ideal-auth 0.1.0

package/dist/bin/ideal-auth.js

@@ -0,0 +1,13 @@
+#!/usr/bin/env node
+import { randomBytes } from 'node:crypto';
+const command = process.argv[2];
+switch (command) {
+    case 'secret':
+        console.log(`IDEAL_AUTH_SECRET=${randomBytes(32).toString('base64url')}`);
+        break;
+    default:
+        console.log('Usage: ideal-auth <command>\n');
+        console.log('Commands:');
+        console.log('  secret    Generate an IDEAL_AUTH_SECRET for your .env file');
+        break;
+}

package/dist/crypto/encryption.d.ts

@@ -0,0 +1,2 @@
+export declare function encrypt(plaintext: string, secret: string): Promise<string>;
+export declare function decrypt(encoded: string, secret: string): Promise<string>;

package/dist/crypto/encryption.js

@@ -0,0 +1,59 @@
+import { createCipheriv, createDecipheriv, randomBytes, scrypt, } from 'node:crypto';
+const ALGORITHM = 'aes-256-gcm';
+const IV_LENGTH = 12;
+const AUTH_TAG_LENGTH = 16;
+const SALT_LENGTH = 16;
+const KEY_LENGTH = 32;
+const MIN_CIPHERTEXT_LENGTH = SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH; // 44 bytes
+// N=32768 (OWASP recommended), r=8, p=1. maxmem raised to 64MB because
+// 128 * N * r = 32MB, which hits the default maxmem boundary in some runtimes.
+const SCRYPT_OPTIONS = { N: 32768, r: 8, p: 1, maxmem: 64 * 1024 * 1024 };
+function deriveKey(secret, salt) {
+    return new Promise((resolve, reject) => {
+        scrypt(secret, salt, KEY_LENGTH, SCRYPT_OPTIONS, (err, key) => {
+            if (err)
+                reject(err);
+            else
+                resolve(key);
+        });
+    });
+}
+export async function encrypt(plaintext, secret) {
+    if (!secret)
+        throw new Error('secret must not be empty');
+    const salt = randomBytes(SALT_LENGTH);
+    const key = await deriveKey(secret, salt);
+    const iv = randomBytes(IV_LENGTH);
+    const cipher = createCipheriv(ALGORITHM, key, iv, {
+        authTagLength: AUTH_TAG_LENGTH,
+    });
+    const encrypted = Buffer.concat([
+        cipher.update(plaintext, 'utf8'),
+        cipher.final(),
+    ]);
+    const authTag = cipher.getAuthTag();
+    // salt (16) + iv (12) + authTag (16) + ciphertext
+    const combined = Buffer.concat([salt, iv, authTag, encrypted]);
+    return combined.toString('base64url');
+}
+export async function decrypt(encoded, secret) {
+    if (!secret)
+        throw new Error('secret must not be empty');
+    const combined = Buffer.from(encoded, 'base64url');
+    if (combined.length < MIN_CIPHERTEXT_LENGTH) {
+        throw new Error('Invalid ciphertext: too short');
+    }
+    const salt = combined.subarray(0, SALT_LENGTH);
+    const iv = combined.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);
+    const authTag = combined.subarray(SALT_LENGTH + IV_LENGTH, SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);
+    const encrypted = combined.subarray(SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);
+    const key = await deriveKey(secret, salt);
+    const decipher = createDecipheriv(ALGORITHM, key, iv, {
+        authTagLength: AUTH_TAG_LENGTH,
+    });
+    decipher.setAuthTag(authTag);
+    return Buffer.concat([
+        decipher.update(encrypted),
+        decipher.final(),
+    ]).toString('utf8');
+}

package/dist/crypto/hmac.d.ts

@@ -0,0 +1,2 @@
+export declare function signData(data: string, secret: string): string;
+export declare function verifySignature(data: string, signature: string, secret: string): boolean;

package/dist/crypto/hmac.js

@@ -0,0 +1,11 @@
+import { createHmac } from 'node:crypto';
+import { timingSafeEqual } from './timing-safe';
+export function signData(data, secret) {
+    if (!secret)
+        throw new Error('secret must not be empty');
+    return createHmac('sha256', secret).update(data).digest('hex');
+}
+export function verifySignature(data, signature, secret) {
+    const expected = signData(data, secret);
+    return timingSafeEqual(expected, signature);
+}

package/dist/crypto/timing-safe.d.ts

@@ -0,0 +1 @@
+export declare function timingSafeEqual(a: string, b: string): boolean;

package/dist/crypto/timing-safe.js

@@ -0,0 +1,16 @@
+import { timingSafeEqual as nodeTimingSafeEqual } from 'node:crypto';
+export function timingSafeEqual(a, b) {
+    const bufA = Buffer.from(a, 'utf8');
+    const bufB = Buffer.from(b, 'utf8');
+    // Pad to equal length so nodeTimingSafeEqual always runs,
+    // even when inputs differ in length (avoids leaking length info).
+    const maxLen = Math.max(bufA.length, bufB.length);
+    const paddedA = Buffer.alloc(maxLen);
+    const paddedB = Buffer.alloc(maxLen);
+    bufA.copy(paddedA);
+    bufB.copy(paddedB);
+    // Run the constant-time comparison first, then check length.
+    // Both always execute — no short-circuit skipping the crypto comparison.
+    const contentsMatch = nodeTimingSafeEqual(paddedA, paddedB);
+    return contentsMatch && bufA.length === bufB.length;
+}

package/dist/crypto/token.d.ts

@@ -0,0 +1 @@
+export declare function generateToken(bytes?: number): string;

package/dist/crypto/token.js

@@ -0,0 +1,6 @@
+import { randomBytes } from 'node:crypto';
+export function generateToken(bytes = 32) {
+    if (bytes < 1)
+        throw new Error('bytes must be at least 1');
+    return randomBytes(bytes).toString('hex');
+}

package/dist/hash/index.d.ts

@@ -0,0 +1,2 @@
+import type { HashInstance, HashConfig } from '../types';
+export declare function createHash(config?: HashConfig): HashInstance;

package/dist/hash/index.js

@@ -0,0 +1,23 @@
+import { createHash as nodeCryptoHash } from 'node:crypto';
+import bcrypt from 'bcryptjs';
+const DEFAULT_ROUNDS = 12;
+const BCRYPT_MAX_BYTES = 72;
+function prehash(password) {
+    return nodeCryptoHash('sha256').update(password).digest('base64');
+}
+export function createHash(config) {
+    const rounds = config?.rounds ?? DEFAULT_ROUNDS;
+    return {
+        async make(password) {
+            if (!password)
+                throw new Error('password must not be empty');
+            const input = Buffer.byteLength(password, 'utf8') > BCRYPT_MAX_BYTES ? prehash(password) : password;
+            const salt = await bcrypt.genSalt(rounds);
+            return bcrypt.hash(input, salt);
+        },
+        async verify(password, hash) {
+            const input = Buffer.byteLength(password, 'utf8') > BCRYPT_MAX_BYTES ? prehash(password) : password;
+            return bcrypt.compare(input, hash);
+        },
+    };
+}

package/dist/index.d.ts

@@ -0,0 +1,12 @@
+export { createAuth } from './auth';
+export { createHash } from './hash';
+export { generateToken } from './crypto/token';
+export { signData, verifySignature } from './crypto/hmac';
+export { encrypt, decrypt } from './crypto/encryption';
+export { timingSafeEqual } from './crypto/timing-safe';
+export { createTokenVerifier } from './token-verifier';
+export { createRateLimiter } from './rate-limit';
+export { MemoryRateLimitStore } from './rate-limit/memory-store';
+export { createTOTP } from './totp';
+export { generateRecoveryCodes, verifyRecoveryCode } from './totp/recovery';
+export type { AnyUser, CookieBridge, ConfigurableCookieOptions, CookieOptions, SessionPayload, AuthConfig, HashConfig, LoginOptions, AuthInstance, HashInstance, TokenVerifierConfig, TokenVerifierInstance, RateLimitStore, RateLimiterConfig, RateLimitResult, TOTPConfig, TOTPInstance, RecoveryCodeResult, } from './types';

package/dist/index.js

@@ -0,0 +1,17 @@
+// Auth
+export { createAuth } from './auth';
+// Hash
+export { createHash } from './hash';
+// Crypto utilities
+export { generateToken } from './crypto/token';
+export { signData, verifySignature } from './crypto/hmac';
+export { encrypt, decrypt } from './crypto/encryption';
+export { timingSafeEqual } from './crypto/timing-safe';
+// Token verification (password reset, email verification, etc.)
+export { createTokenVerifier } from './token-verifier';
+// Rate limiting
+export { createRateLimiter } from './rate-limit';
+export { MemoryRateLimitStore } from './rate-limit/memory-store';
+// TOTP (Two-Factor Authentication)
+export { createTOTP } from './totp';
+export { generateRecoveryCodes, verifyRecoveryCode } from './totp/recovery';

package/dist/rate-limit/index.d.ts

@@ -0,0 +1,5 @@
+import type { RateLimiterConfig, RateLimitResult } from '../types';
+export declare function createRateLimiter(config: RateLimiterConfig): {
+    attempt(key: string): Promise<RateLimitResult>;
+    reset(key: string): Promise<void>;
+};

package/dist/rate-limit/index.js

@@ -0,0 +1,15 @@
+import { MemoryRateLimitStore } from './memory-store';
+export function createRateLimiter(config) {
+    const store = config.store ?? new MemoryRateLimitStore();
+    return {
+        async attempt(key) {
+            const { count, resetAt } = await store.increment(key, config.windowMs);
+            const allowed = count <= config.maxAttempts;
+            const remaining = Math.max(0, config.maxAttempts - count);
+            return { allowed, remaining, resetAt };
+        },
+        async reset(key) {
+            await store.reset(key);
+        },
+    };
+}

package/dist/rate-limit/memory-store.d.ts

@@ -0,0 +1,12 @@
+import type { RateLimitStore } from '../types';
+export declare class MemoryRateLimitStore implements RateLimitStore {
+    private store;
+    private lastCleanup;
+    increment(key: string, windowMs: number): Promise<{
+        count: number;
+        resetAt: Date;
+    }>;
+    reset(key: string): Promise<void>;
+    private cleanup;
+    private evictExpired;
+}

package/dist/rate-limit/memory-store.js

@@ -0,0 +1,39 @@
+const CLEANUP_INTERVAL_MS = 60_000; // 1 minute
+const MAX_ENTRIES = 10_000;
+export class MemoryRateLimitStore {
+    store = new Map();
+    lastCleanup = Date.now();
+    async increment(key, windowMs) {
+        const now = Date.now();
+        this.cleanup(now);
+        const existing = this.store.get(key);
+        if (existing && existing.resetAt > now) {
+            existing.count++;
+            return { count: existing.count, resetAt: new Date(existing.resetAt) };
+        }
+        if (this.store.size >= MAX_ENTRIES) {
+            this.evictExpired(now);
+        }
+        if (this.store.size >= MAX_ENTRIES) {
+            return { count: MAX_ENTRIES, resetAt: new Date(now + windowMs) };
+        }
+        const entry = { count: 1, resetAt: now + windowMs };
+        this.store.set(key, entry);
+        return { count: 1, resetAt: new Date(entry.resetAt) };
+    }
+    async reset(key) {
+        this.store.delete(key);
+    }
+    cleanup(now) {
+        if (now - this.lastCleanup < CLEANUP_INTERVAL_MS)
+            return;
+        this.lastCleanup = now;
+        this.evictExpired(now);
+    }
+    evictExpired(now) {
+        for (const [key, entry] of this.store) {
+            if (entry.resetAt <= now)
+                this.store.delete(key);
+        }
+    }
+}

package/dist/rate-limit/types.d.ts

@@ -0,0 +1 @@
+export type { RateLimitStore, RateLimiterConfig, RateLimitResult } from '../types';

package/dist/rate-limit/types.js

@@ -0,0 +1 @@
+export {};

package/dist/session/cookie.d.ts

@@ -0,0 +1,2 @@
+import type { CookieOptions, ConfigurableCookieOptions } from '../types';
+export declare function buildCookieOptions(maxAge: number | undefined, overrides?: Partial<ConfigurableCookieOptions>): CookieOptions;

package/dist/session/cookie.js

@@ -0,0 +1,10 @@
+export function buildCookieOptions(maxAge, overrides) {
+    return {
+        secure: process.env.NODE_ENV === 'production',
+        sameSite: 'lax',
+        path: '/',
+        ...(maxAge !== undefined && { maxAge }),
+        ...overrides,
+        httpOnly: true,
+    };
+}

package/dist/session/seal.d.ts

@@ -0,0 +1,3 @@
+import type { SessionPayload } from '../types';
+export declare function seal(payload: SessionPayload, secret: string): Promise<string>;
+export declare function unseal(sealed: string, secret: string): Promise<SessionPayload | null>;

package/dist/session/seal.js

@@ -0,0 +1,19 @@
+import { sealData, unsealData } from 'iron-session';
+export async function seal(payload, secret) {
+    return sealData(payload, { password: secret });
+}
+export async function unseal(sealed, secret) {
+    try {
+        const data = await unsealData(sealed, {
+            password: secret,
+        });
+        if (!data || !data.uid || !data.iat || !data.exp)
+            return null;
+        if (data.exp < Math.floor(Date.now() / 1000))
+            return null;
+        return data;
+    }
+    catch {
+        return null;
+    }
+}

package/dist/token-verifier/index.d.ts

@@ -0,0 +1,2 @@
+import type { TokenVerifierConfig, TokenVerifierInstance } from '../types';
+export declare function createTokenVerifier(config: TokenVerifierConfig): TokenVerifierInstance;

package/dist/token-verifier/index.js

@@ -0,0 +1,35 @@
+import { generateToken } from '../crypto/token';
+import { signData, verifySignature } from '../crypto/hmac';
+const DEFAULT_EXPIRY_MS = 60 * 60 * 1000; // 1 hour
+export function createTokenVerifier(config) {
+    if (!config.secret || config.secret.length < 32) {
+        throw new Error('secret must be at least 32 characters');
+    }
+    const expiryMs = config.expiryMs ?? DEFAULT_EXPIRY_MS;
+    return {
+        createToken(userId) {
+            const encodedUserId = Buffer.from(userId, 'utf8').toString('base64url');
+            const id = generateToken(20);
+            const iat = Date.now();
+            const exp = iat + expiryMs;
+            const payload = `${encodedUserId}.${id}.${iat}.${exp}`;
+            const signature = signData(payload, config.secret);
+            return `${payload}.${signature}`;
+        },
+        verifyToken(token) {
+            const parts = token.split('.');
+            if (parts.length !== 5)
+                return null;
+            const [encodedUserId, id, iatStr, expStr, signature] = parts;
+            const payload = `${encodedUserId}.${id}.${iatStr}.${expStr}`;
+            if (!verifySignature(payload, signature, config.secret))
+                return null;
+            const exp = Number(expStr);
+            const iat = Number(iatStr);
+            if (Number.isNaN(exp) || Number.isNaN(iat) || Date.now() >= exp)
+                return null;
+            const userId = Buffer.from(encodedUserId, 'base64url').toString('utf8');
+            return { userId, iatMs: iat };
+        },
+    };
+}

package/dist/totp/base32.d.ts

@@ -0,0 +1,2 @@
+export declare function base32Encode(buffer: Buffer): string;
+export declare function base32Decode(encoded: string): Buffer;

package/dist/totp/base32.js

@@ -0,0 +1,36 @@
+const ALPHABET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
+export function base32Encode(buffer) {
+    let bits = 0;
+    let value = 0;
+    let result = '';
+    for (const byte of buffer) {
+        value = (value << 8) | byte;
+        bits += 8;
+        while (bits >= 5) {
+            bits -= 5;
+            result += ALPHABET[(value >>> bits) & 0x1f];
+        }
+    }
+    if (bits > 0) {
+        result += ALPHABET[(value << (5 - bits)) & 0x1f];
+    }
+    return result;
+}
+export function base32Decode(encoded) {
+    const cleaned = encoded.replace(/=+$/, '').toUpperCase();
+    let bits = 0;
+    let value = 0;
+    const bytes = [];
+    for (const char of cleaned) {
+        const idx = ALPHABET.indexOf(char);
+        if (idx === -1)
+            throw new Error(`Invalid base32 character: ${char}`);
+        value = (value << 5) | idx;
+        bits += 5;
+        if (bits >= 8) {
+            bits -= 8;
+            bytes.push((value >>> bits) & 0xff);
+        }
+    }
+    return Buffer.from(bytes);
+}

package/dist/totp/index.d.ts

@@ -0,0 +1,2 @@
+import type { TOTPConfig, TOTPInstance } from '../types';
+export declare function createTOTP(config?: TOTPConfig): TOTPInstance;

package/dist/totp/index.js

@@ -0,0 +1,50 @@
+import { createHmac, randomBytes } from 'node:crypto';
+import { timingSafeEqual } from '../crypto/timing-safe';
+import { base32Encode, base32Decode } from './base32';
+function generate(secret, digits, period, counter) {
+    const time = counter ?? Math.floor(Date.now() / 1000 / period);
+    const buf = Buffer.alloc(8);
+    let tmp = time;
+    for (let i = 7; i >= 0; i--) {
+        buf[i] = tmp & 0xff;
+        tmp = Math.floor(tmp / 256);
+    }
+    const hmac = createHmac('sha1', base32Decode(secret)).update(buf).digest();
+    const offset = hmac[hmac.length - 1] & 0x0f;
+    const code = ((hmac[offset] & 0x7f) << 24) |
+        ((hmac[offset + 1] & 0xff) << 16) |
+        ((hmac[offset + 2] & 0xff) << 8) |
+        (hmac[offset + 3] & 0xff);
+    return String(code % 10 ** digits).padStart(digits, '0');
+}
+export function createTOTP(config) {
+    const digits = config?.digits ?? 6;
+    const period = config?.period ?? 30;
+    const window = config?.window ?? 1;
+    return {
+        generateSecret() {
+            return base32Encode(randomBytes(20));
+        },
+        generateQrUri(options) {
+            const { secret, issuer, account } = options;
+            const label = `${encodeURIComponent(issuer)}:${encodeURIComponent(account)}`;
+            const params = new URLSearchParams({
+                secret,
+                issuer,
+                algorithm: 'SHA1',
+                digits: String(digits),
+                period: String(period),
+            });
+            return `otpauth://totp/${label}?${params.toString()}`;
+        },
+        verify(token, secret) {
+            const counter = Math.floor(Date.now() / 1000 / period);
+            for (let i = -window; i <= window; i++) {
+                const candidate = generate(secret, digits, period, counter + i);
+                if (timingSafeEqual(token, candidate))
+                    return true;
+            }
+            return false;
+        },
+    };
+}

package/dist/totp/recovery.d.ts

@@ -0,0 +1,6 @@
+import type { HashInstance, RecoveryCodeResult } from '../types';
+export declare function generateRecoveryCodes(hashInstance: HashInstance, count?: number): Promise<{
+    codes: string[];
+    hashed: string[];
+}>;
+export declare function verifyRecoveryCode(code: string, hashedCodes: string[], hashInstance: HashInstance): Promise<RecoveryCodeResult>;

package/dist/totp/recovery.js

@@ -0,0 +1,19 @@
+import { generateToken } from '../crypto/token';
+export async function generateRecoveryCodes(hashInstance, count = 8) {
+    const codes = [];
+    for (let i = 0; i < count; i++) {
+        const raw = generateToken(8); // 16 hex chars
+        codes.push(`${raw.slice(0, 8)}-${raw.slice(8, 16)}`);
+    }
+    const hashed = await Promise.all(codes.map((code) => hashInstance.make(code)));
+    return { codes, hashed };
+}
+export async function verifyRecoveryCode(code, hashedCodes, hashInstance) {
+    for (let i = 0; i < hashedCodes.length; i++) {
+        if (await hashInstance.verify(code, hashedCodes[i])) {
+            const remaining = [...hashedCodes.slice(0, i), ...hashedCodes.slice(i + 1)];
+            return { valid: true, remaining };
+        }
+    }
+    return { valid: false, remaining: hashedCodes };
+}

package/dist/types.d.ts

@@ -0,0 +1,106 @@
+export type AnyUser = {
+    id: string | number;
+    [key: string]: any;
+};
+export interface CookieOptions {
+    httpOnly?: boolean;
+    secure?: boolean;
+    sameSite?: 'lax' | 'strict' | 'none';
+    path?: string;
+    maxAge?: number;
+    expires?: Date;
+    domain?: string;
+}
+/** Options exposed to consumers — `httpOnly` is always forced to `true` internally. */
+export type ConfigurableCookieOptions = Omit<CookieOptions, 'httpOnly'>;
+export interface CookieBridge {
+    get(name: string): Promise<string | undefined> | string | undefined;
+    set(name: string, value: string, options: CookieOptions): Promise<void> | void;
+    delete(name: string): Promise<void> | void;
+}
+export interface SessionPayload {
+    uid: string;
+    iat: number;
+    exp: number;
+}
+export interface LoginOptions {
+    remember?: boolean;
+}
+export interface AuthConfig<TUser extends AnyUser = AnyUser> {
+    secret: string;
+    cookie: CookieBridge;
+    session?: {
+        cookieName?: string;
+        maxAge?: number;
+        rememberMaxAge?: number;
+        cookie?: Partial<ConfigurableCookieOptions>;
+    };
+    resolveUser: (id: string) => Promise<TUser | null>;
+    hash?: HashInstance;
+    resolveUserByCredentials?: (credentials: Record<string, any>) => Promise<TUser | null>;
+    credentialKey?: string;
+    passwordField?: string;
+    attemptUser?: (credentials: Record<string, any>) => Promise<TUser | null>;
+}
+export interface HashConfig {
+    rounds?: number;
+}
+export interface AuthInstance<TUser extends AnyUser = AnyUser> {
+    login(user: TUser, options?: LoginOptions): Promise<void>;
+    loginById(id: string, options?: LoginOptions): Promise<void>;
+    attempt(credentials: Record<string, any>, options?: LoginOptions): Promise<boolean>;
+    logout(): Promise<void>;
+    check(): Promise<boolean>;
+    user(): Promise<TUser | null>;
+    id(): Promise<string | null>;
+}
+export interface HashInstance {
+    make(password: string): Promise<string>;
+    verify(password: string, hash: string): Promise<boolean>;
+}
+export interface TokenVerifierConfig {
+    secret: string;
+    expiryMs?: number;
+}
+export interface TokenVerifierInstance {
+    createToken(userId: string): string;
+    verifyToken(token: string): {
+        userId: string;
+        iatMs: number;
+    } | null;
+}
+export interface RateLimitStore {
+    increment(key: string, windowMs: number): Promise<{
+        count: number;
+        resetAt: Date;
+    }>;
+    reset(key: string): Promise<void>;
+}
+export interface RateLimiterConfig {
+    maxAttempts: number;
+    windowMs: number;
+    store?: RateLimitStore;
+}
+export interface RateLimitResult {
+    allowed: boolean;
+    remaining: number;
+    resetAt: Date;
+}
+export interface TOTPConfig {
+    digits?: number;
+    period?: number;
+    window?: number;
+}
+export interface TOTPInstance {
+    generateSecret(): string;
+    generateQrUri(options: {
+        secret: string;
+        issuer: string;
+        account: string;
+    }): string;
+    verify(token: string, secret: string): boolean;
+}
+export interface RecoveryCodeResult {
+    valid: boolean;
+    remaining: string[];
+}

package/dist/types.js

@@ -0,0 +1 @@
+export {};

package/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "ideal-auth",
+  "version": "0.1.0",
+  "description": "Auth primitives for the JS ecosystem. Zero framework dependencies.",
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "bun run build",
+    "test": "bun test"
+  },
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "bin": {
+    "ideal-auth": "./dist/bin/ideal-auth.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "iron-session": "^8.0.4",
+    "bcryptjs": "^3.0.3"
+  },
+  "devDependencies": {
+    "@types/bcryptjs": "^3.0.0",
+    "@types/node": "^20"
+  },
+  "peerDependencies": {
+    "typescript": "^5.0.0"
+  },
+  "peerDependenciesMeta": {
+    "typescript": {
+      "optional": true
+    }
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/ramonmalcolm10/ideal-auth.git"
+  },
+  "license": "MIT"
+}