kroxt 1.2.1 → 1.3.0

package/README.md

@@ -1,22 +1,39 @@
-# kroxt 🔐
+# Kroxt 🖤🤍
 
 A framework-agnostic, modular authentication engine for modern TypeScript applications. Built for security, extensibility, and pure developer joy.
 
 [![npm version](https://img.shields.io/npm/v/kroxt.svg)](https://www.npmjs.com/package/kroxt)
-[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-[![Security Policy](https://img.shields.io/badge/Security-Policy-brightgreen.svg)](./SECURITY.md)
+[![License: MIT](https://img.shields.io/badge/License-MIT-black.svg)](https://opensource.org/licenses/MIT)
 
 > [!IMPORTANT]
-> **What's New in v1.2.0**: Universal SQL support (Drizzle/Prisma), multi-framework examples for Express/Fastify/Hono, and a revamped mobile-first documentation site. [Read the full Changelog](./CHANGELOG.md).
+> **What's New in v1.3.0**: The **Kroxt CLI** is here! Bootstrap your entire auth engine in seconds with `npx kroxt init`. Also featuring a premium **Monochrome rebranding** and advanced **IP-Blocking** defense.
+
+---
+
+## ⚡ Quick Start (The Recommended Way)
+
+The fastest way to get started with Kroxt is using our interactive initializer:
+
+```bash
+npx kroxt init
+```
+
+This will guide you through:
+- 🏗️ Choosing your database adapter (**Mongoose**, **Prisma**, **Drizzle**, or **Memory**).
+- 🛡️ Configuring security layers (**Rate Limiting**, **IP Blocking**, **Peppering**).
+- 🔑 Generating secure **JWT_SECRET** and **JWT_PEPPER** in your `.env`.
+- ⚙️ Setting up a modern **tsconfig.json**.
+
+---
 
 ## 🚀 Why Kroxt?
 
-Authentication is often either too complex (Passport, Auth.js) or too restrictive. Kroxt is the **"Headless" Auth Engine** that gives you the best of both worlds:
+Authentication is often either too complex or too restrictive. Kroxt is the **"Headless" Auth Engine** that gives you the best of both worlds:
 
-- 🏗️ **Database Agnostic**: Native adapters for **Prisma**, **Drizzle**, and **Mongoose**.
-- 🛠️ **Modular**: Use only what you need. No forced session managers or UI components.
-- 🔐 **Security First**: Argon2 hashing, dual-token rotation, and timing-attack protection built-in.
-- 🧩 **TypeScript Native**: Perfectly preserves your user schemas and metadata.
+- **🏗️ Database Agnostic**: Native adapters for **Prisma**, **Drizzle**, and **Mongoose**.
+- **🛠️ Modular**: Use only what you need. No forced session managers or UI components.
+- **🔐 Security First**: Argon2 hashing, dual-token rotation, and **IP-based brute force protection** built-in.
+- **🧩 TypeScript Native**: Perfectly preserves your user schemas and metadata.
 
 ---
 
@@ -26,7 +43,7 @@ Kroxt sits between your database and your controller logic. It handles the "heav
 
 ```mermaid
 graph LR
-    A[Client] -- "Credentials" --> B[Express/Fastify]
+    A[Client] -- "Credentials" --> B[Express/Fastify/Next.js]
     B -- "auth.signup()" --> C[Kroxt Engine]
     C -- "Save User" --> D[(Database Adapter)]
     D -- "Success" --> C
@@ -43,62 +60,6 @@ graph LR
 
 ---
 
-## 🏁 Quick Start (5 Minutes)
-
-### 1. Installation
-
-```bash
-npm install kroxt
-```
-
-### 2. Choose Your Adapter
-
-Kroxt provides official adapters for the most popular ORMs.
-
-#### **Option A: Drizzle (SQLite/PG/MySQL)**
-```typescript
-import { createDrizzleAdapter } from "kroxt/adapters/drizzle";
-import { db } from "./db";
-import { users } from "./schema";
-import { eq } from "drizzle-orm";
-
-export const adapter = createDrizzleAdapter(db, users, eq);
-```
-
-#### **Option B: Prisma**
-```typescript
-import { createPrismaAdapter } from "kroxt/adapters/prisma";
-import { prisma } from "./db";
-
-export const adapter = createPrismaAdapter(prisma.user);
-```
-
-#### **Option C: Mongoose**
-```typescript
-import { createMongoAdapter } from "kroxt/adapters/mongoose";
-import { User } from "./models/user.model";
-
-export const adapter = createMongoAdapter(User);
-```
-
-### 3. Initialize the Engine
-
-```typescript
-import { createAuth } from "kroxt/core";
-import { adapter } from "./auth-adapter";
-
-export const auth = createAuth({
-  adapter,
-  secret: process.env.JWT_SECRET,
-  session: {
-    expires: "15m",
-    refreshExpires: "7d"
-  }
-});
-```
-
----
-
 ## 🛡️ Core Authentication Flows
 
 ### **Registration**
@@ -122,15 +83,6 @@ const { accessToken } = await auth.refresh(refreshToken);
 
 ---
 
-## 🐣 Beginner Corner: What is "Headless"?
-
-If you're new to backend development, "Headless" means Kroxt **doesn't provide a UI** (no login buttons or pre-made forms). Instead, it provides the **engine** (the logic). 
-
-**Why is this good?**
-It means you can build your own login screen in React, Vue, or even a Mobile App, and Kroxt will handle the security part on the server exactly the same way every time.
-
----
-
 ## 🛠️ Advanced: Custom JWT Payloads
 
 Want to share a user's `role` or `plan` with the frontend via the JWT? Use the `payload` hook:
@@ -143,10 +95,10 @@ export const auth = createAuth({
       if (type === "access") {
         return { 
           role: user.role, 
-          tier: user.subscriptionTier 
+          schoolId: user.schoolId 
         };
       }
-      return {}; // Keep refresh tokens small
+      return {};
     }
   }
 });
@@ -154,29 +106,10 @@ export const auth = createAuth({
 
 ---
 
-## 🛑 Common v1.2.0 Troubleshooting
-
-### "Cannot find module '.prisma/client/default.js'" (ESM on Windows)
-If you're using Prisma with ESM (`"type": "module"`) on Windows, you may need a robust import in your `src/db/index.ts`:
-
-```typescript
-import { createRequire } from "module";
-const require = createRequire(import.meta.url);
-const { PrismaClient } = require("@prisma/client");
-```
-
-### Prisma "Unknown argument `name`"
-Prisma is strict about schemas. If you're sending extra fields in `auth.signup()`, ensure your `schema.prisma` includes them (marked as `?` optional if needed).
-
----
-
 ## 🔗 Reference Projects
 
 Complete working implementations for all frameworks:
 - [Kroxt Examples (All Frameworks)](https://github.com/adepoju-oluwatobi/kroxt-examples)
-- [Hono + Drizzle + SQLite](https://github.com/adepoju-oluwatobi/kroxt-examples/tree/main/hono/kroxt-hono-drizzle)
-- [Express + Prisma + DB](https://github.com/adepoju-oluwatobi/kroxt-examples/tree/main/express/kroxt-express-prisma)
-- [Fastify + Mongoose](https://github.com/adepoju-oluwatobi/kroxt-examples/tree/main/fastify/kroxt-fastify-mongo)
 
 ## 📄 License
 

package/dist/adapters/drizzle.d.ts

@@ -8,7 +8,8 @@ import type { AuthAdapter, User } from "./index.js";
  * @param db - The Drizzle database instance.
  * @param table - The Drizzle table representing users.
  * @param eq - The Drizzle `eq` operator (imported from `drizzle-orm`).
+ * @param rateLimitTable - Optional Drizzle table for rate limiting tracking.
  * @returns An AuthAdapter compliant object.
  */
-export declare function createDrizzleAdapter<TUser extends User = User>(db: any, table: any, eq: any): AuthAdapter<TUser>;
+export declare function createDrizzleAdapter<TUser extends User = User>(db: any, table: any, eq: any, rateLimitTable?: any): AuthAdapter<TUser>;
 //# sourceMappingURL=drizzle.d.ts.map

package/dist/adapters/drizzle.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"drizzle.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/drizzle.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;;;;;;;GAUG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAC5D,EAAE,EAAE,GAAG,EACP,KAAK,EAAE,GAAG,EACV,EAAE,EAAE,GAAG,GACN,WAAW,CAAC,KAAK,CAAC,CA2BpB"}
+{"version":3,"file":"drizzle.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/drizzle.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;;;;;;;;GAWG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAC5D,EAAE,EAAE,GAAG,EACP,KAAK,EAAE,GAAG,EACV,EAAE,EAAE,GAAG,EACP,cAAc,CAAC,EAAE,GAAG,GACnB,WAAW,CAAC,KAAK,CAAC,CAgEpB"}

package/dist/adapters/index.d.ts

@@ -9,6 +9,15 @@ export interface AuthAdapter<TUser = User> {
     createUser: (data: any) => Promise<TUser>;
     findUserByEmail: (email: string) => Promise<TUser | null>;
     findUserById: (id: string) => Promise<TUser | null>;
+    updateUser?: (id: string, data: Partial<TUser>) => Promise<TUser | null>;
     linkOAuthAccount: (userId: string, provider: string, providerId: string) => Promise<void>;
+    incrementRateLimit?: (key: string, windowMs: number) => Promise<{
+        count: number;
+        resetTime: number;
+    }>;
+    getRateLimit?: (key: string) => Promise<{
+        count: number;
+        resetTime: number;
+    } | null>;
 }
 //# sourceMappingURL=index.d.ts.map

package/dist/adapters/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/index.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAGD,MAAM,MAAM,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,QAAQ,GAAG,SAAS,CAAC;AAEzE,MAAM,WAAW,WAAW,CAAC,KAAK,GAAG,IAAI;IACvC,UAAU,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC;IAC1C,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IAC1D,YAAY,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACpD,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3F"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/index.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAGD,MAAM,MAAM,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,QAAQ,GAAG,SAAS,CAAC;AAEzE,MAAM,WAAW,WAAW,CAAC,KAAK,GAAG,IAAI;IACvC,UAAU,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC;IAC1C,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IAC1D,YAAY,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACpD,UAAU,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACzE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1F,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtG,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC,CAAC;CACtF"}

package/dist/adapters/memory.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/memory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,KAAK,WAAW,CAAC,KAAK,CAAC,CAiCnF"}
+{"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/memory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,KAAK,WAAW,CAAC,KAAK,CAAC,CAkEnF"}

package/dist/adapters/mongoose.d.ts

@@ -1,9 +1,15 @@
 import type { AuthAdapter, User } from "./index.js";
+/**
+ * Creates a pre-configured Mongoose model for rate limiting.
+ * @param mongoose The mongoose instance to use for schema creation.
+ */
+export declare function createRateLimitModel(mongoose: any): any;
 /**
  * Creates a MongoDB adapter using a Mongoose model.
  *
  * @param model - A Mongoose model instance (e.g., User model).
+ * @param rateLimitModel - An optional Mongoose model for rate limiting tracking.
  * @returns An AuthAdapter compliant object.
  */
-export declare function createMongoAdapter<TUser extends User = User>(model: any): AuthAdapter<TUser>;
+export declare function createMongoAdapter<TUser extends User = User>(model: any, rateLimitModel?: any): AuthAdapter<TUser>;
 //# sourceMappingURL=mongoose.d.ts.map

package/dist/adapters/mongoose.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"mongoose.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/mongoose.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAAE,KAAK,EAAE,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CA6B5F"}
+{"version":3,"file":"mongoose.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/mongoose.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,GAAG,OAQjD;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,cAAc,CAAC,EAAE,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CAoElH"}

package/dist/adapters/prisma.d.ts

@@ -6,7 +6,8 @@ import type { AuthAdapter, User } from "./index.js";
  * Prisma delegate operations (findUnique, create, update).
  *
  * @param model - A Prisma delegate instance (e.g., prisma.user).
+ * @param rateLimitModel - An optional Prisma delegate for rate limit tracking.
  * @returns An AuthAdapter compliant object.
  */
-export declare function createPrismaAdapter<TUser extends User = User>(model: any): AuthAdapter<TUser>;
+export declare function createPrismaAdapter<TUser extends User = User>(model: any, rateLimitModel?: any): AuthAdapter<TUser>;
 //# sourceMappingURL=prisma.d.ts.map

package/dist/adapters/prisma.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"prisma.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/prisma.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAAE,KAAK,EAAE,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CAgC7F"}
+{"version":3,"file":"prisma.d.ts","sourceRoot":"","sources":["../../src/auth/adapters/prisma.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD;;;;;;;;;GASG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,SAAS,IAAI,GAAG,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,cAAc,CAAC,EAAE,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CAuEnH"}

package/dist/{adapters → auth/adapters}/drizzle.cjs

@@ -21,8 +21,8 @@ __export(drizzle_exports, {
   createDrizzleAdapter: () => createDrizzleAdapter
 });
 module.exports = __toCommonJS(drizzle_exports);
-function createDrizzleAdapter(db, table, eq) {
-  return {
+function createDrizzleAdapter(db, table, eq, rateLimitTable) {
+  const adapter = {
     async createUser(data) {
       const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };
       const results = await db.insert(table).values(dataToSave).returning();
@@ -36,6 +36,10 @@ function createDrizzleAdapter(db, table, eq) {
       const results = await db.select().from(table).where(eq(table.id, id)).limit(1);
       return results[0] || null;
     },
+    async updateUser(id, data) {
+      const results = await db.update(table).set(data).where(eq(table.id, id)).returning();
+      return results[0] || null;
+    },
     async linkOAuthAccount(userId, provider, providerId) {
       await db.update(table).set({
         oauthProvider: provider,
@@ -43,6 +47,33 @@ function createDrizzleAdapter(db, table, eq) {
       }).where(eq(table.id, userId));
     }
   };
+  if (rateLimitTable) {
+    adapter.incrementRateLimit = async (key, windowMs) => {
+      const now = Date.now();
+      const resetTime = now + windowMs;
+      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);
+      let record = records[0];
+      if (!record || now > record.resetTime) {
+        if (record) {
+          await db.update(rateLimitTable).set({ count: 1, resetTime }).where(eq(rateLimitTable.key, key));
+        } else {
+          await db.insert(rateLimitTable).values({ key, count: 1, resetTime });
+        }
+        return { count: 1, resetTime };
+      } else {
+        await db.update(rateLimitTable).set({ count: record.count + 1 }).where(eq(rateLimitTable.key, key));
+        return { count: record.count + 1, resetTime: record.resetTime };
+      }
+    };
+    adapter.getRateLimit = async (key) => {
+      const now = Date.now();
+      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);
+      let record = records[0];
+      if (!record || now > record.resetTime) return null;
+      return { count: record.count, resetTime: record.resetTime };
+    };
+  }
+  return adapter;
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/auth/adapters/drizzle.cjs.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/auth/adapters/drizzle.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\r\n\r\n/**\r\n * Creates a Drizzle ORM adapter.\r\n * \r\n * Works with any Drizzle-supported database (PostgreSQL, MySQL, SQLite)\r\n * by using the standard drizzle-orm `db` instance and table definition.\r\n * \r\n * @param db - The Drizzle database instance.\r\n * @param table - The Drizzle table representing users.\r\n * @param eq - The Drizzle `eq` operator (imported from `drizzle-orm`).\r\n * @param rateLimitTable - Optional Drizzle table for rate limiting tracking.\r\n * @returns An AuthAdapter compliant object.\r\n */\r\nexport function createDrizzleAdapter<TUser extends User = User>(\r\n  db: any,\r\n  table: any,\r\n  eq: any,\r\n  rateLimitTable?: any\r\n): AuthAdapter<TUser> {\r\n  const adapter: AuthAdapter<TUser> = {\r\n    async createUser(data: any) {\r\n      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };\r\n      const results = await db.insert(table).values(dataToSave).returning();\r\n      return results[0] as TUser;\r\n    },\r\n\r\n    async findUserByEmail(email: string) {\r\n      const results = await db.select().from(table).where(eq(table.email, email)).limit(1);\r\n      return (results[0] || null) as TUser | null;\r\n    },\r\n\r\n    async findUserById(id: string) {\r\n      const results = await db.select().from(table).where(eq(table.id, id)).limit(1);\r\n      return (results[0] || null) as TUser | null;\r\n    },\r\n\r\n    async updateUser(id: string, data: Partial<TUser>) {\r\n      const results = await db.update(table).set(data).where(eq(table.id, id)).returning();\r\n      return (results[0] || null) as TUser | null;\r\n    },\r\n\r\n    async linkOAuthAccount(userId: string, provider: string, providerId: string) {\r\n      await db.update(table)\r\n        .set({\r\n          oauthProvider: provider,\r\n          oauthId: providerId,\r\n        })\r\n        .where(eq(table.id, userId));\r\n    },\r\n  };\r\n\r\n  if (rateLimitTable) {\r\n    adapter.incrementRateLimit = async (key: string, windowMs: number) => {\r\n      const now = Date.now();\r\n      const resetTime = now + windowMs;\r\n      \r\n      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);\r\n      let record = records[0];\r\n      \r\n      if (!record || now > record.resetTime) {\r\n          if (record) {\r\n              await db.update(rateLimitTable).set({ count: 1, resetTime }).where(eq(rateLimitTable.key, key));\r\n          } else {\r\n              await db.insert(rateLimitTable).values({ key, count: 1, resetTime });\r\n          }\r\n          return { count: 1, resetTime };\r\n      } else {\r\n          await db.update(rateLimitTable).set({ count: record.count + 1 }).where(eq(rateLimitTable.key, key));\r\n          return { count: record.count + 1, resetTime: record.resetTime };\r\n      }\r\n    };\r\n\r\n    adapter.getRateLimit = async (key: string) => {\r\n      const now = Date.now();\r\n      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);\r\n      let record = records[0];\r\n      if (!record || now > record.resetTime) return null;\r\n      return { count: record.count, resetTime: record.resetTime };\r\n    };\r\n  }\r\n\r\n  return adapter;\r\n}\r\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAcO,SAAS,qBACd,IACA,OACA,IACA,gBACoB;AACpB,QAAM,UAA8B;AAAA,IAClC,MAAM,WAAW,MAAW;AAC1B,YAAM,aAAa,EAAE,IAAI,KAAK,MAAM,WAAW,OAAO,WAAW,GAAG,GAAG,KAAK;AAC5E,YAAM,UAAU,MAAM,GAAG,OAAO,KAAK,EAAE,OAAO,UAAU,EAAE,UAAU;AACpE,aAAO,QAAQ,CAAC;AAAA,IAClB;AAAA,IAEA,MAAM,gBAAgB,OAAe;AACnC,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,OAAO,KAAK,CAAC,EAAE,MAAM,CAAC;AACnF,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,aAAa,IAAY;AAC7B,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC;AAC7E,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,WAAW,IAAY,MAAsB;AACjD,YAAM,UAAU,MAAM,GAAG,OAAO,KAAK,EAAE,IAAI,IAAI,EAAE,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC,EAAE,UAAU;AACnF,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,iBAAiB,QAAgB,UAAkB,YAAoB;AAC3E,YAAM,GAAG,OAAO,KAAK,EAClB,IAAI;AAAA,QACH,eAAe;AAAA,QACf,SAAS;AAAA,MACX,CAAC,EACA,MAAM,GAAG,MAAM,IAAI,MAAM,CAAC;AAAA,IAC/B;AAAA,EACF;AAEA,MAAI,gBAAgB;AAClB,YAAQ,qBAAqB,OAAO,KAAa,aAAqB;AACpE,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,YAAY,MAAM;AAExB,UAAI,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC,EAAE,MAAM,CAAC;AAC/F,UAAI,SAAS,QAAQ,CAAC;AAEtB,UAAI,CAAC,UAAU,MAAM,OAAO,WAAW;AACnC,YAAI,QAAQ;AACR,gBAAM,GAAG,OAAO,cAAc,EAAE,IAAI,EAAE,OAAO,GAAG,UAAU,CAAC,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC;AAAA,QAClG,OAAO;AACH,gBAAM,GAAG,OAAO,cAAc,EAAE,OAAO,EAAE,KAAK,OAAO,GAAG,UAAU,CAAC;AAAA,QACvE;AACA,eAAO,EAAE,OAAO,GAAG,UAAU;AAAA,MACjC,OAAO;AACH,cAAM,GAAG,OAAO,cAAc,EAAE,IAAI,EAAE,OAAO,OAAO,QAAQ,EAAE,CAAC,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC;AAClG,eAAO,EAAE,OAAO,OAAO,QAAQ,GAAG,WAAW,OAAO,UAAU;AAAA,MAClE;AAAA,IACF;AAEA,YAAQ,eAAe,OAAO,QAAgB;AAC5C,YAAM,MAAM,KAAK,IAAI;AACrB,UAAI,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC,EAAE,MAAM,CAAC;AAC/F,UAAI,SAAS,QAAQ,CAAC;AACtB,UAAI,CAAC,UAAU,MAAM,OAAO,UAAW,QAAO;AAC9C,aAAO,EAAE,OAAO,OAAO,OAAO,WAAW,OAAO,UAAU;AAAA,IAC5D;AAAA,EACF;AAEA,SAAO;AACT;",
+  "names": []
+}

package/dist/auth/adapters/drizzle.js

@@ -0,0 +1,58 @@
+function createDrizzleAdapter(db, table, eq, rateLimitTable) {
+  const adapter = {
+    async createUser(data) {
+      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };
+      const results = await db.insert(table).values(dataToSave).returning();
+      return results[0];
+    },
+    async findUserByEmail(email) {
+      const results = await db.select().from(table).where(eq(table.email, email)).limit(1);
+      return results[0] || null;
+    },
+    async findUserById(id) {
+      const results = await db.select().from(table).where(eq(table.id, id)).limit(1);
+      return results[0] || null;
+    },
+    async updateUser(id, data) {
+      const results = await db.update(table).set(data).where(eq(table.id, id)).returning();
+      return results[0] || null;
+    },
+    async linkOAuthAccount(userId, provider, providerId) {
+      await db.update(table).set({
+        oauthProvider: provider,
+        oauthId: providerId
+      }).where(eq(table.id, userId));
+    }
+  };
+  if (rateLimitTable) {
+    adapter.incrementRateLimit = async (key, windowMs) => {
+      const now = Date.now();
+      const resetTime = now + windowMs;
+      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);
+      let record = records[0];
+      if (!record || now > record.resetTime) {
+        if (record) {
+          await db.update(rateLimitTable).set({ count: 1, resetTime }).where(eq(rateLimitTable.key, key));
+        } else {
+          await db.insert(rateLimitTable).values({ key, count: 1, resetTime });
+        }
+        return { count: 1, resetTime };
+      } else {
+        await db.update(rateLimitTable).set({ count: record.count + 1 }).where(eq(rateLimitTable.key, key));
+        return { count: record.count + 1, resetTime: record.resetTime };
+      }
+    };
+    adapter.getRateLimit = async (key) => {
+      const now = Date.now();
+      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);
+      let record = records[0];
+      if (!record || now > record.resetTime) return null;
+      return { count: record.count, resetTime: record.resetTime };
+    };
+  }
+  return adapter;
+}
+export {
+  createDrizzleAdapter
+};
+//# sourceMappingURL=drizzle.js.map

package/dist/auth/adapters/drizzle.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/auth/adapters/drizzle.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\r\n\r\n/**\r\n * Creates a Drizzle ORM adapter.\r\n * \r\n * Works with any Drizzle-supported database (PostgreSQL, MySQL, SQLite)\r\n * by using the standard drizzle-orm `db` instance and table definition.\r\n * \r\n * @param db - The Drizzle database instance.\r\n * @param table - The Drizzle table representing users.\r\n * @param eq - The Drizzle `eq` operator (imported from `drizzle-orm`).\r\n * @param rateLimitTable - Optional Drizzle table for rate limiting tracking.\r\n * @returns An AuthAdapter compliant object.\r\n */\r\nexport function createDrizzleAdapter<TUser extends User = User>(\r\n  db: any,\r\n  table: any,\r\n  eq: any,\r\n  rateLimitTable?: any\r\n): AuthAdapter<TUser> {\r\n  const adapter: AuthAdapter<TUser> = {\r\n    async createUser(data: any) {\r\n      const dataToSave = { id: data.id || globalThis.crypto.randomUUID(), ...data };\r\n      const results = await db.insert(table).values(dataToSave).returning();\r\n      return results[0] as TUser;\r\n    },\r\n\r\n    async findUserByEmail(email: string) {\r\n      const results = await db.select().from(table).where(eq(table.email, email)).limit(1);\r\n      return (results[0] || null) as TUser | null;\r\n    },\r\n\r\n    async findUserById(id: string) {\r\n      const results = await db.select().from(table).where(eq(table.id, id)).limit(1);\r\n      return (results[0] || null) as TUser | null;\r\n    },\r\n\r\n    async updateUser(id: string, data: Partial<TUser>) {\r\n      const results = await db.update(table).set(data).where(eq(table.id, id)).returning();\r\n      return (results[0] || null) as TUser | null;\r\n    },\r\n\r\n    async linkOAuthAccount(userId: string, provider: string, providerId: string) {\r\n      await db.update(table)\r\n        .set({\r\n          oauthProvider: provider,\r\n          oauthId: providerId,\r\n        })\r\n        .where(eq(table.id, userId));\r\n    },\r\n  };\r\n\r\n  if (rateLimitTable) {\r\n    adapter.incrementRateLimit = async (key: string, windowMs: number) => {\r\n      const now = Date.now();\r\n      const resetTime = now + windowMs;\r\n      \r\n      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);\r\n      let record = records[0];\r\n      \r\n      if (!record || now > record.resetTime) {\r\n          if (record) {\r\n              await db.update(rateLimitTable).set({ count: 1, resetTime }).where(eq(rateLimitTable.key, key));\r\n          } else {\r\n              await db.insert(rateLimitTable).values({ key, count: 1, resetTime });\r\n          }\r\n          return { count: 1, resetTime };\r\n      } else {\r\n          await db.update(rateLimitTable).set({ count: record.count + 1 }).where(eq(rateLimitTable.key, key));\r\n          return { count: record.count + 1, resetTime: record.resetTime };\r\n      }\r\n    };\r\n\r\n    adapter.getRateLimit = async (key: string) => {\r\n      const now = Date.now();\r\n      let records = await db.select().from(rateLimitTable).where(eq(rateLimitTable.key, key)).limit(1);\r\n      let record = records[0];\r\n      if (!record || now > record.resetTime) return null;\r\n      return { count: record.count, resetTime: record.resetTime };\r\n    };\r\n  }\r\n\r\n  return adapter;\r\n}\r\n"],
+  "mappings": "AAcO,SAAS,qBACd,IACA,OACA,IACA,gBACoB;AACpB,QAAM,UAA8B;AAAA,IAClC,MAAM,WAAW,MAAW;AAC1B,YAAM,aAAa,EAAE,IAAI,KAAK,MAAM,WAAW,OAAO,WAAW,GAAG,GAAG,KAAK;AAC5E,YAAM,UAAU,MAAM,GAAG,OAAO,KAAK,EAAE,OAAO,UAAU,EAAE,UAAU;AACpE,aAAO,QAAQ,CAAC;AAAA,IAClB;AAAA,IAEA,MAAM,gBAAgB,OAAe;AACnC,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,OAAO,KAAK,CAAC,EAAE,MAAM,CAAC;AACnF,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,aAAa,IAAY;AAC7B,YAAM,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,KAAK,EAAE,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC;AAC7E,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,WAAW,IAAY,MAAsB;AACjD,YAAM,UAAU,MAAM,GAAG,OAAO,KAAK,EAAE,IAAI,IAAI,EAAE,MAAM,GAAG,MAAM,IAAI,EAAE,CAAC,EAAE,UAAU;AACnF,aAAQ,QAAQ,CAAC,KAAK;AAAA,IACxB;AAAA,IAEA,MAAM,iBAAiB,QAAgB,UAAkB,YAAoB;AAC3E,YAAM,GAAG,OAAO,KAAK,EAClB,IAAI;AAAA,QACH,eAAe;AAAA,QACf,SAAS;AAAA,MACX,CAAC,EACA,MAAM,GAAG,MAAM,IAAI,MAAM,CAAC;AAAA,IAC/B;AAAA,EACF;AAEA,MAAI,gBAAgB;AAClB,YAAQ,qBAAqB,OAAO,KAAa,aAAqB;AACpE,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,YAAY,MAAM;AAExB,UAAI,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC,EAAE,MAAM,CAAC;AAC/F,UAAI,SAAS,QAAQ,CAAC;AAEtB,UAAI,CAAC,UAAU,MAAM,OAAO,WAAW;AACnC,YAAI,QAAQ;AACR,gBAAM,GAAG,OAAO,cAAc,EAAE,IAAI,EAAE,OAAO,GAAG,UAAU,CAAC,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC;AAAA,QAClG,OAAO;AACH,gBAAM,GAAG,OAAO,cAAc,EAAE,OAAO,EAAE,KAAK,OAAO,GAAG,UAAU,CAAC;AAAA,QACvE;AACA,eAAO,EAAE,OAAO,GAAG,UAAU;AAAA,MACjC,OAAO;AACH,cAAM,GAAG,OAAO,cAAc,EAAE,IAAI,EAAE,OAAO,OAAO,QAAQ,EAAE,CAAC,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC;AAClG,eAAO,EAAE,OAAO,OAAO,QAAQ,GAAG,WAAW,OAAO,UAAU;AAAA,MAClE;AAAA,IACF;AAEA,YAAQ,eAAe,OAAO,QAAgB;AAC5C,YAAM,MAAM,KAAK,IAAI;AACrB,UAAI,UAAU,MAAM,GAAG,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,GAAG,eAAe,KAAK,GAAG,CAAC,EAAE,MAAM,CAAC;AAC/F,UAAI,SAAS,QAAQ,CAAC;AACtB,UAAI,CAAC,UAAU,MAAM,OAAO,UAAW,QAAO;AAC9C,aAAO,EAAE,OAAO,OAAO,OAAO,WAAW,OAAO,UAAU;AAAA,IAC5D;AAAA,EACF;AAEA,SAAO;AACT;",
+  "names": []
+}

package/dist/auth/adapters/index.cjs.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/auth/adapters/index.ts"],
+  "sourcesContent": ["export interface BaseUser {\r\n  id: string;\r\n  email: string;\r\n  passwordHash?: string;\r\n  role?: string;\r\n}\r\n\r\n// Allows any extended fields natively (like nin, bvn, maritalStatus, etc.)\r\nexport type User<TExtended = Record<string, any>> = BaseUser & TExtended;\r\n\r\nexport interface AuthAdapter<TUser = User> {\r\n  createUser: (data: any) => Promise<TUser>;\r\n  findUserByEmail: (email: string) => Promise<TUser | null>;\r\n  findUserById: (id: string) => Promise<TUser | null>;\r\n  updateUser?: (id: string, data: Partial<TUser>) => Promise<TUser | null>;\r\n  linkOAuthAccount: (userId: string, provider: string, providerId: string) => Promise<void>;\r\n  incrementRateLimit?: (key: string, windowMs: number) => Promise<{ count: number; resetTime: number }>;\r\n  getRateLimit?: (key: string) => Promise<{ count: number; resetTime: number } | null>;\r\n}\r\n"],
+  "mappings": ";;;;;;;;;;;;;;AAAA;AAAA;",
+  "names": []
+}

package/dist/{adapters → auth/adapters}/memory.cjs

@@ -24,6 +24,7 @@ module.exports = __toCommonJS(memory_exports);
 function createMemoryAdapter() {
   const users = /* @__PURE__ */ new Map();
   const accounts = /* @__PURE__ */ new Map();
+  const rateLimits = /* @__PURE__ */ new Map();
   return {
     createUser: async (data) => {
       const id = data.id || Date.now().toString();
@@ -42,9 +43,36 @@ function createMemoryAdapter() {
       }
       return null;
     },
+    updateUser: async (id, data) => {
+      for (const [email, user] of users.entries()) {
+        if (user.id === id) {
+          const updatedUser = { ...user, ...data };
+          users.set(email, updatedUser);
+          return updatedUser;
+        }
+      }
+      return null;
+    },
     linkOAuthAccount: async (userId, provider, providerId) => {
       const accountId = `${provider}_${providerId}`;
       accounts.set(accountId, { userId, provider, providerId });
+    },
+    incrementRateLimit: async (key, windowMs) => {
+      const now = Date.now();
+      const record = rateLimits.get(key);
+      if (!record || now > record.resetTime) {
+        const newRecord = { count: 1, resetTime: now + windowMs };
+        rateLimits.set(key, newRecord);
+        return newRecord;
+      }
+      record.count += 1;
+      return record;
+    },
+    getRateLimit: async (key) => {
+      const now = Date.now();
+      const record = rateLimits.get(key);
+      if (!record || now > record.resetTime) return null;
+      return record;
     }
   };
 }

package/dist/auth/adapters/memory.cjs.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/auth/adapters/memory.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\r\n\r\n/**\r\n * Creates an in-memory database adapter for the auth engine.\r\n * This is useful for testing, prototyping, or when you don't need persistent storage.\r\n * All data is kept in memory and is lost when the server restarts.\r\n */\r\nexport function createMemoryAdapter<TUser extends User = User>(): AuthAdapter<TUser> {\r\n    const users = new Map<string, TUser>();\r\n    const accounts = new Map<string, { userId: string; provider: string; providerId: string }>();\r\n    const rateLimits = new Map<string, { count: number; resetTime: number }>();\r\n\r\n    return {\r\n        createUser: async (data: any) => {\r\n            // Auto-generate ID if not provided\r\n            const id = data.id || Date.now().toString();\r\n            const newUser = { ...data, id } as TUser;\r\n\r\n            // Store using email as the primary lookup key\r\n            users.set(newUser.email, newUser);\r\n            return newUser;\r\n        },\r\n\r\n        findUserByEmail: async (email: string) => {\r\n            return users.get(email) || null;\r\n        },\r\n\r\n        findUserById: async (id: string) => {\r\n            for (const user of users.values()) {\r\n                if (user.id === id) {\r\n                    return user;\r\n                }\r\n            }\r\n            return null;\r\n        },\r\n\r\n        updateUser: async (id: string, data: Partial<TUser>) => {\r\n            for (const [email, user] of users.entries()) {\r\n                if (user.id === id) {\r\n                    const updatedUser = { ...user, ...data } as TUser;\r\n                    users.set(email, updatedUser);\r\n                    return updatedUser;\r\n                }\r\n            }\r\n            return null;\r\n        },\r\n\r\n        linkOAuthAccount: async (userId: string, provider: string, providerId: string) => {\r\n            const accountId = `${provider}_${providerId}`;\r\n            accounts.set(accountId, { userId, provider, providerId });\r\n        },\r\n\r\n        incrementRateLimit: async (key: string, windowMs: number) => {\r\n            const now = Date.now();\r\n            const record = rateLimits.get(key);\r\n\r\n            if (!record || now > record.resetTime) {\r\n                const newRecord = { count: 1, resetTime: now + windowMs };\r\n                rateLimits.set(key, newRecord);\r\n                return newRecord;\r\n            }\r\n\r\n            record.count += 1;\r\n            return record;\r\n        },\r\n\r\n        getRateLimit: async (key: string) => {\r\n            const now = Date.now();\r\n            const record = rateLimits.get(key);\r\n            if (!record || now > record.resetTime) return null;\r\n            return record;\r\n        }\r\n    };\r\n}\r\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAOO,SAAS,sBAAqE;AACjF,QAAM,QAAQ,oBAAI,IAAmB;AACrC,QAAM,WAAW,oBAAI,IAAsE;AAC3F,QAAM,aAAa,oBAAI,IAAkD;AAEzE,SAAO;AAAA,IACH,YAAY,OAAO,SAAc;AAE7B,YAAM,KAAK,KAAK,MAAM,KAAK,IAAI,EAAE,SAAS;AAC1C,YAAM,UAAU,EAAE,GAAG,MAAM,GAAG;AAG9B,YAAM,IAAI,QAAQ,OAAO,OAAO;AAChC,aAAO;AAAA,IACX;AAAA,IAEA,iBAAiB,OAAO,UAAkB;AACtC,aAAO,MAAM,IAAI,KAAK,KAAK;AAAA,IAC/B;AAAA,IAEA,cAAc,OAAO,OAAe;AAChC,iBAAW,QAAQ,MAAM,OAAO,GAAG;AAC/B,YAAI,KAAK,OAAO,IAAI;AAChB,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA,IAEA,YAAY,OAAO,IAAY,SAAyB;AACpD,iBAAW,CAAC,OAAO,IAAI,KAAK,MAAM,QAAQ,GAAG;AACzC,YAAI,KAAK,OAAO,IAAI;AAChB,gBAAM,cAAc,EAAE,GAAG,MAAM,GAAG,KAAK;AACvC,gBAAM,IAAI,OAAO,WAAW;AAC5B,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA,IAEA,kBAAkB,OAAO,QAAgB,UAAkB,eAAuB;AAC9E,YAAM,YAAY,GAAG,QAAQ,IAAI,UAAU;AAC3C,eAAS,IAAI,WAAW,EAAE,QAAQ,UAAU,WAAW,CAAC;AAAA,IAC5D;AAAA,IAEA,oBAAoB,OAAO,KAAa,aAAqB;AACzD,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,SAAS,WAAW,IAAI,GAAG;AAEjC,UAAI,CAAC,UAAU,MAAM,OAAO,WAAW;AACnC,cAAM,YAAY,EAAE,OAAO,GAAG,WAAW,MAAM,SAAS;AACxD,mBAAW,IAAI,KAAK,SAAS;AAC7B,eAAO;AAAA,MACX;AAEA,aAAO,SAAS;AAChB,aAAO;AAAA,IACX;AAAA,IAEA,cAAc,OAAO,QAAgB;AACjC,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,SAAS,WAAW,IAAI,GAAG;AACjC,UAAI,CAAC,UAAU,MAAM,OAAO,UAAW,QAAO;AAC9C,aAAO;AAAA,IACX;AAAA,EACJ;AACJ;",
+  "names": []
+}

package/dist/auth/adapters/memory.js

@@ -0,0 +1,59 @@
+function createMemoryAdapter() {
+  const users = /* @__PURE__ */ new Map();
+  const accounts = /* @__PURE__ */ new Map();
+  const rateLimits = /* @__PURE__ */ new Map();
+  return {
+    createUser: async (data) => {
+      const id = data.id || Date.now().toString();
+      const newUser = { ...data, id };
+      users.set(newUser.email, newUser);
+      return newUser;
+    },
+    findUserByEmail: async (email) => {
+      return users.get(email) || null;
+    },
+    findUserById: async (id) => {
+      for (const user of users.values()) {
+        if (user.id === id) {
+          return user;
+        }
+      }
+      return null;
+    },
+    updateUser: async (id, data) => {
+      for (const [email, user] of users.entries()) {
+        if (user.id === id) {
+          const updatedUser = { ...user, ...data };
+          users.set(email, updatedUser);
+          return updatedUser;
+        }
+      }
+      return null;
+    },
+    linkOAuthAccount: async (userId, provider, providerId) => {
+      const accountId = `${provider}_${providerId}`;
+      accounts.set(accountId, { userId, provider, providerId });
+    },
+    incrementRateLimit: async (key, windowMs) => {
+      const now = Date.now();
+      const record = rateLimits.get(key);
+      if (!record || now > record.resetTime) {
+        const newRecord = { count: 1, resetTime: now + windowMs };
+        rateLimits.set(key, newRecord);
+        return newRecord;
+      }
+      record.count += 1;
+      return record;
+    },
+    getRateLimit: async (key) => {
+      const now = Date.now();
+      const record = rateLimits.get(key);
+      if (!record || now > record.resetTime) return null;
+      return record;
+    }
+  };
+}
+export {
+  createMemoryAdapter
+};
+//# sourceMappingURL=memory.js.map

package/dist/auth/adapters/memory.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/auth/adapters/memory.ts"],
+  "sourcesContent": ["import type { AuthAdapter, User } from \"./index.js\";\r\n\r\n/**\r\n * Creates an in-memory database adapter for the auth engine.\r\n * This is useful for testing, prototyping, or when you don't need persistent storage.\r\n * All data is kept in memory and is lost when the server restarts.\r\n */\r\nexport function createMemoryAdapter<TUser extends User = User>(): AuthAdapter<TUser> {\r\n    const users = new Map<string, TUser>();\r\n    const accounts = new Map<string, { userId: string; provider: string; providerId: string }>();\r\n    const rateLimits = new Map<string, { count: number; resetTime: number }>();\r\n\r\n    return {\r\n        createUser: async (data: any) => {\r\n            // Auto-generate ID if not provided\r\n            const id = data.id || Date.now().toString();\r\n            const newUser = { ...data, id } as TUser;\r\n\r\n            // Store using email as the primary lookup key\r\n            users.set(newUser.email, newUser);\r\n            return newUser;\r\n        },\r\n\r\n        findUserByEmail: async (email: string) => {\r\n            return users.get(email) || null;\r\n        },\r\n\r\n        findUserById: async (id: string) => {\r\n            for (const user of users.values()) {\r\n                if (user.id === id) {\r\n                    return user;\r\n                }\r\n            }\r\n            return null;\r\n        },\r\n\r\n        updateUser: async (id: string, data: Partial<TUser>) => {\r\n            for (const [email, user] of users.entries()) {\r\n                if (user.id === id) {\r\n                    const updatedUser = { ...user, ...data } as TUser;\r\n                    users.set(email, updatedUser);\r\n                    return updatedUser;\r\n                }\r\n            }\r\n            return null;\r\n        },\r\n\r\n        linkOAuthAccount: async (userId: string, provider: string, providerId: string) => {\r\n            const accountId = `${provider}_${providerId}`;\r\n            accounts.set(accountId, { userId, provider, providerId });\r\n        },\r\n\r\n        incrementRateLimit: async (key: string, windowMs: number) => {\r\n            const now = Date.now();\r\n            const record = rateLimits.get(key);\r\n\r\n            if (!record || now > record.resetTime) {\r\n                const newRecord = { count: 1, resetTime: now + windowMs };\r\n                rateLimits.set(key, newRecord);\r\n                return newRecord;\r\n            }\r\n\r\n            record.count += 1;\r\n            return record;\r\n        },\r\n\r\n        getRateLimit: async (key: string) => {\r\n            const now = Date.now();\r\n            const record = rateLimits.get(key);\r\n            if (!record || now > record.resetTime) return null;\r\n            return record;\r\n        }\r\n    };\r\n}\r\n"],
+  "mappings": "AAOO,SAAS,sBAAqE;AACjF,QAAM,QAAQ,oBAAI,IAAmB;AACrC,QAAM,WAAW,oBAAI,IAAsE;AAC3F,QAAM,aAAa,oBAAI,IAAkD;AAEzE,SAAO;AAAA,IACH,YAAY,OAAO,SAAc;AAE7B,YAAM,KAAK,KAAK,MAAM,KAAK,IAAI,EAAE,SAAS;AAC1C,YAAM,UAAU,EAAE,GAAG,MAAM,GAAG;AAG9B,YAAM,IAAI,QAAQ,OAAO,OAAO;AAChC,aAAO;AAAA,IACX;AAAA,IAEA,iBAAiB,OAAO,UAAkB;AACtC,aAAO,MAAM,IAAI,KAAK,KAAK;AAAA,IAC/B;AAAA,IAEA,cAAc,OAAO,OAAe;AAChC,iBAAW,QAAQ,MAAM,OAAO,GAAG;AAC/B,YAAI,KAAK,OAAO,IAAI;AAChB,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA,IAEA,YAAY,OAAO,IAAY,SAAyB;AACpD,iBAAW,CAAC,OAAO,IAAI,KAAK,MAAM,QAAQ,GAAG;AACzC,YAAI,KAAK,OAAO,IAAI;AAChB,gBAAM,cAAc,EAAE,GAAG,MAAM,GAAG,KAAK;AACvC,gBAAM,IAAI,OAAO,WAAW;AAC5B,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA,IAEA,kBAAkB,OAAO,QAAgB,UAAkB,eAAuB;AAC9E,YAAM,YAAY,GAAG,QAAQ,IAAI,UAAU;AAC3C,eAAS,IAAI,WAAW,EAAE,QAAQ,UAAU,WAAW,CAAC;AAAA,IAC5D;AAAA,IAEA,oBAAoB,OAAO,KAAa,aAAqB;AACzD,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,SAAS,WAAW,IAAI,GAAG;AAEjC,UAAI,CAAC,UAAU,MAAM,OAAO,WAAW;AACnC,cAAM,YAAY,EAAE,OAAO,GAAG,WAAW,MAAM,SAAS;AACxD,mBAAW,IAAI,KAAK,SAAS;AAC7B,eAAO;AAAA,MACX;AAEA,aAAO,SAAS;AAChB,aAAO;AAAA,IACX;AAAA,IAEA,cAAc,OAAO,QAAgB;AACjC,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,SAAS,WAAW,IAAI,GAAG;AACjC,UAAI,CAAC,UAAU,MAAM,OAAO,UAAW,QAAO;AAC9C,aAAO;AAAA,IACX;AAAA,EACJ;AACJ;",
+  "names": []
+}