@zeltjs/auth-jwt 0.3.0 → 0.5.0

package/README.md

@@ -0,0 +1,38 @@
+# @zeltjs/auth-jwt
+
+[![Documentation](https://img.shields.io/badge/docs-zeltjs.com-blue)](https://zeltjs.com)
+
+JWT authentication middleware for Zelt applications.
+
+**[Read the Documentation](https://zeltjs.com)**
+
+## Installation
+
+```bash
+npm install @zeltjs/auth-jwt @zeltjs/core
+```
+
+## Usage
+
+```typescript
+import { createApp, Controller, Get, inject } from '@zeltjs/core';
+import { JwtConfig, JwtMiddleware, JwtService } from '@zeltjs/auth-jwt';
+
+@Controller('/protected')
+class ProtectedController {
+  constructor(private jwt = inject(JwtService)) {}
+
+  @Get('/')
+  secret() {
+    return { message: 'Secret data' };
+  }
+}
+
+const app = createApp({
+  http: {
+    controllers: [ProtectedController],
+    middlewares: [JwtMiddleware],
+  },
+  configs: [JwtConfig],
+});
+```

package/dist/index.js

@@ -22,11 +22,16 @@ const UnauthorizedException = defineHttpException("UnauthorizedException", 401,
 }) });
 //#endregion
 //#region src/jwt.config.ts
-var JwtConfig = @Config class {
+function _ts_decorate$2(decorators, target, key, desc) {
+	var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+	if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+	else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+	return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+var JwtConfig = class {
 	/**
 	* @throws {ZeltJwtConfigError} When JWT_SECRET is not set
-	*/
-	get secret() {
+	*/ get secret() {
 		const secret = process.env["JWT_SECRET"];
 		if (!secret) throw new ZeltJwtConfigError({ reason: "missing_secret" });
 		return secret;
@@ -47,12 +52,19 @@ var JwtConfig = @Config class {
 		});
 	}
 };
+JwtConfig = _ts_decorate$2([Config], JwtConfig);
 //#endregion
 //#region src/jwt.service.ts
-var JwtService = @Injectable() class {
-	constructor(config = inject(JwtConfig)) {
-		this.config = config;
-	}
+function _ts_decorate$1(decorators, target, key, desc) {
+	var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+	if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+	else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+	return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+function _ts_metadata$1(k, v) {
+	if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+var JwtService = class {
 	async sign(payload) {
 		const secret = new TextEncoder().encode(this.config.secret);
 		const expiresIn = this.parseExpiresIn(this.config.expiresIn);
@@ -79,19 +91,31 @@ var JwtService = @Injectable() class {
 		}[match[2] ?? ""]}`;
 		return expiresIn;
 	}
+	constructor(config = inject(JwtConfig)) {
+		this.config = config;
+	}
 };
+JwtService = _ts_decorate$1([
+	Injectable(),
+	_ts_metadata$1("design:type", Function),
+	_ts_metadata$1("design:paramtypes", [void 0])
+], JwtService);
 //#endregion
 //#region src/jwt.middleware.ts
-var JwtMiddleware = @Middleware class {
-	constructor(jwtService = inject(JwtService), config = inject(JwtConfig)) {
-		this.jwtService = jwtService;
-		this.config = config;
-	}
+function _ts_decorate(decorators, target, key, desc) {
+	var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+	if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+	else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+	return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+function _ts_metadata(k, v) {
+	if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+var JwtMiddleware = class {
 	/**
 	* @throws {UnauthorizedException} When token is missing (401)
 	* @throws {UnauthorizedException} When token is invalid or expired (401)
-	*/
-	async use(c, next) {
+	*/ async use(c, next) {
 		const token = this.extractToken(c);
 		if (!token) throw new UnauthorizedException({ reason: "missing_token" });
 		const verified = await this.jwtService.verify(token).then((payload) => ({
@@ -109,7 +133,16 @@ var JwtMiddleware = @Middleware class {
 		if (!authHeader?.startsWith("Bearer ")) return null;
 		return authHeader.slice(7);
 	}
+	constructor(jwtService = inject(JwtService), config = inject(JwtConfig)) {
+		this.jwtService = jwtService;
+		this.config = config;
+	}
 };
+JwtMiddleware = _ts_decorate([
+	Middleware,
+	_ts_metadata("design:type", Function),
+	_ts_metadata("design:paramtypes", [void 0, void 0])
+], JwtMiddleware);
 //#endregion
 export { JwtConfig, JwtMiddleware, JwtService, UnauthorizedException, ZeltJwtConfigError };
 

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":["messages"],"sources":["../src/errors.ts","../src/exceptions.ts","../src/jwt.config.ts","../src/jwt.service.ts","../src/jwt.middleware.ts"],"sourcesContent":["import { defineError } from '@zeltjs/core/internal-bridge/errors';\n\nexport type JwtConfigErrorReason = 'missing_secret';\n\nconst messages: Record<JwtConfigErrorReason, string> = {\n  missing_secret: 'JWT_SECRET environment variable is required',\n};\n\nexport const ZeltJwtConfigError = defineError(\n  'ZeltJwtConfigError',\n  (ctx: { reason: JwtConfigErrorReason }) => messages[ctx.reason],\n);\n","import { defineHttpException } from '@zeltjs/core';\n\nexport type UnauthorizedReason = 'missing_token' | 'invalid_token' | 'expired';\n\nconst messages: Record<UnauthorizedReason, string> = {\n  missing_token: 'Authorization token is required',\n  invalid_token: 'Invalid authorization token',\n  expired: 'Authorization token has expired',\n};\n\nexport const UnauthorizedException = defineHttpException(\n  'UnauthorizedException',\n  401,\n  (ctx: { reason: UnauthorizedReason }) => messages[ctx.reason],\n  {\n    buildResponse: (ctx, status, message) =>\n      Response.json(\n        { code: 'UNAUTHORIZED', reason: ctx.reason, message },\n        { status, headers: { 'WWW-Authenticate': 'Bearer' } },\n      ),\n  },\n);\n","import type { RequestContextSchema } from '@zeltjs/core';\nimport { Config } from '@zeltjs/core';\n\nimport { ZeltJwtConfigError } from './errors';\nimport type { JwtDriver, JwtPayload } from './jwt.types';\n\nexport interface ResolveUserResult {\n  user: RequestContextSchema['user'];\n  roles: RequestContextSchema['authRoles'];\n}\n\n@Config\nexport class JwtConfig {\n  /**\n   * @throws {ZeltJwtConfigError} When JWT_SECRET is not set\n   */\n  get secret(): string {\n    const secret = process.env['JWT_SECRET'];\n    if (!secret) {\n      throw new ZeltJwtConfigError({ reason: 'missing_secret' });\n    }\n    return secret;\n  }\n\n  get expiresIn(): string {\n    return '1h';\n  }\n\n  get driver(): JwtDriver {\n    return 'header';\n  }\n\n  get cookieName(): string {\n    return 'jwt';\n  }\n\n  get resolveUser(): (payload: JwtPayload) => Promise<ResolveUserResult> {\n    return async (payload) => ({\n      user: payload.sub,\n      roles: [],\n    });\n  }\n}\n","import { Injectable, inject } from '@zeltjs/core';\nimport { decodeJwt, jwtVerify, SignJWT } from 'jose';\n\nimport { JwtConfig } from './jwt.config';\nimport type { JwtPayload } from './jwt.types';\n\n@Injectable()\nexport class JwtService {\n  constructor(private config = inject(JwtConfig)) {}\n\n  async sign(payload: Record<string, unknown>): Promise<string> {\n    const secret = new TextEncoder().encode(this.config.secret);\n    const expiresIn = this.parseExpiresIn(this.config.expiresIn);\n\n    const jwt = await new SignJWT(payload)\n      .setProtectedHeader({ alg: 'HS256' })\n      .setIssuedAt()\n      .setExpirationTime(expiresIn)\n      .sign(secret);\n\n    return jwt;\n  }\n\n  async verify(token: string): Promise<JwtPayload> {\n    const secret = new TextEncoder().encode(this.config.secret);\n    const { payload } = await jwtVerify<JwtPayload>(token, secret);\n    return payload;\n  }\n\n  decode(token: string): JwtPayload | null {\n    try {\n      return decodeJwt<JwtPayload>(token);\n    } catch {\n      return null;\n    }\n  }\n\n  private parseExpiresIn(expiresIn: string): string | number {\n    const match = /^(\\d+)([smhd])$/.exec(expiresIn);\n    if (match) {\n      const value = parseInt(match[1] ?? '0', 10);\n      const unit = match[2] ?? '';\n      const unitMap: Record<string, string> = {\n        s: 'seconds',\n        m: 'minutes',\n        h: 'hours',\n        d: 'days',\n      };\n      return `${value} ${unitMap[unit]}`;\n    }\n    return expiresIn;\n  }\n}\n","import type { Next, RequestContext } from '@zeltjs/core';\nimport { inject, Middleware, setUser } from '@zeltjs/core';\nimport { getCookie } from 'hono/cookie';\n\nimport { UnauthorizedException } from './exceptions';\nimport { JwtConfig } from './jwt.config';\nimport { JwtService } from './jwt.service';\n\n@Middleware\nexport class JwtMiddleware {\n  constructor(\n    private readonly jwtService = inject(JwtService),\n    private readonly config = inject(JwtConfig),\n  ) {}\n\n  /**\n   * @throws {UnauthorizedException} When token is missing (401)\n   * @throws {UnauthorizedException} When token is invalid or expired (401)\n   */\n  async use(c: RequestContext, next: Next): Promise<Response | undefined> {\n    const token = this.extractToken(c);\n\n    if (!token) {\n      throw new UnauthorizedException({ reason: 'missing_token' });\n    }\n\n    const verified = await this.jwtService.verify(token).then(\n      (payload) => ({ ok: true as const, payload }),\n      () => ({ ok: false as const }),\n    );\n\n    if (!verified.ok) {\n      throw new UnauthorizedException({ reason: 'invalid_token' });\n    }\n\n    const { user, roles } = await this.config.resolveUser(verified.payload);\n    setUser(user, roles);\n    await next();\n    return undefined;\n  }\n\n  private extractToken(c: RequestContext): string | null {\n    if (this.config.driver === 'cookie') {\n      return getCookie(c, this.config.cookieName) ?? null;\n    }\n\n    const authHeader = c.req.header('Authorization');\n    if (!authHeader?.startsWith('Bearer ')) {\n      return null;\n    }\n    return authHeader.slice(7);\n  }\n}\n"],"mappings":";;;;;AAIA,MAAMA,aAAiD,EACrD,gBAAgB,+CACjB;AAED,MAAa,qBAAqB,YAChC,uBACC,QAA0CA,WAAS,IAAI,QACzD;;;ACPD,MAAM,WAA+C;CACnD,eAAe;CACf,eAAe;CACf,SAAS;CACV;AAED,MAAa,wBAAwB,oBACnC,yBACA,MACC,QAAwC,SAAS,IAAI,SACtD,EACE,gBAAgB,KAAK,QAAQ,YAC3B,SAAS,KACP;CAAE,MAAM;CAAgB,QAAQ,IAAI;CAAQ;CAAS,EACrD;CAAE;CAAQ,SAAS,EAAE,oBAAoB,UAAU;CAAE,CACtD,EACJ,CACF;;;ACTD,IAAa,YADb,CAAC,OAAD,MACuB;;;;CAIrB,IAAI,SAAiB;EACnB,MAAM,SAAS,QAAQ,IAAI;AAC3B,MAAI,CAAC,OACH,OAAM,IAAI,mBAAmB,EAAE,QAAQ,kBAAkB,CAAC;AAE5D,SAAO;;CAGT,IAAI,YAAoB;AACtB,SAAO;;CAGT,IAAI,SAAoB;AACtB,SAAO;;CAGT,IAAI,aAAqB;AACvB,SAAO;;CAGT,IAAI,cAAmE;AACrE,SAAO,OAAO,aAAa;GACzB,MAAM,QAAQ;GACd,OAAO,EAAE;GACV;;;;;ACjCL,IAAa,aADb,CAAC,YAAY,CAAb,MACwB;CACtB,YAAY,SAAiB,OAAO,UAAU,EAAE;AAA5B,OAAA,SAAA;;CAEpB,MAAM,KAAK,SAAmD;EAC5D,MAAM,SAAS,IAAI,aAAa,CAAC,OAAO,KAAK,OAAO,OAAO;EAC3D,MAAM,YAAY,KAAK,eAAe,KAAK,OAAO,UAAU;AAQ5D,SAAO,MANW,IAAI,QAAQ,QAAQ,CACnC,mBAAmB,EAAE,KAAK,SAAS,CAAC,CACpC,aAAa,CACb,kBAAkB,UAAU,CAC5B,KAAK,OAAO;;CAKjB,MAAM,OAAO,OAAoC;EAE/C,MAAM,EAAE,YAAY,MAAM,UAAsB,OADjC,IAAI,aAAa,CAAC,OAAO,KAAK,OAAO,OACS,CAAC;AAC9D,SAAO;;CAGT,OAAO,OAAkC;AACvC,MAAI;AACF,UAAO,UAAsB,MAAM;UAC7B;AACN,UAAO;;;CAIX,eAAuB,WAAoC;EACzD,MAAM,QAAQ,kBAAkB,KAAK,UAAU;AAC/C,MAAI,MASF,QAAO,GARO,SAAS,MAAM,MAAM,KAAK,GAQzB,CAAC,GAAG;GALjB,GAAG;GACH,GAAG;GACH,GAAG;GACH,GAAG;GAEqB,CAPb,MAAM,MAAM;AAS3B,SAAO;;;;;ACzCX,IAAa,gBADb,CAAC,WAAD,MAC2B;CACzB,YACE,aAA8B,OAAO,WAAW,EAChD,SAA0B,OAAO,UAAU,EAC3C;AAFiB,OAAA,aAAA;AACA,OAAA,SAAA;;;;;;CAOnB,MAAM,IAAI,GAAmB,MAA2C;EACtE,MAAM,QAAQ,KAAK,aAAa,EAAE;AAElC,MAAI,CAAC,MACH,OAAM,IAAI,sBAAsB,EAAE,QAAQ,iBAAiB,CAAC;EAG9D,MAAM,WAAW,MAAM,KAAK,WAAW,OAAO,MAAM,CAAC,MAClD,aAAa;GAAE,IAAI;GAAe;GAAS,UACrC,EAAE,IAAI,OAAgB,EAC9B;AAED,MAAI,CAAC,SAAS,GACZ,OAAM,IAAI,sBAAsB,EAAE,QAAQ,iBAAiB,CAAC;EAG9D,MAAM,EAAE,MAAM,UAAU,MAAM,KAAK,OAAO,YAAY,SAAS,QAAQ;AACvE,UAAQ,MAAM,MAAM;AACpB,QAAM,MAAM;;CAId,aAAqB,GAAkC;AACrD,MAAI,KAAK,OAAO,WAAW,SACzB,QAAO,UAAU,GAAG,KAAK,OAAO,WAAW,IAAI;EAGjD,MAAM,aAAa,EAAE,IAAI,OAAO,gBAAgB;AAChD,MAAI,CAAC,YAAY,WAAW,UAAU,CACpC,QAAO;AAET,SAAO,WAAW,MAAM,EAAE"}
+{"version":3,"file":"index.js","names":["defineError","messages","missing_secret","ZeltJwtConfigError","ctx","reason","defineHttpException","messages","missing_token","invalid_token","expired","UnauthorizedException","ctx","reason","buildResponse","status","message","Response","json","code","headers","Config","ZeltJwtConfigError","JwtConfig","secret","process","env","reason","expiresIn","driver","cookieName","resolveUser","payload","user","sub","roles","Injectable","inject","decodeJwt","jwtVerify","SignJWT","JwtConfig","JwtService","sign","payload","secret","TextEncoder","encode","config","expiresIn","parseExpiresIn","jwt","setProtectedHeader","alg","setIssuedAt","setExpirationTime","verify","token","decode","match","exec","value","parseInt","unit","unitMap","s","m","h","d","inject","Middleware","setUser","getCookie","UnauthorizedException","JwtConfig","JwtService","JwtMiddleware","use","c","next","token","extractToken","reason","verified","jwtService","verify","then","payload","ok","user","roles","config","resolveUser","undefined","driver","cookieName","authHeader","req","header","startsWith","slice"],"sources":["../src/errors.ts","../src/exceptions.ts","../src/jwt.config.ts","../src/jwt.service.ts","../src/jwt.middleware.ts"],"sourcesContent":["import { defineError } from '@zeltjs/core/internal-bridge/errors';\n\nexport type JwtConfigErrorReason = 'missing_secret';\n\nconst messages: Record<JwtConfigErrorReason, string> = {\n  missing_secret: 'JWT_SECRET environment variable is required',\n};\n\nexport const ZeltJwtConfigError = defineError(\n  'ZeltJwtConfigError',\n  (ctx: { reason: JwtConfigErrorReason }) => messages[ctx.reason],\n);\n","import { defineHttpException } from '@zeltjs/core';\n\nexport type UnauthorizedReason = 'missing_token' | 'invalid_token' | 'expired';\n\nconst messages: Record<UnauthorizedReason, string> = {\n  missing_token: 'Authorization token is required',\n  invalid_token: 'Invalid authorization token',\n  expired: 'Authorization token has expired',\n};\n\nexport const UnauthorizedException = defineHttpException(\n  'UnauthorizedException',\n  401,\n  (ctx: { reason: UnauthorizedReason }) => messages[ctx.reason],\n  {\n    buildResponse: (ctx, status, message) =>\n      Response.json(\n        { code: 'UNAUTHORIZED', reason: ctx.reason, message },\n        { status, headers: { 'WWW-Authenticate': 'Bearer' } },\n      ),\n  },\n);\n","import type { RequestContextSchema } from '@zeltjs/core';\nimport { Config } from '@zeltjs/core';\n\nimport { ZeltJwtConfigError } from './errors';\nimport type { JwtDriver, JwtPayload } from './jwt.types';\n\nexport interface ResolveUserResult {\n  user: RequestContextSchema['user'];\n  roles: RequestContextSchema['authRoles'];\n}\n\n@Config\nexport class JwtConfig {\n  /**\n   * @throws {ZeltJwtConfigError} When JWT_SECRET is not set\n   */\n  get secret(): string {\n    const secret = process.env['JWT_SECRET'];\n    if (!secret) {\n      throw new ZeltJwtConfigError({ reason: 'missing_secret' });\n    }\n    return secret;\n  }\n\n  get expiresIn(): string {\n    return '1h';\n  }\n\n  get driver(): JwtDriver {\n    return 'header';\n  }\n\n  get cookieName(): string {\n    return 'jwt';\n  }\n\n  get resolveUser(): (payload: JwtPayload) => Promise<ResolveUserResult> {\n    return async (payload) => ({\n      user: payload.sub,\n      roles: [],\n    });\n  }\n}\n","import { Injectable, inject } from '@zeltjs/core';\nimport { decodeJwt, jwtVerify, SignJWT } from 'jose';\n\nimport { JwtConfig } from './jwt.config';\nimport type { JwtPayload } from './jwt.types';\n\n@Injectable()\nexport class JwtService {\n  constructor(private config = inject(JwtConfig)) {}\n\n  async sign(payload: Record<string, unknown>): Promise<string> {\n    const secret = new TextEncoder().encode(this.config.secret);\n    const expiresIn = this.parseExpiresIn(this.config.expiresIn);\n\n    const jwt = await new SignJWT(payload)\n      .setProtectedHeader({ alg: 'HS256' })\n      .setIssuedAt()\n      .setExpirationTime(expiresIn)\n      .sign(secret);\n\n    return jwt;\n  }\n\n  async verify(token: string): Promise<JwtPayload> {\n    const secret = new TextEncoder().encode(this.config.secret);\n    const { payload } = await jwtVerify<JwtPayload>(token, secret);\n    return payload;\n  }\n\n  decode(token: string): JwtPayload | null {\n    try {\n      return decodeJwt<JwtPayload>(token);\n    } catch {\n      return null;\n    }\n  }\n\n  private parseExpiresIn(expiresIn: string): string | number {\n    const match = /^(\\d+)([smhd])$/.exec(expiresIn);\n    if (match) {\n      const value = parseInt(match[1] ?? '0', 10);\n      const unit = match[2] ?? '';\n      const unitMap: Record<string, string> = {\n        s: 'seconds',\n        m: 'minutes',\n        h: 'hours',\n        d: 'days',\n      };\n      return `${value} ${unitMap[unit]}`;\n    }\n    return expiresIn;\n  }\n}\n","import type { Next, RequestContext } from '@zeltjs/core';\nimport { inject, Middleware, setUser } from '@zeltjs/core';\nimport { getCookie } from 'hono/cookie';\n\nimport { UnauthorizedException } from './exceptions';\nimport { JwtConfig } from './jwt.config';\nimport { JwtService } from './jwt.service';\n\n@Middleware\nexport class JwtMiddleware {\n  constructor(\n    private readonly jwtService = inject(JwtService),\n    private readonly config = inject(JwtConfig),\n  ) {}\n\n  /**\n   * @throws {UnauthorizedException} When token is missing (401)\n   * @throws {UnauthorizedException} When token is invalid or expired (401)\n   */\n  async use(c: RequestContext, next: Next): Promise<Response | undefined> {\n    const token = this.extractToken(c);\n\n    if (!token) {\n      throw new UnauthorizedException({ reason: 'missing_token' });\n    }\n\n    const verified = await this.jwtService.verify(token).then(\n      (payload) => ({ ok: true as const, payload }),\n      () => ({ ok: false as const }),\n    );\n\n    if (!verified.ok) {\n      throw new UnauthorizedException({ reason: 'invalid_token' });\n    }\n\n    const { user, roles } = await this.config.resolveUser(verified.payload);\n    setUser(user, roles);\n    await next();\n    return undefined;\n  }\n\n  private extractToken(c: RequestContext): string | null {\n    if (this.config.driver === 'cookie') {\n      return getCookie(c, this.config.cookieName) ?? null;\n    }\n\n    const authHeader = c.req.header('Authorization');\n    if (!authHeader?.startsWith('Bearer ')) {\n      return null;\n    }\n    return authHeader.slice(7);\n  }\n}\n"],"mappings":";;;;;AAIA,MAAMC,aAAiD,EACrDC,gBAAgB,+CAClB;AAEA,MAAaC,qBAAqBH,YAChC,uBACCI,QAA0CH,WAASG,IAAIC,QAAO;;;ACNjE,MAAME,WAA+C;CACnDC,eAAe;CACfC,eAAe;CACfC,SAAS;CACX;AAEA,MAAaC,wBAAwBL,oBACnC,yBACA,MACCM,QAAwCL,SAASK,IAAIC,SACtD,EACEC,gBAAgBF,KAAKG,QAAQC,YAC3BC,SAASC,KACP;CAAEC,MAAM;CAAgBN,QAAQD,IAAIC;CAAQG;CAAQ,EACpD;CAAED;CAAQK,SAAS,EAAE,oBAAoB,UAAS;CAAE,CAAA,EAE1D,CAAA;;;;;;;;;ACRF,IAAaG,YAAb,MAAaA;;;IAIX,IAAIC,SAAiB;EACnB,MAAMA,SAASC,QAAQC,IAAI;AAC3B,MAAI,CAACF,OACH,OAAM,IAAIF,mBAAmB,EAAEK,QAAQ,kBAAiB,CAAA;AAE1D,SAAOH;;CAGT,IAAII,YAAoB;AACtB,SAAO;;CAGT,IAAIC,SAAoB;AACtB,SAAO;;CAGT,IAAIC,aAAqB;AACvB,SAAO;;CAGT,IAAIC,cAAmE;AACrE,SAAO,OAAOC,aAAa;GACzBC,MAAMD,QAAQE;GACdC,OAAO,EAAE;GACX;;;;;;;;;;;;;;;ACjCJ,IAAaO,aAAb,MAAaA;CAGX,MAAMC,KAAKC,SAAmD;EAC5D,MAAMC,SAAS,IAAIC,aAAAA,CAAcC,OAAO,KAAKC,OAAOH,OAAM;EAC1D,MAAMI,YAAY,KAAKC,eAAe,KAAKF,OAAOC,UAAS;AAQ3D,SAAOE,MANW,IAAIX,QAAQI,QAAAA,CAC3BQ,mBAAmB,EAAEC,KAAK,SAAQ,CAAA,CAClCC,aAAW,CACXC,kBAAkBN,UAAAA,CAClBN,KAAKE,OAAAA;;CAKV,MAAMW,OAAOC,OAAoC;EAE/C,MAAM,EAAEb,YAAY,MAAML,UAAsBkB,OADjC,IAAIX,aAAAA,CAAcC,OAAO,KAAKC,OAAOH,OACGA,CAAAA;AACvD,SAAOD;;CAGTc,OAAOD,OAAkC;AACvC,MAAI;AACF,UAAOnB,UAAsBmB,MAAAA;UACvB;AACN,UAAO;;;CAIHP,eAAeD,WAAoC;EACzD,MAAMU,QAAQ,kBAAkBC,KAAKX,UAAAA;AACrC,MAAIU,MASF,QAAO,GAROG,SAASH,MAAM,MAAM,KAAK,GAQ9BE,CAAM,GAAGG;GALjBC,GAAG;GACHC,GAAG;GACHC,GAAG;GACHC,GAAG;GAEqB,CAPbT,MAAM,MAAM;AAS3B,SAAOV;;CA1CT,YAAY,SAAiBZ,OAAOI,UAAU,EAAE;OAA5BO,SAAAA;;;;;;;;;;;;;;;;;;;ACCtB,IAAa4B,gBAAb,MAAaA;;;;IAUX,MAAMC,IAAIC,GAAmBC,MAA2C;EACtE,MAAMC,QAAQ,KAAKC,aAAaH,EAAAA;AAEhC,MAAI,CAACE,MACH,OAAM,IAAIP,sBAAsB,EAAES,QAAQ,iBAAgB,CAAA;EAG5D,MAAMC,WAAW,MAAM,KAAKC,WAAWC,OAAOL,MAAAA,CAAOM,MAClDC,aAAa;GAAEC,IAAI;GAAeD;GAAQ,UACpC,EAAEC,IAAI,OAAe,EAAA;AAG9B,MAAI,CAACL,SAASK,GACZ,OAAM,IAAIf,sBAAsB,EAAES,QAAQ,iBAAgB,CAAA;EAG5D,MAAM,EAAEO,MAAMC,UAAU,MAAM,KAAKC,OAAOC,YAAYT,SAASI,QAAO;AACtEhB,UAAQkB,MAAMC,MAAAA;AACd,QAAMX,MAAAA;;CAIAE,aAAaH,GAAkC;AACrD,MAAI,KAAKa,OAAOG,WAAW,SACzB,QAAOtB,UAAUM,GAAG,KAAKa,OAAOI,WAAU,IAAK;EAGjD,MAAMC,aAAalB,EAAEmB,IAAIC,OAAO,gBAAA;AAChC,MAAI,CAACF,YAAYG,WAAW,UAAA,CAC1B,QAAO;AAET,SAAOH,WAAWI,MAAM,EAAA;;CAxC1B,YACE,aAA8B/B,OAAOM,WAAW,EAChD,SAA0BN,OAAOK,UAAU,EAC3C;OAFiBU,aAAAA;OACAO,SAAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zeltjs/auth-jwt",
-  "version": "0.3.0",
+  "version": "0.5.0",
   "type": "module",
   "license": "MIT",
   "repository": {
@@ -22,7 +22,7 @@
   ],
   "peerDependencies": {
     "hono": "^4.0.0",
-    "@zeltjs/core": "0.3.0"
+    "@zeltjs/core": "0.5.0"
   },
   "dependencies": {
     "jose": "6.0.11"
@@ -30,8 +30,8 @@
   "devDependencies": {
     "@types/node": "22.19.17",
     "hono": "4.12.16",
-    "@zeltjs/core": "0.3.0",
-    "@zeltjs/testing": "0.3.0"
+    "@zeltjs/core": "0.5.0",
+    "@zeltjs/testing": "0.5.0"
   },
   "volta": {
     "extends": "../../package.json"