firstly 0.0.4 → 0.0.6

package/esm/auth/Entities.js

@@ -4,17 +4,16 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
     else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
     return c > 3 && r && Object.defineProperty(target, key, r), r;
 };
-var AuthProvider_1;
+var FFAuthProvider_1;
 import { Entity, Fields, Relations, Validators, ValueListFieldType } from 'remult';
-import { KitBaseEnum, KitRole } from '../';
-export const KitAuthRole = {
-    Admin: 'KitAuthAdmin',
+import { BaseEnum, FF_Role } from '../';
+export const FF_Auth_Role = {
+    Admin: 'FF_Auth_Role.Admin',
 };
-let KitAuthUser = class KitAuthUser {
+let FFAuthUser = class FFAuthUser {
     id;
     createdAt;
     updatedAt;
-    // @Fields.string<KitAuthUser>({
     name;
     roles = [];
     accounts;
@@ -22,13 +21,13 @@ let KitAuthUser = class KitAuthUser {
 };
 __decorate([
     Fields.cuid()
-], KitAuthUser.prototype, "id", void 0);
+], FFAuthUser.prototype, "id", void 0);
 __decorate([
     Fields.createdAt()
-], KitAuthUser.prototype, "createdAt", void 0);
+], FFAuthUser.prototype, "createdAt", void 0);
 __decorate([
     Fields.updatedAt()
-], KitAuthUser.prototype, "updatedAt", void 0);
+], FFAuthUser.prototype, "updatedAt", void 0);
 __decorate([
     Fields.string({
         validate: [
@@ -39,7 +38,7 @@ __decorate([
             },
         ],
     })
-], KitAuthUser.prototype, "name", void 0);
+], FFAuthUser.prototype, "name", void 0);
 __decorate([
     Fields.object({
         valueConverter: {
@@ -47,71 +46,75 @@ __decorate([
             fromDb: (x) => (x ? x.split(',') : undefined),
         },
     })
-], KitAuthUser.prototype, "roles", void 0);
+], FFAuthUser.prototype, "roles", void 0);
 __decorate([
-    Relations.toMany(() => KitAuthAccount, 'userId')
-], KitAuthUser.prototype, "accounts", void 0);
+    Relations.toMany(() => FFAuthAccount, 'userId')
+], FFAuthUser.prototype, "accounts", void 0);
 __decorate([
-    Relations.toMany(() => KitAuthUserSession, 'userId')
-], KitAuthUser.prototype, "sessions", void 0);
-KitAuthUser = __decorate([
-    Entity('kit_auth_user', {
-        allowApiCrud: [KitAuthRole.Admin, KitRole.Admin],
-        dbName: 'auth.kit_auth_user',
+    Relations.toMany(() => FFAuthUserSession, 'userId')
+], FFAuthUser.prototype, "sessions", void 0);
+FFAuthUser = __decorate([
+    Entity('ff_auth.users', {
+        allowApiCrud: [FF_Auth_Role.Admin, FF_Role.Admin],
+        caption: 'Auth - Users',
     })
-], KitAuthUser);
-export { KitAuthUser };
-let KitAuthAccount = class KitAuthAccount {
+], FFAuthUser);
+export { FFAuthUser };
+let FFAuthAccount = class FFAuthAccount {
+    id;
     createdAt;
     updatedAt;
     userId;
     user;
-    provider = AuthProvider.PASSWORD.id;
+    provider = FFAuthProvider.PASSWORD.id;
     providerUserId = '';
     hashPassword;
     token;
     expiresAt;
     lastVerifiedAt;
 };
+__decorate([
+    Fields.cuid()
+], FFAuthAccount.prototype, "id", void 0);
 __decorate([
     Fields.createdAt()
-], KitAuthAccount.prototype, "createdAt", void 0);
+], FFAuthAccount.prototype, "createdAt", void 0);
 __decorate([
     Fields.updatedAt()
-], KitAuthAccount.prototype, "updatedAt", void 0);
+], FFAuthAccount.prototype, "updatedAt", void 0);
 __decorate([
     Fields.string()
-], KitAuthAccount.prototype, "userId", void 0);
+], FFAuthAccount.prototype, "userId", void 0);
 __decorate([
-    Relations.toOne(() => KitAuthUser, 'userId')
-], KitAuthAccount.prototype, "user", void 0);
+    Relations.toOne(() => FFAuthUser, 'userId')
+], FFAuthAccount.prototype, "user", void 0);
 __decorate([
     Fields.string()
-], KitAuthAccount.prototype, "provider", void 0);
+], FFAuthAccount.prototype, "provider", void 0);
 __decorate([
     Fields.string()
-], KitAuthAccount.prototype, "providerUserId", void 0);
+], FFAuthAccount.prototype, "providerUserId", void 0);
 __decorate([
     Fields.string({ includeInApi: false, allowNull: true })
-], KitAuthAccount.prototype, "hashPassword", void 0);
+], FFAuthAccount.prototype, "hashPassword", void 0);
 __decorate([
     Fields.string({ includeInApi: false, allowNull: true })
-], KitAuthAccount.prototype, "token", void 0);
+], FFAuthAccount.prototype, "token", void 0);
 __decorate([
     Fields.date({ includeInApi: false, allowNull: true })
-], KitAuthAccount.prototype, "expiresAt", void 0);
+], FFAuthAccount.prototype, "expiresAt", void 0);
 __decorate([
     Fields.date({ includeInApi: false, allowNull: true })
-], KitAuthAccount.prototype, "lastVerifiedAt", void 0);
-KitAuthAccount = __decorate([
-    Entity('kit_auth_account', {
-        allowApiCrud: [KitAuthRole.Admin, KitRole.Admin],
-        dbName: 'auth.kit_auth_account',
-        id: { provider: true, userId: true },
+], FFAuthAccount.prototype, "lastVerifiedAt", void 0);
+FFAuthAccount = __decorate([
+    Entity('ff_auth.accounts', {
+        allowApiCrud: [FF_Auth_Role.Admin, FF_Role.Admin],
+        caption: 'Auth - Accounts',
+        // id: { provider: true, userId: true },
     })
-], KitAuthAccount);
-export { KitAuthAccount };
-let KitAuthUserSession = class KitAuthUserSession {
+], FFAuthAccount);
+export { FFAuthAccount };
+let FFAuthUserSession = class FFAuthUserSession {
     id;
     expiresAt;
     userId;
@@ -119,36 +122,36 @@ let KitAuthUserSession = class KitAuthUserSession {
 };
 __decorate([
     Fields.cuid()
-], KitAuthUserSession.prototype, "id", void 0);
+], FFAuthUserSession.prototype, "id", void 0);
 __decorate([
     Fields.date()
-], KitAuthUserSession.prototype, "expiresAt", void 0);
+], FFAuthUserSession.prototype, "expiresAt", void 0);
 __decorate([
     Fields.string()
-], KitAuthUserSession.prototype, "userId", void 0);
-__decorate([
-    Relations.toOne(() => KitAuthUser, 'userId')
-], KitAuthUserSession.prototype, "user", void 0);
-KitAuthUserSession = __decorate([
-    Entity('kit_auth_session', {
-        allowApiCrud: [KitAuthRole.Admin, KitRole.Admin],
-        dbName: 'auth.kit_auth_session',
+], FFAuthUserSession.prototype, "userId", void 0);
+__decorate([
+    Relations.toOne(() => FFAuthUser, 'userId')
+], FFAuthUserSession.prototype, "user", void 0);
+FFAuthUserSession = __decorate([
+    Entity('ff_auth.users_sessions', {
+        allowApiCrud: [FF_Auth_Role.Admin, FF_Role.Admin],
+        caption: 'Auth - Users sessions',
     })
-], KitAuthUserSession);
-export { KitAuthUserSession };
-let AuthProvider = class AuthProvider extends KitBaseEnum {
-    static { AuthProvider_1 = this; }
-    static DEMO = new AuthProvider_1('DEMO', { caption: 'Demo' });
-    static PASSWORD = new AuthProvider_1('PASSWORD', { caption: 'Password' });
-    static OTP = new AuthProvider_1('OTP', { caption: 'TOTP' });
-    static OAUTH = new AuthProvider_1('OAUTH', { caption: 'OAUTH' });
+], FFAuthUserSession);
+export { FFAuthUserSession };
+let FFAuthProvider = class FFAuthProvider extends BaseEnum {
+    static { FFAuthProvider_1 = this; }
+    static DEMO = new FFAuthProvider_1('DEMO', { caption: 'Demo' });
+    static PASSWORD = new FFAuthProvider_1('PASSWORD', { caption: 'Password' });
+    static OTP = new FFAuthProvider_1('OTP', { caption: 'TOTP' });
+    static OAUTH = new FFAuthProvider_1('OAUTH', { caption: 'OAUTH' });
     constructor(id, o) {
         super(id, {
             ...o,
         });
     }
 };
-AuthProvider = AuthProvider_1 = __decorate([
+FFAuthProvider = FFAuthProvider_1 = __decorate([
     ValueListFieldType()
-], AuthProvider);
-export { AuthProvider };
+], FFAuthProvider);
+export { FFAuthProvider };

package/esm/auth/RoleHelpers.d.ts

@@ -1,6 +1,6 @@
 import type { ClassType } from 'remult';
 import { Log } from '@kitql/helpers';
-import { KitAuthUser } from './Entities';
+import { FFAuthUser } from './Entities';
 /**
  * will merge the roles and remove duplicates
  * will return a new array & a status if the array was changed
@@ -9,4 +9,4 @@ export declare const mergeRoles: (existing: string[], newOnes: string[] | undefi
     roles: string[];
     changed: boolean;
 };
-export declare const initRoleFromEnv: (log: Log, userEntity: ClassType<KitAuthUser>, envValue: string, role: string) => Promise<void>;
+export declare const initRoleFromEnv: (log: Log, userEntity: ClassType<FFAuthUser>, envValue: string | undefined, role: string) => Promise<void>;

package/esm/auth/RoleHelpers.js

@@ -1,6 +1,6 @@
 import { repo } from 'remult';
 import { cyan, green, Log, yellow } from '@kitql/helpers';
-import { KitAuthUser } from './Entities';
+import { FFAuthUser } from './Entities';
 /**
  * will merge the roles and remove duplicates
  * will return a new array & a status if the array was changed

package/esm/auth/client/Auth.js

@@ -86,7 +86,7 @@ export class Auth {
      * _(popup example should work too, and a nice example/componant would be appreciated)_
      */
     static async signInOAuthGetUrl(o) {
-        return await Auth.signInOAuthGetUrlFn(o.provider, o.options, o.redirect);
+        return await Auth.signInOAuthGetUrlFn(o);
     }
 }
 __decorate([

package/esm/auth/index.d.ts

@@ -3,43 +3,40 @@ import { Lucia, type SessionCookieOptions } from 'lucia';
 import type { ClassType, UserInfo } from 'remult';
 import { Log } from '@kitql/helpers';
 import type { Module } from '../api';
-import type { ResolvedType } from '../utils/types';
-import { AuthProvider, KitAuthAccount, KitAuthUser, KitAuthUserSession } from './Entities';
-import type { firstlyData } from './types';
+import type { RecursivePartial, ResolvedType } from '../utils/types';
+import { FFAuthAccount, FFAuthProvider, FFAuthUser, FFAuthUserSession } from './Entities';
+import type { firstlyData, firstlyDataAuth } from './types';
 export type { firstlyData };
-export { KitAuthUser, KitAuthAccount, AuthProvider, KitAuthUserSession };
+export { FFAuthUser, FFAuthAccount, FFAuthProvider, FFAuthUserSession };
 export type AuthorizationURLOptions = Record<string, {
     scopes?: string[];
 }>;
-export type DynamicAuthorizationURLOptions<T extends KitOAuth2Provider[] = KitOAuth2Provider[]> = T extends Array<infer O> ? O extends KitOAuth2Provider ? {
+export type DynamicAuthorizationURLOptions<T extends FFOAuth2Provider[] = FFOAuth2Provider[]> = T extends Array<infer O> ? O extends FFOAuth2Provider ? {
     [P in O['name']]: ReturnType<O['authorizationURLOptions']>;
 } : never : never;
 export declare const logAuth: Log;
-export { KitAuthRole } from './Entities';
+export { FF_Auth_Role } from './Entities';
 type OAuth2UserInfo = {
     raw?: any;
     providerUserId: string;
     /** Will take the first option available */
     nameOptions: string[];
 };
-export type KitOAuth2Provider<LitName extends string = string, T extends ArcticOAuth2Provider | ArcticOAuth2ProviderWithPKCE = ArcticOAuth2Provider> = {
+export type FFOAuth2Provider<LitName extends string = string, T extends ArcticOAuth2Provider | ArcticOAuth2ProviderWithPKCE = ArcticOAuth2Provider> = {
     name: LitName;
     getArcticProvider: () => T;
     isPKCE: T extends ArcticOAuth2Provider ? false : T extends ArcticOAuth2ProviderWithPKCE ? true : never;
     authorizationURLOptions: () => T extends ArcticOAuth2Provider ? Parameters<T['createAuthorizationURL']>[1] : T extends ArcticOAuth2ProviderWithPKCE ? Parameters<T['createAuthorizationURL']>[2] : never;
     getUserInfo(tokens: ResolvedType<ReturnType<T['validateAuthorizationCode']>>): Promise<OAuth2UserInfo>;
 };
-type AuthOptions<TUserEntity extends KitAuthUser = KitAuthUser, TSessionEntity extends KitAuthUserSession = KitAuthUserSession, TAccountEntity extends KitAuthAccount = KitAuthAccount> = {
+type AuthOptions<TUserEntity extends FFAuthUser = FFAuthUser, TSessionEntity extends FFAuthUserSession = FFAuthUserSession, TAccountEntity extends FFAuthAccount = FFAuthAccount> = {
     customEntities?: {
         User?: ClassType<TUserEntity>;
         Session?: ClassType<TSessionEntity>;
         Account?: ClassType<TAccountEntity>;
     };
-    ui?: {
-        paths?: {
-            base?: string;
-        };
-    } | false;
+    debug?: boolean;
+    ui?: false | RecursivePartial<firstlyDataAuth['ui']>;
     /** in secondes @default 15 days */
     sessionExpiresIn?: number;
     sessionCookie?: SessionCookieOptions;
@@ -111,14 +108,14 @@ type AuthOptions<TUserEntity extends KitAuthUser = KitAuthUser, TSessionEntity e
                 uri: string;
             }) => Promise<void>;
         };
-        oAuths?: KitOAuth2Provider[];
+        oAuths?: FFOAuth2Provider[];
     };
 };
 export declare let AUTH_OPTIONS: AuthOptions;
 export declare const getSafeOptions: () => {
-    User: ClassType<KitAuthUser>;
-    Session: ClassType<KitAuthUserSession>;
-    Account: ClassType<KitAuthAccount>;
+    User: ClassType<FFAuthUser>;
+    Session: ClassType<FFAuthUserSession>;
+    Account: ClassType<FFAuthAccount>;
     signUp: boolean;
     password_enabled: boolean;
     otp_enabled: boolean;

package/esm/auth/index.js

@@ -3,54 +3,59 @@ import { DEV } from 'esm-env';
 import { Lucia, TimeSpan } from 'lucia';
 import { remult } from 'remult';
 import { Log, red } from '@kitql/helpers';
-import { read } from '@kitql/internals';
-import { KitRole } from '../';
+import { getRelativePackagePath, read } from '@kitql/internals';
+import { env } from '$env/dynamic/private';
+import { FF_Role } from '../';
 import { RemultLuciaAdapter } from './Adapter';
 import { AuthControllerServer } from './AuthController.server';
 import { Auth } from './client';
-import { AuthProvider, KitAuthAccount, KitAuthRole, KitAuthUser, KitAuthUserSession, } from './Entities';
+import { FF_Auth_Role, FFAuthAccount, FFAuthProvider, FFAuthUser, FFAuthUserSession, } from './Entities';
 import { createSession } from './helper';
 import { initRoleFromEnv } from './RoleHelpers';
-export { KitAuthUser, KitAuthAccount, AuthProvider, KitAuthUserSession };
+export { FFAuthUser, FFAuthAccount, FFAuthProvider, FFAuthUserSession };
 export const logAuth = new Log('firstly | auth');
-export { KitAuthRole } from './Entities';
-export let AUTH_OPTIONS = {};
+export { FF_Auth_Role } from './Entities';
+export let AUTH_OPTIONS = { ui: {} };
+const buildUrlOrDefault = (base, userSetting, fallback) => {
+    if (userSetting) {
+        return `${base}/${userSetting}`;
+    }
+    return `${base}/${fallback}`;
+};
 export const getSafeOptions = () => {
     const signUp = AUTH_OPTIONS.signUp ?? true;
-    const base = AUTH_OPTIONS.ui === false ? 'NO_BASE_PATH' : AUTH_OPTIONS.ui?.paths?.base ?? '/fly/auth';
-    const oAuths = AUTH_OPTIONS.providers?.oAuths?.map((o) => {
-        return o.name;
-    }) ?? [];
+    const base = AUTH_OPTIONS.ui === false ? 'NO_BASE_PATH' : AUTH_OPTIONS.ui?.paths?.base ?? '/ff/auth';
+    // const oAuths =
+    //   AUTH_OPTIONS.providers?.oAuths?.map((o) => {
+    //     return o.name
+    //   }) ?? []
     const firstlyData = {
         module: 'auth',
+        debug: AUTH_OPTIONS.debug,
         props: {
-            ui: {
-                paths: {
-                    base,
-                },
-                providers: {
-                    password: {
-                        dico: {
-                            email: 'Email',
-                            email_placeholder: 'Your email address',
-                            password: 'Password',
-                            btn_sign_up: 'Sign up',
-                            btn_sign_in: 'Sign in',
-                            forgot_password: 'Forgot your password?',
-                            send_password_reset_instructions: 'Send password reset instructions',
-                            back_to_sign_in: 'Back to sign in',
-                        },
-                        paths: {
-                            sign_up: signUp ? `${base}/sign-up` : false,
-                            sign_in: `${base}/sign-in`,
-                            forgot_password: `${base}/forgot-password`,
-                            reset_password: `${base}/reset-password`,
-                            verify_email: `${base}/verify-email`,
-                        },
+            ui: AUTH_OPTIONS.ui === false
+                ? undefined
+                : {
+                    paths: {
+                        base,
+                        sign_up: buildUrlOrDefault(base, AUTH_OPTIONS.ui?.paths?.sign_up, 'sign-up'),
+                        sign_in: buildUrlOrDefault(base, AUTH_OPTIONS.ui?.paths?.sign_in, 'sign-in'),
+                        forgot_password: buildUrlOrDefault(base, AUTH_OPTIONS.ui?.paths?.forgot_password, 'forgot-password'),
+                        reset_password: buildUrlOrDefault(base, AUTH_OPTIONS.ui?.paths?.reset_password, 'reset-password'),
+                        verify_email: buildUrlOrDefault(base, AUTH_OPTIONS.ui?.paths?.verify_email, 'verify-email'),
+                    },
+                    strings: {
+                        email: AUTH_OPTIONS.ui?.strings?.email ?? 'Email',
+                        email_placeholder: AUTH_OPTIONS.ui?.strings?.email_placeholder ?? 'Your email address',
+                        password: AUTH_OPTIONS.ui?.strings?.password ?? 'Password',
+                        btn_sign_up: AUTH_OPTIONS.ui?.strings?.btn_sign_up ?? 'Sign up',
+                        btn_sign_in: AUTH_OPTIONS.ui?.strings?.btn_sign_in ?? 'Sign in',
+                        forgot_password: AUTH_OPTIONS.ui?.strings?.forgot_password ?? 'Forgot your password?',
+                        send_password_reset_instructions: AUTH_OPTIONS.ui?.strings?.send_password_reset_instructions ??
+                            'Send password reset instructions',
+                        back_to_sign_in: AUTH_OPTIONS.ui?.strings?.back_to_sign_in ?? 'Back to sign in',
                     },
-                    oAuths,
                 },
-            },
         },
     };
     let redirectUrl = AUTH_OPTIONS.defaultRedirect ?? '/';
@@ -59,9 +64,9 @@ export const getSafeOptions = () => {
         redirectUrl = '/';
     }
     return {
-        User: AUTH_OPTIONS.customEntities?.User ?? KitAuthUser,
-        Session: AUTH_OPTIONS.customEntities?.Session ?? KitAuthUserSession,
-        Account: AUTH_OPTIONS.customEntities?.Account ?? KitAuthAccount,
+        User: AUTH_OPTIONS.customEntities?.User ?? FFAuthUser,
+        Session: AUTH_OPTIONS.customEntities?.Session ?? FFAuthUserSession,
+        Account: AUTH_OPTIONS.customEntities?.Account ?? FFAuthAccount,
         signUp,
         password_enabled: AUTH_OPTIONS.providers?.password ? true : false,
         otp_enabled: AUTH_OPTIONS.providers?.otp ? true : false,
@@ -109,18 +114,18 @@ export const auth = (o) => {
             }
         },
         earlyReturn: async ({ event, resolve }) => {
-            if (AUTH_OPTIONS.ui === false) {
-                return { early: false };
-            }
+            // if (AUTH_OPTIONS.ui === false) {
+            //   return { early: false }
+            // }
             const oSafe = getSafeOptions();
-            if (event.url.pathname === oSafe.firstlyData.props.ui.providers.password.paths.verify_email) {
+            if (event.url.pathname === oSafe.firstlyData.props.ui?.paths?.verify_email) {
                 const token = event.url.searchParams.get('token') ?? '';
                 if (!oSafe.password_enabled) {
                     throw Error('Password is not enabled!');
                 }
                 const account = await remult
                     .repo(oSafe.Account)
-                    .findFirst({ token, provider: AuthProvider.PASSWORD.id });
+                    .findFirst({ token, provider: FFAuthProvider.PASSWORD.id });
                 if (!account) {
                     throw new Error('Invalid token');
                 }
@@ -136,12 +141,15 @@ export const auth = (o) => {
                 await createSession(account.userId);
                 redirect(302, oSafe.redirectUrl);
             }
-            // When building firstly...
-            // let staticPath = './src/lib/auth/static/'
-            // For users...
-            const staticPath = './node_modules/firstly/esm/auth/static/';
-            // TODO: We can't use `DEV` switch because users are also in DEV mode... Maybe we should check if files exist?!?
-            if (event.url.pathname.startsWith(oSafe.firstlyData.props.ui.paths.base)) {
+            // For lib author (us), it's good to have this local path.
+            let staticPath = './src/lib/auth/static/';
+            // For users, let's serve the static files from the installed package
+            const installedFirstlyPath = getRelativePackagePath('firstly');
+            if (installedFirstlyPath) {
+                staticPath = `${installedFirstlyPath}/esm/auth/static/`;
+            }
+            if (oSafe.firstlyData.props.ui?.paths?.base &&
+                event.url.pathname.startsWith(oSafe.firstlyData.props.ui.paths.base)) {
                 const content = read(`${staticPath}index.html`);
                 return {
                     early: true,
@@ -251,9 +259,8 @@ export const auth = (o) => {
             return { early: false };
         },
         initApi: async () => {
-            // Todo... need to pass env to options
-            await initRoleFromEnv(logAuth, oSafe.User, 'KIT_ADMIN', KitRole.Admin);
-            await initRoleFromEnv(logAuth, oSafe.User, 'KIT_AUTH_ADMIN', KitAuthRole.Admin);
+            await initRoleFromEnv(logAuth, oSafe.User, env.FF_ADMIN, FF_Role.Admin);
+            await initRoleFromEnv(logAuth, oSafe.User, env.FF_AUTH_ADMIN, FF_Auth_Role.Admin);
         },
     };
 };

package/esm/auth/providers/github.d.ts

@@ -1,25 +1,30 @@
 import { GitHub } from 'arctic';
-import { type KitOAuth2Provider } from '../';
+import { type FFOAuth2Provider } from '../';
 /**
- * GitHub OAuth2 provider
+ * ## GitHub OAuth2 provider
  *
- * In GitHub, set your callback url to
- * - dev: `http://localhost:5173/api/auth_callback`
- * - prod: `https://MY_SUPER_SITE/api/auth_callback`
- *
- * In your project add a `.env` file with the following:
- *
- * ```env
- * GITHUB_CLIENT_ID= 'your-client-id'
- * GITHUB_CLIENT_SECRET= 'your-client-secret'
+ * 1. Get your **id** & **secret** from [GitHub (direct link)](https://github.com/settings/developers).
+ * 2. In GitHub, set your callback url to
+ * - [ ] dev: `http://localhost:5173/api/auth_callback`
+ * - [ ] prod: `https://MY_SUPER_SITE/api/auth_callback`
+ * 3. In your project add a `.env` file with the following:
+ * ```bash
+ * GITHUB_CLIENT_ID = 'your-client-id'
+ * GITHUB_CLIENT_SECRET = 'your-client-secret'
+ * # GITHUB_REDIRECT_URI = '' # optional, will default to "${origin}/api/auth_callback"
  * ```
- *
- * _FYI: GITHUB_REDIRECT_URI is optional as auth module will default to "${origin}/api/auth_callback"._
+ * 4. In your frontend, under a button click call something like:
+ * ```ts
+ * async function oauth() {
+ *   window.location.href = await Auth.signInOAuthGetUrl({ provider: 'github', redirect: window.location.pathname })
+ * }
+ * ```
+ * 5. Enjoy 🥳
  */
 export declare function github(options?: {
-    GITHUB_CLIENT_ID: string;
-    GITHUB_CLIENT_SECRET: string;
+    GITHUB_CLIENT_ID?: string;
+    GITHUB_CLIENT_SECRET?: string;
     GITHUB_REDIRECT_URI?: string;
-    authorizationURLOptions?: ReturnType<KitOAuth2Provider<'github', GitHub>['authorizationURLOptions']>;
+    authorizationURLOptions?: ReturnType<FFOAuth2Provider<'github', GitHub>['authorizationURLOptions']>;
     log?: boolean;
-}): KitOAuth2Provider<'github', GitHub>;
+}): FFOAuth2Provider<'github', GitHub>;

package/esm/auth/providers/github.js

@@ -1,34 +1,48 @@
 import { GitHub } from 'arctic';
 import { remult } from 'remult';
+import { env } from '$env/dynamic/private';
 import { checkOAuthConfig } from '.';
 import { logAuth } from '../';
+//------------------------------
+// For developers (future me ?), To do another OAuth2 provider:
+// Replace GITHUB / Github / github
+// update "https://github.com/settings/developers" to the correct URL (2 places)
+// update "https://api.github.com/user" the fetch user info
+//------------------------------
 /**
- * GitHub OAuth2 provider
+ * ## GitHub OAuth2 provider
  *
- * In GitHub, set your callback url to
- * - dev: `http://localhost:5173/api/auth_callback`
- * - prod: `https://MY_SUPER_SITE/api/auth_callback`
- *
- * In your project add a `.env` file with the following:
- *
- * ```env
- * GITHUB_CLIENT_ID= 'your-client-id'
- * GITHUB_CLIENT_SECRET= 'your-client-secret'
+ * 1. Get your **id** & **secret** from [GitHub (direct link)](https://github.com/settings/developers).
+ * 2. In GitHub, set your callback url to
+ * - [ ] dev: `http://localhost:5173/api/auth_callback`
+ * - [ ] prod: `https://MY_SUPER_SITE/api/auth_callback`
+ * 3. In your project add a `.env` file with the following:
+ * ```bash
+ * GITHUB_CLIENT_ID = 'your-client-id'
+ * GITHUB_CLIENT_SECRET = 'your-client-secret'
+ * # GITHUB_REDIRECT_URI = '' # optional, will default to "${origin}/api/auth_callback"
  * ```
- *
- * _FYI: GITHUB_REDIRECT_URI is optional as auth module will default to "${origin}/api/auth_callback"._
+ * 4. In your frontend, under a button click call something like:
+ * ```ts
+ * async function oauth() {
+ *   window.location.href = await Auth.signInOAuthGetUrl({ provider: 'github', redirect: window.location.pathname })
+ * }
+ * ```
+ * 5. Enjoy 🥳
  */
 export function github(options) {
     const name = 'github';
-    const clientID = options?.GITHUB_CLIENT_ID ?? '';
-    const secret = options?.GITHUB_CLIENT_SECRET ?? '';
+    const clientID = options?.GITHUB_CLIENT_ID ?? env.GITHUB_CLIENT_ID ?? '';
+    const secret = options?.GITHUB_CLIENT_SECRET ?? env.GITHUB_CLIENT_SECRET ?? '';
     const urlForKeys = 'https://github.com/settings/developers';
     checkOAuthConfig(name, clientID, secret, urlForKeys, false);
     return {
         name,
         isPKCE: false,
         getArcticProvider: () => {
-            const redirectURI = options?.GITHUB_REDIRECT_URI || `${remult.context.url.origin}/api/auth_callback`;
+            const redirectURI = options?.GITHUB_REDIRECT_URI ??
+                env.GITHUB_REDIRECT_URI ??
+                `${remult.context.url.origin}/api/auth_callback`;
             checkOAuthConfig(name, clientID, secret, urlForKeys, true);
             return new GitHub(clientID, secret, { redirectURI });
         },