auth101 0.1.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Elsai Deribu
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,174 @@
+# auth101
+
+TypeScript client for [auth101](https://github.com/your-org/auth101) — simple email/password authentication for Python backends (FastAPI, Flask, Django).
+
+## Installation
+
+```bash
+npm install auth101
+# or
+pnpm add auth101
+# or
+yarn add auth101
+```
+
+## Quick Start
+
+```ts
+import { createAuth101Client } from "auth101"
+
+const auth = createAuth101Client({
+  baseURL: "http://localhost:8000/auth", // where auth101 is mounted on your backend
+})
+```
+
+## Usage
+
+All methods return `{ data, error }`. Exactly one of them will be non-null.
+
+### Sign Up
+
+```ts
+const { data, error } = await auth.signUp({
+  email: "user@example.com",
+  password: "hunter2",
+})
+
+if (error) {
+  console.error(error.message, error.code)
+} else {
+  console.log(data.user)   // { id, email, is_active }
+  console.log(data.token)  // JWT — stored automatically
+}
+```
+
+### Sign In
+
+```ts
+const { data, error } = await auth.signIn({
+  email: "user@example.com",
+  password: "hunter2",
+})
+
+if (data) {
+  console.log("Welcome back,", data.user.email)
+}
+```
+
+### Get Session
+
+Reads the stored token and asks the backend to return the current user.
+
+```ts
+const { data, error } = await auth.getSession()
+
+if (data) {
+  console.log("Logged in as", data.user.email)
+} else {
+  console.log("Not authenticated:", error?.code)
+}
+```
+
+### Sign Out
+
+Notifies the backend (best-effort) and clears the local token.
+
+```ts
+const { data, error } = await auth.signOut()
+// data.success === true
+```
+
+### Token Helpers
+
+```ts
+auth.getToken()        // → string | null
+auth.setToken(jwt)     // store a token manually
+auth.clearToken()      // remove the stored token
+```
+
+## Configuration
+
+```ts
+const auth = createAuth101Client({
+  // Required: base URL where auth101 is mounted
+  baseURL: "https://api.myapp.com/auth",
+
+  // Optional: custom storage (defaults to localStorage in browsers)
+  storage: sessionStorage,
+
+  // Pass null to keep the token in memory only (useful for SSR)
+  // storage: null,
+
+  // Optional: key used in storage (default: "auth101_token")
+  storageKey: "myapp_token",
+
+  // Optional: default fetch options merged into every request
+  fetchOptions: {
+    credentials: "include",
+  },
+})
+```
+
+### Custom Storage
+
+Any object with `getItem`, `setItem`, and `removeItem` works:
+
+```ts
+const auth = createAuth101Client({
+  baseURL: "...",
+  storage: {
+    getItem: (key) => cookies.get(key) ?? null,
+    setItem: (key, value) => cookies.set(key, value),
+    removeItem: (key) => cookies.delete(key),
+  },
+})
+```
+
+## TypeScript
+
+All types are exported:
+
+```ts
+import type {
+  User,
+  AuthResult,
+  BackendError,
+  SignUpInput,
+  SignInInput,
+  SignUpResponse,
+  SignInResponse,
+  SignOutResponse,
+  SessionResponse,
+  Auth101ClientOptions,
+  StorageLike,
+} from "auth101"
+```
+
+## Backend Endpoints
+
+The client maps to these endpoints exposed by the Python `auth101` package:
+
+| Method | Path | Description |
+|--------|------|-------------|
+| `POST` | `/sign-up/email` | Register a new user |
+| `POST` | `/sign-in/email` | Sign in an existing user |
+| `POST` | `/sign-out` | Acknowledge sign-out |
+| `GET`  | `/session` | Get current user from token |
+
+## Error Codes
+
+| Code | Meaning |
+|------|---------|
+| `VALIDATION_ERROR` | Missing or invalid input |
+| `USER_EXISTS` | Email is already registered |
+| `INVALID_CREDENTIALS` | Wrong email or password |
+| `INVALID_TOKEN` | JWT is malformed or expired |
+| `UNAUTHORIZED` | No valid token provided |
+| `USER_NOT_FOUND` | Token valid but user deleted |
+| `NETWORK_ERROR` | Could not reach the server |
+| `PARSE_ERROR` | Server returned non-JSON |
+| `HTTP_ERROR` | Non-2xx response with no error body |
+
+## License
+
+MIT

package/dist/index.cjs

@@ -0,0 +1,176 @@
+'use strict';
+
+// src/storage.ts
+var MemoryStorage = class {
+  constructor() {
+    this._map = /* @__PURE__ */ new Map();
+  }
+  getItem(key) {
+    return this._map.get(key) ?? null;
+  }
+  setItem(key, value) {
+    this._map.set(key, value);
+  }
+  removeItem(key) {
+    this._map.delete(key);
+  }
+};
+function resolveStorage(storage) {
+  if (storage === null) {
+    return new MemoryStorage();
+  }
+  if (storage !== void 0) {
+    return storage;
+  }
+  if (typeof window !== "undefined" && window.localStorage) {
+    return window.localStorage;
+  }
+  return new MemoryStorage();
+}
+
+// src/client.ts
+var DEFAULT_STORAGE_KEY = "auth101_token";
+var Auth101Client = class {
+  constructor(options) {
+    if (!options.baseURL) {
+      throw new Error("[auth101] baseURL is required");
+    }
+    this._baseURL = options.baseURL.replace(/\/$/, "");
+    this._storage = resolveStorage(options.storage);
+    this._storageKey = options.storageKey ?? DEFAULT_STORAGE_KEY;
+    this._fetchOptions = options.fetchOptions ?? {};
+  }
+  // ── Token management ────────────────────────────────────────────────────────
+  /** Returns the stored JWT, or `null` if the user is not signed in. */
+  getToken() {
+    return this._storage.getItem(this._storageKey);
+  }
+  /** Manually store a token (e.g. after server-side sign-in). */
+  setToken(token) {
+    this._storage.setItem(this._storageKey, token);
+  }
+  /** Remove the stored token. */
+  clearToken() {
+    this._storage.removeItem(this._storageKey);
+  }
+  // ── Auth methods ────────────────────────────────────────────────────────────
+  /**
+   * Register a new user with email and password.
+   *
+   * On success the token is persisted automatically.
+   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+   */
+  async signUp(input) {
+    const result = await this._post("/sign-up/email", input);
+    if (result.data?.token) {
+      this.setToken(result.data.token);
+    }
+    return result;
+  }
+  /**
+   * Sign in with email and password.
+   *
+   * On success the token is persisted automatically.
+   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+   */
+  async signIn(input) {
+    const result = await this._post("/sign-in/email", input);
+    if (result.data?.token) {
+      this.setToken(result.data.token);
+    }
+    return result;
+  }
+  /**
+   * Sign out the current user.
+   *
+   * The token is always cleared from storage regardless of the backend response.
+   * Returns `{ data: { success: true }, error: null }` or `{ data: null, error }`.
+   */
+  async signOut() {
+    const token = this.getToken();
+    if (!token) {
+      this.clearToken();
+      return { data: { success: true }, error: null };
+    }
+    const result = await this._post("/sign-out", void 0, token);
+    this.clearToken();
+    return result;
+  }
+  /**
+   * Fetch the currently authenticated user from the backend.
+   *
+   * Returns `{ data: { user }, error: null }` or `{ data: null, error }`.
+   */
+  async getSession() {
+    const token = this.getToken();
+    if (!token) {
+      return {
+        data: null,
+        error: { message: "Not signed in", code: "UNAUTHORIZED" }
+      };
+    }
+    return this._get("/session", token);
+  }
+  // ── Internal HTTP helpers ───────────────────────────────────────────────────
+  async _post(path, body, token) {
+    return this._request("POST", path, body, token);
+  }
+  async _get(path, token) {
+    return this._request("GET", path, void 0, token);
+  }
+  async _request(method, path, body, token) {
+    const headers = {
+      "Content-Type": "application/json",
+      ...this._fetchOptions.headers
+    };
+    if (token) {
+      headers["Authorization"] = `Bearer ${token}`;
+    }
+    const init = {
+      ...this._fetchOptions,
+      method,
+      headers,
+      ...body !== void 0 ? { body: JSON.stringify(body) } : {}
+    };
+    let response;
+    try {
+      response = await fetch(`${this._baseURL}${path}`, init);
+    } catch (cause) {
+      return {
+        data: null,
+        error: {
+          message: "Network error \u2014 could not reach the server",
+          code: "NETWORK_ERROR"
+        }
+      };
+    }
+    let json;
+    try {
+      json = await response.json();
+    } catch {
+      return {
+        data: null,
+        error: {
+          message: `Unexpected response from server (status ${response.status})`,
+          code: "PARSE_ERROR"
+        }
+      };
+    }
+    if (!response.ok || isBackendError(json)) {
+      const err = isBackendError(json) ? json.error : { message: `Request failed with status ${response.status}`, code: "HTTP_ERROR" };
+      return { data: null, error: err };
+    }
+    return { data: json, error: null };
+  }
+};
+function isBackendError(json) {
+  return typeof json === "object" && json !== null && "error" in json && typeof json.error === "object";
+}
+function createAuth101Client(options) {
+  return new Auth101Client(options);
+}
+
+exports.Auth101Client = Auth101Client;
+exports.createAuth101Client = createAuth101Client;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/storage.ts","../src/client.ts"],"names":[],"mappings":";;;AAMA,IAAM,gBAAN,MAA2C;AAAA,EAA3C,WAAA,GAAA;AACE,IAAA,IAAA,CAAiB,IAAA,uBAAW,GAAA,EAAoB;AAAA,EAAA;AAAA,EAEhD,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,IAAA,CAAK,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC1B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACtB;AACF,CAAA;AASO,SAAS,eAAe,OAAA,EAAsD;AACnF,EAAA,IAAI,YAAY,IAAA,EAAM;AACpB,IAAA,OAAO,IAAI,aAAA,EAAc;AAAA,EAC3B;AAEA,EAAA,IAAI,YAAY,MAAA,EAAW;AACzB,IAAA,OAAO,OAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,MAAA,CAAO,YAAA,EAAc;AACxD,IAAA,OAAO,MAAA,CAAO,YAAA;AAAA,EAChB;AAEA,EAAA,OAAO,IAAI,aAAA,EAAc;AAC3B;;;AC7BA,IAAM,mBAAA,GAAsB,eAAA;AAErB,IAAM,gBAAN,MAAoB;AAAA,EAMzB,YAAY,OAAA,EAA+B;AACzC,IAAA,IAAI,CAAC,QAAQ,OAAA,EAAS;AACpB,MAAA,MAAM,IAAI,MAAM,+BAA+B,CAAA;AAAA,IACjD;AAEA,IAAA,IAAA,CAAK,QAAA,GAAW,OAAA,CAAQ,OAAA,CAAQ,OAAA,CAAQ,OAAO,EAAE,CAAA;AACjD,IAAA,IAAA,CAAK,QAAA,GAAW,cAAA,CAAe,OAAA,CAAQ,OAAO,CAAA;AAC9C,IAAA,IAAA,CAAK,WAAA,GAAc,QAAQ,UAAA,IAAc,mBAAA;AACzC,IAAA,IAAA,CAAK,aAAA,GAAgB,OAAA,CAAQ,YAAA,IAAgB,EAAC;AAAA,EAChD;AAAA;AAAA;AAAA,EAKA,QAAA,GAA0B;AACxB,IAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,IAAA,CAAK,WAAW,CAAA;AAAA,EAC/C;AAAA;AAAA,EAGA,SAAS,KAAA,EAAqB;AAC5B,IAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,IAAA,CAAK,WAAA,EAAa,KAAK,CAAA;AAAA,EAC/C;AAAA;AAAA,EAGA,UAAA,GAAmB;AACjB,IAAA,IAAA,CAAK,QAAA,CAAS,UAAA,CAAW,IAAA,CAAK,WAAW,CAAA;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,OAAO,KAAA,EAAyD;AACpE,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,KAAA,CAAsB,kBAAkB,KAAK,CAAA;AAEvE,IAAA,IAAI,MAAA,CAAO,MAAM,KAAA,EAAO;AACtB,MAAA,IAAA,CAAK,QAAA,CAAS,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA,IACjC;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAO,KAAA,EAAyD;AACpE,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,KAAA,CAAsB,kBAAkB,KAAK,CAAA;AAEvE,IAAA,IAAI,MAAA,CAAO,MAAM,KAAA,EAAO;AACtB,MAAA,IAAA,CAAK,QAAA,CAAS,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA,IACjC;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAA,GAAgD;AACpD,IAAA,MAAM,KAAA,GAAQ,KAAK,QAAA,EAAS;AAE5B,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,IAAA,CAAK,UAAA,EAAW;AAChB,MAAA,OAAO,EAAE,IAAA,EAAM,EAAE,SAAS,IAAA,EAAK,EAAG,OAAO,IAAA,EAAK;AAAA,IAChD;AAEA,IAAA,MAAM,SAAS,MAAM,IAAA,CAAK,KAAA,CAAuB,WAAA,EAAa,QAAW,KAAK,CAAA;AAC9E,IAAA,IAAA,CAAK,UAAA,EAAW;AAChB,IAAA,OAAO,MAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,UAAA,GAAmD;AACvD,IAAA,MAAM,KAAA,GAAQ,KAAK,QAAA,EAAS;AAE5B,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,IAAA;AAAA,QACN,KAAA,EAAO,EAAE,OAAA,EAAS,eAAA,EAAiB,MAAM,cAAA;AAAe,OAC1D;AAAA,IACF;AAEA,IAAA,OAAO,IAAA,CAAK,IAAA,CAAsB,UAAA,EAAY,KAAK,CAAA;AAAA,EACrD;AAAA;AAAA,EAIA,MAAc,KAAA,CACZ,IAAA,EACA,IAAA,EACA,KAAA,EACwB;AACxB,IAAA,OAAO,IAAA,CAAK,QAAA,CAAY,MAAA,EAAQ,IAAA,EAAM,MAAM,KAAK,CAAA;AAAA,EACnD;AAAA,EAEA,MAAc,IAAA,CAAQ,IAAA,EAAc,KAAA,EAAwC;AAC1E,IAAA,OAAO,IAAA,CAAK,QAAA,CAAY,KAAA,EAAO,IAAA,EAAM,QAAW,KAAK,CAAA;AAAA,EACvD;AAAA,EAEA,MAAc,QAAA,CACZ,MAAA,EACA,IAAA,EACA,MACA,KAAA,EACwB;AACxB,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAI,KAAK,aAAA,CAAc;AAAA,KACzB;AAEA,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,MAAM,IAAA,GAAoB;AAAA,MACxB,GAAG,IAAA,CAAK,aAAA;AAAA,MACR,MAAA;AAAA,MACA,OAAA;AAAA,MACA,GAAI,IAAA,KAAS,MAAA,GAAY,EAAE,IAAA,EAAM,KAAK,SAAA,CAAU,IAAI,CAAA,EAAE,GAAI;AAAC,KAC7D;AAEA,IAAA,IAAI,QAAA;AAEJ,IAAA,IAAI;AACF,MAAA,QAAA,GAAW,MAAM,MAAM,CAAA,EAAG,IAAA,CAAK,QAAQ,CAAA,EAAG,IAAI,IAAI,IAAI,CAAA;AAAA,IACxD,SAAS,KAAA,EAAO;AACd,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,IAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,OAAA,EAAS,iDAAA;AAAA,UACT,IAAA,EAAM;AAAA;AACR,OACF;AAAA,IACF;AAEA,IAAA,IAAI,IAAA;AAEJ,IAAA,IAAI;AACF,MAAA,IAAA,GAAO,MAAM,SAAS,IAAA,EAAK;AAAA,IAC7B,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,IAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,OAAA,EAAS,CAAA,wCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA,CAAA,CAAA;AAAA,UACnE,IAAA,EAAM;AAAA;AACR,OACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,cAAA,CAAe,IAAI,CAAA,EAAG;AACxC,MAAA,MAAM,GAAA,GAAM,cAAA,CAAe,IAAI,CAAA,GAC1B,IAAA,CAAiC,KAAA,GAClC,EAAE,OAAA,EAAS,CAAA,2BAAA,EAA8B,QAAA,CAAS,MAAM,CAAA,CAAA,EAAI,MAAM,YAAA,EAAa;AAEnF,MAAA,OAAO,EAAE,IAAA,EAAM,IAAA,EAAM,KAAA,EAAO,GAAA,EAAI;AAAA,IAClC;AAEA,IAAA,OAAO,EAAE,IAAA,EAAM,IAAA,EAAW,KAAA,EAAO,IAAA,EAAK;AAAA,EACxC;AACF;AAEA,SAAS,eAAe,IAAA,EAAwB;AAC9C,EAAA,OACE,OAAO,SAAS,QAAA,IAChB,IAAA,KAAS,QACT,OAAA,IAAW,IAAA,IACX,OAAQ,IAAA,CAA4B,KAAA,KAAU,QAAA;AAElD;AAeO,SAAS,oBAAoB,OAAA,EAA8C;AAChF,EAAA,OAAO,IAAI,cAAc,OAAO,CAAA;AAClC","file":"index.cjs","sourcesContent":["import type { StorageLike } from \"./types\"\r\n\r\n/**\r\n * In-memory fallback used when localStorage is unavailable (SSR, Node, tests).\r\n * Token is lost when the instance is garbage-collected.\r\n */\r\nclass MemoryStorage implements StorageLike {\r\n  private readonly _map = new Map<string, string>()\r\n\r\n  getItem(key: string): string | null {\r\n    return this._map.get(key) ?? null\r\n  }\r\n\r\n  setItem(key: string, value: string): void {\r\n    this._map.set(key, value)\r\n  }\r\n\r\n  removeItem(key: string): void {\r\n    this._map.delete(key)\r\n  }\r\n}\r\n\r\n/**\r\n * Resolve a storage backend in priority order:\r\n *\r\n * 1. Explicit `null`  → no persistence, always return `MemoryStorage`\r\n * 2. Explicit object  → use as-is (duck-typed StorageLike)\r\n * 3. `undefined`      → try `localStorage`, fall back to `MemoryStorage`\r\n */\r\nexport function resolveStorage(storage: StorageLike | null | undefined): StorageLike {\r\n  if (storage === null) {\r\n    return new MemoryStorage()\r\n  }\r\n\r\n  if (storage !== undefined) {\r\n    return storage\r\n  }\r\n\r\n  if (typeof window !== \"undefined\" && window.localStorage) {\r\n    return window.localStorage\r\n  }\r\n\r\n  return new MemoryStorage()\r\n}\r\n","import { resolveStorage } from \"./storage\"\r\nimport type {\r\n  Auth101ClientOptions,\r\n  AuthResult,\r\n  BackendError,\r\n  SessionResponse,\r\n  SignInInput,\r\n  SignInResponse,\r\n  SignOutResponse,\r\n  SignUpInput,\r\n  SignUpResponse,\r\n  StorageLike,\r\n} from \"./types\"\r\n\r\nconst DEFAULT_STORAGE_KEY = \"auth101_token\"\r\n\r\nexport class Auth101Client {\r\n  private readonly _baseURL: string\r\n  private readonly _storage: StorageLike\r\n  private readonly _storageKey: string\r\n  private readonly _fetchOptions: RequestInit\r\n\r\n  constructor(options: Auth101ClientOptions) {\r\n    if (!options.baseURL) {\r\n      throw new Error(\"[auth101] baseURL is required\")\r\n    }\r\n\r\n    this._baseURL = options.baseURL.replace(/\\/$/, \"\")\r\n    this._storage = resolveStorage(options.storage)\r\n    this._storageKey = options.storageKey ?? DEFAULT_STORAGE_KEY\r\n    this._fetchOptions = options.fetchOptions ?? {}\r\n  }\r\n\r\n  // ── Token management ────────────────────────────────────────────────────────\r\n\r\n  /** Returns the stored JWT, or `null` if the user is not signed in. */\r\n  getToken(): string | null {\r\n    return this._storage.getItem(this._storageKey)\r\n  }\r\n\r\n  /** Manually store a token (e.g. after server-side sign-in). */\r\n  setToken(token: string): void {\r\n    this._storage.setItem(this._storageKey, token)\r\n  }\r\n\r\n  /** Remove the stored token. */\r\n  clearToken(): void {\r\n    this._storage.removeItem(this._storageKey)\r\n  }\r\n\r\n  // ── Auth methods ────────────────────────────────────────────────────────────\r\n\r\n  /**\r\n   * Register a new user with email and password.\r\n   *\r\n   * On success the token is persisted automatically.\r\n   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async signUp(input: SignUpInput): Promise<AuthResult<SignUpResponse>> {\r\n    const result = await this._post<SignUpResponse>(\"/sign-up/email\", input)\r\n\r\n    if (result.data?.token) {\r\n      this.setToken(result.data.token)\r\n    }\r\n\r\n    return result\r\n  }\r\n\r\n  /**\r\n   * Sign in with email and password.\r\n   *\r\n   * On success the token is persisted automatically.\r\n   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async signIn(input: SignInInput): Promise<AuthResult<SignInResponse>> {\r\n    const result = await this._post<SignInResponse>(\"/sign-in/email\", input)\r\n\r\n    if (result.data?.token) {\r\n      this.setToken(result.data.token)\r\n    }\r\n\r\n    return result\r\n  }\r\n\r\n  /**\r\n   * Sign out the current user.\r\n   *\r\n   * The token is always cleared from storage regardless of the backend response.\r\n   * Returns `{ data: { success: true }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async signOut(): Promise<AuthResult<SignOutResponse>> {\r\n    const token = this.getToken()\r\n\r\n    if (!token) {\r\n      this.clearToken()\r\n      return { data: { success: true }, error: null }\r\n    }\r\n\r\n    const result = await this._post<SignOutResponse>(\"/sign-out\", undefined, token)\r\n    this.clearToken()\r\n    return result\r\n  }\r\n\r\n  /**\r\n   * Fetch the currently authenticated user from the backend.\r\n   *\r\n   * Returns `{ data: { user }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async getSession(): Promise<AuthResult<SessionResponse>> {\r\n    const token = this.getToken()\r\n\r\n    if (!token) {\r\n      return {\r\n        data: null,\r\n        error: { message: \"Not signed in\", code: \"UNAUTHORIZED\" },\r\n      }\r\n    }\r\n\r\n    return this._get<SessionResponse>(\"/session\", token)\r\n  }\r\n\r\n  // ── Internal HTTP helpers ───────────────────────────────────────────────────\r\n\r\n  private async _post<T>(\r\n    path: string,\r\n    body: object | undefined,\r\n    token?: string,\r\n  ): Promise<AuthResult<T>> {\r\n    return this._request<T>(\"POST\", path, body, token)\r\n  }\r\n\r\n  private async _get<T>(path: string, token?: string): Promise<AuthResult<T>> {\r\n    return this._request<T>(\"GET\", path, undefined, token)\r\n  }\r\n\r\n  private async _request<T>(\r\n    method: string,\r\n    path: string,\r\n    body: object | undefined,\r\n    token?: string,\r\n  ): Promise<AuthResult<T>> {\r\n    const headers: Record<string, string> = {\r\n      \"Content-Type\": \"application/json\",\r\n      ...(this._fetchOptions.headers as Record<string, string> | undefined),\r\n    }\r\n\r\n    if (token) {\r\n      headers[\"Authorization\"] = `Bearer ${token}`\r\n    }\r\n\r\n    const init: RequestInit = {\r\n      ...this._fetchOptions,\r\n      method,\r\n      headers,\r\n      ...(body !== undefined ? { body: JSON.stringify(body) } : {}),\r\n    }\r\n\r\n    let response: Response\r\n\r\n    try {\r\n      response = await fetch(`${this._baseURL}${path}`, init)\r\n    } catch (cause) {\r\n      return {\r\n        data: null,\r\n        error: {\r\n          message: \"Network error — could not reach the server\",\r\n          code: \"NETWORK_ERROR\",\r\n        },\r\n      }\r\n    }\r\n\r\n    let json: unknown\r\n\r\n    try {\r\n      json = await response.json()\r\n    } catch {\r\n      return {\r\n        data: null,\r\n        error: {\r\n          message: `Unexpected response from server (status ${response.status})`,\r\n          code: \"PARSE_ERROR\",\r\n        },\r\n      }\r\n    }\r\n\r\n    if (!response.ok || isBackendError(json)) {\r\n      const err = isBackendError(json)\r\n        ? (json as { error: BackendError }).error\r\n        : { message: `Request failed with status ${response.status}`, code: \"HTTP_ERROR\" }\r\n\r\n      return { data: null, error: err }\r\n    }\r\n\r\n    return { data: json as T, error: null }\r\n  }\r\n}\r\n\r\nfunction isBackendError(json: unknown): boolean {\r\n  return (\r\n    typeof json === \"object\" &&\r\n    json !== null &&\r\n    \"error\" in json &&\r\n    typeof (json as { error: unknown }).error === \"object\"\r\n  )\r\n}\r\n\r\n// ── Factory ───────────────────────────────────────────────────────────────────\r\n\r\n/**\r\n * Create an `Auth101Client` instance.\r\n *\r\n * @example\r\n * ```ts\r\n * const auth = createAuth101Client({ baseURL: \"http://localhost:8000/auth\" })\r\n *\r\n * const { data, error } = await auth.signIn({ email, password })\r\n * if (data) console.log(data.user)\r\n * ```\r\n */\r\nexport function createAuth101Client(options: Auth101ClientOptions): Auth101Client {\r\n  return new Auth101Client(options)\r\n}\r\n"]}

package/dist/index.d.cts

@@ -0,0 +1,121 @@
+interface User {
+    id: string;
+    email: string;
+    is_active: boolean;
+}
+interface SignUpInput {
+    email: string;
+    password: string;
+}
+interface SignInInput {
+    email: string;
+    password: string;
+}
+interface SignUpResponse {
+    user: User;
+    token: string;
+}
+interface SignInResponse {
+    user: User;
+    token: string;
+}
+interface SignOutResponse {
+    success: boolean;
+}
+interface SessionResponse {
+    user: User;
+}
+interface BackendError {
+    message: string;
+    code: string;
+}
+interface AuthResult<T> {
+    data: T | null;
+    error: BackendError | null;
+}
+interface StorageLike {
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+}
+interface Auth101ClientOptions {
+    /**
+     * Base URL where auth101 is mounted on your backend, e.g.
+     * `"http://localhost:8000/auth"` — no trailing slash.
+     */
+    baseURL: string;
+    /**
+     * Custom storage implementation for persisting the token.
+     * Defaults to `localStorage` in browser environments.
+     * Pass `null` to keep the token in memory only (useful for SSR or testing).
+     */
+    storage?: StorageLike | null;
+    /**
+     * Key used to store the token in the provided storage.
+     * Defaults to `"auth101_token"`.
+     */
+    storageKey?: string;
+    /**
+     * Default `RequestInit` options merged into every `fetch` call.
+     * Useful for setting custom headers, credentials mode, etc.
+     */
+    fetchOptions?: RequestInit;
+}
+
+declare class Auth101Client {
+    private readonly _baseURL;
+    private readonly _storage;
+    private readonly _storageKey;
+    private readonly _fetchOptions;
+    constructor(options: Auth101ClientOptions);
+    /** Returns the stored JWT, or `null` if the user is not signed in. */
+    getToken(): string | null;
+    /** Manually store a token (e.g. after server-side sign-in). */
+    setToken(token: string): void;
+    /** Remove the stored token. */
+    clearToken(): void;
+    /**
+     * Register a new user with email and password.
+     *
+     * On success the token is persisted automatically.
+     * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+     */
+    signUp(input: SignUpInput): Promise<AuthResult<SignUpResponse>>;
+    /**
+     * Sign in with email and password.
+     *
+     * On success the token is persisted automatically.
+     * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+     */
+    signIn(input: SignInInput): Promise<AuthResult<SignInResponse>>;
+    /**
+     * Sign out the current user.
+     *
+     * The token is always cleared from storage regardless of the backend response.
+     * Returns `{ data: { success: true }, error: null }` or `{ data: null, error }`.
+     */
+    signOut(): Promise<AuthResult<SignOutResponse>>;
+    /**
+     * Fetch the currently authenticated user from the backend.
+     *
+     * Returns `{ data: { user }, error: null }` or `{ data: null, error }`.
+     */
+    getSession(): Promise<AuthResult<SessionResponse>>;
+    private _post;
+    private _get;
+    private _request;
+}
+/**
+ * Create an `Auth101Client` instance.
+ *
+ * @example
+ * ```ts
+ * const auth = createAuth101Client({ baseURL: "http://localhost:8000/auth" })
+ *
+ * const { data, error } = await auth.signIn({ email, password })
+ * if (data) console.log(data.user)
+ * ```
+ */
+declare function createAuth101Client(options: Auth101ClientOptions): Auth101Client;
+
+export { Auth101Client, type Auth101ClientOptions, type AuthResult, type BackendError, type SessionResponse, type SignInInput, type SignInResponse, type SignOutResponse, type SignUpInput, type SignUpResponse, type StorageLike, type User, createAuth101Client };

package/dist/index.d.ts

@@ -0,0 +1,121 @@
+interface User {
+    id: string;
+    email: string;
+    is_active: boolean;
+}
+interface SignUpInput {
+    email: string;
+    password: string;
+}
+interface SignInInput {
+    email: string;
+    password: string;
+}
+interface SignUpResponse {
+    user: User;
+    token: string;
+}
+interface SignInResponse {
+    user: User;
+    token: string;
+}
+interface SignOutResponse {
+    success: boolean;
+}
+interface SessionResponse {
+    user: User;
+}
+interface BackendError {
+    message: string;
+    code: string;
+}
+interface AuthResult<T> {
+    data: T | null;
+    error: BackendError | null;
+}
+interface StorageLike {
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+}
+interface Auth101ClientOptions {
+    /**
+     * Base URL where auth101 is mounted on your backend, e.g.
+     * `"http://localhost:8000/auth"` — no trailing slash.
+     */
+    baseURL: string;
+    /**
+     * Custom storage implementation for persisting the token.
+     * Defaults to `localStorage` in browser environments.
+     * Pass `null` to keep the token in memory only (useful for SSR or testing).
+     */
+    storage?: StorageLike | null;
+    /**
+     * Key used to store the token in the provided storage.
+     * Defaults to `"auth101_token"`.
+     */
+    storageKey?: string;
+    /**
+     * Default `RequestInit` options merged into every `fetch` call.
+     * Useful for setting custom headers, credentials mode, etc.
+     */
+    fetchOptions?: RequestInit;
+}
+
+declare class Auth101Client {
+    private readonly _baseURL;
+    private readonly _storage;
+    private readonly _storageKey;
+    private readonly _fetchOptions;
+    constructor(options: Auth101ClientOptions);
+    /** Returns the stored JWT, or `null` if the user is not signed in. */
+    getToken(): string | null;
+    /** Manually store a token (e.g. after server-side sign-in). */
+    setToken(token: string): void;
+    /** Remove the stored token. */
+    clearToken(): void;
+    /**
+     * Register a new user with email and password.
+     *
+     * On success the token is persisted automatically.
+     * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+     */
+    signUp(input: SignUpInput): Promise<AuthResult<SignUpResponse>>;
+    /**
+     * Sign in with email and password.
+     *
+     * On success the token is persisted automatically.
+     * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+     */
+    signIn(input: SignInInput): Promise<AuthResult<SignInResponse>>;
+    /**
+     * Sign out the current user.
+     *
+     * The token is always cleared from storage regardless of the backend response.
+     * Returns `{ data: { success: true }, error: null }` or `{ data: null, error }`.
+     */
+    signOut(): Promise<AuthResult<SignOutResponse>>;
+    /**
+     * Fetch the currently authenticated user from the backend.
+     *
+     * Returns `{ data: { user }, error: null }` or `{ data: null, error }`.
+     */
+    getSession(): Promise<AuthResult<SessionResponse>>;
+    private _post;
+    private _get;
+    private _request;
+}
+/**
+ * Create an `Auth101Client` instance.
+ *
+ * @example
+ * ```ts
+ * const auth = createAuth101Client({ baseURL: "http://localhost:8000/auth" })
+ *
+ * const { data, error } = await auth.signIn({ email, password })
+ * if (data) console.log(data.user)
+ * ```
+ */
+declare function createAuth101Client(options: Auth101ClientOptions): Auth101Client;
+
+export { Auth101Client, type Auth101ClientOptions, type AuthResult, type BackendError, type SessionResponse, type SignInInput, type SignInResponse, type SignOutResponse, type SignUpInput, type SignUpResponse, type StorageLike, type User, createAuth101Client };

package/dist/index.js

@@ -0,0 +1,173 @@
+// src/storage.ts
+var MemoryStorage = class {
+  constructor() {
+    this._map = /* @__PURE__ */ new Map();
+  }
+  getItem(key) {
+    return this._map.get(key) ?? null;
+  }
+  setItem(key, value) {
+    this._map.set(key, value);
+  }
+  removeItem(key) {
+    this._map.delete(key);
+  }
+};
+function resolveStorage(storage) {
+  if (storage === null) {
+    return new MemoryStorage();
+  }
+  if (storage !== void 0) {
+    return storage;
+  }
+  if (typeof window !== "undefined" && window.localStorage) {
+    return window.localStorage;
+  }
+  return new MemoryStorage();
+}
+
+// src/client.ts
+var DEFAULT_STORAGE_KEY = "auth101_token";
+var Auth101Client = class {
+  constructor(options) {
+    if (!options.baseURL) {
+      throw new Error("[auth101] baseURL is required");
+    }
+    this._baseURL = options.baseURL.replace(/\/$/, "");
+    this._storage = resolveStorage(options.storage);
+    this._storageKey = options.storageKey ?? DEFAULT_STORAGE_KEY;
+    this._fetchOptions = options.fetchOptions ?? {};
+  }
+  // ── Token management ────────────────────────────────────────────────────────
+  /** Returns the stored JWT, or `null` if the user is not signed in. */
+  getToken() {
+    return this._storage.getItem(this._storageKey);
+  }
+  /** Manually store a token (e.g. after server-side sign-in). */
+  setToken(token) {
+    this._storage.setItem(this._storageKey, token);
+  }
+  /** Remove the stored token. */
+  clearToken() {
+    this._storage.removeItem(this._storageKey);
+  }
+  // ── Auth methods ────────────────────────────────────────────────────────────
+  /**
+   * Register a new user with email and password.
+   *
+   * On success the token is persisted automatically.
+   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+   */
+  async signUp(input) {
+    const result = await this._post("/sign-up/email", input);
+    if (result.data?.token) {
+      this.setToken(result.data.token);
+    }
+    return result;
+  }
+  /**
+   * Sign in with email and password.
+   *
+   * On success the token is persisted automatically.
+   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.
+   */
+  async signIn(input) {
+    const result = await this._post("/sign-in/email", input);
+    if (result.data?.token) {
+      this.setToken(result.data.token);
+    }
+    return result;
+  }
+  /**
+   * Sign out the current user.
+   *
+   * The token is always cleared from storage regardless of the backend response.
+   * Returns `{ data: { success: true }, error: null }` or `{ data: null, error }`.
+   */
+  async signOut() {
+    const token = this.getToken();
+    if (!token) {
+      this.clearToken();
+      return { data: { success: true }, error: null };
+    }
+    const result = await this._post("/sign-out", void 0, token);
+    this.clearToken();
+    return result;
+  }
+  /**
+   * Fetch the currently authenticated user from the backend.
+   *
+   * Returns `{ data: { user }, error: null }` or `{ data: null, error }`.
+   */
+  async getSession() {
+    const token = this.getToken();
+    if (!token) {
+      return {
+        data: null,
+        error: { message: "Not signed in", code: "UNAUTHORIZED" }
+      };
+    }
+    return this._get("/session", token);
+  }
+  // ── Internal HTTP helpers ───────────────────────────────────────────────────
+  async _post(path, body, token) {
+    return this._request("POST", path, body, token);
+  }
+  async _get(path, token) {
+    return this._request("GET", path, void 0, token);
+  }
+  async _request(method, path, body, token) {
+    const headers = {
+      "Content-Type": "application/json",
+      ...this._fetchOptions.headers
+    };
+    if (token) {
+      headers["Authorization"] = `Bearer ${token}`;
+    }
+    const init = {
+      ...this._fetchOptions,
+      method,
+      headers,
+      ...body !== void 0 ? { body: JSON.stringify(body) } : {}
+    };
+    let response;
+    try {
+      response = await fetch(`${this._baseURL}${path}`, init);
+    } catch (cause) {
+      return {
+        data: null,
+        error: {
+          message: "Network error \u2014 could not reach the server",
+          code: "NETWORK_ERROR"
+        }
+      };
+    }
+    let json;
+    try {
+      json = await response.json();
+    } catch {
+      return {
+        data: null,
+        error: {
+          message: `Unexpected response from server (status ${response.status})`,
+          code: "PARSE_ERROR"
+        }
+      };
+    }
+    if (!response.ok || isBackendError(json)) {
+      const err = isBackendError(json) ? json.error : { message: `Request failed with status ${response.status}`, code: "HTTP_ERROR" };
+      return { data: null, error: err };
+    }
+    return { data: json, error: null };
+  }
+};
+function isBackendError(json) {
+  return typeof json === "object" && json !== null && "error" in json && typeof json.error === "object";
+}
+function createAuth101Client(options) {
+  return new Auth101Client(options);
+}
+
+export { Auth101Client, createAuth101Client };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/storage.ts","../src/client.ts"],"names":[],"mappings":";AAMA,IAAM,gBAAN,MAA2C;AAAA,EAA3C,WAAA,GAAA;AACE,IAAA,IAAA,CAAiB,IAAA,uBAAW,GAAA,EAAoB;AAAA,EAAA;AAAA,EAEhD,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,IAAA,CAAK,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC1B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACtB;AACF,CAAA;AASO,SAAS,eAAe,OAAA,EAAsD;AACnF,EAAA,IAAI,YAAY,IAAA,EAAM;AACpB,IAAA,OAAO,IAAI,aAAA,EAAc;AAAA,EAC3B;AAEA,EAAA,IAAI,YAAY,MAAA,EAAW;AACzB,IAAA,OAAO,OAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,MAAA,CAAO,YAAA,EAAc;AACxD,IAAA,OAAO,MAAA,CAAO,YAAA;AAAA,EAChB;AAEA,EAAA,OAAO,IAAI,aAAA,EAAc;AAC3B;;;AC7BA,IAAM,mBAAA,GAAsB,eAAA;AAErB,IAAM,gBAAN,MAAoB;AAAA,EAMzB,YAAY,OAAA,EAA+B;AACzC,IAAA,IAAI,CAAC,QAAQ,OAAA,EAAS;AACpB,MAAA,MAAM,IAAI,MAAM,+BAA+B,CAAA;AAAA,IACjD;AAEA,IAAA,IAAA,CAAK,QAAA,GAAW,OAAA,CAAQ,OAAA,CAAQ,OAAA,CAAQ,OAAO,EAAE,CAAA;AACjD,IAAA,IAAA,CAAK,QAAA,GAAW,cAAA,CAAe,OAAA,CAAQ,OAAO,CAAA;AAC9C,IAAA,IAAA,CAAK,WAAA,GAAc,QAAQ,UAAA,IAAc,mBAAA;AACzC,IAAA,IAAA,CAAK,aAAA,GAAgB,OAAA,CAAQ,YAAA,IAAgB,EAAC;AAAA,EAChD;AAAA;AAAA;AAAA,EAKA,QAAA,GAA0B;AACxB,IAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,IAAA,CAAK,WAAW,CAAA;AAAA,EAC/C;AAAA;AAAA,EAGA,SAAS,KAAA,EAAqB;AAC5B,IAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,IAAA,CAAK,WAAA,EAAa,KAAK,CAAA;AAAA,EAC/C;AAAA;AAAA,EAGA,UAAA,GAAmB;AACjB,IAAA,IAAA,CAAK,QAAA,CAAS,UAAA,CAAW,IAAA,CAAK,WAAW,CAAA;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,OAAO,KAAA,EAAyD;AACpE,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,KAAA,CAAsB,kBAAkB,KAAK,CAAA;AAEvE,IAAA,IAAI,MAAA,CAAO,MAAM,KAAA,EAAO;AACtB,MAAA,IAAA,CAAK,QAAA,CAAS,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA,IACjC;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAO,KAAA,EAAyD;AACpE,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,KAAA,CAAsB,kBAAkB,KAAK,CAAA;AAEvE,IAAA,IAAI,MAAA,CAAO,MAAM,KAAA,EAAO;AACtB,MAAA,IAAA,CAAK,QAAA,CAAS,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA,IACjC;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAA,GAAgD;AACpD,IAAA,MAAM,KAAA,GAAQ,KAAK,QAAA,EAAS;AAE5B,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,IAAA,CAAK,UAAA,EAAW;AAChB,MAAA,OAAO,EAAE,IAAA,EAAM,EAAE,SAAS,IAAA,EAAK,EAAG,OAAO,IAAA,EAAK;AAAA,IAChD;AAEA,IAAA,MAAM,SAAS,MAAM,IAAA,CAAK,KAAA,CAAuB,WAAA,EAAa,QAAW,KAAK,CAAA;AAC9E,IAAA,IAAA,CAAK,UAAA,EAAW;AAChB,IAAA,OAAO,MAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,UAAA,GAAmD;AACvD,IAAA,MAAM,KAAA,GAAQ,KAAK,QAAA,EAAS;AAE5B,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,IAAA;AAAA,QACN,KAAA,EAAO,EAAE,OAAA,EAAS,eAAA,EAAiB,MAAM,cAAA;AAAe,OAC1D;AAAA,IACF;AAEA,IAAA,OAAO,IAAA,CAAK,IAAA,CAAsB,UAAA,EAAY,KAAK,CAAA;AAAA,EACrD;AAAA;AAAA,EAIA,MAAc,KAAA,CACZ,IAAA,EACA,IAAA,EACA,KAAA,EACwB;AACxB,IAAA,OAAO,IAAA,CAAK,QAAA,CAAY,MAAA,EAAQ,IAAA,EAAM,MAAM,KAAK,CAAA;AAAA,EACnD;AAAA,EAEA,MAAc,IAAA,CAAQ,IAAA,EAAc,KAAA,EAAwC;AAC1E,IAAA,OAAO,IAAA,CAAK,QAAA,CAAY,KAAA,EAAO,IAAA,EAAM,QAAW,KAAK,CAAA;AAAA,EACvD;AAAA,EAEA,MAAc,QAAA,CACZ,MAAA,EACA,IAAA,EACA,MACA,KAAA,EACwB;AACxB,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAI,KAAK,aAAA,CAAc;AAAA,KACzB;AAEA,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,MAAM,IAAA,GAAoB;AAAA,MACxB,GAAG,IAAA,CAAK,aAAA;AAAA,MACR,MAAA;AAAA,MACA,OAAA;AAAA,MACA,GAAI,IAAA,KAAS,MAAA,GAAY,EAAE,IAAA,EAAM,KAAK,SAAA,CAAU,IAAI,CAAA,EAAE,GAAI;AAAC,KAC7D;AAEA,IAAA,IAAI,QAAA;AAEJ,IAAA,IAAI;AACF,MAAA,QAAA,GAAW,MAAM,MAAM,CAAA,EAAG,IAAA,CAAK,QAAQ,CAAA,EAAG,IAAI,IAAI,IAAI,CAAA;AAAA,IACxD,SAAS,KAAA,EAAO;AACd,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,IAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,OAAA,EAAS,iDAAA;AAAA,UACT,IAAA,EAAM;AAAA;AACR,OACF;AAAA,IACF;AAEA,IAAA,IAAI,IAAA;AAEJ,IAAA,IAAI;AACF,MAAA,IAAA,GAAO,MAAM,SAAS,IAAA,EAAK;AAAA,IAC7B,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,IAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,OAAA,EAAS,CAAA,wCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA,CAAA,CAAA;AAAA,UACnE,IAAA,EAAM;AAAA;AACR,OACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,cAAA,CAAe,IAAI,CAAA,EAAG;AACxC,MAAA,MAAM,GAAA,GAAM,cAAA,CAAe,IAAI,CAAA,GAC1B,IAAA,CAAiC,KAAA,GAClC,EAAE,OAAA,EAAS,CAAA,2BAAA,EAA8B,QAAA,CAAS,MAAM,CAAA,CAAA,EAAI,MAAM,YAAA,EAAa;AAEnF,MAAA,OAAO,EAAE,IAAA,EAAM,IAAA,EAAM,KAAA,EAAO,GAAA,EAAI;AAAA,IAClC;AAEA,IAAA,OAAO,EAAE,IAAA,EAAM,IAAA,EAAW,KAAA,EAAO,IAAA,EAAK;AAAA,EACxC;AACF;AAEA,SAAS,eAAe,IAAA,EAAwB;AAC9C,EAAA,OACE,OAAO,SAAS,QAAA,IAChB,IAAA,KAAS,QACT,OAAA,IAAW,IAAA,IACX,OAAQ,IAAA,CAA4B,KAAA,KAAU,QAAA;AAElD;AAeO,SAAS,oBAAoB,OAAA,EAA8C;AAChF,EAAA,OAAO,IAAI,cAAc,OAAO,CAAA;AAClC","file":"index.js","sourcesContent":["import type { StorageLike } from \"./types\"\r\n\r\n/**\r\n * In-memory fallback used when localStorage is unavailable (SSR, Node, tests).\r\n * Token is lost when the instance is garbage-collected.\r\n */\r\nclass MemoryStorage implements StorageLike {\r\n  private readonly _map = new Map<string, string>()\r\n\r\n  getItem(key: string): string | null {\r\n    return this._map.get(key) ?? null\r\n  }\r\n\r\n  setItem(key: string, value: string): void {\r\n    this._map.set(key, value)\r\n  }\r\n\r\n  removeItem(key: string): void {\r\n    this._map.delete(key)\r\n  }\r\n}\r\n\r\n/**\r\n * Resolve a storage backend in priority order:\r\n *\r\n * 1. Explicit `null`  → no persistence, always return `MemoryStorage`\r\n * 2. Explicit object  → use as-is (duck-typed StorageLike)\r\n * 3. `undefined`      → try `localStorage`, fall back to `MemoryStorage`\r\n */\r\nexport function resolveStorage(storage: StorageLike | null | undefined): StorageLike {\r\n  if (storage === null) {\r\n    return new MemoryStorage()\r\n  }\r\n\r\n  if (storage !== undefined) {\r\n    return storage\r\n  }\r\n\r\n  if (typeof window !== \"undefined\" && window.localStorage) {\r\n    return window.localStorage\r\n  }\r\n\r\n  return new MemoryStorage()\r\n}\r\n","import { resolveStorage } from \"./storage\"\r\nimport type {\r\n  Auth101ClientOptions,\r\n  AuthResult,\r\n  BackendError,\r\n  SessionResponse,\r\n  SignInInput,\r\n  SignInResponse,\r\n  SignOutResponse,\r\n  SignUpInput,\r\n  SignUpResponse,\r\n  StorageLike,\r\n} from \"./types\"\r\n\r\nconst DEFAULT_STORAGE_KEY = \"auth101_token\"\r\n\r\nexport class Auth101Client {\r\n  private readonly _baseURL: string\r\n  private readonly _storage: StorageLike\r\n  private readonly _storageKey: string\r\n  private readonly _fetchOptions: RequestInit\r\n\r\n  constructor(options: Auth101ClientOptions) {\r\n    if (!options.baseURL) {\r\n      throw new Error(\"[auth101] baseURL is required\")\r\n    }\r\n\r\n    this._baseURL = options.baseURL.replace(/\\/$/, \"\")\r\n    this._storage = resolveStorage(options.storage)\r\n    this._storageKey = options.storageKey ?? DEFAULT_STORAGE_KEY\r\n    this._fetchOptions = options.fetchOptions ?? {}\r\n  }\r\n\r\n  // ── Token management ────────────────────────────────────────────────────────\r\n\r\n  /** Returns the stored JWT, or `null` if the user is not signed in. */\r\n  getToken(): string | null {\r\n    return this._storage.getItem(this._storageKey)\r\n  }\r\n\r\n  /** Manually store a token (e.g. after server-side sign-in). */\r\n  setToken(token: string): void {\r\n    this._storage.setItem(this._storageKey, token)\r\n  }\r\n\r\n  /** Remove the stored token. */\r\n  clearToken(): void {\r\n    this._storage.removeItem(this._storageKey)\r\n  }\r\n\r\n  // ── Auth methods ────────────────────────────────────────────────────────────\r\n\r\n  /**\r\n   * Register a new user with email and password.\r\n   *\r\n   * On success the token is persisted automatically.\r\n   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async signUp(input: SignUpInput): Promise<AuthResult<SignUpResponse>> {\r\n    const result = await this._post<SignUpResponse>(\"/sign-up/email\", input)\r\n\r\n    if (result.data?.token) {\r\n      this.setToken(result.data.token)\r\n    }\r\n\r\n    return result\r\n  }\r\n\r\n  /**\r\n   * Sign in with email and password.\r\n   *\r\n   * On success the token is persisted automatically.\r\n   * Returns `{ data: { user, token }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async signIn(input: SignInInput): Promise<AuthResult<SignInResponse>> {\r\n    const result = await this._post<SignInResponse>(\"/sign-in/email\", input)\r\n\r\n    if (result.data?.token) {\r\n      this.setToken(result.data.token)\r\n    }\r\n\r\n    return result\r\n  }\r\n\r\n  /**\r\n   * Sign out the current user.\r\n   *\r\n   * The token is always cleared from storage regardless of the backend response.\r\n   * Returns `{ data: { success: true }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async signOut(): Promise<AuthResult<SignOutResponse>> {\r\n    const token = this.getToken()\r\n\r\n    if (!token) {\r\n      this.clearToken()\r\n      return { data: { success: true }, error: null }\r\n    }\r\n\r\n    const result = await this._post<SignOutResponse>(\"/sign-out\", undefined, token)\r\n    this.clearToken()\r\n    return result\r\n  }\r\n\r\n  /**\r\n   * Fetch the currently authenticated user from the backend.\r\n   *\r\n   * Returns `{ data: { user }, error: null }` or `{ data: null, error }`.\r\n   */\r\n  async getSession(): Promise<AuthResult<SessionResponse>> {\r\n    const token = this.getToken()\r\n\r\n    if (!token) {\r\n      return {\r\n        data: null,\r\n        error: { message: \"Not signed in\", code: \"UNAUTHORIZED\" },\r\n      }\r\n    }\r\n\r\n    return this._get<SessionResponse>(\"/session\", token)\r\n  }\r\n\r\n  // ── Internal HTTP helpers ───────────────────────────────────────────────────\r\n\r\n  private async _post<T>(\r\n    path: string,\r\n    body: object | undefined,\r\n    token?: string,\r\n  ): Promise<AuthResult<T>> {\r\n    return this._request<T>(\"POST\", path, body, token)\r\n  }\r\n\r\n  private async _get<T>(path: string, token?: string): Promise<AuthResult<T>> {\r\n    return this._request<T>(\"GET\", path, undefined, token)\r\n  }\r\n\r\n  private async _request<T>(\r\n    method: string,\r\n    path: string,\r\n    body: object | undefined,\r\n    token?: string,\r\n  ): Promise<AuthResult<T>> {\r\n    const headers: Record<string, string> = {\r\n      \"Content-Type\": \"application/json\",\r\n      ...(this._fetchOptions.headers as Record<string, string> | undefined),\r\n    }\r\n\r\n    if (token) {\r\n      headers[\"Authorization\"] = `Bearer ${token}`\r\n    }\r\n\r\n    const init: RequestInit = {\r\n      ...this._fetchOptions,\r\n      method,\r\n      headers,\r\n      ...(body !== undefined ? { body: JSON.stringify(body) } : {}),\r\n    }\r\n\r\n    let response: Response\r\n\r\n    try {\r\n      response = await fetch(`${this._baseURL}${path}`, init)\r\n    } catch (cause) {\r\n      return {\r\n        data: null,\r\n        error: {\r\n          message: \"Network error — could not reach the server\",\r\n          code: \"NETWORK_ERROR\",\r\n        },\r\n      }\r\n    }\r\n\r\n    let json: unknown\r\n\r\n    try {\r\n      json = await response.json()\r\n    } catch {\r\n      return {\r\n        data: null,\r\n        error: {\r\n          message: `Unexpected response from server (status ${response.status})`,\r\n          code: \"PARSE_ERROR\",\r\n        },\r\n      }\r\n    }\r\n\r\n    if (!response.ok || isBackendError(json)) {\r\n      const err = isBackendError(json)\r\n        ? (json as { error: BackendError }).error\r\n        : { message: `Request failed with status ${response.status}`, code: \"HTTP_ERROR\" }\r\n\r\n      return { data: null, error: err }\r\n    }\r\n\r\n    return { data: json as T, error: null }\r\n  }\r\n}\r\n\r\nfunction isBackendError(json: unknown): boolean {\r\n  return (\r\n    typeof json === \"object\" &&\r\n    json !== null &&\r\n    \"error\" in json &&\r\n    typeof (json as { error: unknown }).error === \"object\"\r\n  )\r\n}\r\n\r\n// ── Factory ───────────────────────────────────────────────────────────────────\r\n\r\n/**\r\n * Create an `Auth101Client` instance.\r\n *\r\n * @example\r\n * ```ts\r\n * const auth = createAuth101Client({ baseURL: \"http://localhost:8000/auth\" })\r\n *\r\n * const { data, error } = await auth.signIn({ email, password })\r\n * if (data) console.log(data.user)\r\n * ```\r\n */\r\nexport function createAuth101Client(options: Auth101ClientOptions): Auth101Client {\r\n  return new Auth101Client(options)\r\n}\r\n"]}

package/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "auth101",
+  "version": "0.1.1",
+  "description": "TypeScript client for auth101 — simple email/password auth for Python backends",
+  "keywords": [
+    "auth",
+    "authentication",
+    "typescript",
+    "python",
+    "fastapi",
+    "flask",
+    "django"
+  ],
+  "license": "MIT",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit"
+  },
+  "devDependencies": {
+    "tsup": "^8.4.0",
+    "typescript": "^5.8.2"
+  }
+}