mulguard 1.1.4 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/mulguard.d.ts
CHANGED
|
@@ -208,6 +208,14 @@ export interface MulguardInstance {
|
|
|
208
208
|
* Executes custom oauthCallback action from config
|
|
209
209
|
*/
|
|
210
210
|
oauthCallback?(provider: string, code: string, state: string): Promise<AuthResult>;
|
|
211
|
+
/**
|
|
212
|
+
* Store OAuth state for validation (useful when using external backend API)
|
|
213
|
+
* This allows storing state generated by backend APIs in mulguard's state store
|
|
214
|
+
*
|
|
215
|
+
* @param state - OAuth state token
|
|
216
|
+
* @param provider - OAuth provider name
|
|
217
|
+
*/
|
|
218
|
+
storeOAuthState?(state: string, provider: string): Promise<void>;
|
|
211
219
|
/**
|
|
212
220
|
* PassKey methods
|
|
213
221
|
*/
|
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Server-side OAuth state management
|
|
3
3
|
* Stores OAuth state in httpOnly cookies for security
|
|
4
|
+
*
|
|
5
|
+
* ✅ SECURE: Uses httpOnly cookies to prevent XSS attacks
|
|
6
|
+
* ✅ PRODUCTION-READY: Works with Next.js Server Actions
|
|
7
|
+
*
|
|
8
|
+
* ⚠️ NOTE: For production with multiple server instances, use Redis or Database store instead.
|
|
9
|
+
* See: mulguard/core/auth/oauth-state-store-redis
|
|
4
10
|
*/
|
|
5
11
|
/**
|
|
6
12
|
* Store OAuth state in httpOnly cookie
|