npm - mulguard - Versions diffs - 1.1.5 → 1.1.6 - Mend

mulguard 1.1.5 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index/index.js +1 -1
package/dist/index/index.mjs +178 -171
package/dist/{oauth-state-LE-qeq-K.mjs → oauth-state-DKle8eCr.mjs} +111 -104
package/dist/oauth-state-DlvrCV11.js +1 -0
package/dist/server/index.js +1 -1
package/dist/server/index.mjs +1 -1
package/package.json +1 -1
package/dist/oauth-state-CzIWQq3s.js +0 -1

package/dist/index/index.mjs CHANGED Viewed

@@ -3,8 +3,8 @@ var se = (e, r, t) => r in e ? ne(e, r, { enumerable: !0, configurable: !0, writ
 var b = (e, r, t) => se(e, typeof r != "symbol" ? r + "" : r, t);
 import { A as m, d as oe, e as ie, c as ae, g as ce } from "../actions-DeCfLtHA.mjs";
 import { a as wt, s as pt, b as mt, v as Et } from "../actions-DeCfLtHA.mjs";
-import { v as U } from "../oauth-state-LE-qeq-K.mjs";
-import { c as kt, p as vt, k as St, n as At, m as Rt, j as Ot, l as Tt, e as It, g as _t, b as Pt, i as Ct, a as Nt, o as bt, f as Ut, h as Ft, r as xt, d as Dt, s as Lt } from "../oauth-state-LE-qeq-K.mjs";
+import { v as U } from "../oauth-state-DKle8eCr.mjs";
+import { c as kt, p as vt, k as St, n as At, m as Rt, j as Ot, l as Tt, e as It, g as _t, b as Pt, i as Ct, a as Nt, o as bt, f as Ut, h as Ft, r as xt, d as Dt, s as Lt } from "../oauth-state-DKle8eCr.mjs";
 import { NextResponse as E } from "next/server";
 const x = typeof globalThis == "object" && "crypto" in globalThis ? globalThis.crypto : void 0;
 /*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */
@@ -413,11 +413,11 @@ function Ne(e, r, t, n) {
     state: n
   });
   if (s.defaultParams)
-    for (const [u, l] of Object.entries(s.defaultParams))
-      a.append(u, l);
+    for (const [u, f] of Object.entries(s.defaultParams))
+      a.append(u, f);
   if (r.params)
-    for (const [u, l] of Object.entries(r.params))
-      a.set(u, l);
+    for (const [u, f] of Object.entries(r.params))
+      a.set(u, f);
   return `${s.authorizationUrl}?${a.toString()}`;
 }
 async function be(e, r, t, n) {
@@ -446,13 +446,13 @@ async function be(e, r, t, n) {
     });
     if (!i.ok) {
       const u = await i.text();
-      let l = `Failed to exchange code for tokens: ${u}`;
+      let f = `Failed to exchange code for tokens: ${u}`;
       try {
         const g = JSON.parse(u);
-        l = g.error_description ?? g.error ?? l;
+        f = g.error_description ?? g.error ?? f;
       } catch {
       }
-      throw new Error(l);
+      throw new Error(f);
     }
     const a = await i.json();
     if (!Ue(a))
@@ -588,22 +588,22 @@ function We(e) {
     path: "/"
   });
   return {
-    async set(u, l, g) {
+    async set(u, f, g) {
       const w = JSON.stringify({
         state: u,
-        provider: l.provider,
-        expiresAt: l.expiresAt
+        provider: f.provider,
+        expiresAt: f.expiresAt
       });
       await Promise.resolve(
         i.setCookie(r, w, a(t))
       );
     },
     async get(u) {
-      const l = await Promise.resolve(i.getCookie(r));
-      if (!l)
+      const f = await Promise.resolve(i.getCookie(r));
+      if (!f)
         return null;
       try {
-        const g = JSON.parse(l);
+        const g = JSON.parse(f);
         return g.state !== u ? null : g.expiresAt < Date.now() ? (await Promise.resolve(
           i.deleteCookie(r, { path: "/" })
         ), null) : {
@@ -741,12 +741,12 @@ function Ge(e = {}) {
     level: t = He,
     context: n,
     formatter: s = Ke
-  } = e, o = (a) => r && a >= t, i = (a, u, l, g) => ({
+  } = e, o = (a) => r && a >= t, i = (a, u, f, g) => ({
     level: a,
     message: u,
     timestamp: /* @__PURE__ */ new Date(),
     context: n,
-    data: l ? Xe(l) : void 0,
+    data: f ? Xe(f) : void 0,
     error: g
   });
   return {
@@ -755,8 +755,8 @@ function Ge(e = {}) {
         0
         /* DEBUG */
       )) {
-        const l = i(0, a, u);
-        console.debug(s(l));
+        const f = i(0, a, u);
+        console.debug(s(f));
       }
     },
     info: (a, u) => {
@@ -764,8 +764,8 @@ function Ge(e = {}) {
         1
         /* INFO */
       )) {
-        const l = i(1, a, u);
-        console.info(s(l));
+        const f = i(1, a, u);
+        console.info(s(f));
       }
     },
     warn: (a, u) => {
@@ -773,8 +773,8 @@ function Ge(e = {}) {
         2
         /* WARN */
       )) {
-        const l = i(2, a, u);
-        console.warn(s(l));
+        const f = i(2, a, u);
+        console.warn(s(f));
       }
     },
     error: (a, u) => {
@@ -782,8 +782,8 @@ function Ge(e = {}) {
         3
         /* ERROR */
       )) {
-        const l = u instanceof Error ? u : void 0, g = u instanceof Error ? void 0 : u, w = i(3, a, g, l);
-        console.error(s(w)), l && console.error(l);
+        const f = u instanceof Error ? u : void 0, g = u instanceof Error ? void 0 : u, w = i(3, a, g, f);
+        console.error(s(w)), f && console.error(f);
       }
     }
   };
@@ -816,11 +816,11 @@ function Je(e, r, t, n = {}) {
     retryDelay: i = 1e3,
     rateLimit: a = 3,
     autoSignOutOnFailure: u = !0,
-    redirectToLogin: l = "/login",
+    redirectToLogin: f = "/login",
     autoRedirectOnFailure: g = !0
   } = n;
   let w = null, R = !1;
-  const S = [], v = [], y = 60 * 1e3;
+  const A = [], S = [], y = 60 * 1e3;
   let h = 0, T = !1, _ = null;
   const L = 2, M = 60 * 1e3;
   function c() {
@@ -830,22 +830,22 @@ function Je(e, r, t, n = {}) {
         return !1;
       T = !1, _ = null, h = 0;
     }
-    for (; v.length > 0; ) {
-      const p = v[0];
+    for (; S.length > 0; ) {
+      const p = S[0];
       if (p !== void 0 && p < k - y)
-        v.shift();
+        S.shift();
       else
         break;
     }
-    return v.length >= a ? !1 : (v.push(k), !0);
+    return S.length >= a ? !1 : (S.push(k), !0);
   }
-  function f() {
+  function l() {
     h++, h >= L && (T = !0, _ = Date.now() + M, process.env.NODE_ENV === "development" && console.warn("[TokenRefreshManager] Circuit breaker opened - too many consecutive failures"));
   }
   function d() {
     h = 0, T = !1, _ = null;
   }
-  async function A(k = 1) {
+  async function v(k = 1) {
     if (!s)
       return null;
     if (!c())
@@ -854,12 +854,12 @@ function Je(e, r, t, n = {}) {
       const p = await e();
       if (p)
         return d(), P(p), n.onTokenRefreshed && await Promise.resolve(n.onTokenRefreshed(p)), p;
-      if (f(), k < o)
-        return await $(i * k), A(k + 1);
+      if (l(), k < o)
+        return await $(i * k), v(k + 1);
       throw new Error("Token refresh failed: refresh function returned null");
     } catch (p) {
-      if (f(), k < o && C(p))
-        return await $(i * k), A(k + 1);
+      if (l(), k < o && C(p))
+        return await $(i * k), v(k + 1);
       throw p;
     }
   }
@@ -874,14 +874,14 @@ function Je(e, r, t, n = {}) {
     return !1;
   }
   function P(k) {
-    const p = [...S];
-    S.length = 0;
+    const p = [...A];
+    A.length = 0;
     for (const { resolve: N } of p)
       N(k);
   }
   function z(k) {
-    const p = [...S];
-    S.length = 0;
+    const p = [...A];
+    A.length = 0;
     for (const { reject: N } of p)
       N(k);
   }
@@ -893,7 +893,7 @@ function Je(e, r, t, n = {}) {
       if (n.onTokenRefreshFailed && await Promise.resolve(n.onTokenRefreshFailed(k)), u && (await t(), await r(), g && typeof window < "u")) {
         let p = !0;
         if (n.onBeforeRedirect && (p = await Promise.resolve(n.onBeforeRedirect(k))), p) {
-          const N = new URL(l, window.location.origin);
+          const N = new URL(f, window.location.origin);
           N.searchParams.set("reason", "session_expired"), N.searchParams.set("redirect", window.location.pathname + window.location.search), window.location.href = N.toString();
         }
       }
@@ -906,7 +906,7 @@ function Je(e, r, t, n = {}) {
      * Refresh token with single refresh queue
      */
     async refreshToken() {
-      return s ? w || (R = !0, w = A().then((k) => (R = !1, w = null, k)).catch((k) => {
+      return s ? w || (R = !0, w = v().then((k) => (R = !1, w = null, k)).catch((k) => {
         throw R = !1, w = null, z(k), W(k).catch(() => {
         }), k;
       }), w) : null;
@@ -922,14 +922,14 @@ function Je(e, r, t, n = {}) {
      */
     async waitForRefresh() {
       return w ? new Promise((k, p) => {
-        S.push({ resolve: k, reject: p });
+        A.push({ resolve: k, reject: p });
       }) : null;
     },
     /**
      * Clear state
      */
     clear() {
-      w = null, R = !1, v.length = 0, d(), z(new Error("Token refresh manager cleared"));
+      w = null, R = !1, S.length = 0, d(), z(new Error("Token refresh manager cleared"));
     },
     /**
      * Handle token refresh failure
@@ -1005,7 +1005,7 @@ function er(e) {
       ));
     }
     return null;
-  }, l = async (y) => {
+  }, f = async (y) => {
     if (!U(y))
       return {
         success: !1,
@@ -1036,7 +1036,7 @@ function er(e) {
   };
   return {
     getSession: u,
-    setSession: l,
+    setSession: f,
     clearSessionCookie: g,
     getAccessToken: w,
     getRefreshToken: async () => {
@@ -1209,7 +1209,7 @@ function sr(e) {
 }
 function or(e, r) {
   const t = rr(e), n = tr(e, r), s = nr(e), o = sr(e);
-  return Object.assign(async (u, l) => {
+  return Object.assign(async (u, f) => {
     if (!u || typeof u != "string")
       throw new Error("Provider is required");
     const g = X(u, {
@@ -1223,22 +1223,22 @@ function or(e, r) {
     if (w === "google" || w === "github" || w === "apple" || w === "facebook" || typeof w == "string" && !["credentials", "otp", "passkey"].includes(w))
       return n(w);
     if (w === "credentials")
-      return !l || !("email" in l) || !("password" in l) ? {
+      return !f || !("email" in f) || !("password" in f) ? {
         success: !1,
         error: "Credentials are required",
         errorCode: m.VALIDATION_ERROR
-      } : t(l);
+      } : t(f);
     if (w === "otp") {
-      if (!l || !("email" in l))
+      if (!f || !("email" in f))
         return {
           success: !1,
           error: "Email is required",
           errorCode: m.VALIDATION_ERROR
         };
-      const R = l;
+      const R = f;
       return s(R.email, R.code);
     }
-    return w === "passkey" ? o(l) : {
+    return w === "passkey" ? o(f) : {
       success: !1,
       error: "Invalid provider",
       errorCode: m.VALIDATION_ERROR
@@ -1282,7 +1282,7 @@ function ar(e, r) {
         errorCode: m.VALIDATION_ERROR
       };
     try {
-      const i = o.redirectUri ?? `${e.baseUrl}/api/auth/callback/${t}`, a = await be(t, o, n, i), u = await Fe(t, a.access_token), l = {
+      const i = o.redirectUri ?? `${e.baseUrl}/api/auth/callback/${t}`, a = await be(t, o, n, i), u = await Fe(t, a.access_token), f = {
         id: u.id,
         email: u.email,
         name: u.name,
@@ -1303,7 +1303,7 @@ function ar(e, r) {
       if (e.callbacks.onOAuthUser) {
         const g = await q(
           e.callbacks.onOAuthUser,
-          [l, t],
+          [f, t],
           e.onError
         );
         if (!g)
@@ -1312,7 +1312,7 @@ function ar(e, r) {
             error: "Failed to create or retrieve user",
             errorCode: m.VALIDATION_ERROR
           };
-        const w = e.createSession(g, l, a);
+        const w = e.createSession(g, f, a);
         return await e.saveSession(w), e.callbacks.onSignIn && await q(
           e.callbacks.onSignIn,
           [w.user, w],
@@ -1364,42 +1364,49 @@ function st(e) {
   }, t = e.actions, n = e.callbacks || {}, s = ((L = e.providers) == null ? void 0 : L.oauth) || {}, o = Ze(), i = {
     ...Qe(),
     ...e.tokenRefresh
-  }, a = ((M = e.session) == null ? void 0 : M.cacheTtl) ?? e.sessionCacheTtl ?? 5e3, u = e.oauthStateStore || Be(), l = { ...t }, g = async (c, f) => {
+  }, a = ((M = e.session) == null ? void 0 : M.cacheTtl) ?? e.sessionCacheTtl ?? 5e3, u = e.oauthStateStore || Be(), f = { ...t }, g = async (c, l) => {
     const d = {
-      provider: f,
+      provider: l,
       expiresAt: Date.now() + 6e5
       // 10 minutes
     };
     await Promise.resolve(u.set(c, d, 10 * 60 * 1e3)), u.cleanup && await Promise.resolve(u.cleanup());
-  }, w = async (c, f) => {
-    const d = await Promise.resolve(u.get(c));
-    return d ? d.expiresAt < Date.now() ? (await Promise.resolve(u.delete(c)), !1) : d.provider !== f ? !1 : (await Promise.resolve(u.delete(c)), !0) : !1;
+  }, w = async (c, l) => {
+    let d = await Promise.resolve(u.get(c));
+    if (!d)
+      try {
+        const { getOAuthStateCookie: v } = await import("../oauth-state-DKle8eCr.mjs").then((P) => P.q), C = await v();
+        if (C && C.state === c && C.provider === l)
+          return !0;
+      } catch {
+      }
+    return d ? d.expiresAt < Date.now() ? (await Promise.resolve(u.delete(c)), !1) : d.provider !== l ? !1 : (await Promise.resolve(u.delete(c)), !0) : !1;
   }, R = cr(
     s,
     o,
     _e,
     Ne
   );
-  if (R && !l.signIn.oauth) {
-    const c = l.signIn;
-    l.signIn = {
+  if (R && !f.signIn.oauth) {
+    const c = f.signIn;
+    f.signIn = {
       ...c,
-      oauth: async (f) => {
-        const d = await R(f);
-        return await g(d.state, f), d;
+      oauth: async (l) => {
+        const d = await R(l);
+        return await g(d.state, l), d;
       }
     };
   }
-  if (!l.signIn || !l.signIn.email)
+  if (!f.signIn || !f.signIn.email)
     throw new Error("mulguard: signIn.email action is required");
-  const S = async (c, ...f) => {
+  const A = async (c, ...l) => {
     if (c)
       try {
-        return await c(...f);
+        return await c(...l);
       } catch (d) {
         throw n.onError && await n.onError(d instanceof Error ? d : new Error(String(d)), "callback"), d;
       }
-  }, v = er({
+  }, S = er({
     sessionConfig: r,
     cacheTtl: a,
     getSessionAction: t.getSession,
@@ -1408,45 +1415,45 @@ function st(e) {
   }), y = async (c) => {
     if (!D(c) || !c.session)
       return { success: !0 };
-    const f = await v.setSession(c.session);
-    return c.user && n.onSignIn && await S(n.onSignIn, c.user, c.session), f;
+    const l = await S.setSession(c.session);
+    return c.user && n.onSignIn && await A(n.onSignIn, c.user, c.session), l;
   };
-  if (Object.keys(s).length > 0 && !l.oauthCallback) {
+  if (Object.keys(s).length > 0 && !f.oauthCallback) {
     const c = ar(
       {
         oauthProviders: s,
         baseUrl: o,
         callbacks: n,
-        createSession: (f, d, A) => ({
+        createSession: (l, d, v) => ({
           user: {
-            ...f,
+            ...l,
             avatar: d.avatar,
             emailVerified: d.emailVerified
           },
           expiresAt: new Date(Date.now() + (r.expiresIn || 604800) * 1e3),
-          accessToken: A.access_token,
-          refreshToken: A.refresh_token,
+          accessToken: v.access_token,
+          refreshToken: v.refresh_token,
           tokenType: "Bearer",
-          expiresIn: A.expires_in
+          expiresIn: v.expires_in
         }),
-        saveSession: async (f) => {
-          await v.setSession(f);
+        saveSession: async (l) => {
+          await S.setSession(l);
         },
         onError: n.onError
       }
     );
-    l.oauthCallback = c;
+    f.oauthCallback = c;
   }
   const h = or(
     {
-      actions: l,
+      actions: f,
       callbacks: n,
       saveSessionAfterAuth: y,
       onError: n.onError
     },
     g
   ), T = ir({
-    actions: l,
+    actions: f,
     callbacks: n,
     saveSessionAfterAuth: y,
     onError: n.onError
@@ -1456,25 +1463,25 @@ function st(e) {
      * Uses custom getSession action if provided, otherwise falls back to reading from cookie
      */
     async getSession() {
-      return await v.getSession();
+      return await S.getSession();
     },
     /**
      * Get access token from current session
      */
     async getAccessToken() {
-      return await v.getAccessToken();
+      return await S.getAccessToken();
     },
     /**
      * Get refresh token from current session
      */
     async getRefreshToken() {
-      return await v.getRefreshToken();
+      return await S.getRefreshToken();
     },
     /**
      * Check if session has valid tokens
      */
     async hasValidTokens() {
-      return await v.hasValidTokens();
+      return await S.hasValidTokens();
     },
     /**
      * Unified sign in method - supports both unified and direct method calls
@@ -1493,10 +1500,10 @@ function st(e) {
      */
     async signOut() {
       try {
-        const c = await this.getSession(), f = c == null ? void 0 : c.user;
-        return t.signOut && await t.signOut(), await v.clearSessionCookie(), v.clearCache(), f && n.onSignOut && await S(n.onSignOut, f), { success: !0 };
+        const c = await this.getSession(), l = c == null ? void 0 : c.user;
+        return t.signOut && await t.signOut(), await S.clearSessionCookie(), S.clearCache(), l && n.onSignOut && await A(n.onSignOut, l), { success: !0 };
       } catch (c) {
-        return await v.clearSessionCookie(), v.clearCache(), n.onError && await S(n.onError, c instanceof Error ? c : new Error(String(c)), "signOut"), {
+        return await S.clearSessionCookie(), S.clearCache(), n.onError && await A(n.onError, c instanceof Error ? c : new Error(String(c)), "signOut"), {
           success: !1,
           error: c instanceof Error ? c.message : "Sign out failed"
         };
@@ -1510,10 +1517,10 @@ function st(e) {
         throw new Error("Password reset is not configured. Provide resetPassword action in config.");
       try {
         return await t.resetPassword(c);
-      } catch (f) {
-        return n.onError && await S(n.onError, f instanceof Error ? f : new Error(String(f)), "resetPassword"), {
+      } catch (l) {
+        return n.onError && await A(n.onError, l instanceof Error ? l : new Error(String(l)), "resetPassword"), {
           success: !1,
-          error: f instanceof Error ? f.message : "Password reset failed"
+          error: l instanceof Error ? l.message : "Password reset failed"
         };
       }
     },
@@ -1525,10 +1532,10 @@ function st(e) {
         throw new Error("Email verification is not configured. Provide verifyEmail action in config.");
       try {
         return await t.verifyEmail(c);
-      } catch (f) {
-        return n.onError && await S(n.onError, f instanceof Error ? f : new Error(String(f)), "verifyEmail"), {
+      } catch (l) {
+        return n.onError && await A(n.onError, l instanceof Error ? l : new Error(String(l)), "verifyEmail"), {
           success: !1,
-          error: f instanceof Error ? f.message : "Email verification failed"
+          error: l instanceof Error ? l.message : "Email verification failed"
         };
       }
     },
@@ -1542,48 +1549,48 @@ function st(e) {
       try {
         const c = await t.refreshSession();
         if (c && U(c)) {
-          if (await v.setSession(c), n.onSessionUpdate) {
-            const f = await S(n.onSessionUpdate, c);
-            if (f && U(f)) {
-              if (await v.setSession(f), n.onTokenRefresh) {
+          if (await S.setSession(c), n.onSessionUpdate) {
+            const l = await A(n.onSessionUpdate, c);
+            if (l && U(l)) {
+              if (await S.setSession(l), n.onTokenRefresh) {
                 const d = await this.getSession();
-                d && await S(n.onTokenRefresh, d, f);
+                d && await A(n.onTokenRefresh, d, l);
               }
-              return f;
+              return l;
             }
           }
           if (n.onTokenRefresh) {
-            const f = await this.getSession();
-            f && await S(n.onTokenRefresh, f, c);
+            const l = await this.getSession();
+            l && await A(n.onTokenRefresh, l, c);
           }
           return c;
         } else if (c && !U(c))
-          return await v.clearSessionCookie(), v.clearCache(), null;
+          return await S.clearSessionCookie(), S.clearCache(), null;
         return null;
       } catch (c) {
-        return await v.clearSessionCookie(), v.clearCache(), n.onError && await S(n.onError, c instanceof Error ? c : new Error(String(c)), "refreshSession"), null;
+        return await S.clearSessionCookie(), S.clearCache(), n.onError && await A(n.onError, c instanceof Error ? c : new Error(String(c)), "refreshSession"), null;
       }
     },
     /**
      * OAuth callback handler
      * ✅ Auto-generated if providers.oauth is configured in config
      */
-    async oauthCallback(c, f, d) {
-      if (!l.oauthCallback)
+    async oauthCallback(c, l, d) {
+      if (!f.oauthCallback)
         throw new Error(
           "OAuth callback is not configured. Either provide oauthCallback action, or configure providers.oauth in config."
         );
-      if (!f || !d)
+      if (!l || !d)
         return {
           success: !1,
           error: "Missing required OAuth parameters (code or state)",
           errorCode: m.VALIDATION_ERROR
         };
-      let A = c;
-      if (!A) {
+      let v = c;
+      if (!v) {
         const P = await Promise.resolve(u.get(d));
         if (P && P.provider)
-          A = P.provider;
+          v = P.provider;
         else
           return {
             success: !1,
@@ -1591,16 +1598,16 @@ function st(e) {
             errorCode: m.VALIDATION_ERROR
           };
       }
-      if (!await w(d, A))
+      if (!await w(d, v))
         return {
           success: !1,
           error: "Invalid or expired state parameter",
           errorCode: m.VALIDATION_ERROR
         };
       try {
-        return await l.oauthCallback(A, f, d);
+        return await f.oauthCallback(v, l, d);
       } catch (P) {
-        return n.onError && await S(n.onError, P instanceof Error ? P : new Error(String(P)), "oauthCallback"), {
+        return n.onError && await A(n.onError, P instanceof Error ? P : new Error(String(P)), "oauthCallback"), {
           success: !1,
           error: P instanceof Error ? P.message : "OAuth callback failed",
           errorCode: m.NETWORK_ERROR
@@ -1611,25 +1618,25 @@ function st(e) {
      * Verify 2FA code after initial sign in
      * Used when signIn returns requires2FA: true
      */
-    async verify2FA(c, f) {
+    async verify2FA(c, l) {
       if (!t.verify2FA)
         throw new Error("2FA verification is not configured. Provide verify2FA action in config.");
       try {
         const d = await t.verify2FA(c);
-        if (d.success && d.session && !(f != null && f.skipCookieSave)) {
-          const A = await y(d);
-          A.success || (process.env.NODE_ENV === "development" && I.debug("Failed to save session cookie after verify2FA", {
-            error: A.error,
-            warning: A.warning
-          }), n.onError && await S(
+        if (d.success && d.session && !(l != null && l.skipCookieSave)) {
+          const v = await y(d);
+          v.success || (process.env.NODE_ENV === "development" && I.debug("Failed to save session cookie after verify2FA", {
+            error: v.error,
+            warning: v.warning
+          }), n.onError && await A(
             n.onError,
-            new Error(A.warning || A.error || "Failed to save session cookie"),
+            new Error(v.warning || v.error || "Failed to save session cookie"),
             "verify2FA.setSession"
           ));
         }
         return d;
       } catch (d) {
-        return n.onError && await S(n.onError, d instanceof Error ? d : new Error(String(d)), "verify2FA"), {
+        return n.onError && await A(n.onError, d instanceof Error ? d : new Error(String(d)), "verify2FA"), {
           success: !1,
           error: d instanceof Error ? d.message : "2FA verification failed",
           errorCode: m.TWO_FA_REQUIRED
@@ -1641,7 +1648,7 @@ function st(e) {
      * Useful for Server Actions that need to save session manually
      */
     async setSession(c) {
-      return await v.setSession(c);
+      return await S.setSession(c);
     },
     /**
      * Internal method to get session config for Server Actions
@@ -1649,7 +1656,7 @@ function st(e) {
      * @internal
      */
     _getSessionConfig() {
-      return v.getSessionConfig();
+      return S.getSessionConfig();
     },
     _getCallbacks() {
       return n;
@@ -1661,8 +1668,8 @@ function st(e) {
      * @param state - OAuth state token
      * @param provider - OAuth provider name
      */
-    async storeOAuthState(c, f) {
-      await g(c, f);
+    async storeOAuthState(c, l) {
+      await g(c, l);
     },
     /**
      * PassKey methods
@@ -1670,22 +1677,22 @@ function st(e) {
     passkey: t.passkey ? {
       register: t.passkey.register,
       authenticate: async (c) => {
-        var f;
-        if (!((f = t.passkey) != null && f.authenticate))
+        var l;
+        if (!((l = t.passkey) != null && l.authenticate))
           throw new Error("PassKey authenticate is not configured.");
         try {
           const d = await t.passkey.authenticate(c);
           return d.success && d.session && await y(d), d;
         } catch (d) {
-          return n.onError && await S(n.onError, d instanceof Error ? d : new Error(String(d)), "passkey.authenticate"), {
+          return n.onError && await A(n.onError, d instanceof Error ? d : new Error(String(d)), "passkey.authenticate"), {
             success: !1,
             error: d instanceof Error ? d.message : "PassKey authentication failed"
           };
         }
       },
       list: t.passkey.list ? async () => {
-        var f;
-        if (!((f = t.passkey) != null && f.list))
+        var l;
+        if (!((l = t.passkey) != null && l.list))
           throw new Error("PassKey list is not configured.");
         return [...await t.passkey.list()];
       } : void 0,
@@ -1702,27 +1709,27 @@ function st(e) {
       isEnabled: t.twoFactor.isEnabled,
       verify2FA: async (c) => {
         var d;
-        const f = ((d = t.twoFactor) == null ? void 0 : d.verify2FA) || t.verify2FA;
-        if (!f)
+        const l = ((d = t.twoFactor) == null ? void 0 : d.verify2FA) || t.verify2FA;
+        if (!l)
           throw new Error("2FA verification is not configured. Provide verify2FA action in config.");
         try {
-          const A = await f(c);
-          if (A.success && A.session) {
-            const C = await y(A);
+          const v = await l(c);
+          if (v.success && v.session) {
+            const C = await y(v);
             C.success || (process.env.NODE_ENV === "development" && I.debug("Failed to save session cookie after twoFactor.verify2FA", {
               error: C.error,
               warning: C.warning
-            }), n.onError && await S(
+            }), n.onError && await A(
               n.onError,
               new Error(C.warning || C.error || "Failed to save session cookie"),
               "twoFactor.verify2FA.setSession"
             ));
           }
-          return A;
-        } catch (A) {
-          return n.onError && await S(n.onError, A instanceof Error ? A : new Error(String(A)), "twoFactor.verify2FA"), {
+          return v;
+        } catch (v) {
+          return n.onError && await A(n.onError, v instanceof Error ? v : new Error(String(v)), "twoFactor.verify2FA"), {
             success: !1,
-            error: A instanceof Error ? A.message : "2FA verification failed",
+            error: v instanceof Error ? v.message : "2FA verification failed",
             errorCode: m.UNKNOWN_ERROR
           };
         }
@@ -1734,16 +1741,16 @@ function st(e) {
     signInMethods: {
       email: (c) => h.email(c),
       oauth: (c) => {
-        var f;
-        return ((f = h.oauth) == null ? void 0 : f.call(h, c)) || Promise.reject(new Error("OAuth not configured"));
+        var l;
+        return ((l = h.oauth) == null ? void 0 : l.call(h, c)) || Promise.reject(new Error("OAuth not configured"));
       },
       passkey: (c) => {
-        var f;
-        return ((f = h.passkey) == null ? void 0 : f.call(h, c)) || Promise.reject(new Error("Passkey not configured"));
+        var l;
+        return ((l = h.passkey) == null ? void 0 : l.call(h, c)) || Promise.reject(new Error("Passkey not configured"));
       },
-      otp: (c, f) => {
+      otp: (c, l) => {
         var d;
-        return ((d = h.otp) == null ? void 0 : d.call(h, c, f)) || Promise.reject(new Error("OTP not configured"));
+        return ((d = h.otp) == null ? void 0 : d.call(h, c, l)) || Promise.reject(new Error("OTP not configured"));
       }
     }
   };
@@ -1752,7 +1759,7 @@ function st(e) {
       async () => await _.refreshSession(),
       async () => await _.signOut(),
       async () => {
-        await v.clearSessionCookie(), v.clearCache();
+        await S.clearSessionCookie(), S.clearCache();
       },
       {
         ...i,
@@ -1815,11 +1822,11 @@ function re(e, r) {
 async function te(e, r, t, n, s, o, i) {
   if (!r.oauthCallback)
     return o === "GET" ? V(e.url, "oauth_not_configured") : O("OAuth callback is not configured", 400);
-  const a = hr(n, s, i), u = (i == null ? void 0 : i.code) ?? s.searchParams.get("code"), l = (i == null ? void 0 : i.state) ?? s.searchParams.get("state");
-  if (!u || !l)
+  const a = hr(n, s, i), u = (i == null ? void 0 : i.code) ?? s.searchParams.get("code"), f = (i == null ? void 0 : i.state) ?? s.searchParams.get("state");
+  if (!u || !f)
     return o === "GET" ? V(e.url, "oauth_missing_params") : O("Missing required OAuth parameters. Code and state are required.", 400);
   try {
-    const g = await r.oauthCallback(a ?? "", u, l);
+    const g = await r.oauthCallback(a ?? "", u, f);
     return o === "GET" ? g.success ? Ar(e.url, s.searchParams.get("callbackUrl")) : V(e.url, g.error ?? "oauth_failed") : E.json(g);
   } catch (g) {
     return o === "GET" ? V(e.url, g instanceof Error ? g.message : "oauth_error") : O(g instanceof Error ? g.message : "OAuth callback failed", 500);
@@ -1980,8 +1987,8 @@ function it(e) {
           },
           body: i ? JSON.stringify(i) : void 0
         }
-      ), l = await u.json();
-      return E.json(l, {
+      ), f = await u.json();
+      return E.json(f, {
         status: u.status,
         headers: {
           ...Object.fromEntries(u.headers.entries())
@@ -2055,21 +2062,21 @@ function ut(e, r = {}) {
   } = r;
   return async (i) => {
     const { pathname: a } = i.nextUrl, u = t.some((w) => a.startsWith(w));
-    let l = null;
+    let f = null;
     try {
-      l = await e.getSession();
+      f = await e.getSession();
     } catch (w) {
       console.error("Middleware: Failed to get session:", w);
     }
-    if (u && !l) {
+    if (u && !f) {
       const w = i.nextUrl.clone();
       return w.pathname = s, w.searchParams.set("callbackUrl", a), E.redirect(w);
     }
-    if (o && l && (a.startsWith("/login") || a.startsWith("/register"))) {
+    if (o && f && (a.startsWith("/login") || a.startsWith("/register"))) {
       const R = i.nextUrl.clone();
       R.pathname = o;
-      const S = E.redirect(R);
-      return F(i, S);
+      const A = E.redirect(R);
+      return F(i, A);
     }
     const g = E.next();
     return F(i, g);
@@ -2099,25 +2106,25 @@ function ft(e) {
       const R = E.next();
       return F(a, R);
     }
-    const l = t.some((R) => u.startsWith(R));
+    const f = t.some((R) => u.startsWith(R));
     let g = null;
-    if (l || o)
+    if (f || o)
       try {
         g = await r.getSession();
       } catch (R) {
         console.error("Middleware: Failed to get session:", R);
       }
-    if (l && !g) {
+    if (f && !g) {
       const R = a.nextUrl.clone();
       R.pathname = s, R.searchParams.set("callbackUrl", u);
-      const S = E.redirect(R);
-      return F(a, S);
+      const A = E.redirect(R);
+      return F(a, A);
     }
     if (o && g && (u.startsWith("/login") || u.startsWith("/register"))) {
-      const S = a.nextUrl.clone();
-      S.pathname = o;
-      const v = E.redirect(S);
-      return F(a, v);
+      const A = a.nextUrl.clone();
+      A.pathname = o;
+      const S = E.redirect(A);
+      return F(a, S);
     }
     const w = E.next();
     return F(a, w);