ideal-auth 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/README.md +6 -1
  2. package/dist/auth.d.ts +2 -2
  3. package/dist/auth.js +3 -2
  4. package/dist/index.d.ts +1 -1
  5. package/dist/types.d.ts +4 -0
  6. package/package.json +1 -1
  7. package/skills/ideal-auth/SKILL.md +22 -5
package/README.md CHANGED
@@ -88,7 +88,12 @@ await session.logout();
88
88
 
89
89
  ### `createAuth(config)`
90
90
 
91
- Returns a function `auth()` that creates an `AuthInstance` on each call.
91
+ Returns a function `auth(options?)` that creates an `AuthInstance` on each call. Pass `{ autoTouch: true }` to enable automatic session extension for that request.
92
+
93
+ ```typescript
94
+ const session = auth(); // default — read-only check/user/id
95
+ const session = auth({ autoTouch: true }); // auto-extends session past halfway on check/user/id
96
+ ```
92
97
 
93
98
  #### Config
94
99
 
package/dist/auth.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { AnyUser, AuthInstance, AuthConfig } from './types';
1
+ import type { AnyUser, AuthInstance, AuthConfig, AuthFactoryOptions } from './types';
2
2
  /**
3
3
  * Create an auth factory.
4
4
  *
@@ -9,4 +9,4 @@ import type { AnyUser, AuthInstance, AuthConfig } from './types';
9
9
  * type SessionUser = { id: string; email: string; name: string };
10
10
  * createAuth<SessionUser>({ ... })
11
11
  */
12
- export declare function createAuth<TUser extends AnyUser>(config: AuthConfig<TUser>): () => AuthInstance<TUser>;
12
+ export declare function createAuth<TUser extends AnyUser>(config: AuthConfig<TUser>): (options?: AuthFactoryOptions) => AuthInstance<TUser>;
package/dist/auth.js CHANGED
@@ -27,14 +27,15 @@ export function createAuth(config) {
27
27
  if (config.sessionFields && config.sessionFields.filter((f) => f !== 'id').length === 0) {
28
28
  throw new Error('sessionFields must contain at least one field besides id');
29
29
  }
30
- return () => createAuthInstance({
30
+ const configAutoTouch = config.session?.autoTouch ?? false;
31
+ return (options) => createAuthInstance({
31
32
  secret: config.secret,
32
33
  cookie: config.cookie,
33
34
  cookieName: config.session?.cookieName ?? SESSION_DEFAULTS.cookieName,
34
35
  maxAge: config.session?.maxAge ?? SESSION_DEFAULTS.maxAge,
35
36
  rememberMaxAge: config.session?.rememberMaxAge ?? SESSION_DEFAULTS.rememberMaxAge,
36
37
  cookieOptions: config.session?.cookie ?? {},
37
- autoTouch: config.session?.autoTouch ?? false,
38
+ autoTouch: options?.autoTouch ?? configAutoTouch,
38
39
  resolveUser: config.resolveUser,
39
40
  sessionFields: config.sessionFields,
40
41
  hash: config.hash,
package/dist/index.d.ts CHANGED
@@ -9,4 +9,4 @@ export { createRateLimiter } from './rate-limit';
9
9
  export { MemoryRateLimitStore } from './rate-limit/memory-store';
10
10
  export { createTOTP } from './totp';
11
11
  export { generateRecoveryCodes, verifyRecoveryCode } from './totp/recovery';
12
- export type { AnyUser, CookieBridge, ConfigurableCookieOptions, CookieOptions, SessionPayload, AuthConfig, AuthConfigWithResolveUser, AuthConfigWithSessionFields, HashConfig, LoginOptions, AuthInstance, HashInstance, TokenVerifierConfig, TokenVerifierInstance, RateLimitStore, RateLimiterConfig, RateLimitResult, TOTPConfig, TOTPInstance, RecoveryCodeResult, } from './types';
12
+ export type { AnyUser, CookieBridge, ConfigurableCookieOptions, CookieOptions, SessionPayload, AuthConfig, AuthConfigWithResolveUser, AuthConfigWithSessionFields, HashConfig, LoginOptions, AuthInstance, AuthFactoryOptions, HashInstance, TokenVerifierConfig, TokenVerifierInstance, RateLimitStore, RateLimiterConfig, RateLimitResult, TOTPConfig, TOTPInstance, RecoveryCodeResult, } from './types';
package/dist/types.d.ts CHANGED
@@ -78,6 +78,10 @@ export interface AuthConfigWithSessionFields<TUser extends AnyUser, K extends ke
78
78
  sessionFields: K[];
79
79
  }
80
80
  export type AuthConfig<TUser extends AnyUser = AnyUser> = AuthConfigWithResolveUser<TUser> | AuthConfigWithSessionFields<TUser>;
81
+ export interface AuthFactoryOptions {
82
+ /** Override autoTouch for this request. When true, check()/user()/id() auto-extend the session past the halfway point. */
83
+ autoTouch?: boolean;
84
+ }
81
85
  export interface HashConfig {
82
86
  rounds?: number;
83
87
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ideal-auth",
3
- "version": "1.1.0",
3
+ "version": "1.2.0",
4
4
  "description": "Auth primitives for the JS ecosystem. Zero framework dependencies.",
5
5
  "scripts": {
6
6
  "build": "tsc",
package/skills/ideal-auth/SKILL.md CHANGED
@@ -64,9 +64,14 @@ Generate encryption key: `bunx ideal-auth encryption-key` (for encrypting TOTP s
64
64
 
65
65
  ## API Reference
66
66
 
67
- ### `createAuth(config): () => AuthInstance`
67
+ ### `createAuth(config): (options?) => AuthInstance`
68
68
 
69
- Returns a factory function. Call `auth()` per request to get an `AuthInstance` scoped to that request's cookies. The instance caches the session payload and user — call it once per request and reuse.
69
+ Returns a factory function. Call `auth()` per request to get an `AuthInstance` scoped to that request's cookies. Pass `{ autoTouch: true }` to enable automatic session extension for that request. The instance caches the session payload and user — call it once per request and reuse.
70
+
71
+ ```typescript
72
+ const session = auth(); // read-only check/user/id
73
+ const session = auth({ autoTouch: true }); // auto-extends past halfway on check/user/id
74
+ ```
70
75
 
71
76
  #### AuthConfig
72
77
 
@@ -169,9 +174,9 @@ type LoginOptions = {
169
174
 
170
175
  #### Session Extension
171
176
 
172
- Two options for keeping active users logged in:
177
+ Three ways to extend sessions for active users:
173
178
 
174
- **`autoTouch: true`** — automatic. Enable for Express, Hono, Elysia, SvelteKit. `check()`/`user()`/`id()` auto-reseal past halfway. Do NOT use with Next.js (Server Components can't write cookies).
179
+ **Global `autoTouch`** — config level. For Express, Hono, Elysia, SvelteKit where every route can write cookies:
175
180
 
176
181
  ```typescript
177
182
  const auth = createAuth<User>({
@@ -180,7 +185,19 @@ const auth = createAuth<User>({
180
185
  });
181
186
  ```
182
187
 
183
- **Manual `touch()`** — call in middleware. When `autoTouch` is false (default), only reseals past halfway. When `autoTouch` is true, reseals immediately.
188
+ **Per-request `autoTouch`** — pass when calling `auth()`. Ideal for Next.js where middleware can write cookies but Server Components can't:
189
+
190
+ ```typescript
191
+ // Next.js middleware — autoTouch for this request only
192
+ const session = auth({ autoTouch: true });
193
+ await session.check(); // auto-extends past halfway
194
+
195
+ // Next.js Server Component — default, read-only
196
+ const session = auth();
197
+ await session.check(); // no cookie writes
198
+ ```
199
+
200
+ **Manual `touch()`** — explicit call in middleware. When `autoTouch` is false (default), only reseals past halfway. When `autoTouch` is true, reseals immediately:
184
201
 
185
202
  ```typescript
186
203
  const session = auth();