}

package/dist/types/server/utils.d.ts

@@ -0,0 +1,22 @@
+import type { UserInfo } from "./types";
+interface RequestContext {
+    user: UserInfo;
+    sessionId: string;
+}
+export declare class Store {
+    private static getStore;
+    static setContext(context: RequestContext): void;
+    static getContext(): RequestContext | null;
+    static setSession(sessionId: string, user: UserInfo): void;
+    static getSession(sessionId: string): UserInfo | null;
+    static debug(): {
+        contextsSize: any;
+        sessionsSize: any;
+        currentSession: any;
+        contexts: unknown[];
+        sessions: unknown[];
+    };
+    static cleanup(): void;
+}
+export {};
+//# sourceMappingURL=utils.d.ts.map

package/dist/types/server/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/server/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAEvC,UAAU,cAAc;IACtB,IAAI,EAAE,QAAQ,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAYD,qBAAa,KAAK;IAChB,OAAO,CAAC,MAAM,CAAC,QAAQ;IAcvB,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,cAAc;IAoBzC,MAAM,CAAC,UAAU,IAAI,cAAc,GAAG,IAAI;IAwB1C,MAAM,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ;IAKnD,MAAM,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,QAAQ,GAAG,IAAI;IAKrD,MAAM,CAAC,KAAK;;;;;;;IAWZ,MAAM,CAAC,OAAO;CAcf"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tern-secure/nextjs",
-  "version": "4.2.2",
+  "version": "4.2.3",
   "packageManager": "npm@11.0.0",
   "publishConfig": {
     "access": "public"