firstly 0.0.12 → 0.0.14

package/CHANGELOG.md

@@ -1,5 +1,21 @@
 # firstly
 
+## 0.0.14
+
+### Patch Changes
+
+- [#85](https://github.com/jycouet/firstly/pull/85)
+  [`993f733`](https://github.com/jycouet/firstly/commit/993f73374591f134d76e30f8b5e4402b4d3112d0)
+  Thanks [@jycouet](https://github.com/jycouet)! - prepare JYC 014
+
+## 0.0.13
+
+### Patch Changes
+
+- [#66](https://github.com/jycouet/firstly/pull/66)
+  [`7d8b323`](https://github.com/jycouet/firstly/commit/7d8b323b49d7d76b6d59ec887ed2e37a2238f201)
+  Thanks [@jycouet](https://github.com/jycouet)! - prepare JYC 013
+
 ## 0.0.12
 
 ### Patch Changes

package/esm/ROUTES.d.ts

@@ -33,6 +33,7 @@ declare const AllObjs: {
     }) => string;
     "/": string;
     "/auth": string;
+    "/demo/task": string;
     "/mail": string;
     "/ui/dialog": string;
     "/ui/enum": string;
@@ -71,6 +72,7 @@ export type KIT_ROUTES = {
     PAGES: {
         '/': never;
         '/auth': never;
+        '/demo/task': never;
         '/mail': never;
         '/ui/dialog': never;
         '/ui/enum': never;

package/esm/ROUTES.js

@@ -10,6 +10,7 @@
 const PAGES = {
     "/": `/`,
     "/auth": `/auth`,
+    "/demo/task": `/demo/task`,
     "/mail": `/mail`,
     "/ui/dialog": `/ui/dialog`,
     "/ui/enum": `/ui/enum`,

package/esm/api/index.d.ts

@@ -28,9 +28,18 @@ export declare class Module {
 type Options = RemultServerOptions<RequestEvent<Partial<Record<string, string>>, string | null>> & {
     modules?: Module[] | undefined;
 };
+declare module 'remult' {
+    interface RemultContext {
+        request: RequestEvent;
+        setHeaders(headers: Record<string, string>): void;
+        setCookie(...args: Parameters<RequestEvent['cookies']['set']>): void;
+        deleteCookie(...args: Parameters<RequestEvent['cookies']['delete']>): void;
+    }
+}
 export declare let entities: ClassType<any>[];
 /**
  * it's basically `remultSveltekit` with the `modules` option
+ * @deprecated will be done directly in remult when modules will be in 😉
  */
 export declare const firstly: (o: Options) => import("remult/remult-sveltekit").RemultSveltekitServer;
 /**

package/esm/api/index.js

@@ -2,6 +2,7 @@ import {} from 'remult';
 import { remultSveltekit } from 'remult/remult-sveltekit';
 import { Log } from '@kitql/helpers';
 import { building } from '$app/environment';
+import { sveltekit } from '../sveltekit/server';
 export class Module {
     name;
     log;
@@ -25,10 +26,11 @@ export class Module {
 export let entities = [];
 /**
  * it's basically `remultSveltekit` with the `modules` option
+ * @deprecated will be done directly in remult when modules will be in 😉
  */
 export const firstly = (o) => {
     const modulesSorted = modulesFlatAndOrdered([
-        ...(o.modules ?? []),
+        ...[...(o.modules ?? []), sveltekit()],
         new Module({
             name: 'default',
             entities: o.entities ?? [],

package/esm/auth/AuthController.d.ts

@@ -1,53 +1,42 @@
-import type { ProviderConfigured } from './server/module';
+import type { AuthServerAbstraction, ProviderConfigured } from './types';
 export declare class AuthController {
     #private;
-    static _setAbstraction(impl: {
-        signOut: any;
-        signInDemo: any;
-        invite: any;
-        signUpPassword: any;
-        signInPassword: any;
-        forgotPassword: any;
-        resetPassword: any;
-        signInOTP: any;
-        verifyOtp: any;
-        signInOAuthGetUrl: any;
-    }): void;
+    static _setAbstraction(impl: AuthServerAbstraction): void;
     /**
      * Sign out the current user
      */
-    static signOut(): Promise<any>;
+    static signOut(): Promise<import("./types").AuthResponse>;
     /**
      * Sign in with a demo account
      * _(The easiest way to demo & test your application)_
      */
-    static signInDemo(name: string): Promise<any>;
+    static signInDemo(name: string): Promise<import("./types").AuthResponse>;
     /**
      * This is for login / password authentication Invite someone
      */
-    static invite(email: string): Promise<any>;
+    static invite(email: string): Promise<import("./types").AuthResponse>;
     /**
      * This is for login / password authentication SignUp
      */
-    static signUpPassword(email: string, password: string): Promise<any>;
+    static signUpPassword(email: string, password: string): Promise<import("./types").AuthResponse>;
     /**
      * This is for login / password authentication SignIn
      */
-    static signInPassword(email: string, password: string): Promise<any>;
+    static signInPassword(email: string, password: string): Promise<import("./types").AuthResponse>;
     /**
      * Forgot your password ? Send a mail to reset it.
      */
-    static forgotPassword(email: string): Promise<any>;
+    static forgotPassword(email: string): Promise<import("./types").AuthResponse>;
     /**
      * Reset your password with a token
      */
-    static resetPassword(token: string, password: string): Promise<any>;
+    static resetPassword(token: string, password: string): Promise<import("./types").AuthResponse>;
     /** OTP */
-    static signInOTP(email: string): Promise<any>;
+    static signInOTP(email: string): Promise<import("./types").AuthResponse>;
     /**
      * Verify the OTP code
      */
-    static verifyOtp(email: string, otp: string): Promise<any>;
+    static verifyOtp(email: string, otp: string): Promise<import("./types").AuthResponse>;
     /** OAUTH */
     /**
      * The the url to redirect to for the OAuth provider
@@ -65,5 +54,5 @@ export declare class AuthController {
         provider: T;
         options?: ProviderConfigured[T];
         redirect?: string;
-    }): Promise<any>;
+    }): Promise<string>;
 }

package/esm/auth/AuthController.js

@@ -7,82 +7,63 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 import { BackendMethod } from 'remult';
 import { FF_Role_Auth } from './Entities';
 export class AuthController {
-    // Private static fields
-    static #signOutFn;
-    static #signInDemoFn;
-    static #inviteFn;
-    static #signUpPasswordFn;
-    static #signInPasswordFn;
-    static #forgotPasswordFn;
-    static #resetPasswordFn;
-    static #signInOTPFn;
-    static #verifyOtpFn;
-    static #signInOAuthGetUrlFn;
+    static #server;
     // Internal setter method that can be used by the module
     static _setAbstraction(impl) {
-        this.#signOutFn = impl.signOut;
-        this.#signInDemoFn = impl.signInDemo;
-        this.#inviteFn = impl.invite;
-        this.#signUpPasswordFn = impl.signUpPassword;
-        this.#signInPasswordFn = impl.signInPassword;
-        this.#forgotPasswordFn = impl.forgotPassword;
-        this.#resetPasswordFn = impl.resetPassword;
-        this.#signInOTPFn = impl.signInOTP;
-        this.#verifyOtpFn = impl.verifyOtp;
-        this.#signInOAuthGetUrlFn = impl.signInOAuthGetUrl;
+        this.#server = impl;
     }
     /**
      * Sign out the current user
      */
     static async signOut() {
-        return await AuthController.#signOutFn();
+        return await AuthController.#server.signOut();
     }
     /**
      * Sign in with a demo account
      * _(The easiest way to demo & test your application)_
      */
     static async signInDemo(name) {
-        return await AuthController.#signInDemoFn(name);
+        return await AuthController.#server.signInDemo(name);
     }
     /**
      * This is for login / password authentication Invite someone
      */
     static async invite(email) {
-        return await AuthController.#inviteFn(email);
+        return await AuthController.#server.invite(email);
     }
     /**
      * This is for login / password authentication SignUp
      */
     static async signUpPassword(email, password) {
-        return await AuthController.#signUpPasswordFn(email, password);
+        return await AuthController.#server.signUpPassword(email, password);
     }
     /**
      * This is for login / password authentication SignIn
      */
     static async signInPassword(email, password) {
-        return await AuthController.#signInPasswordFn(email, password);
+        return await AuthController.#server.signInPassword(email, password);
     }
     /**
      * Forgot your password ? Send a mail to reset it.
      */
     static async forgotPassword(email) {
-        return await AuthController.#forgotPasswordFn(email);
+        return await AuthController.#server.forgotPassword(email);
     }
     /**
      * Reset your password with a token
      */
     static async resetPassword(token, password) {
-        return await AuthController.#resetPasswordFn(token, password);
+        return await AuthController.#server.resetPassword(token, password);
     }
     /** OTP */
     static async signInOTP(email) {
-        return await AuthController.#signInOTPFn(email);
+        return await AuthController.#server.signInOTP(email);
     }
     /**
      * Verify the OTP code
      */
     static async verifyOtp(email, otp) {
-        return await AuthController.#verifyOtpFn(email, otp);
+        return await AuthController.#server.verifyOtp(email, otp);
     }
     /** OAUTH */
     /**
@@ -98,7 +79,7 @@ export class AuthController {
      * _(popup example should work too, and a nice example/componant would be appreciated)_
      */
     static async signInOAuthGetUrl(o) {
-        return await AuthController.#signInOAuthGetUrlFn(o);
+        return await AuthController.#server.signInOAuthGetUrl(o);
     }
 }
 __decorate([

package/esm/auth/server/AuthController.server.d.ts

@@ -1,42 +1,42 @@
-import { type ProviderConfigured } from './module.js';
+import type { AuthResponse, ProviderConfigured } from '../types.js';
 export declare class AuthControllerServer {
     /**
      * Sign out the current user
      */
-    static signOut(): Promise<void>;
+    static signOut(): Promise<AuthResponse>;
     /**
      * Sign in with a demo account
      * _(The easiest way to demo & test your application)_
      */
-    static signInDemo(name: string): Promise<string>;
+    static signInDemo(name: string): Promise<AuthResponse>;
     /**
      * This is for login / password authentication invite
      */
-    static invite(emailParam: string): Promise<"Mail sent !" | "Demo Mail sent !" | "ok">;
+    static invite(emailParam: string): Promise<AuthResponse>;
     /**
      * This is for login / password authentication SignUp
      * _(The first param `email` can be "anything")_
      */
-    static signUpPassword(emailParam: string, password: string): Promise<string>;
+    static signUpPassword(emailParam: string, password: string): Promise<AuthResponse>;
     /**
      * This is for login / password authentication SignIn
      * _(The first param `email` can be "anything")_
      */
-    static signInPassword(emailParam: string, password: string): Promise<string>;
+    static signInPassword(emailParam: string, password: string): Promise<AuthResponse>;
     /**
      * Forgot your password ? Send a mail to reset it.
      */
-    static forgotPassword(emailParam: string): Promise<"Mail sent !" | "Demo Mail sent !">;
+    static forgotPassword(emailParam: string): Promise<AuthResponse>;
     /**
      * Reset your password with a token
      */
-    static resetPassword(token: string, password: string): Promise<string>;
+    static resetPassword(token: string, password: string): Promise<AuthResponse>;
     /** OTP */
-    static signInOTP(emailParam: string): Promise<"Mail sent !" | "Hum, something went wrong !">;
+    static signInOTP(emailParam: string): Promise<AuthResponse>;
     /**
      * Verify the OTP code
      */
-    static verifyOtp(emailParam: string, otp: string): Promise<string>;
+    static verifyOtp(emailParam: string, otp: string): Promise<AuthResponse>;
     /** OAUTH */
     /**
      * The the url to redirect to for the OAuth provider
@@ -54,5 +54,5 @@ export declare class AuthControllerServer {
         provider: T;
         options?: ProviderConfigured[T];
         redirect?: string;
-    }): Promise<any>;
+    }): Promise<string>;
 }

package/esm/auth/server/AuthController.server.js

@@ -2,8 +2,7 @@ import { decodeHex, encodeHexLowerCase } from '@oslojs/encoding';
 import { createTOTPKeyURI, generateTOTP, verifyTOTPWithGracePeriod } from '@oslojs/otp';
 import { generateState } from 'arctic';
 import { EntityError, remult, repo } from 'remult';
-import { green, magenta, yellow } from '@kitql/helpers';
-import { sendMail } from '../../mail/server/index.js';
+import { gray, green, magenta, red, yellow } from '@kitql/helpers';
 import { FFAuthProvider } from '../Entities.js';
 import { invalidateSession } from './helperDb.js';
 import { ff_createSession } from './helperFirstly.js';
@@ -11,6 +10,25 @@ import { createDate, generateAndEncodeToken } from './helperOslo.js';
 import { deleteSessionTokenCookie, setOAuthStateCookie, setRedirectCookie, } from './helperRemultServer.js';
 import { mergeRoles } from './helperRole.js';
 import { AUTH_OPTIONS, authModuleRaw, getSafeOptions } from './module.js';
+const getSendMail = () => {
+    if (!remult.context.sendMail) {
+        authModuleRaw.log.error(`Missing ${green(`remult.context`)}.${red(`sendMail`)}`);
+        authModuleRaw.log.error('');
+        authModuleRaw.log.error(gray('Add this to your modules:'));
+        authModuleRaw.log.error('import { mail } from "firstly/mail/server"');
+        authModuleRaw.log.error('');
+        authModuleRaw.log.error('{');
+        authModuleRaw.log.error(`  modules: [`);
+        authModuleRaw.log.error(`    mail({`);
+        authModuleRaw.log.error(`      // options`);
+        authModuleRaw.log.error(`    })`);
+        authModuleRaw.log.error(`  ]`);
+        authModuleRaw.log.error('}');
+        authModuleRaw.log.error('');
+        throw new EntityError({ message: 'Error: Contact your administrator.' });
+    }
+    return remult.context.sendMail;
+};
 export class AuthControllerServer {
     /**
      * Sign out the current user
@@ -20,6 +38,10 @@ export class AuthControllerServer {
             await invalidateSession(remult.user?.session.id);
         }
         deleteSessionTokenCookie();
+        return {
+            message: 'signed out',
+            user: undefined,
+        };
     }
     /**
      * Sign in with a demo account
@@ -43,8 +65,11 @@ export class AuthControllerServer {
         const r = mergeRoles(user.roles, account.roles);
         user.roles = r.roles;
         await repo(oSafe.User).save(user);
-        await ff_createSession(user.id);
-        return "You're in with demo account!";
+        const session = await ff_createSession(user.id);
+        return {
+            message: `You're in with demo account!`,
+            user: oSafe.transformDbUserToClientUser(session, user),
+        };
     }
     /**
      * This is for login / password authentication invite
@@ -68,23 +93,26 @@ export class AuthControllerServer {
             // const user = await repo(oSafe.User).insert({
             //   identifier: email,
             // })
-            oSafe.providers?.password?.verifyMailExpiresIn;
             await repo(oSafe.Account).insert({
                 provider: FFAuthProvider.PASSWORD.id,
                 providerUserId: email,
                 // userId: user.id,
                 // hashPassword: await passwordHash(password),
                 token: token,
-                expiresAt: createDate(AUTH_OPTIONS.providers?.password?.verifyMailExpiresIn ?? 5 * 60),
+                expiresAt: createDate(AUTH_OPTIONS.providers?.password?.mail?.verify?.expiresIn ?? 5 * 60),
                 lastVerifiedAt: undefined,
             });
             const url = `${remult.context.request.url.origin}${oSafe.firstlyData.props.ui?.paths.reset_password}?token=${token}`;
             if (AUTH_OPTIONS?.invitationSend) {
                 await AUTH_OPTIONS?.invitationSend({ email, url });
                 authModuleRaw.log.success(`${green('[custom]')}${magenta('[invitationSend]')} (${yellow(url)})`);
-                return 'Mail sent !';
+                return {
+                    message: 'Mail sent !',
+                    user: remult.user,
+                };
             }
             else {
+                const sendMail = getSendMail();
                 await sendMail('invitationSend', {
                     to: email,
                     subject: 'Invitation',
@@ -107,24 +135,31 @@ export class AuthControllerServer {
                     },
                 });
                 authModuleRaw.log.success(`${magenta('[invitationSend]')} (${yellow(url)})`);
-                return 'Demo Mail sent !';
+                return {
+                    message: 'Demo Mail sent !',
+                    user: remult.user,
+                };
             }
         }
-        return 'ok';
+        return {
+            message: 'ok',
+            user: remult.user,
+        };
     }
     /**
      * This is for login / password authentication SignUp
      * _(The first param `email` can be "anything")_
      */
     static async signUpPassword(emailParam, password) {
-        const email = emailParam.toLowerCase();
         const oSafe = getSafeOptions();
         if (!oSafe.signUp) {
-            throw new EntityError({ message: "You can't signup by yourself! Contact the administrator." });
+            throw new EntityError({ message: oSafe.strings.cannotSignUp });
         }
         if (!oSafe.password.enabled) {
             throw new EntityError({ message: 'Password is not enabled!' });
         }
+        const email = emailParam.toLowerCase();
+        oSafe.password.validateInput({ identifier: email, password });
         const existingAccount = await repo(oSafe.Account).findOne({
             where: {
                 providerUserId: email,
@@ -134,7 +169,6 @@ export class AuthControllerServer {
         if (existingAccount) {
             throw new EntityError({ message: "You can't signup twice !" });
         }
-        oSafe.password.validatePassword(password);
         const token = generateAndEncodeToken();
         await remult.dataProvider.transaction(async () => {
             const user = await repo(oSafe.User).insert({
@@ -144,11 +178,11 @@ export class AuthControllerServer {
                 provider: FFAuthProvider.PASSWORD.id,
                 providerUserId: email,
                 userId: user.id,
-                hashPassword: oSafe.password.passwordHash(password),
+                hashPassword: await oSafe.password.hash(password),
                 token: oSafe.verifiedMethod === 'auto' ? undefined : token,
                 expiresAt: oSafe.verifiedMethod === 'auto'
                     ? undefined
-                    : createDate(AUTH_OPTIONS.providers?.password?.verifyMailExpiresIn ?? 5 * 60),
+                    : createDate(AUTH_OPTIONS.providers?.password?.mail?.verify?.expiresIn ?? 5 * 60),
                 lastVerifiedAt: oSafe.verifiedMethod === 'auto' ? new Date() : undefined,
             });
         });
@@ -157,16 +191,21 @@ export class AuthControllerServer {
                 identifier: email,
             });
             if (user) {
-                await ff_createSession(user.id);
+                const session = await ff_createSession(user.id);
+                return {
+                    message: 'ok',
+                    user: oSafe.transformDbUserToClientUser(session, user),
+                };
             }
         }
         else {
             const url = `${remult.context.request.url.origin}${oSafe.firstlyData.props.ui?.paths.verify_email}?token=${token}`;
-            if (AUTH_OPTIONS.providers?.password?.verifyMailSend) {
-                await AUTH_OPTIONS.providers?.password.verifyMailSend({ email, url });
+            if (AUTH_OPTIONS.providers?.password?.mail?.verify?.send) {
+                await AUTH_OPTIONS.providers?.password.mail.verify.send({ email, url });
                 authModuleRaw.log.success(`${green('[custom]')}${magenta('[verifyMailSend]')} (${yellow(url)})`);
             }
             else {
+                const sendMail = getSendMail();
                 await sendMail('verifyMailSend', {
                     to: email,
                     subject: 'Wecome',
@@ -187,7 +226,10 @@ export class AuthControllerServer {
                 authModuleRaw.log.success(`${magenta('[verifyMailSend]')} (${yellow(url)})`);
             }
         }
-        return 'ok';
+        return {
+            message: 'ok',
+            user: remult.user,
+        };
     }
     /**
      * This is for login / password authentication SignIn
@@ -196,6 +238,7 @@ export class AuthControllerServer {
     static async signInPassword(emailParam, password) {
         const email = emailParam.toLowerCase();
         const oSafe = getSafeOptions();
+        oSafe.password.validateInput({ identifier: email, password });
         if (!oSafe.password.enabled) {
             throw new EntityError({ message: 'Password is not enabled!' });
         }
@@ -206,10 +249,13 @@ export class AuthControllerServer {
             },
         });
         if (existingAccount) {
-            const validPassword = oSafe.password.passwordVerify(password ?? '', existingAccount?.hashPassword ?? '');
+            const validPassword = oSafe.password.verify(password ?? '', existingAccount?.hashPassword ?? '');
             if (validPassword) {
-                await ff_createSession(existingAccount.userId);
-                return 'ok';
+                const session = await ff_createSession(existingAccount.userId);
+                return {
+                    message: 'ok',
+                    user: oSafe.transformDbUserToClientUser(session, existingAccount.user),
+                };
             }
             authModuleRaw.log.error({ email, passwordLength: password.length });
             throw new EntityError({ message: 'Incorrect username or password' });
@@ -235,15 +281,19 @@ export class AuthControllerServer {
         if (existingAccount) {
             const token = generateAndEncodeToken();
             existingAccount.token = token;
-            existingAccount.expiresAt = createDate(AUTH_OPTIONS.providers?.password?.resetPasswordExpiresIn ?? 5 * 60);
+            existingAccount.expiresAt = createDate(AUTH_OPTIONS.providers?.password?.mail?.reset?.expiresIn ?? 5 * 60);
             await repo(oSafe.Account).save(existingAccount);
             const url = `${remult.context.request.url.origin}${oSafe.firstlyData.props.ui?.paths.reset_password}?token=${token}`;
-            if (AUTH_OPTIONS.providers?.password?.resetPasswordSend) {
-                await AUTH_OPTIONS.providers?.password.resetPasswordSend({ email, url });
+            if (AUTH_OPTIONS.providers?.password?.mail?.reset?.send) {
+                await AUTH_OPTIONS.providers?.password.mail.reset.send({ email, url });
                 authModuleRaw.log.success(`${green('[custom]')}${magenta('[resetPasswordSend]')} (${yellow(url)})`);
-                return 'Mail sent !';
+                return {
+                    message: oSafe.strings.resetPasswordSend,
+                    user: remult.user,
+                };
             }
             else {
+                const sendMail = getSendMail();
                 await sendMail('resetPasswordSend', {
                     to: email,
                     subject: 'Reset your password',
@@ -266,10 +316,13 @@ export class AuthControllerServer {
                     },
                 });
                 authModuleRaw.log.success(`${magenta('[resetPasswordSend]')} (${yellow(url)})`);
-                return 'Demo Mail sent !';
+                return {
+                    message: `Demo | ${oSafe.strings.resetPasswordSend}`,
+                    user: remult.user,
+                };
             }
         }
-        throw new EntityError({ message: "Une erreur est survenue, contacte l'administrateur!" });
+        throw new EntityError({ message: oSafe.strings.anErrorOccurred });
     }
     /**
      * Reset your password with a token
@@ -279,6 +332,7 @@ export class AuthControllerServer {
         if (!oSafe.password.enabled) {
             throw new EntityError({ message: 'Password is not enabled!' });
         }
+        oSafe.password.validateInput({ identifier: 'resetPassword', password });
         const account = await remult
             .repo(oSafe.Account)
             .findFirst({ token, provider: FFAuthProvider.PASSWORD.id });
@@ -288,20 +342,22 @@ export class AuthControllerServer {
         if (account.expiresAt && account.expiresAt < new Date()) {
             throw new EntityError({ message: 'token expired' });
         }
-        oSafe.password.validatePassword(password);
         if (account.userId === undefined) {
             const user = await repo(oSafe.User).insert({ identifier: account.providerUserId });
             account.userId = user.id;
         }
         await invalidateSession(account.userId);
         // update elements
-        account.hashPassword = oSafe.password.passwordHash(password);
+        account.hashPassword = await oSafe.password.hash(password);
         account.token = undefined;
         account.expiresAt = undefined;
         account.lastVerifiedAt = new Date();
         await repo(oSafe.Account).save(account);
         await ff_createSession(account.userId);
-        return 'reseted';
+        return {
+            message: 'reseted',
+            user: remult.user,
+        };
     }
     /** OTP */
     static async signInOTP(emailParam) {
@@ -338,12 +394,18 @@ export class AuthControllerServer {
             await repo(oSafe.Account).save(account);
             await AUTH_OPTIONS.providers.otp?.send({ name: email, otp, uri });
             authModuleRaw.log.success(`name: ${yellow(email)}, otp: ${yellow(otp)}, uri: ${yellow(uri)}`);
-            return 'Mail sent !';
+            return {
+                message: 'Mail sent !',
+                user: remult.user,
+            };
         }
         else {
             authModuleRaw.log.error(`You need to provide a otp.send hook in the auth options!`);
         }
-        return 'Hum, something went wrong !';
+        return {
+            message: 'Hum, something went wrong !',
+            user: remult.user,
+        };
     }
     /**
      * Verify the OTP code
@@ -378,8 +440,11 @@ export class AuthControllerServer {
         account.token = undefined;
         account.expiresAt = undefined;
         await repo(oSafe.Account).save(account);
-        await ff_createSession(account.userId);
-        return 'verified';
+        const session = await ff_createSession(account.userId);
+        return {
+            message: 'verified',
+            user: oSafe.transformDbUserToClientUser(session, user),
+        };
     }
     /** OAUTH */
     /**

package/esm/auth/server/handleGuard.d.ts

@@ -0,0 +1,16 @@
+import { type Handle } from '@sveltejs/kit';
+export type RouteGuardConfig = {
+    anonymous?: string[];
+    authenticated: string[];
+    redirectToLogin: string;
+    redirectAuthenticated: string;
+    /**
+     * We need this import
+     *
+     * `import { redirect } from '@sveltejs/kit'` */
+    redirect: (status: number, url: string) => void;
+};
+/**
+ * Creates a handle function with the provided route guard configuration
+ */
+export declare function handleGuard(config: RouteGuardConfig): Handle;