kroxt 1.1.3 → 1.1.5

package/README.md

@@ -1,210 +1,221 @@
-# kroxt
-
-A framework-agnostic, modular authentication engine for modern TypeScript applications. Built for security, extensibility, and ease of use.
-
-## Features
-
-- 🔐 **Secure Hashing**: Powered by `argon2` for industry-standard password security.
-- 🎟️ **Dual-Token Sessions**: Native support for Access and Refresh tokens via `jose`.
-- 🧩 **JWT Customization**: Fully extensible payload with support for custom user fields and `sub` override.
-- 🌍 **OAuth Ready**: Built-in support for GitHub and Google OAuth via `arctic`.
-- 🧩 **Database Agnostic**: Use Mongoose, Prisma, Drizzle, or any store via the `AuthAdapter` pattern.
-- 🌶️ **Password Peppering**: Server-side pepper support for enhanced hash protection.
-- 🛡️ **Timing Attack Protection**: Built-in safeguards against side-channel analysis during login.
-- ✅ **Zod Schema Support**: Perfectly preserves and types your user metadata.
-- 🚀 **ESM First**: Native support for NodeNext module resolution.
-
-## Installation
-
-```bash
-npm install kroxt
-```
-
----
-
-## Guide: Full Authentication Flow
-
-This guide walks you through setting up Kroxt from scratch in your application.
-
-### Step 1: Define your User
-
-First, define what a User looks like in your system. Kroxt allows any additional fields (like `role`, `schoolId`, etc.) which you can later sign into your JWTs.
-
-```typescript
-export interface MyUser {
-  id: string;
-  email: string;
-  passwordHash: string;
-  role: 'admin' | 'user';
-  schoolId: string;    // Custom field for enterprise/multi-tenant apps
-  oauthProvider?: string; // Support for OAuth (e.g., 'github')
-  oauthId?: string;       // Unique ID from the provider
-  name: string;
-}
-```
-
-### Step 2: The Adapter Pattern
-
-Kroxt doesn't care which database you use. You just need to implement the `AuthAdapter` interface using your model. Here is a complete example using Mongoose:
-
-```typescript
-import type { AuthAdapter } from "kroxt/adapter";
-import { User } from "./models/user.model.js"; // Your Mongoose model
-import type { MyUser } from "./types.js";
-
-export const myAdapter: AuthAdapter<MyUser> = {
-  createUser: async (data) => {
-    const user = await User.create(data);
-    const obj = user.toObject();
-    return { ...obj, id: obj._id.toString() };
-  },
-  findUserByEmail: async (email) => {
-    const user = await User.findOne({ email });
-    if (!user) return null;
-    const obj = user.toObject();
-    return { ...obj, id: obj._id.toString() };
-  },
-  findUserById: async (id) => {
-    const user = await User.findById(id);
-    if (!user) return null;
-    const obj = user.toObject();
-    return { ...obj, id: obj._id.toString() };
-  },
-  linkOAuthAccount: async (userId, provider, providerId) => {
-    await User.findByIdAndUpdate(userId, {
-      oauthProvider: provider,
-      oauthId: providerId
-    });
-  }
-};
-```
-
-### Step 3: Initialize the Auth Engine
-
-Configure Kroxt with your adapter and security settings.
-
-```typescript
-import { createAuth } from "kroxt";
-import { myAdapter } from "./myAdapter.js";
-
-export const auth = createAuth({
-  adapter: myAdapter,
-  secret: process.env.AUTH_SECRET, // High-entropy secret for JWT signing
-  pepper: process.env.AUTH_PEPPER, // Optional: Server-side pepper for password hashing
-  session: {
-    expires: "15m",        // Access token duration
-    refreshExpires: "7d"   // Refresh token duration
-  },
-  jwt: {
-    /**
-     * Optional: Fully customize the JWT payload or add extra fields.
-     */
-    payload: (user, type) => {
-      // Only add extra details to 'access' tokens to keep 'refresh' tokens light.
-      if (type === "access") {
-        return {
-          schoolId: user.schoolId, // Add custom user detail
-          role: user.role,         // Explicitly include role
-        };
-      }
-      return {}; // Refresh tokens stay minimal
-    }
-  }
-});
-```
-
-### Step 4: Implement Controllers & Routes
-
-Use the engine in your application logic. Examples below use an Express-like structure.
-
-#### Registration
-```typescript
-app.post("/register", async (req, res) => {
-  const { name, email, password, ...extraFields } = req.body;
-  
-  // Kroxt handles argon2 hashing (with pepper) and token generation
-  const { user, accessToken, refreshToken } = await auth.signup({
-    name,
-    email,
-    ...extraFields
-  }, password);
-
-  res.json({ user, accessToken, refreshToken });
-});
-```
-
-#### Login
-```typescript
-app.post("/login", async (req, res) => {
-  const { email, password } = req.body;
-  
-  // Kroxt verifies password (timing-attack safe) and returns tokens
-  const { user, accessToken, refreshToken } = await auth.loginWithPassword(email, password);
-
-  res.json({ user, accessToken, refreshToken });
-});
-```
-
-#### Token Refresh
-Keep users logged in by rotating access tokens using a valid refresh token.
-```typescript
-app.post("/refresh", async (req, res) => {
-  const { refreshToken } = req.body;
-  
-  // Returns a fresh access token
-  const { accessToken } = await auth.refresh(refreshToken);
-  
-  res.json({ accessToken });
-});
-```
-
-#### Protecting Routes (Middleware)
-```typescript
-app.get("/me", async (req, res) => {
-  const token = req.headers.authorization?.split(" ")[1];
-  
-  // Verify the JWT and get the payload { sub: string, role: string, ... }
-  const payload = await auth.verifyToken(token, "access");
-  
-  if (!payload) return res.status(401).send("Unauthorized");
-  
-  const user = await myAdapter.findUserById(payload.sub);
-  res.json(user);
-});
-```
-
----
-
-## Security Best Practices
-
-### 1. Password Peppering
-Always use a `pepper` in production. It's a server-side secret added to passwords before hashing. If your database is leaked, the hashes cannot be cracked without this pepper.
-
-### 2. CSRF Protection
-Kroxt provides helpers for the double-submit cookie pattern. Use these if you are storing tokens in cookies.
-
-```typescript
-import { generateCsrfToken, verifyCsrf } from "kroxt/security";
-
-const token = generateCsrfToken();
-const isValid = verifyCsrf(tokenInRequest, tokenInCookie);
-```
-
-### 3. Secure Cookies
-If using cookies, always set these flags:
-- `httpOnly: true` (Prevents XSS)
-- `secure: true` (Requires HTTPS)
-- `sameSite: 'strict'` (Prevents CSRF)
-
-### 4. Rate Limiting
-Implement rate limiting (e.g., `express-rate-limit`) on `/login` and `/register` to block brute-force attempts.
-
----
-
-## Reference Project
-
-Check out the `kroxt-example` folder or the [GitHub repository](https://github.com/adepoju-oluwatobi/kroxt-example) for a complete **Express + MongoDB** implementation using this library.
-
-## License
-
-MIT
+# kroxt
+
+A framework-agnostic, modular authentication engine for modern TypeScript applications. Built for security, extensibility, and ease of use.
+
+## Features
+
+- 🔐 **Secure Hashing**: Powered by `argon2` for industry-standard password security.
+- 🎟️ **Dual-Token Sessions**: Native support for Access and Refresh tokens via `jose`.
+- 🧩 **JWT Customization**: Fully extensible payload with support for custom user fields and `sub` override.
+- 🌍 **OAuth Ready**: Built-in support for GitHub and Google OAuth via `arctic`.
+- 🔌 **Built-in Adapters**: Native, one-line support for **MongoDB (Mongoose)** and **In-Memory** stores.
+- 🧩 **Database Agnostic**: Use Prisma, Drizzle, or any store via the generic `AuthAdapter` pattern.
+- 🌶️ **Password Peppering**: Server-side pepper support for enhanced hash protection.
+- 🛡️ **Timing Attack Protection**: Built-in safeguards against side-channel analysis during login.
+- ✅ **Zod Schema Support**: Perfectly preserves and types your user metadata.
+- 🌍 **Dual ESM/CJS Support**: Native support for both modern ESM (`import`) and CommonJS (`require`).
+
+## Installation
+
+```bash
+npm install kroxt
+```
+
+---
+
+## Guide: Full Authentication Flow
+
+This guide walks you through setting up Kroxt from scratch in your application.
+
+### Step 1: Define your User
+
+First, define what a User looks like in your system. Kroxt allows any additional fields (like `role`, `schoolId`, etc.) which you can later sign into your JWTs.
+
+```typescript
+export interface MyUser {
+  id: string;
+  email: string;
+  passwordHash: string;
+  role: 'admin' | 'user';
+  schoolId: string;    // Custom field for enterprise/multi-tenant apps
+  oauthProvider?: string; // Support for OAuth (e.g., 'github')
+  oauthId?: string;       // Unique ID from the provider
+  name: string;
+}
+```
+
+### Step 2: Choose an Adapter
+
+Kroxt provides built-in adapters for popular databases. For MongoDB, simply pass your Mongoose model to `createMongoAdapter`.
+
+```typescript
+import { createMongoAdapter } from "kroxt/adapters/mongoose";
+import { User } from "./models/user.model.js"; // Your Mongoose model
+
+// One line to connect your DB
+export const authAdapter = createMongoAdapter(User);
+```
+
+> [!TIP]
+> Need to use Prisma, Drizzle, or a custom API? You can still build a [Custom Adapter](#custom-adapters).
+
+### Step 3: Initialize the Auth Engine
+
+Configure Kroxt with your adapter and security settings.
+
+```typescript
+import { createAuth } from "kroxt/core";
+import { authAdapter } from "./auth.js";
+
+export const auth = createAuth({
+  adapter: authAdapter,
+  secret: process.env.AUTH_SECRET, // High-entropy secret for JWT signing
+  pepper: process.env.AUTH_PEPPER, // Optional: Server-side pepper for password hashing
+  session: {
+    expires: "15m",        // Access token duration
+    refreshExpires: "7d"   // Refresh token duration
+  },
+  jwt: {
+    /**
+     * Optional: Fully customize the JWT payload or add extra fields.
+     */
+    payload: (user, type) => {
+      // Only add extra details to 'access' tokens to keep 'refresh' tokens light.
+      if (type === "access") {
+        return {
+          schoolId: user.schoolId, // Add custom user detail
+          role: user.role,         // Explicitly include role
+        };
+      }
+      return {}; // Refresh tokens stay minimal
+    }
+  }
+});
+```
+
+### Step 4: Implement Controllers & Routes
+
+Use the engine in your application logic. Examples below use an Express-like structure.
+
+#### Registration
+```typescript
+app.post("/register", async (req, res) => {
+  const { name, email, password, ...extraFields } = req.body;
+  
+  // Kroxt handles argon2 hashing (with pepper) and token generation
+  const { user, accessToken, refreshToken } = await auth.signup({
+    name,
+    email,
+    ...extraFields
+  }, password);
+
+  res.json({ user, accessToken, refreshToken });
+});
+```
+
+#### Login
+```typescript
+app.post("/login", async (req, res) => {
+  const { email, password } = req.body;
+  
+  // Kroxt verifies password (timing-attack safe) and returns tokens
+  const { user, accessToken, refreshToken } = await auth.loginWithPassword(email, password);
+
+  res.json({ user, accessToken, refreshToken });
+});
+```
+
+#### Token Refresh
+Keep users logged in by rotating access tokens using a valid refresh token.
+```typescript
+app.post("/refresh", async (req, res) => {
+  const { refreshToken } = req.body;
+  
+  // Returns a fresh access token
+  const { accessToken } = await auth.refresh(refreshToken);
+  
+  res.json({ accessToken });
+});
+```
+
+#### Protecting Routes (Middleware)
+```typescript
+app.get("/me", async (req, res) => {
+  const token = req.headers.authorization?.split(" ")[1];
+  
+  // Verify the JWT and get the payload { sub: string, role: string, ... }
+  const payload = await auth.verifyToken(token, "access");
+  
+  if (!payload) return res.status(401).send("Unauthorized");
+  
+  const user = await myAdapter.findUserById(payload.sub);
+  res.json(user);
+});
+```
+
+---
+
+## Custom Adapters
+
+Kroxt's true power lies in its database-agnostic design. If you aren't using a built-in adapter, simply implement the `AuthAdapter` interface.
+
+```typescript
+import type { AuthAdapter, User } from "kroxt/adapters";
+import { db } from "./db.js";
+
+// Example using a generic DB client
+export const myCustomAdapter: AuthAdapter<MyUser> = {
+  createUser: async (data) => {
+    const user = await db.users.insert(data);
+    return { ...user, id: user.id.toString() };
+  },
+  findUserByEmail: async (email) => {
+    return await db.users.findFirst({ where: { email } });
+  },
+  findUserById: async (id) => {
+    return await db.users.findUnique({ where: { id } });
+  },
+  linkOAuthAccount: async (id, provider, providerId) => {
+    await db.users.update({
+      where: { id },
+      data: { oauthProvider: provider, oauthId: providerId }
+    });
+  }
+};
+```
+
+Using this pattern, you can connect Kroxt to **Supabase**, **Firestore**, **PostgreSQL**, or even a 3rd-party API.
+
+## Security Best Practices
+
+### 1. Password Peppering
+Always use a `pepper` in production. It's a server-side secret added to passwords before hashing. If your database is leaked, the hashes cannot be cracked without this pepper.
+
+### 2. CSRF Protection
+Kroxt provides helpers for the double-submit cookie pattern. Use these if you are storing tokens in cookies.
+
+```typescript
+import { generateCsrfToken, verifyCsrf } from "kroxt/security";
+
+const token = generateCsrfToken();
+const isValid = verifyCsrf(tokenInRequest, tokenInCookie);
+```
+
+### 3. Secure Cookies
+If using cookies, always set these flags:
+- `httpOnly: true` (Prevents XSS)
+- `secure: true` (Requires HTTPS)
+- `sameSite: 'strict'` (Prevents CSRF)
+
+### 4. Rate Limiting
+Implement rate limiting (e.g., `express-rate-limit`) on `/login` and `/register` to block brute-force attempts.
+
+---
+
+## Reference Project
+
+Check out the `kroxt-example` folder or the [GitHub repository](https://github.com/adepoju-oluwatobi/kroxt-example) for a complete **Express + MongoDB** implementation using this library.
+
+## License
+
+MIT

package/dist/adapters/index.cjs

@@ -0,0 +1,17 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var adapters_exports = {};
+module.exports = __toCommonJS(adapters_exports);
+//# sourceMappingURL=index.cjs.map

package/dist/adapters/index.cjs.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/auth/adapters/index.ts"],
+  "sourcesContent": ["export interface BaseUser {\n  id: string;\n  email: string;\n  passwordHash?: string;\n  role?: string;\n}\n\n// Allows any extended fields natively (like nin, bvn, maritalStatus, etc.)\nexport type User<TExtended = Record<string, any>> = BaseUser & TExtended;\n\nexport interface AuthAdapter<TUser = User> {\n  createUser: (data: any) => Promise<TUser>;\n  findUserByEmail: (email: string) => Promise<TUser | null>;\n  findUserById: (id: string) => Promise<TUser | null>;\n  linkOAuthAccount: (userId: string, provider: string, providerId: string) => Promise<void>;\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;AAAA;AAAA;",
+  "names": []
+}

package/{dist-lib/adapter.d.ts → dist/adapters/index.d.ts}

@@ -11,3 +11,4 @@ export interface AuthAdapter<TUser = User> {
     findUserById: (id: string) => Promise<TUser | null>;
     linkOAuthAccount: (userId: string, provider: string, providerId: string) => Promise<void>;
 }
+//# sourceMappingURL=index.d.ts.map

package/dist/adapters/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/index.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAGD,MAAM,MAAM,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,QAAQ,GAAG,SAAS,CAAC;AAEzE,MAAM,WAAW,WAAW,CAAC,KAAK,GAAG,IAAI;IACvC,UAAU,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC;IAC1C,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IAC1D,YAAY,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACpD,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3F"}

package/dist/adapters/index.js

@@ -0,0 +1 @@
+//# sourceMappingURL=index.js.map

package/dist/adapters/index.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": [],
+  "sourcesContent": [],
+  "mappings": "",
+  "names": []
+}

package/dist/adapters/memory.cjs

@@ -0,0 +1,55 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var memory_exports = {};
+__export(memory_exports, {
+  createMemoryAdapter: () => createMemoryAdapter
+});
+module.exports = __toCommonJS(memory_exports);
+function createMemoryAdapter() {
+  const users = /* @__PURE__ */ new Map();
+  const accounts = /* @__PURE__ */ new Map();
+  return {
+    createUser: async (data) => {
+      const id = data.id || Date.now().toString();
+      const newUser = { ...data, id };
+      users.set(newUser.email, newUser);
+      return newUser;
+    },
+    findUserByEmail: async (email) => {
+      return users.get(email) || null;
+    },
+    findUserById: async (id) => {
+      for (const user of users.values()) {
+        if (user.id === id) {
+          return user;
+        }
+      }
+      return null;
+    },
+    linkOAuthAccount: async (userId, provider, providerId) => {
+      const accountId = `${provider}_${providerId}`;
+      accounts.set(accountId, { userId, provider, providerId });
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createMemoryAdapter
+});
+//# sourceMappingURL=memory.cjs.map

package/dist/adapters/memory.cjs.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/auth/adapters/memory.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\n\n/**\n * Creates an in-memory database adapter for the auth engine.\n * This is useful for testing, prototyping, or when you don't need persistent storage.\n * All data is kept in memory and is lost when the server restarts.\n */\nexport function createMemoryAdapter<TUser extends User = User>(): AuthAdapter<TUser> {\n    const users = new Map<string, TUser>();\n    const accounts = new Map<string, { userId: string; provider: string; providerId: string }>();\n\n    return {\n        createUser: async (data: any) => {\n            // Auto-generate ID if not provided\n            const id = data.id || Date.now().toString();\n            const newUser = { ...data, id } as TUser;\n\n            // Store using email as the primary lookup key\n            users.set(newUser.email, newUser);\n            return newUser;\n        },\n\n        findUserByEmail: async (email: string) => {\n            return users.get(email) || null;\n        },\n\n        findUserById: async (id: string) => {\n            for (const user of users.values()) {\n                if (user.id === id) {\n                    return user;\n                }\n            }\n            return null;\n        },\n\n        linkOAuthAccount: async (userId: string, provider: string, providerId: string) => {\n            const accountId = `${provider}_${providerId}`;\n            accounts.set(accountId, { userId, provider, providerId });\n        }\n    };\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAOO,SAAS,sBAAqE;AACjF,QAAM,QAAQ,oBAAI,IAAmB;AACrC,QAAM,WAAW,oBAAI,IAAsE;AAE3F,SAAO;AAAA,IACH,YAAY,OAAO,SAAc;AAE7B,YAAM,KAAK,KAAK,MAAM,KAAK,IAAI,EAAE,SAAS;AAC1C,YAAM,UAAU,EAAE,GAAG,MAAM,GAAG;AAG9B,YAAM,IAAI,QAAQ,OAAO,OAAO;AAChC,aAAO;AAAA,IACX;AAAA,IAEA,iBAAiB,OAAO,UAAkB;AACtC,aAAO,MAAM,IAAI,KAAK,KAAK;AAAA,IAC/B;AAAA,IAEA,cAAc,OAAO,OAAe;AAChC,iBAAW,QAAQ,MAAM,OAAO,GAAG;AAC/B,YAAI,KAAK,OAAO,IAAI;AAChB,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA,IAEA,kBAAkB,OAAO,QAAgB,UAAkB,eAAuB;AAC9E,YAAM,YAAY,GAAG,QAAQ,IAAI,UAAU;AAC3C,eAAS,IAAI,WAAW,EAAE,QAAQ,UAAU,WAAW,CAAC;AAAA,IAC5D;AAAA,EACJ;AACJ;",
+  "names": []
+}

package/{dist-lib/memoryAdapter.d.ts → dist/adapters/memory.d.ts}

@@ -1,7 +1,8 @@
-import type { AuthAdapter, User } from "./adapter.js";
+import type { AuthAdapter, User } from "./index.js";
 /**
  * Creates an in-memory database adapter for the auth engine.
  * This is useful for testing, prototyping, or when you don't need persistent storage.
  * All data is kept in memory and is lost when the server restarts.
  */
 export declare function createMemoryAdapter<TUser extends User = User>(): AuthAdapter<TUser>;
+//# sourceMappingURL=memory.d.ts.map

package/dist/adapters/memory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/memory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,KAAK,WAAW,CAAC,KAAK,CAAC,CAiCnF"}

package/dist/adapters/memory.js

@@ -0,0 +1,31 @@
+function createMemoryAdapter() {
+  const users = /* @__PURE__ */ new Map();
+  const accounts = /* @__PURE__ */ new Map();
+  return {
+    createUser: async (data) => {
+      const id = data.id || Date.now().toString();
+      const newUser = { ...data, id };
+      users.set(newUser.email, newUser);
+      return newUser;
+    },
+    findUserByEmail: async (email) => {
+      return users.get(email) || null;
+    },
+    findUserById: async (id) => {
+      for (const user of users.values()) {
+        if (user.id === id) {
+          return user;
+        }
+      }
+      return null;
+    },
+    linkOAuthAccount: async (userId, provider, providerId) => {
+      const accountId = `${provider}_${providerId}`;
+      accounts.set(accountId, { userId, provider, providerId });
+    }
+  };
+}
+export {
+  createMemoryAdapter
+};
+//# sourceMappingURL=memory.js.map

package/dist/adapters/memory.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/auth/adapters/memory.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\n\n/**\n * Creates an in-memory database adapter for the auth engine.\n * This is useful for testing, prototyping, or when you don't need persistent storage.\n * All data is kept in memory and is lost when the server restarts.\n */\nexport function createMemoryAdapter<TUser extends User = User>(): AuthAdapter<TUser> {\n    const users = new Map<string, TUser>();\n    const accounts = new Map<string, { userId: string; provider: string; providerId: string }>();\n\n    return {\n        createUser: async (data: any) => {\n            // Auto-generate ID if not provided\n            const id = data.id || Date.now().toString();\n            const newUser = { ...data, id } as TUser;\n\n            // Store using email as the primary lookup key\n            users.set(newUser.email, newUser);\n            return newUser;\n        },\n\n        findUserByEmail: async (email: string) => {\n            return users.get(email) || null;\n        },\n\n        findUserById: async (id: string) => {\n            for (const user of users.values()) {\n                if (user.id === id) {\n                    return user;\n                }\n            }\n            return null;\n        },\n\n        linkOAuthAccount: async (userId: string, provider: string, providerId: string) => {\n            const accountId = `${provider}_${providerId}`;\n            accounts.set(accountId, { userId, provider, providerId });\n        }\n    };\n}\n"],
+  "mappings": "AAOO,SAAS,sBAAqE;AACjF,QAAM,QAAQ,oBAAI,IAAmB;AACrC,QAAM,WAAW,oBAAI,IAAsE;AAE3F,SAAO;AAAA,IACH,YAAY,OAAO,SAAc;AAE7B,YAAM,KAAK,KAAK,MAAM,KAAK,IAAI,EAAE,SAAS;AAC1C,YAAM,UAAU,EAAE,GAAG,MAAM,GAAG;AAG9B,YAAM,IAAI,QAAQ,OAAO,OAAO;AAChC,aAAO;AAAA,IACX;AAAA,IAEA,iBAAiB,OAAO,UAAkB;AACtC,aAAO,MAAM,IAAI,KAAK,KAAK;AAAA,IAC/B;AAAA,IAEA,cAAc,OAAO,OAAe;AAChC,iBAAW,QAAQ,MAAM,OAAO,GAAG;AAC/B,YAAI,KAAK,OAAO,IAAI;AAChB,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA,IAEA,kBAAkB,OAAO,QAAgB,UAAkB,eAAuB;AAC9E,YAAM,YAAY,GAAG,QAAQ,IAAI,UAAU;AAC3C,eAAS,IAAI,WAAW,EAAE,QAAQ,UAAU,WAAW,CAAC;AAAA,IAC5D;AAAA,EACJ;AACJ;",
+  "names": []
+}