anzar 1.2.10 → 1.3.6

package/README.md

@@ -61,9 +61,11 @@ Anzar provides authentication support for email and password.
 ### Sign Up
 To sign up a user you need to call the method register with the user's information.
 ```typescript
+import type { AuthResult } from "anzar/types";
+
 try {
-    const response = await anzar.Auth.register({ username, email, password });
-    const data: AuthResponse = response.data;
+    const data: AuthResult = await anzar.Auth.register({ username, email, password });
+    console.log(data);
 } catch (e) {
     const message = e.response?.data?.message ?? "An unknown error occurred";
     console.log(message);
@@ -76,9 +78,11 @@ try {
 ### Sign In
 To sign in a user you need to call the method login.
 ```typescript
+import type { AuthResult } from "anzar/types";
+
 try {
-    const response = await anzar.Auth.login({ email, password });
-    const data: AuthResponse = response.data;
+    const data: AuthResult = await anzar.Auth.login({ email, password });
+    console.log(data);
 } catch (e) {
     const message = e.response?.data?.message ?? "An unknown error occurred";
     console.log(message);

package/dist/adapters/index.d.cts

@@ -1,4 +1,4 @@
-import { B as BaseStorage, S as SessionTokens } from '../base_storage-CQKHFbrb.cjs';
+import { B as BaseStorage, S as SessionTokens } from '../base_storage-BnHsA4fU.cjs';
 
 declare class LocalStorage implements BaseStorage {
     getToken(): string | null;

package/dist/adapters/index.d.ts

@@ -1,4 +1,4 @@
-import { B as BaseStorage, S as SessionTokens } from '../base_storage-CQKHFbrb.js';
+import { B as BaseStorage, S as SessionTokens } from '../base_storage-BnHsA4fU.js';
 
 declare class LocalStorage implements BaseStorage {
     getToken(): string | null;

package/dist/{base_storage-CQKHFbrb.d.cts → base_storage-BnHsA4fU.d.cts}

@@ -9,9 +9,14 @@
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
+/**
+ * SessionTokens model
+ */
 interface SessionTokens {
     'access': string;
+    'expires_in': number;
     'refresh': string;
+    'token_type': string;
 }
 
 interface BaseStorage {

package/dist/{base_storage-CQKHFbrb.d.ts → base_storage-BnHsA4fU.d.ts}

@@ -9,9 +9,14 @@
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
+/**
+ * SessionTokens model
+ */
 interface SessionTokens {
     'access': string;
+    'expires_in': number;
     'refresh': string;
+    'token_type': string;
 }
 
 interface BaseStorage {

package/dist/index-BZFSacf5.d.cts

@@ -0,0 +1,63 @@
+/**
+ * Anzar Software API
+ * REST API for the Anzar platform. All protected routes require a Bearer token.
+ *
+ * The version of the OpenAPI document: 0.6.2
+ * Contact: dev@anzar.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+declare const Role: {
+    readonly User: "User";
+    readonly Admin: "Admin";
+};
+type Role = typeof Role[keyof typeof Role];
+
+/**
+ * Anzar Software API
+ * REST API for the Anzar platform. All protected routes require a Bearer token.
+ *
+ * The version of the OpenAPI document: 0.6.2
+ * Contact: dev@anzar.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+interface User {
+    '_id'?: string | null;
+    'createdAt': string;
+    'email': string;
+    'role': Role;
+    'username': string;
+    'verified': boolean;
+}
+
+/**
+ * Anzar Software API
+ * REST API for the Anzar platform. All protected routes require a Bearer token.
+ *
+ * The version of the OpenAPI document: 0.6.2
+ * Contact: dev@anzar.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Verification model
+ */
+interface Verification {
+    'link': string;
+    'token': string;
+}
+
+interface AuthResult {
+    user: User;
+    verification?: Verification | null;
+}
+
+export type { AuthResult as A, User as U, Verification as V };

package/dist/index-BZFSacf5.d.ts

@@ -0,0 +1,63 @@
+/**
+ * Anzar Software API
+ * REST API for the Anzar platform. All protected routes require a Bearer token.
+ *
+ * The version of the OpenAPI document: 0.6.2
+ * Contact: dev@anzar.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+declare const Role: {
+    readonly User: "User";
+    readonly Admin: "Admin";
+};
+type Role = typeof Role[keyof typeof Role];
+
+/**
+ * Anzar Software API
+ * REST API for the Anzar platform. All protected routes require a Bearer token.
+ *
+ * The version of the OpenAPI document: 0.6.2
+ * Contact: dev@anzar.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+interface User {
+    '_id'?: string | null;
+    'createdAt': string;
+    'email': string;
+    'role': Role;
+    'username': string;
+    'verified': boolean;
+}
+
+/**
+ * Anzar Software API
+ * REST API for the Anzar platform. All protected routes require a Bearer token.
+ *
+ * The version of the OpenAPI document: 0.6.2
+ * Contact: dev@anzar.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Verification model
+ */
+interface Verification {
+    'link': string;
+    'token': string;
+}
+
+interface AuthResult {
+    user: User;
+    verification?: Verification | null;
+}
+
+export type { AuthResult as A, User as U, Verification as V };

package/dist/index.cjs

@@ -68,14 +68,31 @@ var AuthModule = class {
     this.strategy = strategy;
     this.options = options;
   }
-  login(body) {
-    return this.authApi.login(body);
+  async login(body) {
+    const response = await this.authApi.login(body);
+    const auth_response = response.data;
+    if (auth_response.tokens) {
+      this.options?.storage.onTokenRefresh?.(auth_response.tokens);
+    }
+    return {
+      user: auth_response.user,
+      verification: auth_response.verification
+    };
   }
-  register(body) {
-    return this.authApi.register(body);
+  async register(body) {
+    const response = await this.authApi.register(body);
+    const auth_response = response.data;
+    if (auth_response.tokens) {
+      this.options?.storage.onTokenRefresh?.(auth_response.tokens);
+    }
+    return {
+      user: auth_response.user,
+      verification: auth_response.verification
+    };
   }
   async logout() {
-    await this.authApi.logout();
+    const refreshToken = this.options?.storage.getRefreshToken();
+    await this.authApi.logout({ refresh_token: refreshToken ?? "" });
     this.options?.storage.onLogout?.();
   }
   resetPassword(body) {
@@ -92,16 +109,27 @@ var AuthModule = class {
       throw false;
     }
   }
-  session() {
+  async session() {
     if (this.strategy !== "Session" /* Session */) {
       throw new Error("session() is only available with Session auth strategy");
     }
-    return this.authApi.getSession();
+    const response = await this.authApi.getSession();
+    return response.data;
   }
 };
 
 // src/api/interceptor.ts
 var JwtInterceptor = class {
+  isRefreshing = false;
+  waitingQueue = [];
+  drainQueue(token) {
+    this.waitingQueue.forEach(({ resolve }) => resolve(token));
+    this.waitingQueue = [];
+  }
+  rejectQueue(error) {
+    this.waitingQueue.forEach(({ reject }) => reject(error));
+    this.waitingQueue = [];
+  }
   apply(axiosInstance, options) {
     const REFRESH_URI = "/auth/refresh-token";
     axiosInstance.interceptors.request.use(
@@ -113,7 +141,6 @@ var JwtInterceptor = class {
         return config;
       },
       (error) => {
-        console.error("Request error:", error);
         return Promise.reject(error);
       }
     );
@@ -121,27 +148,39 @@ var JwtInterceptor = class {
       (response) => response,
       async (error) => {
         const originalRequest = error.config;
-        if (error.response?.status === 401 && !originalRequest._retry && !originalRequest.url?.includes(REFRESH_URI)) {
-          originalRequest._retry = true;
-          try {
-            const refreshToken = options?.storage.getRefreshToken();
-            const response = await axiosInstance.post(
-              REFRESH_URI,
-              {},
-              { headers: { "x-refresh-token": `Bearer ${refreshToken}` } }
-            );
-            const auth_response = response.data;
-            if (auth_response.tokens) {
-              options?.storage.onTokenRefresh?.(auth_response.tokens);
-            }
-            originalRequest.headers.Authorization = `Bearer ${auth_response.tokens?.access}`;
+        if (error.response?.status !== 401 || originalRequest._retry || originalRequest.url?.includes(REFRESH_URI)) {
+          return Promise.reject(error);
+        }
+        if (this.isRefreshing) {
+          return new Promise((resolve, reject) => {
+            this.waitingQueue.push({ resolve, reject });
+          }).then((newToken) => {
+            originalRequest.headers.Authorization = `Bearer ${newToken}`;
             return axiosInstance(originalRequest);
-          } catch (e) {
-            options?.storage.onSessionExpired?.();
-            return Promise.reject(e);
+          });
+        }
+        originalRequest._retry = true;
+        this.isRefreshing = true;
+        try {
+          const refreshToken = options?.storage.getRefreshToken();
+          if (!refreshToken) return Promise.reject(error);
+          const response = await axiosInstance.post(REFRESH_URI, {
+            refresh_token: refreshToken
+          });
+          const auth_response = response.data;
+          if (auth_response.tokens) {
+            options?.storage.onTokenRefresh?.(auth_response.tokens);
           }
+          this.drainQueue(auth_response.tokens?.access);
+          originalRequest.headers.Authorization = `Bearer ${auth_response.tokens?.access}`;
+          return axiosInstance(originalRequest);
+        } catch (e) {
+          this.rejectQueue(e);
+          options?.storage.onSessionExpired?.();
+          return Promise.reject(e);
+        } finally {
+          this.isRefreshing = false;
         }
-        return Promise.reject(error);
       }
     );
   }
@@ -292,10 +331,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
     /**
      * Invalidates the current session and refresh token. The client should discard stored tokens.
      * @summary Logout
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    logout: async (options = {}) => {
+    logout: async (refreshTokenRequest, options = {}) => {
+      assertParamExists("logout", "refreshTokenRequest", refreshTokenRequest);
       const localVarPath = `/auth/logout`;
       const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
       let baseOptions;
@@ -306,10 +347,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
       const localVarHeaderParameter = {};
       const localVarQueryParameter = {};
       await setBearerAuthToObject(localVarHeaderParameter, configuration);
+      localVarHeaderParameter["Content-Type"] = "application/json";
       localVarHeaderParameter["Accept"] = "application/json";
       setSearchParams(localVarUrlObj, localVarQueryParameter);
       let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
       localVarRequestOptions.headers = { ...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers };
+      localVarRequestOptions.data = serializeDataIfNeeded(refreshTokenRequest, localVarRequestOptions, configuration);
       return {
         url: toPathString(localVarUrlObj),
         options: localVarRequestOptions
@@ -318,10 +361,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
     /**
      * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
      * @summary Refresh access token
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    refreshToken: async (options = {}) => {
+    refreshToken: async (refreshTokenRequest, options = {}) => {
+      assertParamExists("refreshToken", "refreshTokenRequest", refreshTokenRequest);
       const localVarPath = `/auth/refresh-token`;
       const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
       let baseOptions;
@@ -332,10 +377,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
       const localVarHeaderParameter = {};
       const localVarQueryParameter = {};
       await setBearerAuthToObject(localVarHeaderParameter, configuration);
+      localVarHeaderParameter["Content-Type"] = "application/json";
       localVarHeaderParameter["Accept"] = "application/json";
       setSearchParams(localVarUrlObj, localVarQueryParameter);
       let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
       localVarRequestOptions.headers = { ...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers };
+      localVarRequestOptions.data = serializeDataIfNeeded(refreshTokenRequest, localVarRequestOptions, configuration);
       return {
         url: toPathString(localVarUrlObj),
         options: localVarRequestOptions
@@ -493,11 +540,12 @@ var AuthApiFp = function(configuration) {
     /**
      * Invalidates the current session and refresh token. The client should discard stored tokens.
      * @summary Logout
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    async logout(options) {
-      const localVarAxiosArgs = await localVarAxiosParamCreator.logout(options);
+    async logout(refreshTokenRequest, options) {
+      const localVarAxiosArgs = await localVarAxiosParamCreator.logout(refreshTokenRequest, options);
       const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
       const localVarOperationServerBasePath = operationServerMap["AuthApi.logout"]?.[localVarOperationServerIndex]?.url;
       return (axios3, basePath) => createRequestFunction(localVarAxiosArgs, import_axios3.default, BASE_PATH, configuration)(axios3, localVarOperationServerBasePath || basePath);
@@ -505,11 +553,12 @@ var AuthApiFp = function(configuration) {
     /**
      * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
      * @summary Refresh access token
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    async refreshToken(options) {
-      const localVarAxiosArgs = await localVarAxiosParamCreator.refreshToken(options);
+    async refreshToken(refreshTokenRequest, options) {
+      const localVarAxiosArgs = await localVarAxiosParamCreator.refreshToken(refreshTokenRequest, options);
       const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
       const localVarOperationServerBasePath = operationServerMap["AuthApi.refreshToken"]?.[localVarOperationServerIndex]?.url;
       return (axios3, basePath) => createRequestFunction(localVarAxiosArgs, import_axios3.default, BASE_PATH, configuration)(axios3, localVarOperationServerBasePath || basePath);
@@ -591,20 +640,22 @@ var AuthApi = class extends BaseAPI {
   /**
    * Invalidates the current session and refresh token. The client should discard stored tokens.
    * @summary Logout
+   * @param {RefreshTokenRequest} refreshTokenRequest 
    * @param {*} [options] Override http request option.
    * @throws {RequiredError}
    */
-  logout(options) {
-    return AuthApiFp(this.configuration).logout(options).then((request) => request(this.axios, this.basePath));
+  logout(refreshTokenRequest, options) {
+    return AuthApiFp(this.configuration).logout(refreshTokenRequest, options).then((request) => request(this.axios, this.basePath));
   }
   /**
    * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
    * @summary Refresh access token
+   * @param {RefreshTokenRequest} refreshTokenRequest 
    * @param {*} [options] Override http request option.
    * @throws {RequiredError}
    */
-  refreshToken(options) {
-    return AuthApiFp(this.configuration).refreshToken(options).then((request) => request(this.axios, this.basePath));
+  refreshToken(refreshTokenRequest, options) {
+    return AuthApiFp(this.configuration).refreshToken(refreshTokenRequest, options).then((request) => request(this.axios, this.basePath));
   }
   /**
    * Creates a new user account. Sends a verification email upon successful registration.

package/dist/index.d.cts

@@ -1,6 +1,7 @@
 import * as axios from 'axios';
-import { AxiosInstance, RawAxiosRequestConfig, AxiosResponse } from 'axios';
-import { S as SessionTokens, B as BaseStorage } from './base_storage-CQKHFbrb.cjs';
+import { AxiosInstance, RawAxiosRequestConfig } from 'axios';
+import { S as SessionTokens, B as BaseStorage } from './base_storage-BnHsA4fU.cjs';
+import { U as User, V as Verification, A as AuthResult } from './index-BZFSacf5.cjs';
 
 /**
  * Anzar Software API
@@ -119,23 +120,6 @@ declare class BaseAPI {
     constructor(configuration?: Configuration, basePath?: string, axios?: AxiosInstance);
 }
 
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.6.2
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const Role: {
-    readonly User: "User";
-    readonly Admin: "Admin";
-};
-type Role = typeof Role[keyof typeof Role];
-
 /**
  * Anzar Software API
  * REST API for the Anzar platform. All protected routes require a Bearer token.
@@ -148,32 +132,10 @@ type Role = typeof Role[keyof typeof Role];
  * Do not edit the class manually.
  */
 
-interface User {
-    '_id'?: string | null;
-    'createdAt': string;
-    'email': string;
-    'role': Role;
-    'username': string;
-    'verified': boolean;
-}
-
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.6.2
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-/**
- * Verification model
- */
-interface Verification {
-    'link': string;
-    'token': string;
+interface AuthResponse {
+    'tokens'?: SessionTokens | null;
+    'user': User;
+    'verification'?: Verification | null;
 }
 
 /**
@@ -187,11 +149,8 @@ interface Verification {
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
-
-interface AuthResponse {
-    'tokens'?: SessionTokens | null;
-    'user': User;
-    'verification'?: Verification | null;
+interface EmailRequest {
+    'email': string;
 }
 
 /**
@@ -205,8 +164,9 @@ interface AuthResponse {
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
-interface EmailRequest {
+interface LoginRequest {
     'email': string;
+    'password': string;
 }
 
 /**
@@ -220,9 +180,8 @@ interface EmailRequest {
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
-interface LoginRequest {
-    'email': string;
-    'password': string;
+interface RefreshTokenRequest {
+    'refresh_token': string;
 }
 
 /**
@@ -332,17 +291,19 @@ declare class AuthApi extends BaseAPI {
     /**
      * Invalidates the current session and refresh token. The client should discard stored tokens.
      * @summary Logout
+     * @param {RefreshTokenRequest} refreshTokenRequest
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    logout(options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<void, any, {}>>;
+    logout(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<void, any, {}>>;
     /**
      * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
      * @summary Refresh access token
+     * @param {RefreshTokenRequest} refreshTokenRequest
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    refreshToken(options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<AuthResponse, any, {}>>;
+    refreshToken(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<AuthResponse, any, {}>>;
     /**
      * Creates a new user account. Sends a verification email upon successful registration.
      * @summary Register a new user
@@ -484,12 +445,12 @@ declare class AuthModule {
     private readonly strategy;
     private readonly options?;
     constructor(authApi: AuthApi, userApi: UsersApi, strategy: AuthStrategy, options?: SdkOptions | undefined);
-    login(body: LoginRequest): Promise<AxiosResponse<AuthResponse, any, {}>>;
-    register(body: RegisterRequest): Promise<AxiosResponse<AuthResponse, any, {}>>;
+    login(body: LoginRequest): Promise<AuthResult>;
+    register(body: RegisterRequest): Promise<AuthResult>;
     logout(): Promise<void>;
     resetPassword(body: EmailRequest): void;
     isAuthenticated(): Promise<boolean>;
-    session(): Promise<AxiosResponse<Session, any, {}>>;
+    session(): Promise<Session>;
 }
 
 declare class Anzar {

package/dist/index.d.ts

@@ -1,6 +1,7 @@
 import * as axios from 'axios';
-import { AxiosInstance, RawAxiosRequestConfig, AxiosResponse } from 'axios';
-import { S as SessionTokens, B as BaseStorage } from './base_storage-CQKHFbrb.js';
+import { AxiosInstance, RawAxiosRequestConfig } from 'axios';
+import { S as SessionTokens, B as BaseStorage } from './base_storage-BnHsA4fU.js';
+import { U as User, V as Verification, A as AuthResult } from './index-BZFSacf5.js';
 
 /**
  * Anzar Software API
@@ -119,23 +120,6 @@ declare class BaseAPI {
     constructor(configuration?: Configuration, basePath?: string, axios?: AxiosInstance);
 }
 
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.6.2
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const Role: {
-    readonly User: "User";
-    readonly Admin: "Admin";
-};
-type Role = typeof Role[keyof typeof Role];
-
 /**
  * Anzar Software API
  * REST API for the Anzar platform. All protected routes require a Bearer token.
@@ -148,32 +132,10 @@ type Role = typeof Role[keyof typeof Role];
  * Do not edit the class manually.
  */
 
-interface User {
-    '_id'?: string | null;
-    'createdAt': string;
-    'email': string;
-    'role': Role;
-    'username': string;
-    'verified': boolean;
-}
-
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.6.2
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-/**
- * Verification model
- */
-interface Verification {
-    'link': string;
-    'token': string;
+interface AuthResponse {
+    'tokens'?: SessionTokens | null;
+    'user': User;
+    'verification'?: Verification | null;
 }
 
 /**
@@ -187,11 +149,8 @@ interface Verification {
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
-
-interface AuthResponse {
-    'tokens'?: SessionTokens | null;
-    'user': User;
-    'verification'?: Verification | null;
+interface EmailRequest {
+    'email': string;
 }
 
 /**
@@ -205,8 +164,9 @@ interface AuthResponse {
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
-interface EmailRequest {
+interface LoginRequest {
     'email': string;
+    'password': string;
 }
 
 /**
@@ -220,9 +180,8 @@ interface EmailRequest {
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
-interface LoginRequest {
-    'email': string;
-    'password': string;
+interface RefreshTokenRequest {
+    'refresh_token': string;
 }
 
 /**
@@ -332,17 +291,19 @@ declare class AuthApi extends BaseAPI {
     /**
      * Invalidates the current session and refresh token. The client should discard stored tokens.
      * @summary Logout
+     * @param {RefreshTokenRequest} refreshTokenRequest
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    logout(options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<void, any, {}>>;
+    logout(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<void, any, {}>>;
     /**
      * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
      * @summary Refresh access token
+     * @param {RefreshTokenRequest} refreshTokenRequest
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    refreshToken(options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<AuthResponse, any, {}>>;
+    refreshToken(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<AuthResponse, any, {}>>;
     /**
      * Creates a new user account. Sends a verification email upon successful registration.
      * @summary Register a new user
@@ -484,12 +445,12 @@ declare class AuthModule {
     private readonly strategy;
     private readonly options?;
     constructor(authApi: AuthApi, userApi: UsersApi, strategy: AuthStrategy, options?: SdkOptions | undefined);
-    login(body: LoginRequest): Promise<AxiosResponse<AuthResponse, any, {}>>;
-    register(body: RegisterRequest): Promise<AxiosResponse<AuthResponse, any, {}>>;
+    login(body: LoginRequest): Promise<AuthResult>;
+    register(body: RegisterRequest): Promise<AuthResult>;
     logout(): Promise<void>;
     resetPassword(body: EmailRequest): void;
     isAuthenticated(): Promise<boolean>;
-    session(): Promise<AxiosResponse<Session, any, {}>>;
+    session(): Promise<Session>;
 }
 
 declare class Anzar {

package/dist/index.js

@@ -14,14 +14,31 @@ var AuthModule = class {
     this.strategy = strategy;
     this.options = options;
   }
-  login(body) {
-    return this.authApi.login(body);
+  async login(body) {
+    const response = await this.authApi.login(body);
+    const auth_response = response.data;
+    if (auth_response.tokens) {
+      this.options?.storage.onTokenRefresh?.(auth_response.tokens);
+    }
+    return {
+      user: auth_response.user,
+      verification: auth_response.verification
+    };
   }
-  register(body) {
-    return this.authApi.register(body);
+  async register(body) {
+    const response = await this.authApi.register(body);
+    const auth_response = response.data;
+    if (auth_response.tokens) {
+      this.options?.storage.onTokenRefresh?.(auth_response.tokens);
+    }
+    return {
+      user: auth_response.user,
+      verification: auth_response.verification
+    };
   }
   async logout() {
-    await this.authApi.logout();
+    const refreshToken = this.options?.storage.getRefreshToken();
+    await this.authApi.logout({ refresh_token: refreshToken ?? "" });
     this.options?.storage.onLogout?.();
   }
   resetPassword(body) {
@@ -38,16 +55,27 @@ var AuthModule = class {
       throw false;
     }
   }
-  session() {
+  async session() {
     if (this.strategy !== "Session" /* Session */) {
       throw new Error("session() is only available with Session auth strategy");
     }
-    return this.authApi.getSession();
+    const response = await this.authApi.getSession();
+    return response.data;
   }
 };
 
 // src/api/interceptor.ts
 var JwtInterceptor = class {
+  isRefreshing = false;
+  waitingQueue = [];
+  drainQueue(token) {
+    this.waitingQueue.forEach(({ resolve }) => resolve(token));
+    this.waitingQueue = [];
+  }
+  rejectQueue(error) {
+    this.waitingQueue.forEach(({ reject }) => reject(error));
+    this.waitingQueue = [];
+  }
   apply(axiosInstance, options) {
     const REFRESH_URI = "/auth/refresh-token";
     axiosInstance.interceptors.request.use(
@@ -59,7 +87,6 @@ var JwtInterceptor = class {
         return config;
       },
       (error) => {
-        console.error("Request error:", error);
         return Promise.reject(error);
       }
     );
@@ -67,27 +94,39 @@ var JwtInterceptor = class {
       (response) => response,
       async (error) => {
         const originalRequest = error.config;
-        if (error.response?.status === 401 && !originalRequest._retry && !originalRequest.url?.includes(REFRESH_URI)) {
-          originalRequest._retry = true;
-          try {
-            const refreshToken = options?.storage.getRefreshToken();
-            const response = await axiosInstance.post(
-              REFRESH_URI,
-              {},
-              { headers: { "x-refresh-token": `Bearer ${refreshToken}` } }
-            );
-            const auth_response = response.data;
-            if (auth_response.tokens) {
-              options?.storage.onTokenRefresh?.(auth_response.tokens);
-            }
-            originalRequest.headers.Authorization = `Bearer ${auth_response.tokens?.access}`;
+        if (error.response?.status !== 401 || originalRequest._retry || originalRequest.url?.includes(REFRESH_URI)) {
+          return Promise.reject(error);
+        }
+        if (this.isRefreshing) {
+          return new Promise((resolve, reject) => {
+            this.waitingQueue.push({ resolve, reject });
+          }).then((newToken) => {
+            originalRequest.headers.Authorization = `Bearer ${newToken}`;
             return axiosInstance(originalRequest);
-          } catch (e) {
-            options?.storage.onSessionExpired?.();
-            return Promise.reject(e);
+          });
+        }
+        originalRequest._retry = true;
+        this.isRefreshing = true;
+        try {
+          const refreshToken = options?.storage.getRefreshToken();
+          if (!refreshToken) return Promise.reject(error);
+          const response = await axiosInstance.post(REFRESH_URI, {
+            refresh_token: refreshToken
+          });
+          const auth_response = response.data;
+          if (auth_response.tokens) {
+            options?.storage.onTokenRefresh?.(auth_response.tokens);
           }
+          this.drainQueue(auth_response.tokens?.access);
+          originalRequest.headers.Authorization = `Bearer ${auth_response.tokens?.access}`;
+          return axiosInstance(originalRequest);
+        } catch (e) {
+          this.rejectQueue(e);
+          options?.storage.onSessionExpired?.();
+          return Promise.reject(e);
+        } finally {
+          this.isRefreshing = false;
         }
-        return Promise.reject(error);
       }
     );
   }
@@ -238,10 +277,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
     /**
      * Invalidates the current session and refresh token. The client should discard stored tokens.
      * @summary Logout
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    logout: async (options = {}) => {
+    logout: async (refreshTokenRequest, options = {}) => {
+      assertParamExists("logout", "refreshTokenRequest", refreshTokenRequest);
       const localVarPath = `/auth/logout`;
       const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
       let baseOptions;
@@ -252,10 +293,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
       const localVarHeaderParameter = {};
       const localVarQueryParameter = {};
       await setBearerAuthToObject(localVarHeaderParameter, configuration);
+      localVarHeaderParameter["Content-Type"] = "application/json";
       localVarHeaderParameter["Accept"] = "application/json";
       setSearchParams(localVarUrlObj, localVarQueryParameter);
       let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
       localVarRequestOptions.headers = { ...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers };
+      localVarRequestOptions.data = serializeDataIfNeeded(refreshTokenRequest, localVarRequestOptions, configuration);
       return {
         url: toPathString(localVarUrlObj),
         options: localVarRequestOptions
@@ -264,10 +307,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
     /**
      * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
      * @summary Refresh access token
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    refreshToken: async (options = {}) => {
+    refreshToken: async (refreshTokenRequest, options = {}) => {
+      assertParamExists("refreshToken", "refreshTokenRequest", refreshTokenRequest);
       const localVarPath = `/auth/refresh-token`;
       const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
       let baseOptions;
@@ -278,10 +323,12 @@ var AuthApiAxiosParamCreator = function(configuration) {
       const localVarHeaderParameter = {};
       const localVarQueryParameter = {};
       await setBearerAuthToObject(localVarHeaderParameter, configuration);
+      localVarHeaderParameter["Content-Type"] = "application/json";
       localVarHeaderParameter["Accept"] = "application/json";
       setSearchParams(localVarUrlObj, localVarQueryParameter);
       let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
       localVarRequestOptions.headers = { ...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers };
+      localVarRequestOptions.data = serializeDataIfNeeded(refreshTokenRequest, localVarRequestOptions, configuration);
       return {
         url: toPathString(localVarUrlObj),
         options: localVarRequestOptions
@@ -439,11 +486,12 @@ var AuthApiFp = function(configuration) {
     /**
      * Invalidates the current session and refresh token. The client should discard stored tokens.
      * @summary Logout
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    async logout(options) {
-      const localVarAxiosArgs = await localVarAxiosParamCreator.logout(options);
+    async logout(refreshTokenRequest, options) {
+      const localVarAxiosArgs = await localVarAxiosParamCreator.logout(refreshTokenRequest, options);
       const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
       const localVarOperationServerBasePath = operationServerMap["AuthApi.logout"]?.[localVarOperationServerIndex]?.url;
       return (axios3, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios2, BASE_PATH, configuration)(axios3, localVarOperationServerBasePath || basePath);
@@ -451,11 +499,12 @@ var AuthApiFp = function(configuration) {
     /**
      * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
      * @summary Refresh access token
+     * @param {RefreshTokenRequest} refreshTokenRequest 
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    async refreshToken(options) {
-      const localVarAxiosArgs = await localVarAxiosParamCreator.refreshToken(options);
+    async refreshToken(refreshTokenRequest, options) {
+      const localVarAxiosArgs = await localVarAxiosParamCreator.refreshToken(refreshTokenRequest, options);
       const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
       const localVarOperationServerBasePath = operationServerMap["AuthApi.refreshToken"]?.[localVarOperationServerIndex]?.url;
       return (axios3, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios2, BASE_PATH, configuration)(axios3, localVarOperationServerBasePath || basePath);
@@ -537,20 +586,22 @@ var AuthApi = class extends BaseAPI {
   /**
    * Invalidates the current session and refresh token. The client should discard stored tokens.
    * @summary Logout
+   * @param {RefreshTokenRequest} refreshTokenRequest 
    * @param {*} [options] Override http request option.
    * @throws {RequiredError}
    */
-  logout(options) {
-    return AuthApiFp(this.configuration).logout(options).then((request) => request(this.axios, this.basePath));
+  logout(refreshTokenRequest, options) {
+    return AuthApiFp(this.configuration).logout(refreshTokenRequest, options).then((request) => request(this.axios, this.basePath));
   }
   /**
    * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
    * @summary Refresh access token
+   * @param {RefreshTokenRequest} refreshTokenRequest 
    * @param {*} [options] Override http request option.
    * @throws {RequiredError}
    */
-  refreshToken(options) {
-    return AuthApiFp(this.configuration).refreshToken(options).then((request) => request(this.axios, this.basePath));
+  refreshToken(refreshTokenRequest, options) {
+    return AuthApiFp(this.configuration).refreshToken(refreshTokenRequest, options).then((request) => request(this.axios, this.basePath));
   }
   /**
    * Creates a new user account. Sends a verification email upon successful registration.

package/dist/types/index.cjs

@@ -0,0 +1,18 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/types/index.ts
+var types_exports = {};
+module.exports = __toCommonJS(types_exports);

package/dist/types/index.d.cts

@@ -0,0 +1 @@
+export { A as AuthResult, U as User } from '../index-BZFSacf5.cjs';

package/dist/types/index.d.ts

@@ -0,0 +1 @@
+export { A as AuthResult, U as User } from '../index-BZFSacf5.js';

package/package.json

@@ -1,7 +1,27 @@
 {
 	"name": "anzar",
-	"version": "1.2.10",
-	"description": "Anzar SDK",
+	"version": "1.3.6",
+	"description": "Anzar is a lightweight authentication and authorization framework that runs as a separate microservice",
+	"author": "Hakou Guelfen <hakoudev@gmail.com>",
+	"license": "GPL-3.0",
+	"keywords": [
+		"Software Development",
+		"Authentication",
+		"Authorization",
+		"MicroService"
+	],
+	"repository": {
+		"type": "git",
+		"url": "git+https://gitlab.com/anzar_software/typescript-sdk.git"
+	},
+	"homepage": "https://anzar_software.gitlab.io/docs",
+	"bugs": {
+		"url": "https://gitlab.com/anzar_software/typescript-sdk/-/work_items"
+	},
+	"engines": {
+		"node": ">=18"
+	},
+	"sideEffects": false,
 	"type": "module",
 	"module": "./dist/index.js",
 	"main": "./dist/index.cjs",
@@ -16,6 +36,11 @@
 			"types": "./dist/adapters/index.d.ts",
 			"import": "./dist/adapters/index.js",
 			"require": "./dist/adapters/index.cjs"
+		},
+		"./types": {
+			"types": "./dist/types/index.d.ts",
+			"import": "./dist/types/index.js",
+			"require": "./dist/types/index.cjs"
 		}
 	},
 	"files": [
@@ -24,29 +49,24 @@
 		"LICENSE"
 	],
 	"scripts": {
-		"test": "echo \"Error: no test specified\" && exit 1",
+		"test": "node --import tsx/esm --test",
+		"coverage": "node --import tsx/esm --experimental-test-coverage --test-coverage-lines=80 --test-coverage-branches=80 --test-coverage-functions=70 --test",
 		"build": "tsup",
 		"prepublishOnly": "npm run build"
 	},
-	"keywords": [],
-	"repository": {
-		"type": "git",
-		"url": "git+https://gitlab.com/anzar_software/typescript-sdk.git"
-	},
-	"author": "Hakou Guelfen",
-	"license": "GPLV3",
 	"packageManager": "pnpm@10.28.2",
 	"publishConfig": {
 		"access": "public"
 	},
 	"dependencies": {
-		"@types/node": "^25.0.3",
-		"axios": "^1.13.2",
-		"zod": "^4.2.1"
+		"axios": "^1.13.2"
 	},
 	"devDependencies": {
 		"@openapitools/openapi-generator-cli": "^2.29.0",
+		"axios-mock-adapter": "^2.1.0",
+		"@types/node": "^25.0.3",
 		"tsup": "^8.5.1",
+		"tsx": "^4.21.0",
 		"typescript": "^5.9.3"
 	}
 }