@zentry-org/sdk 0.0.1

package/README.md

@@ -0,0 +1,579 @@
+# `@zentry-org/sdk`
+
+Zentry SDK for frontend apps and backend APIs.
+
+This package supports two integration layers:
+
+- `@zentry-org/sdk/react` for browser apps such as Vite + React, Next.js, and TanStack Start
+- `@zentry-org/sdk/node` for backend APIs such as Express
+
+Both layers use the same normalized session payload: `ZentrySessionType`.
+
+## How Zentry Works
+
+Zentry separates:
+
+- organization identity
+- end-user identity
+
+For a request to be treated as an authenticated user request inside an organization:
+
+1. the frontend authenticates the user with Zentry
+2. Zentry issues a user session token
+3. the frontend stores that token in `localStorage`
+4. the frontend sends the token on requests to the developer's backend API
+5. the backend validates that user token against Zentry using:
+   - the forwarded user token
+   - the organization's `orgId`
+   - the organization's secret `apiKey`
+6. Zentry returns the validated session in the shared `ZentrySessionType` shape
+
+The backend never identifies a user from `orgId` and `apiKey` alone. Those values identify the organization and application. The user token identifies the signed-in user.
+
+## Shared Session Shape
+
+The React SDK and Node SDK both work with the same session structure from [`src/zod.ts`](./src/zod.ts):
+
+- `user`
+- `org`
+- `membership`
+- `account`
+
+Backend middleware attaches this payload to:
+
+```ts
+req.zentry
+```
+
+Type:
+
+```ts
+import type { ZentrySessionType } from '@zentry-org/sdk/react';
+```
+
+## Installation
+
+```bash
+pnpm add @zentry-org/sdk
+```
+
+Peer dependencies:
+
+- `react` for the React SDK
+- `express` for the Node SDK
+
+## React Setup
+
+Use the React SDK in your frontend application to:
+
+- redirect users to Zentry login/register
+- sync the current session from Zentry
+- access the authenticated session in React
+- capture the callback token returned by Zentry
+- use built-in unstyled auth components if you do not want to wire the buttons yourself
+
+### Required frontend env
+
+The React SDK expects:
+
+```env
+ZENTRY_ORG_ID=your-org-id
+ZENTRY_APP_CALLBACK_URL=http://localhost:3000/auth/callback
+```
+
+Notes:
+
+- `ZENTRY_ORG_ID` identifies the organization context
+- `ZENTRY_APP_CALLBACK_URL` is the frontend route Zentry redirects back to after login/register
+- the SDK uses its internal fixed Zentry API base URL constant
+
+### Built-in React components
+
+The SDK already exports raw, unstyled HTML components.
+
+- `RegisterButton`
+- `LoginButton`
+- `LogoutButton`
+- `Authenticated`
+- `UnAuthenticated`
+
+These are intentionally unstyled so each app can theme them however it wants.
+
+Example:
+
+```tsx
+import {
+  Authenticated,
+  LoginButton,
+  LogoutButton,
+  RegisterButton,
+  UnAuthenticated,
+} from '@zentry-org/sdk/react';
+
+export function AuthActions() {
+  return (
+    <>
+      <UnAuthenticated>
+        <RegisterButton className="btn btn-secondary" />
+        <LoginButton className="btn btn-primary" />
+      </UnAuthenticated>
+
+      <Authenticated>
+        <LogoutButton className="btn btn-danger" label="Sign out" />
+      </Authenticated>
+    </>
+  );
+}
+```
+
+### Framework examples
+
+### Vite + React
+
+Wrap your root app with `ZentryProvider`:
+
+```tsx
+import { ZentryProvider } from '@zentry-org/sdk/react';
+
+export function AppProviders({ children }: { children: React.ReactNode }) {
+  return (
+    <ZentryProvider
+      env={{
+        ZENTRY_ORG_ID: import.meta.env.VITE_ZENTRY_ORG_ID,
+        ZENTRY_APP_CALLBACK_URL: `${window.location.origin}/auth/callback`,
+      }}
+    >
+      {children}
+    </ZentryProvider>
+  );
+}
+```
+
+Then mount it in `src/main.tsx`:
+```tsx
+import { AppProviders } from './AppProviders';
+import { createRoot } from 'react-dom/client';
+import App from './App';
+import './index.css';
+
+createRoot(document.getElementById('root')!).render(
+    <AppProviders>
+      <App />
+    </AppProviders>
+);
+
+```
+
+Use the callback hook on your callback route:
+
+```tsx
+import { useZentryCallbackSync } from '@zentry-org/sdk/react';
+
+export default function AuthCallbackPage() {
+  useZentryCallbackSync();
+  return <div>Signing you in...</div>;
+}
+```
+
+### TanStack Start
+
+TanStack Start apps typically mount shared providers inside the root route shell. 
+In a setup like `your-app/src/routes/__root.tsx`,
+add `ZentryProvider` inside the `RootDocument` body alongside your other app-wide providers.
+
+```tsx
+import * as React from 'react';
+import { HeadContent, Scripts, createRootRouteWithContext } from '@tanstack/react-router';
+import type { QueryClient } from '@tanstack/react-query';
+import { ZentryProvider } from '@zentry-org/sdk/react';
+
+interface MyRouterContext {
+  queryClient: QueryClient;
+}
+
+export const Route = createRootRouteWithContext<MyRouterContext>()({
+  shellComponent: RootDocument,
+});
+
+function RootDocument({ children }: { children: React.ReactNode }) {
+  return (
+    <html lang="en">
+      <head>
+        <HeadContent />
+      </head>
+      <body>
+         <ZentryProvider env={{
+             ZENTRY_ORG_ID: import.meta.env.VITE_ZENTRY_ORG_ID,
+             ZENTRY_APP_CALLBACK_URL: `${window.location.origin}/auth/callback`,
+         }}
+         >
+            {children}
+         </ZentryProvider>
+        <Scripts />
+      </body>
+    </html>
+  );
+}
+```
+
+Example callback page:
+
+```tsx
+import { createFileRoute } from '@tanstack/react-router';
+import { useZentryCallbackSync } from '@zentry-org/sdk/react';
+
+export const Route = createFileRoute('/auth/callback')({
+  component: AuthCallbackPage,
+});
+
+function AuthCallbackPage() {
+   useZentryCallbackSync();
+   return <div>Signing you in...</div>;
+}
+```
+
+Example server-side session lookup:
+
+```ts
+import { createServerFn } from '@tanstack/react-start';
+import { getServerSession } from '@zentry-org/sdk/react-server';
+
+export const getCurrentSession = createServerFn({ method: 'POST' })
+  .validator((token: string) => token)
+  .handler(async ({ data }) => {
+    return getServerSession({
+      env: {
+        ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+      },
+      token: data,
+    });
+  });
+```
+
+### Next.js
+
+Wrap your client-side provider in a client component:
+
+```tsx
+'use client';
+
+import type { ReactNode } from 'react';
+import { ZentryProvider } from '@zentry-org/sdk/react';
+
+export function Providers({ children }: { children: ReactNode }) {
+  return (
+    <ZentryProvider
+      env={{
+        ZENTRY_ORG_ID: process.env.NEXT_PUBLIC_ZENTRY_ORG_ID!,
+        ZENTRY_APP_CALLBACK_URL: `${process.env.NEXT_PUBLIC_APP_URL!}/auth/callback`,
+      }}
+    >
+      {children}
+    </ZentryProvider>
+  );
+}
+```
+
+Mount it in `app/layout.tsx` or `src/app/layout.tsx`:
+
+```tsx
+import type { ReactNode } from 'react';
+import { Providers } from './providers';
+
+export default function RootLayout({ children }: { children: ReactNode }) {
+  return (
+    <html lang="en">
+      <body>
+        <Providers>{children}</Providers>
+      </body>
+    </html>
+  );
+}
+```
+
+Callback page example:
+
+```tsx
+'use client';
+
+import { useZentryCallbackSync } from '@zentry-org/sdk/react';
+
+export default function AuthCallbackPage() {
+  useZentryCallbackSync();
+  return <div>Signing you in...</div>;
+}
+```
+
+Server component session lookup example:
+
+```tsx
+import { cookies } from 'next/headers';
+import { getServerSession } from '@zentry-org/sdk/react-server';
+
+export default async function DashboardPage() {
+  const cookieStore = await cookies();
+
+  const session = await getServerSession({
+    env: {
+      ZENTRY_ORG_ID: process.env.NEXT_PUBLIC_ZENTRY_ORG_ID!,
+    },
+    cookie: cookieStore.toString(),
+  });
+
+  if (!session) {
+    return <div>No session found</div>;
+  }
+
+  return <div>Welcome {session.user.firstName}</div>;
+}
+```
+
+### Read auth state
+
+```tsx
+import { useZentry, LogoutButton} from '@zentry-org/sdk/react';
+
+export function Profile() {
+  const { session, isAuthenticated, isLoading } = useZentry();
+
+  if (isLoading) return <div>Loading...</div>;
+  if (!isAuthenticated) {
+    return (
+      <div>
+        <p>You are not logged in.</p>
+      </div>
+    );
+  }
+
+  return (
+    <div>
+      <p>User ID: {session?.user.id}</p>
+      <p>Org ID: {session?.org.id}</p>
+      <p>Role: {session?.membership.role}</p>
+      <LogoutButton label="Sign out" />
+    </div>
+  );
+}
+```
+
+### Capture the callback token
+
+When Zentry redirects back to your app, the token is returned in the URL. Use `useZentryCallbackSync()` on the callback page to:
+
+- read the token from the query string
+- store it in `localStorage`
+- clear it from the URL
+- reload the app so session sync runs again
+
+```tsx
+import { useZentryCallbackSync } from '@zentry-org/sdk/react';
+
+export default function AuthCallbackPage() {
+  useZentryCallbackSync();
+
+  return <div>Signing you in...</div>;
+}
+```
+
+### Frontend request forwarding
+
+When your frontend calls your own backend API, forward the Zentry token:
+
+```tsx
+import axios from 'axios';
+import { useZentry } from '@zentry-org/sdk/react';
+
+export function ExampleButton() {
+  const { getSessionToken } = useZentry();
+
+  async function handleClick() {
+    const token = getSessionToken();
+    if (!token) return;
+
+    // Forward the token to the backend API when making requests
+    await axios.get('/api/v1/*', {
+      headers: {
+        Authorization: `Bearer ${token}`,
+      },
+    });
+  }
+
+  return <button onClick={handleClick}>Call API</button>;
+}
+```
+
+You can isolate the token attachment logic from the UI. (only work in browser environments, for server environments use the `getServerSession` helper described below)
+```ts
+import { useZentry } from '@zentry-org/sdk/react';
+import axios from 'axios';
+
+export const api = axios.create({
+   baseURL: 'your-api-url',
+   withCredentials: true,
+   headers: {
+     'Content-Type': 'application/json',
+   },
+})
+
+api.interceptors.request.use((config) => {
+   if (typeof window !== 'undefined') {
+       const { getSessionToken } = useZentry();
+      const storedToken = getSessionToken();
+
+      if (storedToken) {
+         config.headers = axios.AxiosHeaders.from(config.headers);
+         config.headers.set('Authorization', `Bearer ${storedToken}`);
+      }
+   }
+
+   return config;
+});
+```
+
+This is the current integration model: the frontend forwards the user session token stored in `localStorage` to the developer's backend API on each authenticated request.
+
+## React Server Session Helper
+
+For server-side React code, use the server helper when you need to validate a forwarded token or incoming cookie against Zentry.
+
+Import path:
+
+```ts
+import { getServerSession } from '@zentry-org/sdk/react-server';
+```
+
+Example:
+
+```ts
+import { getServerSession } from '@zentry-org/sdk/react-server';
+
+export async function loadSession(token: string) {
+  return getServerSession({
+    env: {
+      ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+    },
+    token,
+  });
+}
+```
+
+## Node / Express Setup
+
+Use the Node SDK in the developer's backend API to validate the forwarded user token with Zentry.
+
+### Required backend env
+
+```env
+ZENTRY_ORG_ID=your-org-id
+ZENTRY_API_KEY_RAW=your-org-api-key
+```
+
+Notes:
+
+- `ZENTRY_ORG_ID` identifies the organization
+- `ZENTRY_API_KEY_RAW` is the secret API key for the organization
+- the Node SDK uses the internal fixed Zentry API base URL constant
+
+### Create the client
+
+```ts
+import { ZentryClient } from '@zentry-org/sdk/node';
+
+export const zentry = new ZentryClient({
+  orgId: process.env.ZENTRY_ORG_ID!,
+  apiKey: process.env.ZENTRY_API_KEY_RAW!,
+});
+```
+
+### Protect routes with `requireUser()`
+
+`requireUser()`:
+
+- reads the incoming bearer token from the developer API request
+- calls Zentry to validate the token for the configured org
+- validates the response shape
+- attaches the session to `req.zentry`
+
+```ts
+import express from 'express';
+import { zentry } from './zentry';
+
+const app = express();
+
+app.get('/api/me', zentry.requireUser(), (req, res) => {
+  res.json({
+    session: req.zentry,
+    userId: req.zentry?.user.id,
+    orgId: req.zentry?.org.id,
+    role: req.zentry?.membership.role,
+  });
+});
+```
+
+### Use `requireOrg()`
+
+`requireOrg()` is a lightweight middleware that confirms the SDK instance is configured with valid org credentials before continuing.
+
+```ts
+app.use(zentry.requireOrg());
+```
+
+In the current version it does not perform a remote org verification request by itself.
+
+## End-to-End Flow
+
+### Browser flow
+
+1. frontend renders inside `ZentryProvider`
+2. user clicks `login()` or `register()`
+3. user is redirected to the Zentry UI
+4. after success, Zentry redirects back to the app callback URL with a token
+5. callback page stores that token in `localStorage`
+6. the provider calls Zentry to fetch the full session in `ZentrySessionType` shape
+7. React code uses `useZentry()` to read auth state
+
+### Backend flow
+
+1. frontend sends `Authorization: Bearer <token>` to the developer API
+2. Express route uses `zentry.requireUser()`
+3. the SDK sends a request to Zentry with:
+   - the user token in `Authorization`
+   - the org ID header
+   - the org API key header
+4. Zentry validates:
+   - organization identity
+   - API key
+   - user session token
+   - organization membership
+5. Zentry returns the normalized session payload
+6. the SDK attaches the payload to `req.zentry`
+7. the route handler uses `req.zentry`
+
+## Headers Used Internally
+
+The SDK uses these shared header constants:
+
+- `X-Zentry-Org-ID`
+- `X-Zentry-API-Key`
+
+Frontend apps usually only send the organization header to Zentry directly.
+
+Backend apps send:
+
+- `Authorization: Bearer <user_token>`
+- `X-Zentry-Org-ID`
+- `X-Zentry-API-Key`
+
+## Summary
+
+Use:
+
+- `@zentry/sdk/react` in the UI
+- `@zentry/sdk/react-server` for server-side React helpers
+- `@zentry/sdk/node` in the backend API
+
+The UI owns login and token capture.
+
+The backend owns secure user validation against Zentry.
+
+Both consume the same `ZentrySessionType`, which keeps frontend and backend auth handling aligned.

package/dist/chunk-OMDRZCFK.js

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+import{b as t,d as s,f as n,g as i}from"./chunk-SCUKQ3VA.js";import c from"axios";async function f(e){try{let r={[s]:e.env.ZENTRY_ORG_ID};e.token&&(r.Authorization=`Bearer ${e.token}`),e.cookie&&(r.Cookie=e.cookie);let a=await c.get(`${t}/auth/org/me`,{headers:r}),o=n(i).safeParse(a.data);if(!o.success)throw console.error("Invalid session data received from server:",o.error),new Error("Invalid session data received from Zentry server.");return o.data.data}catch(r){return console.error({error:r,message:"Failed to get session"}),null}}export{f as a};

package/dist/chunk-SCUKQ3VA.js

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+var p="token",m="http://localhost:5000/api/v1",l="http://localhost:3000",u="X-Zentry-Org-ID",d="X-Zentry-API-Key";import{z as e}from"zod";var t=e.string().min(1),n=e.enum(["CREDENTIAL","OAUTH"]),r=e.enum(["LOCAL","GOOGLE"]),s=e.enum(["ADMIN","MEMBER"]),i=e.unknown(),a=e.object({id:e.uuid(),email:e.email(),firstName:e.string(),lastName:e.string(),emailVerified:e.boolean(),imageUrl:e.string().nullable(),createdAt:t,updatedAt:t}),c={status_code:e.number().int().nonnegative(),message:e.string()},h=o=>e.object({success:e.literal(!0),...c,data:o}),x=e.object({user:a,org:e.object({id:e.uuid(),name:e.string()}),membership:e.object({id:e.uuid(),role:s,isBanned:e.boolean(),permissions:i.nullable()}),account:e.object({id:e.uuid(),provider:r,providerType:n,accountId:e.string(),providerAvatarUrl:e.string().nullable()})});export{p as a,m as b,l as c,u as d,d as e,h as f,x as g};

package/dist/node/index.cjs

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+"use strict";var R=Object.create;var a=Object.defineProperty;var x=Object.getOwnPropertyDescriptor;var A=Object.getOwnPropertyNames;var I=Object.getPrototypeOf,_=Object.prototype.hasOwnProperty;var v=(r,e)=>{for(var s in e)a(r,s,{get:e[s],enumerable:!0})},d=(r,e,s,o)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of A(e))!_.call(r,n)&&n!==s&&a(r,n,{get:()=>e[n],enumerable:!(o=x(e,n))||o.enumerable});return r};var Z=(r,e,s)=>(s=r!=null?R(I(r)):{},d(e||!r||!r.__esModule?a(s,"default",{value:r,enumerable:!0}):s,r)),q=r=>d(a({},"__esModule",{value:!0}),r);var H={};v(H,{ZentryClient:()=>p,extractBearerToken:()=>E});module.exports=q(H);var c=Z(require("axios"),1);var l="http://localhost:5000/api/v1";var y="X-Zentry-Org-ID",g="X-Zentry-API-Key";var t=require("zod"),h=t.z.string().min(1),T=t.z.enum(["CREDENTIAL","OAUTH"]),O=t.z.enum(["LOCAL","GOOGLE"]),b=t.z.enum(["ADMIN","MEMBER"]),w=t.z.unknown(),k=t.z.object({id:t.z.uuid(),email:t.z.email(),firstName:t.z.string(),lastName:t.z.string(),emailVerified:t.z.boolean(),imageUrl:t.z.string().nullable(),createdAt:h,updatedAt:h}),N={status_code:t.z.number().int().nonnegative(),message:t.z.string()},S=r=>t.z.object({success:t.z.literal(!0),...N,data:r}),f=t.z.object({user:k,org:t.z.object({id:t.z.uuid(),name:t.z.string()}),membership:t.z.object({id:t.z.uuid(),role:b,isBanned:t.z.boolean(),permissions:w.nullable()}),account:t.z.object({id:t.z.uuid(),provider:O,providerType:T,accountId:t.z.string(),providerAvatarUrl:t.z.string().nullable()})});var D=S(f),u=r=>typeof r=="string"&&r.trim().length>0,E=r=>{let e=r.header("authorization")?.trim();if(!e)return null;let[s,o]=e.split(/\s+/,2);return s!=="Bearer"||!o?null:o.trim()},i=(r,e,s)=>{r.status(e).json({success:!1,status_code:e,message:s,data:null})},p=class{orgId;apiKey;constructor(e){if(!u(e.orgId))throw new Error("ZentryClient requires a non-empty orgId.");if(!u(e.apiKey))throw new Error("ZentryClient requires a non-empty apiKey.");this.orgId=e.orgId.trim(),this.apiKey=e.apiKey.trim()}createRequestHeaders(e){return{[y]:this.orgId,[g]:this.apiKey,Authorization:`Bearer ${e}`}}async verifyUserToken(e){if(!u(e))throw new Error("A non-empty user token is required.");let s=await c.default.get(`${l}/auth/org/server/me`,{headers:this.createRequestHeaders(e.trim())}),o=D.safeParse(s.data);if(!o.success)throw new Error("Invalid session payload received from Zentry.");return o.data.data}async getSessionFromRequest(e){let s=E(e);if(!s)throw new Error("Authentication token is missing. Provide a Bearer token.");return this.verifyUserToken(s)}requireUser(){return async(e,s,o)=>{try{e.zentry=await this.getSessionFromRequest(e),o()}catch(n){if(n instanceof c.AxiosError){let m=n.response?.status??502;if(m===401||m===403){i(s,401,"Unauthorized user session.");return}i(s,502,"Failed to validate the user session with Zentry.");return}if(n instanceof Error){if(n.message.includes("Authentication token is missing")){i(s,401,n.message);return}if(n.message.includes("Invalid session payload")){i(s,502,n.message);return}}o(n)}}}requireOrg(){return(e,s,o)=>{if(!this.orgId||!this.apiKey){i(s,500,"Zentry client is not configured correctly.");return}o()}}};0&&(module.exports={ZentryClient,extractBearerToken});

package/dist/node/index.d.cts

@@ -0,0 +1,37 @@
+import { Z as ZentrySessionType } from '../zod-DbKYqexO.cjs';
+import { RequestHandler, Request } from 'express';
+import 'zod';
+
+declare global {
+    namespace Express {
+        interface Request {
+            zentry?: ZentrySessionType;
+        }
+    }
+}
+
+interface ZentryClientOptions {
+    orgId: string;
+    apiKey: string;
+}
+declare const extractBearerToken: (req: Request) => string | null;
+/**
+ * @description This class is used to validate the user session with Zentry.
+ * @param options {ZentryClientOptions} - The options for the Zentry client.
+ * @param options.orgId {string} - The organization ID.
+ * @param options.apiKey {string} - The API key.
+ * @returns {ZentryClient} - The Zentry client instance.
+ * @throws {Error} - If the orgId or apiKey is not provided or is empty.
+ * */
+declare class ZentryClient {
+    readonly orgId: string;
+    readonly apiKey: string;
+    constructor(options: ZentryClientOptions);
+    private createRequestHeaders;
+    private verifyUserToken;
+    private getSessionFromRequest;
+    requireUser(): RequestHandler;
+    requireOrg(): RequestHandler;
+}
+
+export { ZentryClient, type ZentryClientOptions, extractBearerToken };

package/dist/node/index.d.ts

@@ -0,0 +1,37 @@
+import { Z as ZentrySessionType } from '../zod-DbKYqexO.js';
+import { RequestHandler, Request } from 'express';
+import 'zod';
+
+declare global {
+    namespace Express {
+        interface Request {
+            zentry?: ZentrySessionType;
+        }
+    }
+}
+
+interface ZentryClientOptions {
+    orgId: string;
+    apiKey: string;
+}
+declare const extractBearerToken: (req: Request) => string | null;
+/**
+ * @description This class is used to validate the user session with Zentry.
+ * @param options {ZentryClientOptions} - The options for the Zentry client.
+ * @param options.orgId {string} - The organization ID.
+ * @param options.apiKey {string} - The API key.
+ * @returns {ZentryClient} - The Zentry client instance.
+ * @throws {Error} - If the orgId or apiKey is not provided or is empty.
+ * */
+declare class ZentryClient {
+    readonly orgId: string;
+    readonly apiKey: string;
+    constructor(options: ZentryClientOptions);
+    private createRequestHeaders;
+    private verifyUserToken;
+    private getSessionFromRequest;
+    requireUser(): RequestHandler;
+    requireOrg(): RequestHandler;
+}
+
+export { ZentryClient, type ZentryClientOptions, extractBearerToken };

package/dist/node/index.js

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+import{b as u,d as c,e as p,f as y,g as d}from"../chunk-SCUKQ3VA.js";import l,{AxiosError as g}from"axios";var f=y(d),o=n=>typeof n=="string"&&n.trim().length>0,h=n=>{let e=n.header("authorization")?.trim();if(!e)return null;let[r,t]=e.split(/\s+/,2);return r!=="Bearer"||!t?null:t.trim()},i=(n,e,r)=>{n.status(e).json({success:!1,status_code:e,message:r,data:null})},m=class{orgId;apiKey;constructor(e){if(!o(e.orgId))throw new Error("ZentryClient requires a non-empty orgId.");if(!o(e.apiKey))throw new Error("ZentryClient requires a non-empty apiKey.");this.orgId=e.orgId.trim(),this.apiKey=e.apiKey.trim()}createRequestHeaders(e){return{[c]:this.orgId,[p]:this.apiKey,Authorization:`Bearer ${e}`}}async verifyUserToken(e){if(!o(e))throw new Error("A non-empty user token is required.");let r=await l.get(`${u}/auth/org/server/me`,{headers:this.createRequestHeaders(e.trim())}),t=f.safeParse(r.data);if(!t.success)throw new Error("Invalid session payload received from Zentry.");return t.data.data}async getSessionFromRequest(e){let r=h(e);if(!r)throw new Error("Authentication token is missing. Provide a Bearer token.");return this.verifyUserToken(r)}requireUser(){return async(e,r,t)=>{try{e.zentry=await this.getSessionFromRequest(e),t()}catch(s){if(s instanceof g){let a=s.response?.status??502;if(a===401||a===403){i(r,401,"Unauthorized user session.");return}i(r,502,"Failed to validate the user session with Zentry.");return}if(s instanceof Error){if(s.message.includes("Authentication token is missing")){i(r,401,s.message);return}if(s.message.includes("Invalid session payload")){i(r,502,s.message);return}}t(s)}}}requireOrg(){return(e,r,t)=>{if(!this.orgId||!this.apiKey){i(r,500,"Zentry client is not configured correctly.");return}t()}}};export{m as ZentryClient,h as extractBearerToken};

package/dist/react/index.cjs

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+"use strict";var B=Object.create;var m=Object.defineProperty;var D=Object.getOwnPropertyDescriptor;var U=Object.getOwnPropertyNames;var G=Object.getPrototypeOf,Y=Object.prototype.hasOwnProperty;var $=(e,t)=>{for(var n in t)m(e,n,{get:t[n],enumerable:!0})},_=(e,t,n,c)=>{if(t&&typeof t=="object"||typeof t=="function")for(let r of U(t))!Y.call(e,r)&&r!==n&&m(e,r,{get:()=>t[r],enumerable:!(c=D(t,r))||c.enumerable});return e};var A=(e,t,n)=>(n=e!=null?B(G(e)):{},_(t||!e||!e.__esModule?m(n,"default",{value:e,enumerable:!0}):n,e)),z=e=>_(m({},"__esModule",{value:!0}),e);var ne={};$(ne,{Authenticated:()=>ee,LoginButton:()=>Q,LogoutButton:()=>W,RegisterButton:()=>J,UnAuthenticated:()=>te,ZentryProvider:()=>X,getServerSession:()=>oe,useZentry:()=>l,useZentryCallbackSync:()=>q});module.exports=z(ne);var s=require("react"),R=A(require("axios"),1);var u="token",d="http://localhost:5000/api/v1",S="http://localhost:3000",p="X-Zentry-Org-ID";var o=require("zod"),Z=o.z.string().min(1),K=o.z.enum(["CREDENTIAL","OAUTH"]),j=o.z.enum(["LOCAL","GOOGLE"]),H=o.z.enum(["ADMIN","MEMBER"]),M=o.z.unknown(),F=o.z.object({id:o.z.uuid(),email:o.z.email(),firstName:o.z.string(),lastName:o.z.string(),emailVerified:o.z.boolean(),imageUrl:o.z.string().nullable(),createdAt:Z,updatedAt:Z}),V={status_code:o.z.number().int().nonnegative(),message:o.z.string()},g=e=>o.z.object({success:o.z.literal(!0),...V,data:e}),f=o.z.object({user:F,org:o.z.object({id:o.z.uuid(),name:o.z.string()}),membership:o.z.object({id:o.z.uuid(),role:H,isBanned:o.z.boolean(),permissions:M.nullable()}),account:o.z.object({id:o.z.uuid(),provider:j,providerType:K,accountId:o.z.string(),providerAvatarUrl:o.z.string().nullable()})});var k=require("react/jsx-runtime"),v=()=>{if(typeof window>"u")return null;let e=localStorage.getItem(u);return typeof e!="string"?(console.error("No active token found or token is not a string"),null):e},x=e=>{typeof window>"u"||localStorage.removeItem(e)},w=(0,s.createContext)(void 0);function X({children:e,env:t}){let[n,c]=(0,s.useState)(null),[r,y]=(0,s.useState)(!1),[T,E]=(0,s.useState)(!0),P=async()=>{let i=v();if(!i){E(!1),console.log("No active token found, skipping session sync");return}try{let O=await R.default.get(`${d}/auth/org/me`,{headers:{[p]:t.ZENTRY_ORG_ID,Authorization:`Bearer ${i}`}}),h=g(f).safeParse(O.data);if(!h.success)throw console.error("Invalid session data received from server:",h.error),new Error("Invalid session data received from Zentry server.");c(h.data.data),y(!0)}catch{x(u),c(null),y(!1)}finally{E(!1)}};(0,s.useEffect)(()=>{P().then(()=>{console.log("Session synced")}).catch(i=>{console.error("Error syncing session:",i)})},[]);let N=()=>{window.location.href=`${S}/org/register?callbackUrl=${encodeURIComponent(t.ZENTRY_APP_CALLBACK_URL)}`},L=()=>{window.location.href=`${S}/org/login?callbackUrl=${encodeURIComponent(t.ZENTRY_APP_CALLBACK_URL)}`},b=async()=>{try{let i=v();if(!i){console.error("No active token found, skipping logout");return}await R.default.post(`${d}/auth/org/logout`,{},{headers:{[p]:t.ZENTRY_ORG_ID,Authorization:`Bearer ${i}`}}),x(u),c(null),y(!1),window.location.reload()}catch(i){console.error("Error logging out:",i)}},C=()=>v();return(0,k.jsx)(w.Provider,{value:{isAuthenticated:r,isLoading:T,session:n,login:L,logout:b,register:N,getSessionToken:C},children:e})}function l(){let e=(0,s.useContext)(w);if(!e)throw new Error("useZentry must be nested within a ZentryProvider");return e}function q(){(0,s.useEffect)(()=>{if(typeof window>"u")return;let t=new URLSearchParams(window.location.search).get("token");if(t){localStorage.setItem(u,t);let n=window.location.pathname+window.location.hash;window.history.replaceState({},document.title,n),window.location.reload()}},[])}var de=require("react");var a=require("react/jsx-runtime"),J=({className:e="",label:t="Register"})=>{let{register:n}=l();return(0,a.jsx)("button",{onClick:n,className:e,children:t})};function Q({className:e="",label:t="Login"}){let{login:n}=l();return(0,a.jsx)("button",{onClick:n,className:e,children:t})}function W({className:e="",label:t="LogOut"}){let{logout:n}=l();return(0,a.jsx)("button",{onClick:async()=>{await n()},className:e,children:t})}var ee=({children:e})=>{let{isAuthenticated:t}=l();return t?(0,a.jsx)(a.Fragment,{children:e}):null},te=({children:e})=>{let{isAuthenticated:t}=l();return t?null:(0,a.jsx)(a.Fragment,{children:e})};var I=A(require("axios"),1);async function oe(e){try{let t={[p]:e.env.ZENTRY_ORG_ID};e.token&&(t.Authorization=`Bearer ${e.token}`),e.cookie&&(t.Cookie=e.cookie);let n=await I.default.get(`${d}/auth/org/me`,{headers:t}),r=g(f).safeParse(n.data);if(!r.success)throw console.error("Invalid session data received from server:",r.error),new Error("Invalid session data received from Zentry server.");return r.data.data}catch(t){return console.error({error:t,message:"Failed to get session"}),null}}0&&(module.exports={Authenticated,LoginButton,LogoutButton,RegisterButton,UnAuthenticated,ZentryProvider,getServerSession,useZentry,useZentryCallbackSync});

package/dist/react/index.d.cts

@@ -0,0 +1,70 @@
+import * as React from 'react';
+import React__default, { ReactNode } from 'react';
+import { C as ClientEnv } from '../server-CZ-Exumw.cjs';
+export { G as GetServerSessionOptions, g as getServerSession } from '../server-CZ-Exumw.cjs';
+import { Z as ZentrySessionType } from '../zod-DbKYqexO.cjs';
+import 'zod';
+
+interface ZentryContextType {
+    isAuthenticated: boolean;
+    isLoading: boolean;
+    session: ZentrySessionType | null;
+    register: () => void;
+    login: () => void;
+    logout: () => Promise<void>;
+    getSessionToken: () => string | null;
+}
+interface ZentryProviderProps {
+    children: ReactNode;
+    env: Pick<ClientEnv, 'ZENTRY_ORG_ID' | 'ZENTRY_APP_CALLBACK_URL'>;
+}
+declare function ZentryProvider({ children, env }: ZentryProviderProps): React.JSX.Element;
+declare function useZentry(): ZentryContextType;
+/**
+ * Automatically captures, stores, and purges the token from the URL params.
+ */
+declare function useZentryCallbackSync(): void;
+
+interface ButtonProps {
+    className?: string;
+    label?: string;
+}
+/**
+ * @description Register Button
+ * @returns A button component
+ * @param className - The class name of the button
+ * @param label - The label of the button
+ * */
+declare const RegisterButton: ({ className, label }: ButtonProps) => React__default.JSX.Element;
+/**
+ * @description Login Button
+ * @returns A button component
+ * @param className - The class name of the button
+ * @param label - The label of the button
+ * */
+declare function LoginButton({ className, label }: ButtonProps): React__default.JSX.Element;
+/**
+ * @description Logout Button
+ * @returns A button component
+ * @param className - The class name of the button
+ * @param label - The label of the button
+ * */
+declare function LogoutButton({ className, label }: ButtonProps): React__default.JSX.Element;
+/**
+ * @description Authenticated Component
+ * @returns A component that renders its children if the user is authenticated
+ * @param children - The children to render if the user is authenticated
+ * */
+declare const Authenticated: ({ children }: {
+    children: React__default.ReactNode;
+}) => React__default.JSX.Element | null;
+/**
+ * @description UnAuthenticated Component
+ * @returns A component that renders its children if the user is not authenticated
+ * @param children - The children to render if the user is not authenticated
+ * */
+declare const UnAuthenticated: ({ children }: {
+    children: React__default.ReactNode;
+}) => React__default.JSX.Element | null;
+
+export { Authenticated, LoginButton, LogoutButton, RegisterButton, UnAuthenticated, ZentryProvider, type ZentryProviderProps, ZentrySessionType, useZentry, useZentryCallbackSync };

package/dist/react/index.d.ts

@@ -0,0 +1,70 @@
+import * as React from 'react';
+import React__default, { ReactNode } from 'react';
+import { C as ClientEnv } from '../server-OYDWuirO.js';
+export { G as GetServerSessionOptions, g as getServerSession } from '../server-OYDWuirO.js';
+import { Z as ZentrySessionType } from '../zod-DbKYqexO.js';
+import 'zod';
+
+interface ZentryContextType {
+    isAuthenticated: boolean;
+    isLoading: boolean;
+    session: ZentrySessionType | null;
+    register: () => void;
+    login: () => void;
+    logout: () => Promise<void>;
+    getSessionToken: () => string | null;
+}
+interface ZentryProviderProps {
+    children: ReactNode;
+    env: Pick<ClientEnv, 'ZENTRY_ORG_ID' | 'ZENTRY_APP_CALLBACK_URL'>;
+}
+declare function ZentryProvider({ children, env }: ZentryProviderProps): React.JSX.Element;
+declare function useZentry(): ZentryContextType;
+/**
+ * Automatically captures, stores, and purges the token from the URL params.
+ */
+declare function useZentryCallbackSync(): void;
+
+interface ButtonProps {
+    className?: string;
+    label?: string;
+}
+/**
+ * @description Register Button
+ * @returns A button component
+ * @param className - The class name of the button
+ * @param label - The label of the button
+ * */
+declare const RegisterButton: ({ className, label }: ButtonProps) => React__default.JSX.Element;
+/**
+ * @description Login Button
+ * @returns A button component
+ * @param className - The class name of the button
+ * @param label - The label of the button
+ * */
+declare function LoginButton({ className, label }: ButtonProps): React__default.JSX.Element;
+/**
+ * @description Logout Button
+ * @returns A button component
+ * @param className - The class name of the button
+ * @param label - The label of the button
+ * */
+declare function LogoutButton({ className, label }: ButtonProps): React__default.JSX.Element;
+/**
+ * @description Authenticated Component
+ * @returns A component that renders its children if the user is authenticated
+ * @param children - The children to render if the user is authenticated
+ * */
+declare const Authenticated: ({ children }: {
+    children: React__default.ReactNode;
+}) => React__default.JSX.Element | null;
+/**
+ * @description UnAuthenticated Component
+ * @returns A component that renders its children if the user is not authenticated
+ * @param children - The children to render if the user is not authenticated
+ * */
+declare const UnAuthenticated: ({ children }: {
+    children: React__default.ReactNode;
+}) => React__default.JSX.Element | null;
+
+export { Authenticated, LoginButton, LogoutButton, RegisterButton, UnAuthenticated, ZentryProvider, type ZentryProviderProps, ZentrySessionType, useZentry, useZentryCallbackSync };

package/dist/react/index.js

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+import{a as b}from"../chunk-OMDRZCFK.js";import{a as s,b as u,c as d,d as f,f as m,g as h}from"../chunk-SCUKQ3VA.js";import{createContext as x,useContext as T,useState as p,useEffect as v}from"react";import w from"axios";import{jsx as I}from"react/jsx-runtime";var g=()=>{if(typeof window>"u")return null;let e=localStorage.getItem(s);return typeof e!="string"?(console.error("No active token found or token is not a string"),null):e},R=e=>{typeof window>"u"||localStorage.removeItem(e)},S=x(void 0);function D({children:e,env:t}){let[o,a]=p(null),[A,c]=p(!1),[P,y]=p(!0),_=async()=>{let n=g();if(!n){y(!1),console.log("No active token found, skipping session sync");return}try{let N=await w.get(`${u}/auth/org/me`,{headers:{[f]:t.ZENTRY_ORG_ID,Authorization:`Bearer ${n}`}}),l=m(h).safeParse(N.data);if(!l.success)throw console.error("Invalid session data received from server:",l.error),new Error("Invalid session data received from Zentry server.");a(l.data.data),c(!0)}catch{R(s),a(null),c(!1)}finally{y(!1)}};v(()=>{_().then(()=>{console.log("Session synced")}).catch(n=>{console.error("Error syncing session:",n)})},[]);let k=()=>{window.location.href=`${d}/org/register?callbackUrl=${encodeURIComponent(t.ZENTRY_APP_CALLBACK_URL)}`},C=()=>{window.location.href=`${d}/org/login?callbackUrl=${encodeURIComponent(t.ZENTRY_APP_CALLBACK_URL)}`},E=async()=>{try{let n=g();if(!n){console.error("No active token found, skipping logout");return}await w.post(`${u}/auth/org/logout`,{},{headers:{[f]:t.ZENTRY_ORG_ID,Authorization:`Bearer ${n}`}}),R(s),a(null),c(!1),window.location.reload()}catch(n){console.error("Error logging out:",n)}},L=()=>g();return I(S.Provider,{value:{isAuthenticated:A,isLoading:P,session:o,login:C,logout:E,register:k,getSessionToken:L},children:e})}function r(){let e=T(S);if(!e)throw new Error("useZentry must be nested within a ZentryProvider");return e}function G(){v(()=>{if(typeof window>"u")return;let t=new URLSearchParams(window.location.search).get("token");if(t){localStorage.setItem(s,t);let o=window.location.pathname+window.location.hash;window.history.replaceState({},document.title,o),window.location.reload()}},[])}import"react";import{Fragment as Z,jsx as i}from"react/jsx-runtime";var J=({className:e="",label:t="Register"})=>{let{register:o}=r();return i("button",{onClick:o,className:e,children:t})};function M({className:e="",label:t="Login"}){let{login:o}=r();return i("button",{onClick:o,className:e,children:t})}function Q({className:e="",label:t="LogOut"}){let{logout:o}=r();return i("button",{onClick:async()=>{await o()},className:e,children:t})}var V=({children:e})=>{let{isAuthenticated:t}=r();return t?i(Z,{children:e}):null},W=({children:e})=>{let{isAuthenticated:t}=r();return t?null:i(Z,{children:e})};export{V as Authenticated,M as LoginButton,Q as LogoutButton,J as RegisterButton,W as UnAuthenticated,D as ZentryProvider,b as getServerSession,r as useZentry,G as useZentryCallbackSync};

package/dist/react/server.cjs

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+"use strict";var S=Object.create;var s=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var v=Object.getOwnPropertyNames;var h=Object.getPrototypeOf,E=Object.prototype.hasOwnProperty;var y=(t,r)=>{for(var o in r)s(t,o,{get:r[o],enumerable:!0})},a=(t,r,o,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let n of v(r))!E.call(t,n)&&n!==o&&s(t,n,{get:()=>r[n],enumerable:!(i=g(r,n))||i.enumerable});return t};var _=(t,r,o)=>(o=t!=null?S(h(t)):{},a(r||!t||!t.__esModule?s(o,"default",{value:t,enumerable:!0}):o,t)),x=t=>a(s({},"__esModule",{value:!0}),t);var b={};y(b,{getServerSession:()=>T});module.exports=x(b);var u=_(require("axios"),1);var c="http://localhost:5000/api/v1";var m="X-Zentry-Org-ID";var e=require("zod"),p=e.z.string().min(1),A=e.z.enum(["CREDENTIAL","OAUTH"]),R=e.z.enum(["LOCAL","GOOGLE"]),f=e.z.enum(["ADMIN","MEMBER"]),I=e.z.unknown(),O=e.z.object({id:e.z.uuid(),email:e.z.email(),firstName:e.z.string(),lastName:e.z.string(),emailVerified:e.z.boolean(),imageUrl:e.z.string().nullable(),createdAt:p,updatedAt:p}),D={status_code:e.z.number().int().nonnegative(),message:e.z.string()},l=t=>e.z.object({success:e.z.literal(!0),...D,data:t}),d=e.z.object({user:O,org:e.z.object({id:e.z.uuid(),name:e.z.string()}),membership:e.z.object({id:e.z.uuid(),role:f,isBanned:e.z.boolean(),permissions:I.nullable()}),account:e.z.object({id:e.z.uuid(),provider:R,providerType:A,accountId:e.z.string(),providerAvatarUrl:e.z.string().nullable()})});async function T(t){try{let r={[m]:t.env.ZENTRY_ORG_ID};t.token&&(r.Authorization=`Bearer ${t.token}`),t.cookie&&(r.Cookie=t.cookie);let o=await u.default.get(`${c}/auth/org/me`,{headers:r}),n=l(d).safeParse(o.data);if(!n.success)throw console.error("Invalid session data received from server:",n.error),new Error("Invalid session data received from Zentry server.");return n.data.data}catch(r){return console.error({error:r,message:"Failed to get session"}),null}}0&&(module.exports={getServerSession});

package/dist/react/server.d.cts

@@ -0,0 +1,3 @@
+export { G as GetServerSessionOptions, g as getServerSession } from '../server-CZ-Exumw.cjs';
+import '../zod-DbKYqexO.cjs';
+import 'zod';

package/dist/react/server.d.ts

@@ -0,0 +1,3 @@
+export { G as GetServerSessionOptions, g as getServerSession } from '../server-OYDWuirO.js';
+import '../zod-DbKYqexO.js';
+import 'zod';

package/dist/react/server.js

@@ -0,0 +1,2 @@
+// Zentry Engine Core Pipeline Output
+import{a}from"../chunk-OMDRZCFK.js";import"../chunk-SCUKQ3VA.js";export{a as getServerSession};

package/dist/server-CZ-Exumw.d.cts

@@ -0,0 +1,100 @@
+import { z } from 'zod';
+import { Z as ZentrySessionType } from './zod-DbKYqexO.cjs';
+
+declare const ClientEnvSchema: z.ZodObject<{
+    ZENTRY_ORG_ID: z.ZodString;
+    ZENTRY_APP_CALLBACK_URL: z.ZodString;
+    ZENTRY_API_BASE_URL: z.ZodOptional<z.ZodString>;
+    ZENTRY_UI_BASE_URL: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+type ClientEnv = z.infer<typeof ClientEnvSchema>;
+
+interface GetServerSessionOptions {
+    env: Pick<ClientEnv, 'ZENTRY_ORG_ID'>;
+    token?: string;
+    cookie?: string;
+}
+/**
+ * @description This function is used to get the session
+ * @returns {Promise<ZentrySessionType | null>} The session or null if not found.
+ * @throws {Error} If the session is not found or if there is an error.
+ * @remarks
+ * Server-side code cannot read browser `localStorage`, so the caller must forward either:
+ * - the user's Bearer token, or
+ * - the incoming `Cookie` header
+ *
+ * This function uses `X-Zentry-Org-ID` as public org context and validates the user session
+ * through the forwarded Bearer token or cookie.
+ *
+ * @example TanStack Start client hook passing the token into a server function:
+ * ```tsx
+ * import { createServerFn } from '@tanstack/react-start';
+ * import { getServerSession } from '@zentry/sdk/react/server';
+ * import { useZentry } from '@zentry/sdk/react';
+ *
+ * export const getCurrentSession = createServerFn({ method: 'POST' })
+ *   .validator((token: string) => token)
+ *   .handler(async ({ data }) => {
+ *     return getServerSession({
+ *       env: {
+ *         ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+ *       },
+ *       token: data,
+ *     });
+ *   });
+ *
+ * export function SessionGate() {
+ *   const { getSessionToken } = useZentry();
+ *
+ *   async function handleLoadSession() {
+ *     const token = getSessionToken();
+ *     if (!token) return null;
+ *
+ *     return getCurrentSession({ data: token });
+ *   }
+ *
+ *   return <button onClick={handleLoadSession}>Load session</button>;
+ * }
+ * ```
+ * @example Next.js Server Component using cookies:
+ * ```tsx
+ * import { cookies } from 'next/headers';
+ * import { getServerSession } from '@zentry/sdk/react/server';
+ *
+ * async function fetchSession() {
+ *   const cookieStore = await cookies();
+ *   const session = await getServerSession({
+ *     env: {
+ *       ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+ *     },
+ *     cookie: cookieStore.toString(),
+ *   });
+ *
+ *   if (!session) {
+ *      return <div>No session found</div>;
+ *   }
+ *
+ *   return (
+ *      <div>
+ *        <h1>Welcome, {session.user.firstName}!</h1>
+ *      </div>
+ *  );
+ * }
+ * ```
+ * @example Server function using a Bearer token:
+ * ```ts
+ * import { getServerSession } from '@zentry/sdk/react/server';
+ *
+ * export async function loadUserSession(token: string) {
+ *   return getServerSession({
+ *     env: {
+ *       ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+ *     },
+ *     token,
+ *   });
+ * }
+ * ```
+ * */
+declare function getServerSession(options: GetServerSessionOptions): Promise<ZentrySessionType | null>;
+
+export { type ClientEnv as C, type GetServerSessionOptions as G, getServerSession as g };

package/dist/server-OYDWuirO.d.ts

@@ -0,0 +1,100 @@
+import { z } from 'zod';
+import { Z as ZentrySessionType } from './zod-DbKYqexO.js';
+
+declare const ClientEnvSchema: z.ZodObject<{
+    ZENTRY_ORG_ID: z.ZodString;
+    ZENTRY_APP_CALLBACK_URL: z.ZodString;
+    ZENTRY_API_BASE_URL: z.ZodOptional<z.ZodString>;
+    ZENTRY_UI_BASE_URL: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+type ClientEnv = z.infer<typeof ClientEnvSchema>;
+
+interface GetServerSessionOptions {
+    env: Pick<ClientEnv, 'ZENTRY_ORG_ID'>;
+    token?: string;
+    cookie?: string;
+}
+/**
+ * @description This function is used to get the session
+ * @returns {Promise<ZentrySessionType | null>} The session or null if not found.
+ * @throws {Error} If the session is not found or if there is an error.
+ * @remarks
+ * Server-side code cannot read browser `localStorage`, so the caller must forward either:
+ * - the user's Bearer token, or
+ * - the incoming `Cookie` header
+ *
+ * This function uses `X-Zentry-Org-ID` as public org context and validates the user session
+ * through the forwarded Bearer token or cookie.
+ *
+ * @example TanStack Start client hook passing the token into a server function:
+ * ```tsx
+ * import { createServerFn } from '@tanstack/react-start';
+ * import { getServerSession } from '@zentry/sdk/react/server';
+ * import { useZentry } from '@zentry/sdk/react';
+ *
+ * export const getCurrentSession = createServerFn({ method: 'POST' })
+ *   .validator((token: string) => token)
+ *   .handler(async ({ data }) => {
+ *     return getServerSession({
+ *       env: {
+ *         ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+ *       },
+ *       token: data,
+ *     });
+ *   });
+ *
+ * export function SessionGate() {
+ *   const { getSessionToken } = useZentry();
+ *
+ *   async function handleLoadSession() {
+ *     const token = getSessionToken();
+ *     if (!token) return null;
+ *
+ *     return getCurrentSession({ data: token });
+ *   }
+ *
+ *   return <button onClick={handleLoadSession}>Load session</button>;
+ * }
+ * ```
+ * @example Next.js Server Component using cookies:
+ * ```tsx
+ * import { cookies } from 'next/headers';
+ * import { getServerSession } from '@zentry/sdk/react/server';
+ *
+ * async function fetchSession() {
+ *   const cookieStore = await cookies();
+ *   const session = await getServerSession({
+ *     env: {
+ *       ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+ *     },
+ *     cookie: cookieStore.toString(),
+ *   });
+ *
+ *   if (!session) {
+ *      return <div>No session found</div>;
+ *   }
+ *
+ *   return (
+ *      <div>
+ *        <h1>Welcome, {session.user.firstName}!</h1>
+ *      </div>
+ *  );
+ * }
+ * ```
+ * @example Server function using a Bearer token:
+ * ```ts
+ * import { getServerSession } from '@zentry/sdk/react/server';
+ *
+ * export async function loadUserSession(token: string) {
+ *   return getServerSession({
+ *     env: {
+ *       ZENTRY_ORG_ID: process.env.ZENTRY_ORG_ID!,
+ *     },
+ *     token,
+ *   });
+ * }
+ * ```
+ * */
+declare function getServerSession(options: GetServerSessionOptions): Promise<ZentrySessionType | null>;
+
+export { type ClientEnv as C, type GetServerSessionOptions as G, getServerSession as g };

package/dist/zod-DbKYqexO.d.cts

@@ -0,0 +1,43 @@
+import { z } from 'zod';
+
+declare const ZentrySessionSchema: z.ZodObject<{
+    user: z.ZodObject<{
+        id: z.ZodUUID;
+        email: z.ZodEmail;
+        firstName: z.ZodString;
+        lastName: z.ZodString;
+        emailVerified: z.ZodBoolean;
+        imageUrl: z.ZodNullable<z.ZodString>;
+        createdAt: z.ZodString;
+        updatedAt: z.ZodString;
+    }, z.core.$strip>;
+    org: z.ZodObject<{
+        id: z.ZodUUID;
+        name: z.ZodString;
+    }, z.core.$strip>;
+    membership: z.ZodObject<{
+        id: z.ZodUUID;
+        role: z.ZodEnum<{
+            ADMIN: "ADMIN";
+            MEMBER: "MEMBER";
+        }>;
+        isBanned: z.ZodBoolean;
+        permissions: z.ZodNullable<z.ZodUnknown>;
+    }, z.core.$strip>;
+    account: z.ZodObject<{
+        id: z.ZodUUID;
+        provider: z.ZodEnum<{
+            LOCAL: "LOCAL";
+            GOOGLE: "GOOGLE";
+        }>;
+        providerType: z.ZodEnum<{
+            CREDENTIAL: "CREDENTIAL";
+            OAUTH: "OAUTH";
+        }>;
+        accountId: z.ZodString;
+        providerAvatarUrl: z.ZodNullable<z.ZodString>;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+type ZentrySessionType = z.infer<typeof ZentrySessionSchema>;
+
+export type { ZentrySessionType as Z };

package/dist/zod-DbKYqexO.d.ts

@@ -0,0 +1,43 @@
+import { z } from 'zod';
+
+declare const ZentrySessionSchema: z.ZodObject<{
+    user: z.ZodObject<{
+        id: z.ZodUUID;
+        email: z.ZodEmail;
+        firstName: z.ZodString;
+        lastName: z.ZodString;
+        emailVerified: z.ZodBoolean;
+        imageUrl: z.ZodNullable<z.ZodString>;
+        createdAt: z.ZodString;
+        updatedAt: z.ZodString;
+    }, z.core.$strip>;
+    org: z.ZodObject<{
+        id: z.ZodUUID;
+        name: z.ZodString;
+    }, z.core.$strip>;
+    membership: z.ZodObject<{
+        id: z.ZodUUID;
+        role: z.ZodEnum<{
+            ADMIN: "ADMIN";
+            MEMBER: "MEMBER";
+        }>;
+        isBanned: z.ZodBoolean;
+        permissions: z.ZodNullable<z.ZodUnknown>;
+    }, z.core.$strip>;
+    account: z.ZodObject<{
+        id: z.ZodUUID;
+        provider: z.ZodEnum<{
+            LOCAL: "LOCAL";
+            GOOGLE: "GOOGLE";
+        }>;
+        providerType: z.ZodEnum<{
+            CREDENTIAL: "CREDENTIAL";
+            OAUTH: "OAUTH";
+        }>;
+        accountId: z.ZodString;
+        providerAvatarUrl: z.ZodNullable<z.ZodString>;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+type ZentrySessionType = z.infer<typeof ZentrySessionSchema>;
+
+export type { ZentrySessionType as Z };

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@zentry-org/sdk",
+  "version": "0.0.1",
+  "type": "module",
+  "files": [
+    "dist"
+  ],
+  "author": "Kavinda Rathnayake",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/kavinda-100/zentry"
+  },
+  "bugs": {
+    "url": "https://github.com/kavinda-100/zentry/issues"
+  },
+  "homepage": "https://github.com/kavinda-100/zentry#readme",
+  "exports": {
+    "./react": {
+      "types": "./dist/react/index.d.ts",
+      "import": "./dist/react/index.js",
+      "require": "./dist/react/index.cjs"
+    },
+    "./react-server": {
+      "types": "./dist/react/server.d.ts",
+      "import": "./dist/react/server.js",
+      "require": "./dist/react/server.cjs"
+    },
+    "./node": {
+      "types": "./dist/node/index.d.ts",
+      "import": "./dist/node/index.js",
+      "require": "./dist/node/index.cjs"
+    }
+  },
+  "scripts": {
+    "build": "tsup"
+  },
+  "peerDependencies": {
+    "express": "^4.19.0 || ^5.0.0",
+    "react": "^18.0.0 || ^19.0.0"
+  },
+  "dependencies": {
+    "axios": "^1.18.0",
+    "react-dom": "^19.2.7",
+    "tsup": "^8.5.1",
+    "zod": "^4.4.3"
+  },
+  "devDependencies": {
+    "@types/express": "^5.0.6",
+    "@types/node": "^26.0.0",
+    "@types/react": "^19.2.17",
+    "typescript": "^6.0.3"
+  }
+}