limen-auth 0.0.0 → 0.0.1

package/README.md

@@ -1,23 +1,22 @@
 <p align="center">
   <a href="https://limenauth.dev">
-    <img src="./banner.svg" alt="Limen" width="640" />
+    <img src="https://raw.githubusercontent.com/thecodearcher/limen/master/banner.svg" alt="Limen" width="640" />
   </a>
 </p>
 
-# limen-auth
+<p align="center">
+  <a href="https://www.npmjs.com/package/limen-auth"><img src="https://img.shields.io/npm/v/limen-auth?style=flat&colorA=000000&colorB=000000&logo=npm&logoColor=white" alt="npm version" /></a>
+  <a href="https://github.com/thecodearcher/limen"><img src="https://img.shields.io/github/stars/thecodearcher/limen?style=flat&colorA=000000&colorB=000000&logo=github" alt="GitHub stars" /></a>
+</p>
 
 Official TypeScript client SDK for **[Limen](https://github.com/thecodearcher/limen)** — a modern, composable authentication library for Go. Framework-agnostic core with first-class **React, Vue, Svelte, and Solid** adapters.
 
-> 📖 Full guides and API reference: **[limenauth.dev](https://limenauth.dev)**
-
 ## Install
 
 ```bash
 npm install limen-auth
 ```
 
-Works with any framework — or none at all. If you're on React, Vue, Svelte, or Solid, just have that framework installed; there's nothing else to add.
-
 ## Quick start
 
 ```ts
@@ -29,44 +28,20 @@ export const auth = createAuthClient({
   plugins: [credentialPasswordPlugin()],
 });
 
+// `auth.$session` is a reactive store for the current user — it loads on its
+// own, stays in sync across tabs, and updates whenever you sign in or out.
+auth.$session.subscribe(({ data, isPending }) => {
+  if (isPending) return;
+  console.log(data ? `Signed in as ${data.user.email}` : "Signed out");
+});
+
+// Mutations update `$session` automatically — no manual refetch.
 await auth.signIn.credential({ credential: "ada@example.com", password: "secret" });
-const session = await auth.getSession(); // Session | null
 await auth.signout();
 ```
 
-`auth.$session` is a reactive store for the current user. It loads on its own, keeps your open tabs in sync, and updates as you sign in and out — so the UI always reflects the real session.
-
-## Framework adapters
-
-Import `createAuthClient` from your framework's entry point and you get a `useSession()` wired to it:
-
-```tsx
-import { createAuthClient } from "limen-auth/react";
-import { credentialPasswordPlugin } from "limen-auth/plugins/credential";
-
-export const auth = createAuthClient({ baseURL: "...", plugins: [credentialPasswordPlugin()] });
-
-function Profile() {
-  const { data, isPending } = auth.useSession();
-  if (isPending) return <p>Loading…</p>;
-  return data ? <p>Hi {data.user.email}</p> : <p>Signed out</p>;
-}
-```
-
-Also available from `limen-auth/vue`, `limen-auth/svelte`, and `limen-auth/solid`.
-
-## Plugins
-
-Add the sign-in flows you need as plugins (each lives under `limen-auth/plugins/<name>`):
-
-- `credentialPasswordPlugin` — email/username + password
-- `oauthClientPlugin` — social / OAuth providers
-- `magicLinkPlugin` — passwordless email links
-- `twoFactorPlugin` — TOTP, OTP, and backup codes
-- `bearerPlugin` / `sessionJwtPlugin` — token-based sessions
-
-See the plugin and full API reference at **[limenauth.dev](https://limenauth.dev)**.
+Using a framework? `limen-auth/react`, `/vue`, `/svelte`, and `/solid` give you a `useSession()` hook over the same store.
 
-## License
+## Documentation
 
-MIT © Brian Iyoha
+Full guides, framework adapters (React, Vue, Svelte, Solid), the plugin catalog, and the complete API reference live at **[limenauth.dev](https://limenauth.dev)**.

package/dist/broadcast-channel.mjs

@@ -0,0 +1,51 @@
+//#region src/broadcast-channel.ts
+const NOOP_PORT = {
+	post() {},
+	subscribe: () => () => {},
+	close() {}
+};
+function createBroadcastChannel(name) {
+	if (typeof window === "undefined") return NOOP_PORT;
+	const storageKey = `${name}-sync`;
+	const listeners = /* @__PURE__ */ new Set();
+	const emit = (message) => {
+		for (const listener of listeners) listener(message);
+	};
+	const channel = typeof BroadcastChannel !== "undefined" ? new BroadcastChannel(name) : null;
+	if (channel) channel.onmessage = (event) => {
+		if (event.data != null) emit(event.data);
+	};
+	const onStorage = (event) => {
+		if (event.key !== storageKey || !event.newValue) return;
+		emit(JSON.parse(event.newValue));
+	};
+	if (!channel) window.addEventListener("storage", onStorage);
+	return {
+		post(message) {
+			if (channel) {
+				channel.postMessage(message);
+				return;
+			}
+			if (typeof globalThis.localStorage !== "undefined") {
+				globalThis.localStorage.setItem(storageKey, JSON.stringify(message));
+				globalThis.localStorage.removeItem(storageKey);
+			}
+		},
+		subscribe(listener) {
+			listeners.add(listener);
+			return () => {
+				listeners.delete(listener);
+			};
+		},
+		close() {
+			listeners.clear();
+			if (channel) {
+				channel.close();
+				return;
+			}
+			window.removeEventListener("storage", onStorage);
+		}
+	};
+}
+//#endregion
+export { createBroadcastChannel };

package/dist/build-tree.mjs

@@ -0,0 +1,73 @@
+import { ensureLeadingSlash, kebabToCamel, normalizeBasePath } from "./helpers.mjs";
+import { chainFromDotted, pathToChain } from "./path.mjs";
+import { runRoute } from "./pipeline.mjs";
+//#region src/build-tree.ts
+/** Scope a context's `fetch` to one plugin's base path (after client `overrides`). */
+function scopeContext(ctx, fetcher, plugin, overrides) {
+	const defaultBase = normalizeBasePath(plugin.basePath ?? "");
+	const overrideBase = overrides?.[kebabToCamel(plugin.id)]?.basePath;
+	const resolvedBase = normalizeBasePath(overrideBase ?? plugin.basePath ?? "");
+	return {
+		...ctx,
+		fetch: (path, init) => {
+			const absolute = init?.absolute === true;
+			const requestPath = (absolute ? "" : resolvedBase) + ensureLeadingSlash(path);
+			const routePath = (absolute ? "" : defaultBase) + ensureLeadingSlash(path);
+			return fetcher.fetch(requestPath, init, routePath);
+		}
+	};
+}
+function chainFor(plugin, def) {
+	if (typeof def.as === "string") return chainFromDotted(def.as);
+	return [...pathToChain(plugin.basePath ?? ""), ...pathToChain(def.path)];
+}
+function mountAtChain(target, pathSegments, callable) {
+	let current = target;
+	for (let i = 0; i < pathSegments.length - 1; i += 1) {
+		const segment = pathSegments[i];
+		const child = current[segment];
+		if (child === void 0) {
+			const namespace = {};
+			current[segment] = namespace;
+			current = namespace;
+		} else current = child;
+	}
+	const finalSegment = pathSegments[pathSegments.length - 1];
+	current[finalSegment] = callable;
+}
+function isNamespace(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value) && typeof value !== "function";
+}
+function mergeInto(target, source) {
+	for (const [key, value] of Object.entries(source)) {
+		const existing = target[key];
+		if (isNamespace(existing) && isNamespace(value)) {
+			mergeInto(existing, value);
+			continue;
+		}
+		target[key] = value;
+	}
+}
+/**
+* Build the public API object from plugin routes and actions.
+*/
+function buildClientTree({ plugins, ctx, fetcher, overrides }) {
+	const api = {};
+	for (const plugin of plugins) {
+		const scopedCtx = scopeContext(ctx, fetcher, plugin, overrides);
+		const contribution = {};
+		for (const def of plugin.routes) {
+			if (def.expose === false) continue;
+			const call = (input, opts) => runRoute(scopedCtx, def, input, opts);
+			mountAtChain(contribution, chainFor(plugin, def), call);
+		}
+		if (plugin.actions !== void 0) {
+			const run = (route, input) => runRoute(scopedCtx, route, input);
+			mergeInto(contribution, plugin.actions(scopedCtx, run));
+		}
+		mergeInto(api, contribution);
+	}
+	return api;
+}
+//#endregion
+export { buildClientTree };

package/dist/client.d.mts

@@ -0,0 +1,7 @@
+import { AuthClient, CreateAuthClientOptions } from "./types.mjs";
+import { AnyClientPlugin } from "./define-plugin.mjs";
+
+//#region src/client.d.ts
+declare function createAuthClient<const Plugins extends readonly AnyClientPlugin[] = readonly [], TFields = unknown>(opts: CreateAuthClientOptions<Plugins, TFields>): AuthClient<Plugins, TFields>;
+//#endregion
+export { createAuthClient };

package/dist/client.mjs

@@ -0,0 +1,71 @@
+import { normalizeBasePath, stripTrailingSlash } from "./helpers.mjs";
+import { buildClientTree } from "./build-tree.mjs";
+import { DEFAULT_ENVELOPE_CONFIG } from "./constants.mjs";
+import { Fetcher } from "./fetcher.mjs";
+import { HookRunner } from "./hooks.mjs";
+import { defaultSessionParse } from "./normalize.mjs";
+import { coreClientPlugin, createSessionHydrator } from "./routes.mjs";
+import { createSessionStore } from "./session-store.mjs";
+//#region src/client.ts
+function createAuthClient(opts) {
+	const baseURL = stripTrailingSlash(opts.baseURL);
+	const basePath = normalizeBasePath(opts.basePath ?? "/auth");
+	const userPlugins = opts.plugins ?? [];
+	const plugins = [coreClientPlugin(), ...userPlugins];
+	const hooks = new HookRunner(plugins);
+	const fetcher = buildFetcher(baseURL, basePath, {
+		...DEFAULT_ENVELOPE_CONFIG,
+		...opts.envelope
+	}, hooks, opts.fetchOptions ?? {});
+	const parseSession = opts.parseSession ?? defaultSessionParse;
+	const redirect = resolveRedirect(opts.redirectFn);
+	const baseFetch = (path, init) => fetcher.fetch(path, init);
+	const store = createSessionStore({
+		hydrator: createSessionHydrator({
+			fetch: baseFetch,
+			parseSession
+		}),
+		crossTabSync: opts.crossTabSync !== false,
+		refetchOnWindowFocus: opts.refetchOnWindowFocus !== false,
+		...opts.initialSession !== void 0 ? { initialSession: opts.initialSession } : {}
+	});
+	return {
+		baseURL,
+		basePath,
+		...buildClientTree({
+			plugins,
+			ctx: {
+				fetch: baseFetch,
+				redirect,
+				parseSession,
+				setSession: (session) => store.setData(session),
+				refetchSession: () => store.refetch(),
+				store
+			},
+			fetcher,
+			overrides: opts.overrides
+		}),
+		$session: store.$session
+	};
+}
+function buildFetcher(baseURL, basePath, envelope, hooks, fetchOptions) {
+	return new Fetcher({
+		baseURL,
+		basePath,
+		envelope,
+		hooks,
+		fetchOptions
+	});
+}
+function resolveRedirect(redirect) {
+	return (url) => {
+		if (redirect !== void 0) return redirect(url);
+		if (typeof window !== "undefined" && typeof window.location !== "undefined") {
+			window.location.href = url;
+			return true;
+		}
+		return false;
+	};
+}
+//#endregion
+export { createAuthClient };

package/dist/{constants-CsR2pQ_9.mjs → constants.mjs}

@@ -10,6 +10,4 @@ const SET_REFRESH_TOKEN_HEADER = "Set-Refresh-Token";
 /** Default `localStorage` key for the persisted tokens. */
 const DEFAULT_TOKEN_STORAGE_KEY = "limen.tokens";
 //#endregion
-export { SET_REFRESH_TOKEN_HEADER as a, SET_AUTH_TOKEN_HEADER as i, DEFAULT_ENVELOPE_FIELDS as n, DEFAULT_TOKEN_STORAGE_KEY as r, DEFAULT_ENVELOPE_CONFIG as t };
-
-//# sourceMappingURL=constants-CsR2pQ_9.mjs.map
+export { DEFAULT_ENVELOPE_CONFIG, DEFAULT_ENVELOPE_FIELDS, DEFAULT_TOKEN_STORAGE_KEY, SET_AUTH_TOKEN_HEADER, SET_REFRESH_TOKEN_HEADER };

package/dist/context.d.mts

@@ -0,0 +1,32 @@
+import { SessionStore } from "./session-store.mjs";
+import { ParseSession, RedirectFn, Session } from "./types.mjs";
+import { FetchInit } from "./plugin.mjs";
+
+//#region src/context.d.ts
+/**
+ * Context passed to route handlers and plugin actions.
+ */
+type RouteContext<TFields = unknown> = {
+  /**
+   * Fetch a path relative to the plugin base path. Pass
+   * `init.absolute = true` to resolve from the client base path instead.
+   */
+  fetch: <T>(path: string, init?: FetchInit) => Promise<T>;
+  /**
+   * Navigate to an absolute URL. Returns whether navigation happened.
+   */
+  readonly redirect: RedirectFn;
+  /**
+   * Parse a session-bearing response.
+   */
+  readonly parseSession: ParseSession<TFields>;
+  /**
+   * Write a session into the reactive store, or `null` to clear it.
+   */
+  setSession: (session: Session<TFields> | null) => void; /** Revalidate the current session. */
+  refetchSession: () => Promise<void>; /** Reactive session store. */
+  readonly store: SessionStore<TFields>;
+};
+type AnyRouteContext = RouteContext<any>;
+//#endregion
+export { AnyRouteContext, RouteContext };

package/dist/define-plugin.d.mts

@@ -0,0 +1,40 @@
+import { IsAny, UnionToIntersection } from "./type-utils.mjs";
+import { AnyRouteDescriptor, RouteDescriptor } from "./route.mjs";
+import { PluginHooks } from "./plugin.mjs";
+import { RouteContext } from "./context.mjs";
+import { InferRoutes, PathSegments } from "./infer.mjs";
+
+//#region src/define-plugin.d.ts
+/** Invoke one of the plugin's routes from `actions`. */
+type RunRoute = <I, O>(route: RouteDescriptor<I, O>, input: I) => Promise<O>;
+/**
+ * Client plugin contract
+ */
+type ClientPlugin<Id extends string, BasePath extends string, Routes extends readonly AnyRouteDescriptor[], Actions> = {
+  readonly id: Id; /** Default mount path relative to the client `basePath`, e.g. `"/magic-link"`; omit for the root (`""`). */
+  readonly basePath?: BasePath;
+  readonly routes: Routes;
+  readonly hooks?: PluginHooks;
+  readonly actions?: (ctx: RouteContext, run: RunRoute) => Actions;
+};
+type AnyClientPlugin = ClientPlugin<string, string, readonly AnyRouteDescriptor[], any>;
+/**
+ * Register a plugin's routes while preserving each route's input/output types
+ * for the generated client API.
+ */
+declare function defineRoutes<Routes extends readonly AnyRouteDescriptor[]>(...routes: Routes): Routes;
+/**
+ * Define a client plugin for `createAuthClient`.
+ */
+declare function defineClientPlugin<const Id extends string, const Routes extends readonly AnyRouteDescriptor[], Actions = Record<never, never>, const BasePath extends string = "">(def: ClientPlugin<Id, BasePath, Routes, Actions>): ClientPlugin<Id, BasePath, Routes, Actions>;
+/**
+ * The client-only methods a plugin contributes. Widened `any` contributes
+ * nothing so the client does not become permissive.
+ */
+type ActionsOf<P> = P extends {
+  actions?: (ctx: never, run: never) => infer A;
+} ? IsAny<A> extends true ? unknown : A extends object ? A : unknown : unknown;
+type InferPluginContribution<P> = P extends ClientPlugin<infer _Id, infer BasePath, infer Routes, infer _Actions> ? InferRoutes<Routes, PathSegments<BasePath>> & ActionsOf<P> : unknown;
+type CombinedClientContributions<Plugins extends readonly unknown[]> = UnionToIntersection<{ [K in keyof Plugins]: InferPluginContribution<Plugins[K]> }[number]>;
+//#endregion
+export { AnyClientPlugin, ClientPlugin, CombinedClientContributions, InferPluginContribution, RunRoute, defineClientPlugin, defineRoutes };

package/dist/{define-plugin-C7WOGU4b.mjs → define-plugin.mjs}

@@ -19,6 +19,4 @@ function defineClientPlugin(def) {
 	};
 }
 //#endregion
-export { defineRoutes as n, defineClientPlugin as t };
-
-//# sourceMappingURL=define-plugin-C7WOGU4b.mjs.map
+export { defineClientPlugin, defineRoutes };

package/dist/envelope.mjs

@@ -0,0 +1,39 @@
+import { DEFAULT_ENVELOPE_FIELDS } from "./constants.mjs";
+//#region src/envelope.ts
+/**
+* Unwrap a parsed JSON success body according to envelope config.
+*
+* - `mode: "off"`: return as-is.
+* - `mode: "wrap-success" | "always"`: extract `body[fields.data]` if present;
+*   if the key is missing (server didn't wrap this particular response), fall
+*   back to the raw body so we don't lose data.
+*
+* Returning `unknown` is intentional: the caller knows the expected shape and
+* narrows / validates it. Trying to be clever here would invite false typing.
+*/
+function unwrapPayload(body, envelope) {
+	if (envelope.mode === "off") return body;
+	if (body === null || typeof body !== "object") return body;
+	const fields = envelope.fields ?? DEFAULT_ENVELOPE_FIELDS;
+	const record = body;
+	if (fields.data in record) return record[fields.data];
+	return body;
+}
+/**
+* Pull the human-readable error message out of a non-2xx body.
+*
+* - `mode: "off" | "wrap-success"`: error bodies look like `{ message }`
+* - `mode: "always"`: error bodies use the configured `fields.message` key.
+*
+* Returns `undefined` when no message can be located; the caller substitutes
+* a status-based fallback (e.g. HTTP status text).
+*/
+function unwrapErrorMessage(body, envelope) {
+	if (body === null || typeof body !== "object") return;
+	const record = body;
+	const fields = envelope.fields ?? DEFAULT_ENVELOPE_FIELDS;
+	const value = record[envelope.mode === "always" ? fields.message : "message"];
+	return typeof value === "string" ? value : void 0;
+}
+//#endregion
+export { unwrapErrorMessage, unwrapPayload };

package/dist/errors.d.mts

@@ -0,0 +1,19 @@
+//#region src/errors.d.ts
+type LimenErrorCode = "unauthorized" | "forbidden" | "not_found" | "rate_limited" | "validation_error" | "conflict" | "server_error" | "unknown";
+/** Map HTTP status → typed code. Anything unmapped becomes `"unknown"`. */
+declare function deriveErrorCode(status: number): LimenErrorCode;
+/**
+ * The single error type every SDK call throws on non-2xx. Carries the raw
+ * server message, the HTTP status, and a derived typed code. Subclass-free so
+ * `instanceof LimenError` is the only check consumers need.
+ */
+declare class LimenError extends Error {
+  readonly name = "LimenError";
+  readonly status: number;
+  readonly code: LimenErrorCode;
+  constructor(message: string, status: number, code?: LimenErrorCode);
+  get isUnauthorized(): boolean;
+  get isRateLimited(): boolean;
+}
+//#endregion
+export { LimenError, LimenErrorCode, deriveErrorCode };

package/dist/{errors-4YJYt6f0.mjs → errors.mjs}

@@ -32,6 +32,4 @@ var LimenError = class extends Error {
 	}
 };
 //#endregion
-export { deriveErrorCode as n, LimenError as t };
-
-//# sourceMappingURL=errors-4YJYt6f0.mjs.map
+export { LimenError, deriveErrorCode };

package/dist/fetcher.d.mts

@@ -0,0 +1,17 @@
+import { ResponseContext } from "./plugin.mjs";
+
+//#region src/fetcher.d.ts
+type ClientFetchCallbackContext = ResponseContext & {};
+type FetcherFetchOptions = {
+  /** Whether to send credentials (cookies). Defaults to `"include"`. */credentials?: RequestCredentials; /** Custom fetch impl. Defaults to `globalThis.fetch`. */
+  impl?: typeof fetch; /** Default headers merged into every request. Per-request headers override these. */
+  headers?: HeadersInit; /** Callback function to be called when the request is successful. */
+  onSuccess?: (context: ClientFetchCallbackContext & {
+    response: Response;
+  }) => void; /** Callback function to be called when the request fails. */
+  onError?: (context: ClientFetchCallbackContext & {
+    error: Error;
+  }) => void;
+};
+//#endregion
+export { FetcherFetchOptions };

package/dist/fetcher.mjs

@@ -0,0 +1,112 @@
+import { ensureLeadingSlash, joinURL, stripTrailingSlash } from "./helpers.mjs";
+import { unwrapErrorMessage, unwrapPayload } from "./envelope.mjs";
+import { LimenError, deriveErrorCode } from "./errors.mjs";
+//#region src/fetcher.ts
+var Fetcher = class {
+	opts;
+	fetchImpl;
+	credentials;
+	constructor(opts) {
+		this.opts = opts;
+		this.fetchImpl = opts.fetchOptions.impl ?? globalThis.fetch.bind(globalThis);
+		this.credentials = opts.fetchOptions.credentials ?? "include";
+	}
+	async fetch(path, init, routePath = path) {
+		const method = init?.method ?? (init?.body !== void 0 ? "POST" : "GET");
+		return this.run({
+			method,
+			path,
+			routePath,
+			body: init?.body,
+			headers: init?.headers,
+			query: init?.query
+		});
+	}
+	/**
+	* Builds the request context, runs hooks, does
+	* the fetch, parses the response, runs hooks again, throws on non-2xx.
+	*/
+	async run(args) {
+		const fullPath = this.normalizeRelativePath(this.opts.basePath, args.path, args.query);
+		const url = joinURL(this.opts.baseURL, fullPath);
+		const headers = new Headers({
+			...args.headers,
+			...this.opts.fetchOptions.headers ?? {}
+		});
+		if (!headers.has("Content-Type")) headers.set("Content-Type", "application/json");
+		if (!headers.has("Accept")) headers.set("Accept", "application/json");
+		let reqCtx = {
+			method: args.method,
+			fullPath,
+			path: args.path,
+			routePath: args.routePath,
+			url,
+			headers,
+			body: args.body
+		};
+		reqCtx = await this.opts.hooks.runBeforeRequest(reqCtx);
+		const payload = reqCtx.body !== void 0 && reqCtx.body !== null ? JSON.stringify(reqCtx.body) : void 0;
+		const requestInit = {
+			method: reqCtx.method,
+			headers: reqCtx.headers,
+			credentials: this.credentials
+		};
+		if (payload !== void 0) requestInit.body = payload;
+		let response;
+		try {
+			response = await this.fetchImpl(reqCtx.url, requestInit);
+		} catch (err) {
+			this.opts.fetchOptions.onError?.({
+				...reqCtx,
+				status: 0,
+				ok: false,
+				error: err
+			});
+			throw new LimenError(err instanceof Error ? err.message : "Network request failed", 0, "unknown");
+		}
+		const parsedBody = await this.parseResponseBody(response);
+		const unwrapped = response.ok && parsedBody !== void 0 ? unwrapPayload(parsedBody, this.opts.envelope) : parsedBody;
+		let resCtx = {
+			method: args.method,
+			fullPath,
+			path: args.path,
+			routePath: args.routePath,
+			status: response.status,
+			ok: response.ok,
+			headers: response.headers,
+			body: unwrapped
+		};
+		resCtx = await this.opts.hooks.runAfterResponse(resCtx);
+		if (resCtx.ok) {
+			this.opts.fetchOptions.onSuccess?.({
+				...resCtx,
+				response
+			});
+			return resCtx.body;
+		}
+		const error = new LimenError(unwrapErrorMessage(resCtx.body, this.opts.envelope) ?? response.statusText ?? `Request failed with status ${response.status}`, response.status, deriveErrorCode(response.status));
+		this.opts.fetchOptions.onError?.({
+			...reqCtx,
+			status: response.status,
+			ok: false,
+			error
+		});
+		throw error;
+	}
+	async parseResponseBody(response) {
+		if (response.status === 204) return;
+		const text = await response.text();
+		if (text.length === 0) return;
+		return JSON.parse(text);
+	}
+	normalizeRelativePath(basePath, relativePath, query) {
+		let path = (basePath === "" || basePath === "/" ? "" : ensureLeadingSlash(stripTrailingSlash(basePath))) + ensureLeadingSlash(relativePath);
+		if (query !== void 0) {
+			const qs = new URLSearchParams(query).toString();
+			if (qs.length > 0) path = `${path}?${qs}`;
+		}
+		return path;
+	}
+};
+//#endregion
+export { Fetcher };

package/dist/{helpers-CvmKjWi2.d.mts → helpers.d.mts}

@@ -6,5 +6,4 @@
 declare function camelizeKeys<T = Record<string, unknown>>(raw: unknown): T;
 declare function camelizeEach<T = Record<string, unknown>>(raw: unknown): T[];
 //#endregion
-export { camelizeKeys as n, camelizeEach as t };
-//# sourceMappingURL=helpers-CvmKjWi2.d.mts.map
+export { camelizeEach, camelizeKeys };

package/dist/{helpers-Cs3VtXdv.mjs → helpers.mjs}

@@ -49,6 +49,4 @@ function camelToSnake(key) {
 	return key.replace(/[A-Z]/g, (m) => `_${m.toLowerCase()}`);
 }
 //#endregion
-export { joinURL as a, stripTrailingSlash as c, ensureLeadingSlash as i, toCamelCaseKey as l, camelizeEach as n, kebabToCamel as o, camelizeKeys as r, normalizeBasePath as s, camelToSnake as t };
-
-//# sourceMappingURL=helpers-Cs3VtXdv.mjs.map
+export { camelToSnake, camelizeEach, camelizeKeys, ensureLeadingSlash, joinURL, kebabToCamel, normalizeBasePath, stripTrailingSlash, toCamelCaseKey };

package/dist/hooks.d.mts

@@ -0,0 +1 @@
+export { };

package/dist/hooks.mjs

@@ -0,0 +1,34 @@
+//#region src/hooks.ts
+function matchesRoute(matcher, routePath) {
+	if (matcher === void 0) return true;
+	if (typeof matcher === "string") return routePath === matcher;
+	if (typeof matcher === "function") return matcher({ path: routePath });
+	return routePath !== void 0 && matcher.includes(routePath);
+}
+var HookRunner = class {
+	before;
+	after;
+	constructor(plugins) {
+		this.before = plugins.flatMap((p) => p.hooks?.beforeRequest ?? []);
+		this.after = plugins.flatMap((p) => p.hooks?.afterResponse ?? []);
+	}
+	async runBeforeRequest(initial) {
+		let ctx = initial;
+		for (const hook of this.before) {
+			if (!matchesRoute(hook.match, ctx.routePath)) continue;
+			ctx = await hook.run(ctx);
+		}
+		return ctx;
+	}
+	async runAfterResponse(initial) {
+		let ctx = initial;
+		for (const hook of this.after) {
+			if (!matchesRoute(hook.match, ctx.routePath)) continue;
+			if (!hook.allowOnFailure && ctx.status >= 400) continue;
+			ctx = await hook.run(ctx);
+		}
+		return ctx;
+	}
+};
+//#endregion
+export { HookRunner };