kroxt 1.1.5 → 1.2.0

package/README.md

@@ -1,221 +1,177 @@
-# kroxt
-
-A framework-agnostic, modular authentication engine for modern TypeScript applications. Built for security, extensibility, and ease of use.
-
-## Features
-
-- 🔐 **Secure Hashing**: Powered by `argon2` for industry-standard password security.
-- 🎟️ **Dual-Token Sessions**: Native support for Access and Refresh tokens via `jose`.
-- 🧩 **JWT Customization**: Fully extensible payload with support for custom user fields and `sub` override.
-- 🌍 **OAuth Ready**: Built-in support for GitHub and Google OAuth via `arctic`.
-- 🔌 **Built-in Adapters**: Native, one-line support for **MongoDB (Mongoose)** and **In-Memory** stores.
-- 🧩 **Database Agnostic**: Use Prisma, Drizzle, or any store via the generic `AuthAdapter` pattern.
-- 🌶️ **Password Peppering**: Server-side pepper support for enhanced hash protection.
-- 🛡️ **Timing Attack Protection**: Built-in safeguards against side-channel analysis during login.
-- ✅ **Zod Schema Support**: Perfectly preserves and types your user metadata.
-- 🌍 **Dual ESM/CJS Support**: Native support for both modern ESM (`import`) and CommonJS (`require`).
-
-## Installation
-
-```bash
-npm install kroxt
-```
-
----
-
-## Guide: Full Authentication Flow
-
-This guide walks you through setting up Kroxt from scratch in your application.
-
-### Step 1: Define your User
-
-First, define what a User looks like in your system. Kroxt allows any additional fields (like `role`, `schoolId`, etc.) which you can later sign into your JWTs.
-
-```typescript
-export interface MyUser {
-  id: string;
-  email: string;
-  passwordHash: string;
-  role: 'admin' | 'user';
-  schoolId: string;    // Custom field for enterprise/multi-tenant apps
-  oauthProvider?: string; // Support for OAuth (e.g., 'github')
-  oauthId?: string;       // Unique ID from the provider
-  name: string;
-}
-```
-
-### Step 2: Choose an Adapter
-
-Kroxt provides built-in adapters for popular databases. For MongoDB, simply pass your Mongoose model to `createMongoAdapter`.
-
-```typescript
-import { createMongoAdapter } from "kroxt/adapters/mongoose";
-import { User } from "./models/user.model.js"; // Your Mongoose model
-
-// One line to connect your DB
-export const authAdapter = createMongoAdapter(User);
-```
-
-> [!TIP]
-> Need to use Prisma, Drizzle, or a custom API? You can still build a [Custom Adapter](#custom-adapters).
-
-### Step 3: Initialize the Auth Engine
-
-Configure Kroxt with your adapter and security settings.
-
-```typescript
-import { createAuth } from "kroxt/core";
-import { authAdapter } from "./auth.js";
-
-export const auth = createAuth({
-  adapter: authAdapter,
-  secret: process.env.AUTH_SECRET, // High-entropy secret for JWT signing
-  pepper: process.env.AUTH_PEPPER, // Optional: Server-side pepper for password hashing
-  session: {
-    expires: "15m",        // Access token duration
-    refreshExpires: "7d"   // Refresh token duration
-  },
-  jwt: {
-    /**
-     * Optional: Fully customize the JWT payload or add extra fields.
-     */
-    payload: (user, type) => {
-      // Only add extra details to 'access' tokens to keep 'refresh' tokens light.
-      if (type === "access") {
-        return {
-          schoolId: user.schoolId, // Add custom user detail
-          role: user.role,         // Explicitly include role
-        };
-      }
-      return {}; // Refresh tokens stay minimal
-    }
-  }
-});
-```
-
-### Step 4: Implement Controllers & Routes
-
-Use the engine in your application logic. Examples below use an Express-like structure.
-
-#### Registration
-```typescript
-app.post("/register", async (req, res) => {
-  const { name, email, password, ...extraFields } = req.body;
-  
-  // Kroxt handles argon2 hashing (with pepper) and token generation
-  const { user, accessToken, refreshToken } = await auth.signup({
-    name,
-    email,
-    ...extraFields
-  }, password);
-
-  res.json({ user, accessToken, refreshToken });
-});
-```
-
-#### Login
-```typescript
-app.post("/login", async (req, res) => {
-  const { email, password } = req.body;
-  
-  // Kroxt verifies password (timing-attack safe) and returns tokens
-  const { user, accessToken, refreshToken } = await auth.loginWithPassword(email, password);
-
-  res.json({ user, accessToken, refreshToken });
-});
-```
-
-#### Token Refresh
-Keep users logged in by rotating access tokens using a valid refresh token.
-```typescript
-app.post("/refresh", async (req, res) => {
-  const { refreshToken } = req.body;
-  
-  // Returns a fresh access token
-  const { accessToken } = await auth.refresh(refreshToken);
-  
-  res.json({ accessToken });
-});
-```
-
-#### Protecting Routes (Middleware)
-```typescript
-app.get("/me", async (req, res) => {
-  const token = req.headers.authorization?.split(" ")[1];
-  
-  // Verify the JWT and get the payload { sub: string, role: string, ... }
-  const payload = await auth.verifyToken(token, "access");
-  
-  if (!payload) return res.status(401).send("Unauthorized");
-  
-  const user = await myAdapter.findUserById(payload.sub);
-  res.json(user);
-});
-```
-
----
-
-## Custom Adapters
-
-Kroxt's true power lies in its database-agnostic design. If you aren't using a built-in adapter, simply implement the `AuthAdapter` interface.
-
-```typescript
-import type { AuthAdapter, User } from "kroxt/adapters";
-import { db } from "./db.js";
-
-// Example using a generic DB client
-export const myCustomAdapter: AuthAdapter<MyUser> = {
-  createUser: async (data) => {
-    const user = await db.users.insert(data);
-    return { ...user, id: user.id.toString() };
-  },
-  findUserByEmail: async (email) => {
-    return await db.users.findFirst({ where: { email } });
-  },
-  findUserById: async (id) => {
-    return await db.users.findUnique({ where: { id } });
-  },
-  linkOAuthAccount: async (id, provider, providerId) => {
-    await db.users.update({
-      where: { id },
-      data: { oauthProvider: provider, oauthId: providerId }
-    });
-  }
-};
-```
-
-Using this pattern, you can connect Kroxt to **Supabase**, **Firestore**, **PostgreSQL**, or even a 3rd-party API.
-
-## Security Best Practices
-
-### 1. Password Peppering
-Always use a `pepper` in production. It's a server-side secret added to passwords before hashing. If your database is leaked, the hashes cannot be cracked without this pepper.
-
-### 2. CSRF Protection
-Kroxt provides helpers for the double-submit cookie pattern. Use these if you are storing tokens in cookies.
-
-```typescript
-import { generateCsrfToken, verifyCsrf } from "kroxt/security";
-
-const token = generateCsrfToken();
-const isValid = verifyCsrf(tokenInRequest, tokenInCookie);
-```
-
-### 3. Secure Cookies
-If using cookies, always set these flags:
-- `httpOnly: true` (Prevents XSS)
-- `secure: true` (Requires HTTPS)
-- `sameSite: 'strict'` (Prevents CSRF)
-
-### 4. Rate Limiting
-Implement rate limiting (e.g., `express-rate-limit`) on `/login` and `/register` to block brute-force attempts.
-
----
-
-## Reference Project
-
-Check out the `kroxt-example` folder or the [GitHub repository](https://github.com/adepoju-oluwatobi/kroxt-example) for a complete **Express + MongoDB** implementation using this library.
-
-## License
-
-MIT
+# kroxt 🔐
+
+A framework-agnostic, modular authentication engine for modern TypeScript applications. Built for security, extensibility, and pure developer joy.
+
+[![npm version](https://img.shields.io/npm/v/kroxt.svg)](https://www.npmjs.com/package/kroxt)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+## 🚀 Why Kroxt?
+
+Authentication is often either too complex (Passport, Auth.js) or too restrictive. Kroxt is the **"Headless" Auth Engine** that gives you the best of both worlds:
+
+- 🏗️ **Database Agnostic**: Native adapters for **Prisma**, **Drizzle**, and **Mongoose**.
+- 🛠️ **Modular**: Use only what you need. No forced session managers or UI components.
+- 🔐 **Security First**: Argon2 hashing, dual-token rotation, and timing-attack protection built-in.
+- 🧩 **TypeScript Native**: Perfectly preserves your user schemas and metadata.
+
+---
+
+## 🗺️ How it Works
+
+Kroxt sits between your database and your controller logic. It handles the "heavy lifting" (hashing, JWT signing, token rotation) while you maintain full control over your API.
+
+```mermaid
+graph LR
+    A[Client] -- "Credentials" --> B[Express/Fastify]
+    B -- "auth.signup()" --> C[Kroxt Engine]
+    C -- "Save User" --> D[(Database Adapter)]
+    D -- "Success" --> C
+    C -- "Tokens + User" --> B
+    B -- "Set Cookies/JSON" --> A
+    
+    subgraph Adapters
+    D
+    E[Mongoose]
+    F[Drizzle]
+    G[Prisma]
+    end
+```
+
+---
+
+## 🏁 Quick Start (5 Minutes)
+
+### 1. Installation
+
+```bash
+npm install kroxt
+```
+
+### 2. Choose Your Adapter
+
+Kroxt provides official adapters for the most popular ORMs.
+
+#### **Option A: Drizzle (SQLite/PG/MySQL)**
+```typescript
+import { createDrizzleAdapter } from "kroxt/adapters/drizzle";
+import { db } from "./db";
+import { users } from "./schema";
+import { eq } from "drizzle-orm";
+
+export const adapter = createDrizzleAdapter(db, users, eq);
+```
+
+#### **Option B: Prisma**
+```typescript
+import { createPrismaAdapter } from "kroxt/adapters/prisma";
+import { prisma } from "./db";
+
+export const adapter = createPrismaAdapter(prisma.user);
+```
+
+#### **Option C: Mongoose**
+```typescript
+import { createMongoAdapter } from "kroxt/adapters/mongoose";
+import { User } from "./models/user.model";
+
+export const adapter = createMongoAdapter(User);
+```
+
+### 3. Initialize the Engine
+
+```typescript
+import { createAuth } from "kroxt/core";
+import { adapter } from "./auth-adapter";
+
+export const auth = createAuth({
+  adapter,
+  secret: process.env.JWT_SECRET,
+  session: {
+    expires: "15m",
+    refreshExpires: "7d"
+  }
+});
+```
+
+---
+
+## 🛡️ Core Authentication Flows
+
+### **Registration**
+```typescript
+const { user, accessToken, refreshToken } = await auth.signup({ 
+  email, 
+  name, 
+  role: 'user' 
+}, password);
+```
+
+### **Login**
+```typescript
+const { user, accessToken, refreshToken } = await auth.loginWithPassword(email, password);
+```
+
+### **Token Refresh**
+```typescript
+const { accessToken } = await auth.refresh(refreshToken);
+```
+
+---
+
+## 🐣 Beginner Corner: What is "Headless"?
+
+If you're new to backend development, "Headless" means Kroxt **doesn't provide a UI** (no login buttons or pre-made forms). Instead, it provides the **engine** (the logic). 
+
+**Why is this good?**
+It means you can build your own login screen in React, Vue, or even a Mobile App, and Kroxt will handle the security part on the server exactly the same way every time.
+
+---
+
+## 🛠️ Advanced: Custom JWT Payloads
+
+Want to share a user's `role` or `plan` with the frontend via the JWT? Use the `payload` hook:
+
+```typescript
+export const auth = createAuth({
+  adapter,
+  jwt: {
+    payload: (user, type) => {
+      if (type === "access") {
+        return { 
+          role: user.role, 
+          tier: user.subscriptionTier 
+        };
+      }
+      return {}; // Keep refresh tokens small
+    }
+  }
+});
+```
+
+---
+
+## 🛑 Common v1.2.0 Troubleshooting
+
+### "Cannot find module '.prisma/client/default.js'" (ESM on Windows)
+If you're using Prisma with ESM (`"type": "module"`) on Windows, you may need a robust import in your `src/db/index.ts`:
+
+```typescript
+import { createRequire } from "module";
+const require = createRequire(import.meta.url);
+const { PrismaClient } = require("@prisma/client");
+```
+
+### Prisma "Unknown argument `name`"
+Prisma is strict about schemas. If you're sending extra fields in `auth.signup()`, ensure your `schema.prisma` includes them (marked as `?` optional if needed).
+
+---
+
+## 🔗 Reference Project
+
+Complete working implementations:
+- [Express + Drizzle + SQLite](https://github.com/adepoju-oluwatobi/kroxt-example)
+- [Express + Mongoose](https://github.com/adepoju-oluwatobi/kroxt-example-cjs)
+
+## 📄 License
+
+MIT © [Adepoju Oluwatobi](https://github.com/adepoju-oluwatobi)

package/dist/adapters/drizzle.cjs

@@ -0,0 +1,51 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var drizzle_exports = {};
+__export(drizzle_exports, {
+  createDrizzleAdapter: () => createDrizzleAdapter
+});
+module.exports = __toCommonJS(drizzle_exports);
+function createDrizzleAdapter(db, table, eq) {
+  return {
+    async createUser(data) {
+      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };
+      const results = await db.insert(table).values(dataToSave).returning();
+      return results[0];
+    },
+    async findUserByEmail(email) {
+      const results = await db.select().from(table).where(eq(table.email, email)).limit(1);
+      return results[0] || null;
+    },
+    async findUserById(id) {
+      const results = await db.select().from(table).where(eq(table.id, id)).limit(1);
+      return results[0] || null;
+    },
+    async linkOAuthAccount(userId, provider, providerId) {
+      await db.update(table).set({
+        oauthProvider: provider,
+        oauthId: providerId
+      }).where(eq(table.id, userId));
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createDrizzleAdapter
+});
+//# sourceMappingURL=drizzle.cjs.map

package/dist/adapters/drizzle.cjs.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/auth/adapters/drizzle.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\n\n/**\n * Creates a Drizzle ORM adapter.\n * \n * Works with any Drizzle-supported database (PostgreSQL, MySQL, SQLite)\n * by using the standard drizzle-orm `db` instance and table definition.\n * \n * @param db - The Drizzle database instance.\n * @param table - The Drizzle table representing users.\n * @param eq - The Drizzle `eq` operator (imported from `drizzle-orm`).\n * @returns An AuthAdapter compliant object.\n */\nexport function createDrizzleAdapter<TUser extends User = User>(\n  db: any,\n  table: any,\n  eq: any\n): AuthAdapter<TUser> {\n  return {\n    async createUser(data: any) {\n      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };\n      const results = await db.insert(table).values(dataToSave).returning();\n      return results[0] as TUser;\n    },\n\n    async findUserByEmail(email: string) {\n      const results = await db.select().from(table).where(eq(table.email, email)).limit(1);\n      return (results[0] || null) as TUser | null;\n    },\n\n    async findUserById(id: string) {\n      const results = await db.select().from(table).where(eq(table.id, id)).limit(1);\n      return (results[0] || null) as TUser | null;\n    },\n\n    async linkOAuthAccount(userId: string, provider: string, providerId: string) {\n      await db.update(table)\n        .set({\n          oauthProvider: provider,\n          oauthId: providerId,\n        })\n        .where(eq(table.id, userId));\n    },\n  };\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAaO,SAAS,qBACd,IACA,OACA,IACoB;AACpB,SAAO;AAAA,IACL,MAAM,WAAW,MAAW;AAC1B,YAAM,aAAa,EAAE,IAAI,KAAK,MAAM,WAAW,OAAO,WAAW,GAAG,GAAG,KAAK;AAC5E,YAAM,UAAU,MAAM,GAAG,OAAO,KAAK,EAAE,OAAO,UAAU,EAAE,UAAU;AACpE,aAAO,QAAQ,CAAC;AAAA,IAClB;AAAA,IAEA,MAAM,gBAAgB,OAAe;AACnC,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,OAAO,KAAK,CAAC,EAAE,MAAM,CAAC;AACnF,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,aAAa,IAAY;AAC7B,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC;AAC7E,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,iBAAiB,QAAgB,UAAkB,YAAoB;AAC3E,YAAM,GAAG,OAAO,KAAK,EAClB,IAAI;AAAA,QACH,eAAe;AAAA,QACf,SAAS;AAAA,MACX,CAAC,EACA,MAAM,GAAG,MAAM,IAAI,MAAM,CAAC;AAAA,IAC/B;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/adapters/drizzle.d.ts

@@ -0,0 +1,14 @@
+import type { AuthAdapter, User } from "./index.js";
+/**
+ * Creates a Drizzle ORM adapter.
+ *
+ * Works with any Drizzle-supported database (PostgreSQL, MySQL, SQLite)
+ * by using the standard drizzle-orm `db` instance and table definition.
+ *
+ * @param db - The Drizzle database instance.
+ * @param table - The Drizzle table representing users.
+ * @param eq - The Drizzle `eq` operator (imported from `drizzle-orm`).
+ * @returns An AuthAdapter compliant object.
+ */
+export declare function createDrizzleAdapter<TUser extends User = User>(db: any, table: any, eq: any): AuthAdapter<TUser>;
+//# sourceMappingURL=drizzle.d.ts.map

package/dist/adapters/drizzle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"drizzle.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/drizzle.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;;;;;;;GAUG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAC5D,EAAE,EAAE,GAAG,EACP,KAAK,EAAE,GAAG,EACV,EAAE,EAAE,GAAG,GACN,WAAW,CAAC,KAAK,CAAC,CA2BpB"}

package/dist/adapters/drizzle.js

@@ -0,0 +1,27 @@
+function createDrizzleAdapter(db, table, eq) {
+  return {
+    async createUser(data) {
+      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };
+      const results = await db.insert(table).values(dataToSave).returning();
+      return results[0];
+    },
+    async findUserByEmail(email) {
+      const results = await db.select().from(table).where(eq(table.email, email)).limit(1);
+      return results[0] || null;
+    },
+    async findUserById(id) {
+      const results = await db.select().from(table).where(eq(table.id, id)).limit(1);
+      return results[0] || null;
+    },
+    async linkOAuthAccount(userId, provider, providerId) {
+      await db.update(table).set({
+        oauthProvider: provider,
+        oauthId: providerId
+      }).where(eq(table.id, userId));
+    }
+  };
+}
+export {
+  createDrizzleAdapter
+};
+//# sourceMappingURL=drizzle.js.map

package/dist/adapters/drizzle.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/auth/adapters/drizzle.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\n\n/**\n * Creates a Drizzle ORM adapter.\n * \n * Works with any Drizzle-supported database (PostgreSQL, MySQL, SQLite)\n * by using the standard drizzle-orm `db` instance and table definition.\n * \n * @param db - The Drizzle database instance.\n * @param table - The Drizzle table representing users.\n * @param eq - The Drizzle `eq` operator (imported from `drizzle-orm`).\n * @returns An AuthAdapter compliant object.\n */\nexport function createDrizzleAdapter<TUser extends User = User>(\n  db: any,\n  table: any,\n  eq: any\n): AuthAdapter<TUser> {\n  return {\n    async createUser(data: any) {\n      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };\n      const results = await db.insert(table).values(dataToSave).returning();\n      return results[0] as TUser;\n    },\n\n    async findUserByEmail(email: string) {\n      const results = await db.select().from(table).where(eq(table.email, email)).limit(1);\n      return (results[0] || null) as TUser | null;\n    },\n\n    async findUserById(id: string) {\n      const results = await db.select().from(table).where(eq(table.id, id)).limit(1);\n      return (results[0] || null) as TUser | null;\n    },\n\n    async linkOAuthAccount(userId: string, provider: string, providerId: string) {\n      await db.update(table)\n        .set({\n          oauthProvider: provider,\n          oauthId: providerId,\n        })\n        .where(eq(table.id, userId));\n    },\n  };\n}\n"],
+  "mappings": "AAaO,SAAS,qBACd,IACA,OACA,IACoB;AACpB,SAAO;AAAA,IACL,MAAM,WAAW,MAAW;AAC1B,YAAM,aAAa,EAAE,IAAI,KAAK,MAAM,WAAW,OAAO,WAAW,GAAG,GAAG,KAAK;AAC5E,YAAM,UAAU,MAAM,GAAG,OAAO,KAAK,EAAE,OAAO,UAAU,EAAE,UAAU;AACpE,aAAO,QAAQ,CAAC;AAAA,IAClB;AAAA,IAEA,MAAM,gBAAgB,OAAe;AACnC,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,OAAO,KAAK,CAAC,EAAE,MAAM,CAAC;AACnF,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,aAAa,IAAY;AAC7B,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC;AAC7E,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,iBAAiB,QAAgB,UAAkB,YAAoB;AAC3E,YAAM,GAAG,OAAO,KAAK,EAClB,IAAI;AAAA,QACH,eAAe;AAAA,QACf,SAAS;AAAA,MACX,CAAC,EACA,MAAM,GAAG,MAAM,IAAI,MAAM,CAAC;AAAA,IAC/B;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/adapters/prisma.cjs

@@ -0,0 +1,58 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var prisma_exports = {};
+__export(prisma_exports, {
+  createPrismaAdapter: () => createPrismaAdapter
+});
+module.exports = __toCommonJS(prisma_exports);
+function createPrismaAdapter(model) {
+  return {
+    async createUser(data) {
+      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };
+      const user = await model.create({ data: dataToSave });
+      return user;
+    },
+    async findUserByEmail(email) {
+      const user = await model.findUnique({
+        where: { email }
+      });
+      return user;
+    },
+    async findUserById(id) {
+      const user = await model.findUnique({
+        where: { id }
+      });
+      return user;
+    },
+    async linkOAuthAccount(userId, provider, providerId) {
+      await model.update({
+        where: { id: userId },
+        data: {
+          oauthProvider: provider,
+          oauthId: providerId
+        }
+      });
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createPrismaAdapter
+});
+//# sourceMappingURL=prisma.cjs.map

package/dist/adapters/prisma.cjs.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/auth/adapters/prisma.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\n\n/**\n * Creates a Prisma adapter using a Prisma delegate (e.g., prisma.user).\n * \n * Works with any Prisma-supported database by using the standard\n * Prisma delegate operations (findUnique, create, update).\n * \n * @param model - A Prisma delegate instance (e.g., prisma.user).\n * @returns An AuthAdapter compliant object.\n */\nexport function createPrismaAdapter<TUser extends User = User>(model: any): AuthAdapter<TUser> {\n  return {\n    async createUser(data: any) {\n      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };\n      const user = await model.create({ data: dataToSave });\n      return user as TUser;\n    },\n\n    async findUserByEmail(email: string) {\n      const user = await model.findUnique({\n        where: { email },\n      });\n      return user as TUser | null;\n    },\n\n    async findUserById(id: string) {\n      const user = await model.findUnique({\n        where: { id },\n      });\n      return user as TUser | null;\n    },\n\n    async linkOAuthAccount(userId: string, provider: string, providerId: string) {\n      await model.update({\n        where: { id: userId },\n        data: {\n          oauthProvider: provider,\n          oauthId: providerId,\n        },\n      });\n    },\n  };\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAWO,SAAS,oBAA+C,OAAgC;AAC7F,SAAO;AAAA,IACL,MAAM,WAAW,MAAW;AAC1B,YAAM,aAAa,EAAE,IAAI,KAAK,MAAM,WAAW,OAAO,WAAW,GAAG,GAAG,KAAK;AAC5E,YAAM,OAAO,MAAM,MAAM,OAAO,EAAE,MAAM,WAAW,CAAC;AACpD,aAAO;AAAA,IACT;AAAA,IAEA,MAAM,gBAAgB,OAAe;AACnC,YAAM,OAAO,MAAM,MAAM,WAAW;AAAA,QAClC,OAAO,EAAE,MAAM;AAAA,MACjB,CAAC;AACD,aAAO;AAAA,IACT;AAAA,IAEA,MAAM,aAAa,IAAY;AAC7B,YAAM,OAAO,MAAM,MAAM,WAAW;AAAA,QAClC,OAAO,EAAE,GAAG;AAAA,MACd,CAAC;AACD,aAAO;AAAA,IACT;AAAA,IAEA,MAAM,iBAAiB,QAAgB,UAAkB,YAAoB;AAC3E,YAAM,MAAM,OAAO;AAAA,QACjB,OAAO,EAAE,IAAI,OAAO;AAAA,QACpB,MAAM;AAAA,UACJ,eAAe;AAAA,UACf,SAAS;AAAA,QACX;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/adapters/prisma.d.ts

@@ -0,0 +1,12 @@
+import type { AuthAdapter, User } from "./index.js";
+/**
+ * Creates a Prisma adapter using a Prisma delegate (e.g., prisma.user).
+ *
+ * Works with any Prisma-supported database by using the standard
+ * Prisma delegate operations (findUnique, create, update).
+ *
+ * @param model - A Prisma delegate instance (e.g., prisma.user).
+ * @returns An AuthAdapter compliant object.
+ */
+export declare function createPrismaAdapter<TUser extends User = User>(model: any): AuthAdapter<TUser>;
+//# sourceMappingURL=prisma.d.ts.map

package/dist/adapters/prisma.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prisma.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/prisma.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAAE,KAAK,EAAE,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CAgC7F"}

package/dist/adapters/prisma.js

@@ -0,0 +1,34 @@
+function createPrismaAdapter(model) {
+  return {
+    async createUser(data) {
+      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };
+      const user = await model.create({ data: dataToSave });
+      return user;
+    },
+    async findUserByEmail(email) {
+      const user = await model.findUnique({
+        where: { email }
+      });
+      return user;
+    },
+    async findUserById(id) {
+      const user = await model.findUnique({
+        where: { id }
+      });
+      return user;
+    },
+    async linkOAuthAccount(userId, provider, providerId) {
+      await model.update({
+        where: { id: userId },
+        data: {
+          oauthProvider: provider,
+          oauthId: providerId
+        }
+      });
+    }
+  };
+}
+export {
+  createPrismaAdapter
+};
+//# sourceMappingURL=prisma.js.map

package/dist/adapters/prisma.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/auth/adapters/prisma.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\n\n/**\n * Creates a Prisma adapter using a Prisma delegate (e.g., prisma.user).\n * \n * Works with any Prisma-supported database by using the standard\n * Prisma delegate operations (findUnique, create, update).\n * \n * @param model - A Prisma delegate instance (e.g., prisma.user).\n * @returns An AuthAdapter compliant object.\n */\nexport function createPrismaAdapter<TUser extends User = User>(model: any): AuthAdapter<TUser> {\n  return {\n    async createUser(data: any) {\n      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };\n      const user = await model.create({ data: dataToSave });\n      return user as TUser;\n    },\n\n    async findUserByEmail(email: string) {\n      const user = await model.findUnique({\n        where: { email },\n      });\n      return user as TUser | null;\n    },\n\n    async findUserById(id: string) {\n      const user = await model.findUnique({\n        where: { id },\n      });\n      return user as TUser | null;\n    },\n\n    async linkOAuthAccount(userId: string, provider: string, providerId: string) {\n      await model.update({\n        where: { id: userId },\n        data: {\n          oauthProvider: provider,\n          oauthId: providerId,\n        },\n      });\n    },\n  };\n}\n"],
+  "mappings": "AAWO,SAAS,oBAA+C,OAAgC;AAC7F,SAAO;AAAA,IACL,MAAM,WAAW,MAAW;AAC1B,YAAM,aAAa,EAAE,IAAI,KAAK,MAAM,WAAW,OAAO,WAAW,GAAG,GAAG,KAAK;AAC5E,YAAM,OAAO,MAAM,MAAM,OAAO,EAAE,MAAM,WAAW,CAAC;AACpD,aAAO;AAAA,IACT;AAAA,IAEA,MAAM,gBAAgB,OAAe;AACnC,YAAM,OAAO,MAAM,MAAM,WAAW;AAAA,QAClC,OAAO,EAAE,MAAM;AAAA,MACjB,CAAC;AACD,aAAO;AAAA,IACT;AAAA,IAEA,MAAM,aAAa,IAAY;AAC7B,YAAM,OAAO,MAAM,MAAM,WAAW;AAAA,QAClC,OAAO,EAAE,GAAG;AAAA,MACd,CAAC;AACD,aAAO;AAAA,IACT;AAAA,IAEA,MAAM,iBAAiB,QAAgB,UAAkB,YAAoB;AAC3E,YAAM,MAAM,OAAO;AAAA,QACjB,OAAO,EAAE,IAAI,OAAO;AAAA,QACpB,MAAM;AAAA,UACJ,eAAe;AAAA,UACf,SAAS;AAAA,QACX;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AACF;",
+  "names": []
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kroxt",
-  "version": "1.1.5",
+  "version": "1.2.0",
   "keywords": [
     "auth",
     "authentication",
@@ -16,6 +16,7 @@
     "hono",
     "express",
     "prisma-adapter",
+    "drizzle-adapter",
     "mongoose-adapter"
   ],
   "license": "MIT",
@@ -55,6 +56,16 @@
       "import": "./dist/adapters/mongoose.js",
       "require": "./dist/adapters/mongoose.cjs"
     },
+    "./adapters/drizzle": {
+      "types": "./dist/adapters/drizzle.d.ts",
+      "import": "./dist/adapters/drizzle.js",
+      "require": "./dist/adapters/drizzle.cjs"
+    },
+    "./adapters/prisma": {
+      "types": "./dist/adapters/prisma.d.ts",
+      "import": "./dist/adapters/prisma.js",
+      "require": "./dist/adapters/prisma.cjs"
+    },
     "./security": {
       "types": "./dist/security/index.d.ts",
       "import": "./dist/security/index.js",