kitcn 0.15.2 → 0.15.5

package/dist/aggregate/index.d.ts

@@ -1,4 +1,4 @@
-import { C as ConvexNumberBuilderInitial, E as ConvexIdBuilderInitial, N as ConvexCustomBuilderInitial, dn as ConvexTableWithColumns, tr as ConvexTextBuilderInitial } from "../where-clause-compiler-DLiYI2EF.js";
+import { C as ConvexNumberBuilderInitial, E as ConvexIdBuilderInitial, N as ConvexCustomBuilderInitial, dn as ConvexTableWithColumns, tr as ConvexTextBuilderInitial } from "../where-clause-compiler-DcEhkJ12.js";
 import * as convex_values0 from "convex/values";
 import { GenericId, Infer, Value } from "convex/values";
 import { DocumentByName, GenericDataModel, GenericDatabaseReader, GenericDatabaseWriter, TableNamesInDataModel } from "convex/server";

package/dist/auth/client/index.d.ts

@@ -1,4 +1,5 @@
 'use client';
+import { r as AuthStore } from "../../auth-store-B_ARzzEX.js";
 import { ConvexReactClient } from "convex/react";
 import { ReactNode } from "react";
 import * as react_jsx_runtime0 from "react/jsx-runtime";
@@ -314,10 +315,14 @@ type AuthClientWithPlugins<Plugins extends PluginsWithCrossDomain | PluginsWitho
 type AuthClient = AuthClientWithPlugins<PluginsWithCrossDomain> | AuthClientWithPlugins<PluginsWithoutCrossDomain>;
 //#endregion
 //#region src/auth-client/convex-auth-provider.d.ts
+type ConvexAuthProviderQueryClient = {
+  updateAuthStore: (authStore?: AuthStore) => void;
+};
 type ConvexAuthProviderProps = {
   children: ReactNode; /** Convex client instance */
   client: ConvexReactClient; /** Better Auth client instance */
-  authClient: AuthClient; /** Initial session token (from SSR) */
+  authClient: AuthClient; /** Shared Convex query client to sync with auth state */
+  convexQueryClient?: ConvexAuthProviderQueryClient; /** Initial session token (from SSR) */
   initialToken?: string; /** Callback when mutation called while unauthorized */
   onMutationUnauthorized?: () => void; /** Callback when query called while unauthorized */
   onQueryUnauthorized?: (info: {
@@ -336,10 +341,11 @@ declare function ConvexAuthProvider({
   children,
   client,
   authClient,
+  convexQueryClient,
   initialToken,
   onMutationUnauthorized,
   onQueryUnauthorized,
   isUnauthorized
 }: ConvexAuthProviderProps): react_jsx_runtime0.JSX.Element;
 //#endregion
-export { type AuthClient, type AuthClientWithPlugins, ConvexAuthProvider, ConvexAuthProviderProps, type PluginsWithCrossDomain, type PluginsWithoutCrossDomain, convexClient };
+export { type AuthClient, type AuthClientWithPlugins, ConvexAuthProvider, ConvexAuthProviderProps, ConvexAuthProviderQueryClient, type PluginsWithCrossDomain, type PluginsWithoutCrossDomain, convexClient };

package/dist/auth/client/index.js

@@ -77,7 +77,7 @@ const clearSessionAtom = (authClient) => {
 * Structure: AuthProvider wraps ConvexAuthProviderInner so that
 * useAuthStore() is available when creating fetchAccessToken.
 */
-function ConvexAuthProvider({ children, client, authClient, initialToken, onMutationUnauthorized, onQueryUnauthorized, isUnauthorized }) {
+function ConvexAuthProvider({ children, client, authClient, convexQueryClient, initialToken, onMutationUnauthorized, onQueryUnauthorized, isUnauthorized }) {
 	useOTTHandler(authClient);
 	return /* @__PURE__ */ jsx(AuthProvider, {
 		initialValues: useMemo(() => ({
@@ -90,6 +90,7 @@ function ConvexAuthProvider({ children, client, authClient, initialToken, onMuta
 		children: /* @__PURE__ */ jsx(ConvexAuthProviderInner, {
 			authClient,
 			client,
+			convexQueryClient,
 			children
 		})
 	});
@@ -98,8 +99,9 @@ function ConvexAuthProvider({ children, client, authClient, initialToken, onMuta
 * Inner provider that has access to AuthStore via useAuthStore().
 * Creates fetchAccessToken and passes it through context (no race condition).
 */
-function ConvexAuthProviderInner({ children, client, authClient }) {
+function ConvexAuthProviderInner({ children, client, authClient, convexQueryClient }) {
 	const authStore = useAuthStore();
+	convexQueryClient?.updateAuthStore(authStore);
 	const { data: session, isPending } = authClient.useSession();
 	const sessionRef = useRef(session);
 	const isPendingRef = useRef(isPending);

package/dist/auth/generated/index.d.ts

@@ -1,2 +1,2 @@
-import { S as defineAuth, _ as GenericAuthBeforeResult, b as GenericAuthTriggerHandlers, g as BetterAuthOptionsWithoutDatabase, i as getGeneratedAuthDisabledReason, n as GeneratedAuthDisabledReasonKind, r as createDisabledAuthRuntime, t as AuthRuntime, v as GenericAuthDefinition, x as GenericAuthTriggers, y as GenericAuthTriggerChange } from "../../generated-contract-disabled-C_-KWRfT.js";
+import { S as defineAuth, _ as GenericAuthBeforeResult, b as GenericAuthTriggerHandlers, g as BetterAuthOptionsWithoutDatabase, i as getGeneratedAuthDisabledReason, n as GeneratedAuthDisabledReasonKind, r as createDisabledAuthRuntime, t as AuthRuntime, v as GenericAuthDefinition, x as GenericAuthTriggers, y as GenericAuthTriggerChange } from "../../generated-contract-disabled-0xEF3NtW.js";
 export { type AuthRuntime, BetterAuthOptionsWithoutDatabase, type GeneratedAuthDisabledReasonKind, GenericAuthBeforeResult, GenericAuthDefinition, GenericAuthTriggerChange, GenericAuthTriggerHandlers, GenericAuthTriggers, createDisabledAuthRuntime, defineAuth, getGeneratedAuthDisabledReason };

package/dist/auth/index.d.ts

@@ -1,7 +1,7 @@
 import { a as QueryCtxWithPreferredOrmQueryTable, n as LookupByIdResultByCtx, t as DocByCtx } from "../query-context-CNo9ffvI.js";
 import { t as GetAuth } from "../types-BCl8gfGy.js";
 import { t as GenericCtx } from "../context-utils-OMkMGhBk.js";
-import { S as defineAuth, _ as GenericAuthBeforeResult, a as AuthFunctions, b as GenericAuthTriggerHandlers, c as createApi, d as deleteOneHandler, f as findManyHandler, g as BetterAuthOptionsWithoutDatabase, h as updateOneHandler, i as getGeneratedAuthDisabledReason, l as createHandler, m as updateManyHandler, n as GeneratedAuthDisabledReasonKind, o as Triggers, p as findOneHandler, r as createDisabledAuthRuntime, s as createClient, t as AuthRuntime, u as deleteManyHandler, v as GenericAuthDefinition, x as GenericAuthTriggers, y as GenericAuthTriggerChange } from "../generated-contract-disabled-C_-KWRfT.js";
+import { S as defineAuth, _ as GenericAuthBeforeResult, a as AuthFunctions, b as GenericAuthTriggerHandlers, c as createApi, d as deleteOneHandler, f as findManyHandler, g as BetterAuthOptionsWithoutDatabase, h as updateOneHandler, i as getGeneratedAuthDisabledReason, l as createHandler, m as updateManyHandler, n as GeneratedAuthDisabledReasonKind, o as Triggers, p as findOneHandler, r as createDisabledAuthRuntime, s as createClient, t as AuthRuntime, u as deleteManyHandler, v as GenericAuthDefinition, x as GenericAuthTriggers, y as GenericAuthTriggerChange } from "../generated-contract-disabled-0xEF3NtW.js";
 import * as convex_values0 from "convex/values";
 import { Infer } from "convex/values";
 import { AuthConfig, DocumentByName, GenericDataModel, GenericMutationCtx, GenericQueryCtx, GenericSchema, PaginationOptions, PaginationResult, SchemaDefinition, TableNamesInDataModel } from "convex/server";

package/dist/auth/start/index.d.ts

@@ -1,6 +1,3 @@
-import { t as GetTokenOptions } from "../../token-B9Bjcqug.js";
-import { FunctionReference, FunctionReturnType, OptionalRestArgs } from "convex/server";
-
 //#region src/auth-start/index.d.ts
 type MaybePromise<T> = Promise<T> | T;
 type StartLoaderAuthClient = {
@@ -24,20 +21,9 @@ type StartLoaderAuthState = {
   isAuthenticated: boolean;
   token: null | string;
 };
-type ConvexBetterAuthReactStartOptions = Omit<GetTokenOptions, 'forceRefresh'> & {
-  convexSiteUrl: string;
-  convexUrl: string;
-};
 declare const syncConvexAuthForStartLoader: ({
   convex,
   getToken
 }: SyncConvexAuthForStartLoaderOptions) => Promise<StartLoaderAuthState>;
-declare const convexBetterAuthReactStart: (opts: ConvexBetterAuthReactStartOptions) => {
-  getToken: () => Promise<string | undefined>;
-  handler: (request: Request) => Promise<Response>;
-  fetchAuthQuery: <Query extends FunctionReference<"query">>(query: Query, ...args: OptionalRestArgs<Query>) => Promise<FunctionReturnType<Query>>;
-  fetchAuthMutation: <Mutation extends FunctionReference<"mutation">>(mutation: Mutation, ...args: OptionalRestArgs<Mutation>) => Promise<FunctionReturnType<Mutation>>;
-  fetchAuthAction: <Action extends FunctionReference<"action">>(action: Action, ...args: OptionalRestArgs<Action>) => Promise<FunctionReturnType<Action>>;
-};
 //#endregion
-export { MaybePromise, StartLoaderAuthClient, StartLoaderAuthState, StartLoaderAuthTarget, StartLoaderConvexQueryClient, StartLoaderServerHttpClient, SyncConvexAuthForStartLoaderOptions, convexBetterAuthReactStart, syncConvexAuthForStartLoader };
+export { MaybePromise, StartLoaderAuthClient, StartLoaderAuthState, StartLoaderAuthTarget, StartLoaderConvexQueryClient, StartLoaderServerHttpClient, SyncConvexAuthForStartLoaderOptions, syncConvexAuthForStartLoader };

package/dist/auth/start/index.js

@@ -1,13 +1,4 @@
-import { t as getToken } from "../../token-oA2EMtPA.js";
-import { stripIndent } from "common-tags";
-import { ConvexHttpClient } from "convex/browser";
-import React from "react";
-
 //#region src/auth-start/index.ts
-const fallbackCache = (fn) => fn;
-const cache = React.cache ?? fallbackCache;
-const TANSTACK_REACT_START_SERVER = "@tanstack/react-start/server";
-const TRAILING_COLON_RE = /:$/;
 const startLoaderAuthTokens = /* @__PURE__ */ new WeakMap();
 const isStartLoaderConvexQueryClient = (target) => "convexClient" in target;
 const syncConvexAuthForStartLoader = async ({ convex, getToken }) => {
@@ -34,120 +25,6 @@ const syncConvexAuthForStartLoader = async ({ convex, getToken }) => {
 		token
 	};
 };
-function setupClient(options) {
-	const client = new ConvexHttpClient(options.convexUrl);
-	if (options.token !== void 0) client.setAuth(options.token);
-	client.setFetchOptions?.({ cache: "no-store" });
-	return client;
-}
-const parseConvexSiteUrl = (url) => {
-	if (!url) throw new Error(stripIndent`
-      CONVEX_SITE_URL is not set.
-      This is automatically set in the Convex backend, but must be set in the TanStack Start environment.
-      For local development, this can be set in the .env.local file.
-    `);
-	if (url.endsWith(".convex.cloud")) throw new Error(stripIndent`
-      CONVEX_SITE_URL should be set to your Convex Site URL, which ends in .convex.site.
-      Currently set to ${url}.
-    `);
-	return url;
-};
-const appendSetCookieHeaders = (target, source) => {
-	const getSetCookie = source.getSetCookie;
-	if (typeof getSetCookie === "function") {
-		const values = getSetCookie.call(source);
-		for (const value of values) target.append("set-cookie", value);
-		return;
-	}
-	const value = source.get("set-cookie");
-	if (value) target.append("set-cookie", value);
-};
-const cloneAuthHandlerResponse = (response) => {
-	const headers = new Headers();
-	for (const [key, value] of response.headers.entries()) {
-		if (key.toLowerCase() === "set-cookie") continue;
-		headers.append(key, value);
-	}
-	appendSetCookieHeaders(headers, response.headers);
-	return new Response(response.body, {
-		headers,
-		status: response.status,
-		statusText: response.statusText
-	});
-};
-const handler = (request, opts) => {
-	const requestUrl = new URL(request.url);
-	const nextUrl = `${opts.convexSiteUrl}${requestUrl.pathname}${requestUrl.search}`;
-	const headers = new Headers(request.headers);
-	const proto = requestUrl.protocol.replace(TRAILING_COLON_RE, "");
-	headers.set("accept-encoding", "application/json");
-	headers.set("host", new URL(opts.convexSiteUrl).host);
-	headers.set("x-forwarded-host", requestUrl.host);
-	headers.set("x-forwarded-proto", proto);
-	headers.set("x-better-auth-forwarded-host", requestUrl.host);
-	headers.set("x-better-auth-forwarded-proto", proto);
-	return fetch(nextUrl, {
-		body: request.method !== "GET" && request.method !== "HEAD" ? request.body : void 0,
-		duplex: "half",
-		headers,
-		method: request.method,
-		redirect: "manual"
-	});
-};
-const convexBetterAuthReactStart = (opts) => {
-	const siteUrl = parseConvexSiteUrl(opts.convexSiteUrl);
-	const cachedGetToken = cache(async (opts) => {
-		const { getRequestHeaders } = await import(TANSTACK_REACT_START_SERVER);
-		const headers = getRequestHeaders();
-		const mutableHeaders = new Headers(headers);
-		mutableHeaders.delete("content-length");
-		mutableHeaders.delete("transfer-encoding");
-		mutableHeaders.set("accept-encoding", "identity");
-		return getToken(siteUrl, mutableHeaders, opts);
-	});
-	const callWithToken = async (fn) => {
-		const token = await cachedGetToken(opts) ?? {};
-		try {
-			return await fn(token?.token);
-		} catch (error) {
-			if (!opts?.jwtCache?.enabled || token.isFresh || !opts.jwtCache?.isAuthError(error)) throw error;
-			return await fn((await cachedGetToken({
-				...opts,
-				forceRefresh: true
-			})).token);
-		}
-	};
-	return {
-		getToken: async () => {
-			return (await cachedGetToken(opts)).token;
-		},
-		handler: async (request) => cloneAuthHandlerResponse(await handler(request, opts)),
-		fetchAuthQuery: async (query, ...args) => {
-			return callWithToken((token) => {
-				return setupClient({
-					...opts,
-					token
-				}).query(query, ...args);
-			});
-		},
-		fetchAuthMutation: async (mutation, ...args) => {
-			return callWithToken((token) => {
-				return setupClient({
-					...opts,
-					token
-				}).mutation(mutation, ...args);
-			});
-		},
-		fetchAuthAction: async (action, ...args) => {
-			return callWithToken((token) => {
-				return setupClient({
-					...opts,
-					token
-				}).action(action, ...args);
-			});
-		}
-	};
-};
 
 //#endregion
-export { convexBetterAuthReactStart, syncConvexAuthForStartLoader };
+export { syncConvexAuthForStartLoader };

package/dist/auth/start/server/index.d.ts

@@ -0,0 +1,17 @@
+import { t as GetTokenOptions } from "../../../token-B9Bjcqug.js";
+import { FunctionReference, FunctionReturnType, OptionalRestArgs } from "convex/server";
+
+//#region src/auth-start/server.d.ts
+type ConvexBetterAuthReactStartOptions = Omit<GetTokenOptions, 'forceRefresh'> & {
+  convexSiteUrl: string;
+  convexUrl: string;
+};
+declare const convexBetterAuthReactStart: (opts: ConvexBetterAuthReactStartOptions) => {
+  getToken: () => Promise<string | undefined>;
+  handler: (request: Request) => Promise<Response>;
+  fetchAuthQuery: <Query extends FunctionReference<"query">>(query: Query, ...args: OptionalRestArgs<Query>) => Promise<FunctionReturnType<Query>>;
+  fetchAuthMutation: <Mutation extends FunctionReference<"mutation">>(mutation: Mutation, ...args: OptionalRestArgs<Mutation>) => Promise<FunctionReturnType<Mutation>>;
+  fetchAuthAction: <Action extends FunctionReference<"action">>(action: Action, ...args: OptionalRestArgs<Action>) => Promise<FunctionReturnType<Action>>;
+};
+//#endregion
+export { convexBetterAuthReactStart };

package/dist/auth/start/server/index.js

@@ -0,0 +1,126 @@
+import { t as getToken } from "../../../token-oA2EMtPA.js";
+import { stripIndent } from "common-tags";
+import { getRequestHeaders } from "@tanstack/react-start/server";
+import { ConvexHttpClient } from "convex/browser";
+import React from "react";
+
+//#region src/auth-start/server.ts
+const fallbackCache = (fn) => fn;
+const cache = React.cache ?? fallbackCache;
+const TRAILING_COLON_RE = /:$/;
+function setupClient(options) {
+	const client = new ConvexHttpClient(options.convexUrl);
+	if (options.token !== void 0) client.setAuth(options.token);
+	client.setFetchOptions?.({ cache: "no-store" });
+	return client;
+}
+const parseConvexSiteUrl = (url) => {
+	if (!url) throw new Error(stripIndent`
+      CONVEX_SITE_URL is not set.
+      This is automatically set in the Convex backend, but must be set in the TanStack Start environment.
+      For local development, this can be set in the .env.local file.
+    `);
+	if (url.endsWith(".convex.cloud")) throw new Error(stripIndent`
+      CONVEX_SITE_URL should be set to your Convex Site URL, which ends in .convex.site.
+      Currently set to ${url}.
+    `);
+	return url;
+};
+const appendSetCookieHeaders = (target, source) => {
+	const getSetCookie = source.getSetCookie;
+	if (typeof getSetCookie === "function") {
+		const values = getSetCookie.call(source);
+		for (const value of values) target.append("set-cookie", value);
+		return;
+	}
+	const value = source.get("set-cookie");
+	if (value) target.append("set-cookie", value);
+};
+const cloneAuthHandlerResponse = (response) => {
+	const headers = new Headers();
+	for (const [key, value] of response.headers.entries()) {
+		if (key.toLowerCase() === "set-cookie") continue;
+		headers.append(key, value);
+	}
+	appendSetCookieHeaders(headers, response.headers);
+	return new Response(response.body, {
+		headers,
+		status: response.status,
+		statusText: response.statusText
+	});
+};
+const handler = (request, opts) => {
+	const requestUrl = new URL(request.url);
+	const nextUrl = `${opts.convexSiteUrl}${requestUrl.pathname}${requestUrl.search}`;
+	const headers = new Headers(request.headers);
+	const proto = requestUrl.protocol.replace(TRAILING_COLON_RE, "");
+	headers.set("accept-encoding", "application/json");
+	headers.set("host", new URL(opts.convexSiteUrl).host);
+	headers.set("x-forwarded-host", requestUrl.host);
+	headers.set("x-forwarded-proto", proto);
+	headers.set("x-better-auth-forwarded-host", requestUrl.host);
+	headers.set("x-better-auth-forwarded-proto", proto);
+	return fetch(nextUrl, {
+		body: request.method !== "GET" && request.method !== "HEAD" ? request.body : void 0,
+		duplex: "half",
+		headers,
+		method: request.method,
+		redirect: "manual"
+	});
+};
+const convexBetterAuthReactStart = (opts) => {
+	const siteUrl = parseConvexSiteUrl(opts.convexSiteUrl);
+	const cachedGetToken = cache(async (opts) => {
+		const headers = getRequestHeaders();
+		const mutableHeaders = new Headers(headers);
+		mutableHeaders.delete("content-length");
+		mutableHeaders.delete("transfer-encoding");
+		mutableHeaders.set("accept-encoding", "identity");
+		return getToken(siteUrl, mutableHeaders, opts);
+	});
+	const callWithToken = async (fn) => {
+		const token = await cachedGetToken(opts) ?? {};
+		try {
+			return await fn(token?.token);
+		} catch (error) {
+			if (!opts?.jwtCache?.enabled || token.isFresh || !opts.jwtCache?.isAuthError(error)) throw error;
+			return await fn((await cachedGetToken({
+				...opts,
+				forceRefresh: true
+			})).token);
+		}
+	};
+	return {
+		getToken: async () => {
+			return (await cachedGetToken(opts)).token;
+		},
+		handler: async (request) => cloneAuthHandlerResponse(await handler(request, opts)),
+		fetchAuthQuery: async (query, ...args) => {
+			return callWithToken((token) => {
+				return setupClient({
+					...opts,
+					token
+				}).query(query, ...args);
+			});
+		},
+		fetchAuthMutation: async (mutation, ...args) => {
+			return callWithToken((token) => {
+				return setupClient({
+					...opts,
+					token
+				}).mutation(mutation, ...args);
+			});
+		},
+		fetchAuthAction: async (action, ...args) => {
+			return callWithToken((token) => {
+				return setupClient({
+					...opts,
+					token
+				}).action(action, ...args);
+			});
+		}
+	};
+};
+
+//#endregion
+export { convexBetterAuthReactStart };

package/dist/auth-store-B_ARzzEX.d.ts

@@ -0,0 +1,156 @@
+'use client';
+import { ConvexProviderWithAuth } from "convex/react";
+import * as react from "react";
+import * as jotai_x0 from "jotai-x";
+import * as react_jsx_runtime0 from "react/jsx-runtime";
+import * as jotai_vanilla0 from "jotai/vanilla";
+
+//#region src/react/auth-store.d.ts
+type FetchAccessTokenFn = (args: {
+  forceRefreshToken: boolean;
+}) => Promise<string | null>;
+declare const FetchAccessTokenContext: react.Context<FetchAccessTokenFn | null>;
+/** Get fetchAccessToken from context (available immediately, no race condition) */
+declare const useFetchAccessToken: () => FetchAccessTokenFn | null;
+type ConvexAuthResult = {
+  isAuthenticated: boolean;
+  isLoading: boolean;
+};
+/** Get auth from bridge context (null if no bridge configured) */
+declare const useConvexAuthBridge: () => ConvexAuthResult | null;
+type AuthStoreState = {
+  /** Callback when mutation/action called while unauthorized. Throws by default. */onMutationUnauthorized: () => void; /** Callback when query called while unauthorized. Noop by default. */
+  onQueryUnauthorized: (info: {
+    queryName: string;
+  }) => void; /** Custom function to detect UNAUTHORIZED errors. Default checks code or "auth" in message. */
+  isUnauthorized: (error: unknown) => boolean; /** Cached Convex JWT for HTTP requests */
+  token: string | null; /** JWT expiration timestamp (ms) */
+  expiresAt: number | null; /** Auth loading state (synced from useConvexAuth for class methods) */
+  isLoading: boolean; /** Auth state (synced from useConvexAuth for class methods) */
+  isAuthenticated: boolean; /** Grace window for freshly seeded auth tokens while session sync catches up */
+  sessionSyncGraceUntil: number | null;
+};
+declare const AUTH_SESSION_SYNC_GRACE_MS = 10000;
+declare const isSessionSyncGraceActive: (sessionSyncGraceUntil: number | null) => boolean;
+/** Decode JWT expiration (ms timestamp) from token */
+declare function decodeJwtExp(token: string): number | null;
+declare const AuthProvider: react.FC<jotai_x0.ProviderProps<{
+    onMutationUnauthorized: () => void;
+    onQueryUnauthorized: (info: {
+      queryName: string;
+    }) => void;
+    isUnauthorized: (error: unknown) => boolean;
+    token: string | null;
+    expiresAt: number | null;
+    isLoading: boolean;
+    isAuthenticated: boolean;
+    sessionSyncGraceUntil: number | null;
+  }>>, useAuthStore: jotai_x0.UseStoreApi<AuthStoreState, object>, useAuthState: <K extends keyof AuthStoreState>(key: K, options?: string | jotai_x0.UseAtomOptions) => ({
+    onMutationUnauthorized: jotai_x0.SimpleWritableAtom<() => void>;
+    onQueryUnauthorized: jotai_x0.SimpleWritableAtom<(info: {
+      queryName: string;
+    }) => void>;
+    isUnauthorized: jotai_x0.SimpleWritableAtom<(error: unknown) => boolean>;
+    token: jotai_x0.SimpleWritableAtom<string | null>;
+    expiresAt: jotai_x0.SimpleWritableAtom<number | null>;
+    isLoading: jotai_x0.SimpleWritableAtom<boolean>;
+    isAuthenticated: jotai_x0.SimpleWritableAtom<boolean>;
+    sessionSyncGraceUntil: jotai_x0.SimpleWritableAtom<number | null>;
+  } & object)[K] extends jotai_vanilla0.WritableAtom<infer V, infer A extends unknown[], infer R> ? [V, (...args: A) => R] : never, useAuthValue: <K extends keyof AuthStoreState, S = (({
+    onMutationUnauthorized: jotai_x0.SimpleWritableAtom<() => void>;
+    onQueryUnauthorized: jotai_x0.SimpleWritableAtom<(info: {
+      queryName: string;
+    }) => void>;
+    isUnauthorized: jotai_x0.SimpleWritableAtom<(error: unknown) => boolean>;
+    token: jotai_x0.SimpleWritableAtom<string | null>;
+    expiresAt: jotai_x0.SimpleWritableAtom<number | null>;
+    isLoading: jotai_x0.SimpleWritableAtom<boolean>;
+    isAuthenticated: jotai_x0.SimpleWritableAtom<boolean>;
+    sessionSyncGraceUntil: jotai_x0.SimpleWritableAtom<number | null>;
+  } & object)[K] extends jotai_vanilla0.Atom<infer V> ? V : never)>(key: K, options?: ({
+    selector?: ((v: ({
+      onMutationUnauthorized: jotai_x0.SimpleWritableAtom<() => void>;
+      onQueryUnauthorized: jotai_x0.SimpleWritableAtom<(info: {
+        queryName: string;
+      }) => void>;
+      isUnauthorized: jotai_x0.SimpleWritableAtom<(error: unknown) => boolean>;
+      token: jotai_x0.SimpleWritableAtom<string | null>;
+      expiresAt: jotai_x0.SimpleWritableAtom<number | null>;
+      isLoading: jotai_x0.SimpleWritableAtom<boolean>;
+      isAuthenticated: jotai_x0.SimpleWritableAtom<boolean>;
+      sessionSyncGraceUntil: jotai_x0.SimpleWritableAtom<number | null>;
+    } & object)[K] extends jotai_vanilla0.Atom<infer V_1> ? V_1 : never, prevSelectorOutput?: S | undefined) => S) | undefined;
+    equalityFn?: ((prev: S, next: S) => boolean) | undefined;
+  } & jotai_x0.UseAtomOptions) | undefined, deps?: unknown[]) => S;
+type AuthStore = ReturnType<typeof useAuthStore>;
+/**
+ * Safe wrapper around useConvexAuth that doesn't throw when used outside auth provider.
+ * Returns { isAuthenticated: false, isLoading: false } when no auth provider.
+ *
+ * Supports both:
+ * - better-auth users (via AuthProvider)
+ * - @convex-dev/auth users (via ConvexAuthBridge)
+ */
+declare function useSafeConvexAuth(): ConvexAuthResult;
+/**
+ * Internal bridge component. Use `ConvexProviderWithAuth` instead.
+ * @internal
+ */
+declare function ConvexAuthBridge({
+  children
+}: {
+  children: React.ReactNode;
+}): react_jsx_runtime0.JSX.Element;
+/**
+ * Convex provider with auth bridge for @convex-dev/auth users.
+ * Automatically wraps children with ConvexAuthBridge.
+ *
+ * @example
+ * ```tsx
+ * import { ConvexProviderWithAuth } from 'kitcn/react';
+ *
+ * <ConvexProviderWithAuth client={convex} useAuth={useAuthFromConvexDev}>
+ *   <App />
+ * </ConvexProviderWithAuth>
+ * ```
+ */
+declare function ConvexProviderWithAuth$1({
+  children,
+  ...props
+}: React.ComponentProps<typeof ConvexProviderWithAuth>): react_jsx_runtime0.JSX.Element;
+declare const useAuth: () => {
+  hasSession: boolean;
+  isAuthenticated: boolean;
+  isLoading: boolean;
+};
+/** Check if user maybe has auth (optimistic, has token) */
+declare const useMaybeAuth: () => boolean;
+/** Check if user is authenticated (server-verified) */
+declare const useIsAuth: () => boolean;
+declare const useAuthGuard: () => (callback?: () => Promise<void> | void) => boolean | undefined;
+/** Render children only when maybe has auth (optimistic) */
+declare function MaybeAuthenticated({
+  children
+}: {
+  children: React.ReactNode;
+}): react.ReactNode;
+/** Render children only when authenticated (server-verified) */
+declare function Authenticated({
+  children
+}: {
+  children: React.ReactNode;
+}): react.ReactNode;
+/** Render children only when maybe not auth (optimistic) */
+declare function MaybeUnauthenticated({
+  children
+}: {
+  children: React.ReactNode;
+}): react.ReactNode;
+/** Render children only when not authenticated (server-verified) */
+declare function Unauthenticated({
+  children
+}: {
+  children: React.ReactNode;
+}): react.ReactNode;
+//#endregion
+export { useMaybeAuth as C, useIsAuth as S, useAuthState as _, Authenticated as a, useConvexAuthBridge as b, FetchAccessTokenContext as c, MaybeUnauthenticated as d, Unauthenticated as f, useAuthGuard as g, useAuth as h, AuthStoreState as i, FetchAccessTokenFn as l, isSessionSyncGraceActive as m, AuthProvider as n, ConvexAuthBridge as o, decodeJwtExp as p, AuthStore as r, ConvexProviderWithAuth$1 as s, AUTH_SESSION_SYNC_GRACE_MS as t, MaybeAuthenticated as u, useAuthStore as v, useSafeConvexAuth as w, useFetchAccessToken as x, useAuthValue as y };