mulguard 1.1.6 → 1.1.7

package/dist/oauth-state-pdypStuS.mjs

@@ -0,0 +1,210 @@
+var A = Object.defineProperty;
+var S = (t, e, r) => e in t ? A(t, e, { enumerable: !0, configurable: !0, writable: !0, value: r }) : t[e] = r;
+var i = (t, e, r) => S(t, typeof e != "symbol" ? e + "" : e, r);
+import { A as x, f as w, c as m, g as y, d as E } from "./actions-CjQUKaXF.mjs";
+import { redirect as p } from "next/navigation";
+class o extends Error {
+  constructor(r, s, n, g) {
+    super(s);
+    i(this, "code");
+    i(this, "statusCode");
+    i(this, "details");
+    this.name = "AuthError", this.code = r, this.statusCode = n ?? w(r), this.details = g, Error.captureStackTrace && Error.captureStackTrace(this, o);
+  }
+  /**
+   * Converts error to plain object for serialization.
+   * 
+   * @returns Plain error object
+   */
+  toJSON() {
+    return {
+      code: this.code,
+      message: this.message,
+      statusCode: this.statusCode,
+      details: this.details
+    };
+  }
+  /**
+   * Creates error result for failed operations.
+   * 
+   * @returns ErrorResult object
+   */
+  toErrorResult() {
+    return {
+      success: !1,
+      error: this.message,
+      errorCode: this.code,
+      details: this.details
+    };
+  }
+}
+class l extends o {
+  constructor(e = "Session has expired", r) {
+    super(x.SESSION_EXPIRED, e, void 0, r), this.name = "SessionExpiredError";
+  }
+}
+function d(t) {
+  return !t || !t.expiresAt ? !1 : new Date(t.expiresAt) < /* @__PURE__ */ new Date();
+}
+function k(t, e = 5) {
+  if (!t || !t.expiresAt)
+    return !1;
+  const r = new Date(t.expiresAt), s = /* @__PURE__ */ new Date(), n = (r.getTime() - s.getTime()) / (1e3 * 60);
+  return n > 0 && n < e;
+}
+function b(t) {
+  if (!t || !t.expiresAt)
+    return null;
+  const e = new Date(t.expiresAt), r = /* @__PURE__ */ new Date(), s = (e.getTime() - r.getTime()) / (1e3 * 60);
+  return s > 0 ? Math.floor(s) : 0;
+}
+function j(t) {
+  return !(!t || !t.user || !t.user.id || !t.user.email || !t.user.name || d(t));
+}
+function T(t) {
+  if (!t || typeof t != "object")
+    return !1;
+  const e = t;
+  if (!e.user || typeof e.user != "object")
+    return !1;
+  const r = e.user;
+  if (typeof r.id != "string" || r.id.length === 0 || typeof r.email != "string" || r.email.length === 0 || typeof r.name != "string" || r.name.length === 0 || !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(r.email))
+    return !1;
+  if (e.expiresAt)
+    if (e.expiresAt instanceof Date) {
+      if (isNaN(e.expiresAt.getTime()))
+        return !1;
+    } else if (typeof e.expiresAt == "string") {
+      const n = new Date(e.expiresAt);
+      if (isNaN(n.getTime()))
+        return !1;
+    } else
+      return !1;
+  return !0;
+}
+async function u(t) {
+  try {
+    const e = await t.getSession();
+    if (!e)
+      return null;
+    if ((typeof e.expiresAt == "string" ? new Date(e.expiresAt) : e.expiresAt).getTime() < Date.now())
+      throw new l("Session has expired");
+    return e;
+  } catch (e) {
+    if (e instanceof l)
+      throw e;
+    return null;
+  }
+}
+async function M(t) {
+  try {
+    return await u(t) !== null;
+  } catch {
+    return !1;
+  }
+}
+async function R(t) {
+  const e = await u(t);
+  return (e == null ? void 0 : e.user) || null;
+}
+function U(t) {
+  return async () => {
+    try {
+      return await t();
+    } catch (e) {
+      throw e;
+    }
+  };
+}
+function V(t, e) {
+  return async () => {
+    const r = await u(t);
+    if (!r)
+      throw new Error("Authentication required");
+    return await e(r.user);
+  };
+}
+async function h(t) {
+  try {
+    const e = await t.getSession();
+    return !e || !T(e) || d(e) ? null : e;
+  } catch (e) {
+    return process.env.NODE_ENV === "development" && console.error("Failed to get server session:", e), null;
+  }
+}
+async function D(t, e = "/login") {
+  const r = await h(t);
+  return r || p(e), r;
+}
+async function q(t, e, r = "/unauthorized") {
+  const s = await D(t);
+  return (!s.user.roles || !s.user.roles.includes(e)) && p(r), s;
+}
+async function I(t) {
+  const e = await h(t);
+  return (e == null ? void 0 : e.user) ?? null;
+}
+const c = "__mulguard_oauth_state", f = 10 * 60;
+async function O(t, e) {
+  try {
+    const r = JSON.stringify({ state: t, provider: e, expiresAt: Date.now() + f * 1e3 }), s = process.env.NODE_ENV === "production";
+    return await m({
+      name: c,
+      value: r,
+      httpOnly: !0,
+      secure: s,
+      sameSite: "lax",
+      // Changed from 'strict' to 'lax' to allow cookie in OAuth redirect flow
+      maxAge: f,
+      path: "/"
+    });
+  } catch (r) {
+    return {
+      success: !1,
+      error: r instanceof Error ? r.message : "Failed to store OAuth state"
+    };
+  }
+}
+async function v() {
+  try {
+    const t = await y(c);
+    if (!t)
+      return null;
+    const e = JSON.parse(t);
+    return e.expiresAt < Date.now() ? (await a(), null) : (await a(), {
+      state: e.state,
+      provider: e.provider
+    });
+  } catch {
+    return await a(), null;
+  }
+}
+async function a() {
+  await E(c, { path: "/" });
+}
+const J = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+  __proto__: null,
+  deleteOAuthStateCookie: a,
+  getOAuthStateCookie: v,
+  storeOAuthStateCookie: O
+}, Symbol.toStringTag, { value: "Module" }));
+export {
+  l as S,
+  q as a,
+  u as b,
+  R as c,
+  U as d,
+  V as e,
+  d as f,
+  I as g,
+  k as h,
+  M as i,
+  b as j,
+  j as k,
+  v as l,
+  a as m,
+  J as o,
+  D as r,
+  O as s,
+  T as v
+};

package/dist/server/index.js

@@ -1 +1 @@
-"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const i=require("../actions-CExpv_dD.js"),e=require("../oauth-state-DlvrCV11.js");exports.buildCookieOptions=i.buildCookieOptions;exports.deleteCookie=i.deleteCookie;exports.getCookie=i.getCookie;exports.setCookie=i.setCookie;exports.signInEmailAction=i.signInEmailAction;exports.signOutAction=i.signOutAction;exports.signUpAction=i.signUpAction;exports.verify2FAAction=i.verify2FAAction;exports.createServerAuthMiddleware=e.createAuthMiddleware;exports.createServerHelpers=e.createServerHelpers;exports.createServerUtils=e.createServerUtils;exports.createSessionManager=e.createSessionManager;exports.deleteOAuthStateCookie=e.deleteOAuthStateCookie;exports.getCurrentUser=e.getCurrentUser;exports.getOAuthStateCookie=e.getOAuthStateCookie;exports.getServerSession=e.getServerSession;exports.getSessionTimeUntilExpiry=e.getSessionTimeUntilExpiry;exports.isSessionExpiredNullable=e.isSessionExpiredNullable;exports.isSessionExpiringSoon=e.isSessionExpiringSoon;exports.isSessionValid=e.isSessionValid;exports.refreshSession=e.refreshSession;exports.requireAuth=e.requireAuth;exports.requireRole=e.requireRole;exports.requireServerAuthMiddleware=e.requireAuthMiddleware;exports.requireServerRoleMiddleware=e.requireRoleMiddleware;exports.storeOAuthStateCookie=e.storeOAuthStateCookie;exports.validateSessionStructure=e.validateSessionStructure;
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("../oauth-state-Drwz6fES.js"),i=require("../actions-CMtg7FGv.js");exports.SessionExpiredError=e.SessionExpiredError;exports.createAuthenticatedAction=e.createAuthenticatedAction;exports.createServerAction=e.createServerAction;exports.deleteOAuthStateCookie=e.deleteOAuthStateCookie;exports.getCurrentUser=e.getCurrentUser;exports.getOAuthStateCookie=e.getOAuthStateCookie;exports.getServerSession=e.getServerSession;exports.getServerUser=e.getServerUser;exports.getSessionTimeUntilExpiry=e.getSessionTimeUntilExpiry;exports.isAuthenticated=e.isAuthenticated;exports.isSessionExpiredNullable=e.isSessionExpiredNullable;exports.isSessionExpiringSoon=e.isSessionExpiringSoon;exports.isSessionValid=e.isSessionValid;exports.requireAuth=e.requireAuth;exports.requireRole=e.requireRole;exports.storeOAuthStateCookie=e.storeOAuthStateCookie;exports.validateSessionStructure=e.validateSessionStructure;exports.buildCookieOptions=i.buildCookieOptions;exports.deleteCookie=i.deleteCookie;exports.getCookie=i.getCookie;exports.setCookie=i.setCookie;exports.signInEmailAction=i.signInEmailAction;exports.signOutAction=i.signOutAction;exports.signUpAction=i.signUpAction;exports.verify2FAAction=i.verify2FAAction;

package/dist/server/index.mjs

@@ -1,31 +1,29 @@
-import { e as a, d as i, g as r, c as t, a as o, s as n, b as S, v as l } from "../actions-DeCfLtHA.mjs";
-import { c as d, p as g, k as c, n as A, m as v, j as p, l as h, e as k, g as C, b as f, i as m, a as x, o as O, f as b, h as q, r as E, d as M, s as U, v as w } from "../oauth-state-DKle8eCr.mjs";
+import { S as i, e as t, d as a, m as o, g as r, l as n, b as S, c as u, j as c, i as A, f as g, h as l, k as d, r as k, a as p, s as C, v as h } from "../oauth-state-pdypStuS.mjs";
+import { e as x, d as E, g as m, c as O, a as b, s as f, b as U, v as q } from "../actions-CjQUKaXF.mjs";
 export {
-  a as buildCookieOptions,
-  d as createServerAuthMiddleware,
-  g as createServerHelpers,
-  c as createServerUtils,
-  A as createSessionManager,
-  i as deleteCookie,
-  v as deleteOAuthStateCookie,
-  r as getCookie,
-  p as getCurrentUser,
-  h as getOAuthStateCookie,
-  k as getServerSession,
-  C as getSessionTimeUntilExpiry,
-  f as isSessionExpiredNullable,
-  m as isSessionExpiringSoon,
-  x as isSessionValid,
-  O as refreshSession,
-  b as requireAuth,
-  q as requireRole,
-  E as requireServerAuthMiddleware,
-  M as requireServerRoleMiddleware,
-  t as setCookie,
-  o as signInEmailAction,
-  n as signOutAction,
-  S as signUpAction,
-  U as storeOAuthStateCookie,
-  w as validateSessionStructure,
-  l as verify2FAAction
+  i as SessionExpiredError,
+  x as buildCookieOptions,
+  t as createAuthenticatedAction,
+  a as createServerAction,
+  E as deleteCookie,
+  o as deleteOAuthStateCookie,
+  m as getCookie,
+  r as getCurrentUser,
+  n as getOAuthStateCookie,
+  S as getServerSession,
+  u as getServerUser,
+  c as getSessionTimeUntilExpiry,
+  A as isAuthenticated,
+  g as isSessionExpiredNullable,
+  l as isSessionExpiringSoon,
+  d as isSessionValid,
+  k as requireAuth,
+  p as requireRole,
+  O as setCookie,
+  b as signInEmailAction,
+  f as signOutAction,
+  U as signUpAction,
+  C as storeOAuthStateCookie,
+  h as validateSessionStructure,
+  q as verify2FAAction
 };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "mulguard",
-  "version": "1.1.6",
-  "description": "Mulguard is a modern authentication backend-first library for Next.js",
+  "version": "1.1.7",
+  "description": "A modern, stable authentication library for Next.js 16+ (App Router) - مكتبة مصادقة حديثة ومستقرة لـ Next.js",
   "main": "./dist/index/index.js",
   "module": "./dist/index/index.mjs",
   "types": "./dist/index.d.ts",
@@ -20,10 +20,23 @@
       "types": "./dist/client/index.d.ts",
       "import": "./dist/client/index.mjs",
       "require": "./dist/client/index.js"
+    },
+    "./proxy": {
+      "types": "./dist/proxy/index.d.ts",
+      "import": "./dist/proxy/index.mjs",
+      "require": "./dist/proxy/index.js"
+    },
+    "./handlers": {
+      "types": "./dist/handlers/index.d.ts",
+      "import": "./dist/handlers/index.mjs",
+      "require": "./dist/handlers/index.js"
     }
   },
   "files": [
-    "dist"
+    "dist",
+    "README.md",
+    "ARCHITECTURE.md",
+    "API_DESIGN.md"
   ],
   "scripts": {
     "build": "vite build",
@@ -36,21 +49,43 @@
     "prepublishOnly": "npm run build",
     "changeset": "changeset add",
     "version": "changeset version",
-    "release": "changeset version && npm run build && changeset publish"
+    "release": "changeset version && npm run build && changeset publish",
+    "lint": "eslint src --ext .ts,.tsx",
+    "format": "prettier --write \"src/**/*.{ts,tsx}\""
   },
   "keywords": [
     "nextjs",
+    "next.js",
+    "nextjs-16",
     "mulguard",
-    "mulink",
-    "mukey",
     "mulverse",
-    "MxHabob",
     "authentication",
     "auth",
-    "next-auth"
+    "oauth",
+    "oauth2",
+    "pkce",
+    "session",
+    "middleware",
+    "server-actions",
+    "typescript",
+    "edge-runtime",
+    "security",
+    "mfa",
+    "2fa",
+    "otp",
+    "passkey",
+    "webauthn"
   ],
-  "author": "Mulguard Team",
-  "license": "MUV ",
+  "author": "Mulverse Team",
+  "license": "MUV",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mulverse/mulguard.git"
+  },
+  "bugs": {
+    "url": "https://github.com/mulverse/mulguard/issues"
+  },
+  "homepage": "https://github.com/mulverse/mulguard#readme",
   "dependencies": {
     "@noble/hashes": "^1.3.3"
   },
@@ -58,6 +93,10 @@
     "@changesets/cli": "^2.27.1",
     "@types/node": "^20.11.5",
     "@types/react": "^18.2.48",
+    "@typescript-eslint/eslint-plugin": "^8.50.0",
+    "@typescript-eslint/parser": "^8.50.0",
+    "eslint": "^8.57.1",
+    "eslint-config-prettier": "^10.1.8",
     "next": "^16.0.10",
     "turbo": "^2.0.0",
     "typescript": "^5.3.3",
@@ -66,8 +105,22 @@
     "vitest": "^1.2.0"
   },
   "peerDependencies": {
-    "next": ">=14.0.0",
+    "next": ">=16.0.0",
     "react": ">=18.0.0 || ^19.0.0",
     "react-dom": ">=18.0.0 || ^19.0.0"
+  },
+  "peerDependenciesMeta": {
+    "react": {
+      "optional": false
+    },
+    "react-dom": {
+      "optional": false
+    },
+    "next": {
+      "optional": false
+    }
+  },
+  "engines": {
+    "node": ">=18.0.0"
   }
 }

package/dist/actions-CExpv_dD.js

@@ -1 +0,0 @@
-"use strict";const O=require("next/headers");var r=(s=>(s.INVALID_CREDENTIALS="INVALID_CREDENTIALS",s.ACCOUNT_LOCKED="ACCOUNT_LOCKED",s.ACCOUNT_INACTIVE="ACCOUNT_INACTIVE",s.TWO_FA_REQUIRED="TWO_FA_REQUIRED",s.INVALID_TWO_FA_CODE="INVALID_TWO_FA_CODE",s.SESSION_EXPIRED="SESSION_EXPIRED",s.UNAUTHORIZED="UNAUTHORIZED",s.NETWORK_ERROR="NETWORK_ERROR",s.VALIDATION_ERROR="VALIDATION_ERROR",s.RATE_LIMITED="RATE_LIMITED",s.UNKNOWN_ERROR="UNKNOWN_ERROR",s))(r||{});async function R(s){var n;try{return(n=(await O.cookies()).get(s))==null?void 0:n.value}catch(e){const o=(e==null?void 0:e.message)||"";if(o.includes("cookies")||o.includes("request scope")||o.includes("outside")||o.includes("dynamic"))return;throw e}}async function u(s){try{return(await O.cookies()).set({name:s.name,value:s.value,maxAge:s.maxAge,expires:s.expires,httpOnly:s.httpOnly??!0,secure:s.secure,sameSite:s.sameSite??"lax",path:s.path??"/",domain:s.domain}),{success:!0}}catch(n){const e=(n==null?void 0:n.message)||"";if(e.includes("cookies")||e.includes("request scope")||e.includes("outside")||e.includes("dynamic")){const o=`Cannot set cookie "${s.name}" outside request scope. Make sure this is called from a Server Action or Route Handler.`;return process.env.NODE_ENV==="development"&&console.warn(`[Mulguard] ${o}`),{success:!1,error:e,warning:o}}throw n}}async function f(s,n){try{(await O.cookies()).set({name:s,value:"",maxAge:0,expires:new Date(0),httpOnly:!0,path:(n==null?void 0:n.path)??"/",domain:n==null?void 0:n.domain})}catch(e){const o=(e==null?void 0:e.message)||"";if(o.includes("cookies")||o.includes("request scope")||o.includes("outside")||o.includes("dynamic")){process.env.NODE_ENV==="development"&&console.warn(`[Mulguard] Cannot delete cookie "${s}" outside request scope`);return}throw e}}function l(s,n,e){const o=process.env.NODE_ENV==="production";return{name:s,value:n,maxAge:e.expiresIn,httpOnly:e.httpOnly??!0,secure:e.secure??o,sameSite:e.sameSite??"lax",path:e.path??"/"}}async function g(s,n){if(!s.verify2FA)return{success:!1,error:"2FA verification is not configured",errorCode:r.VALIDATION_ERROR};try{const e=await s.verify2FA(n,{skipCookieSave:!0});if(e.success&&e.session)try{const{cookieName:o,config:t}=s._getSessionConfig(),c=typeof e.session=="object"&&"token"in e.session?String(e.session.token):JSON.stringify(e.session),i=l(o,c,t),a=await u(i);a.success||process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session after 2FA verification:",a.error||a.warning)}catch(o){process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session cookie:",o)}return e}catch(e){return{success:!1,error:e instanceof Error?e.message:"2FA verification failed",errorCode:r.UNKNOWN_ERROR}}}async function N(s){var n;try{const e=await s.getSession(),o=e==null?void 0:e.user;s.signOut&&await s.signOut();const{cookieName:t,config:c}=s._getSessionConfig();await f(t,{path:c.path||"/"});const i=(n=s._getCallbacks)==null?void 0:n.call(s);return o&&(i!=null&&i.onSignOut)&&await i.onSignOut(o),{success:!0}}catch(e){return{success:!1,error:e instanceof Error?e.message:"Sign out failed"}}}async function d(s,n){var e;if(!((e=s.signIn)!=null&&e.email))return{success:!1,error:"Email sign in is not configured",errorCode:r.VALIDATION_ERROR};try{const o=await s.signIn.email(n);if(o.success&&o.session)try{const{cookieName:t,config:c}=s._getSessionConfig(),i=typeof o.session=="object"&&"token"in o.session?String(o.session.token):JSON.stringify(o.session),a=l(t,i,c);await u(a)}catch(t){process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session cookie:",t)}return o}catch(o){return{success:!1,error:o instanceof Error?o.message:"Sign in failed",errorCode:r.UNKNOWN_ERROR}}}async function E(s,n){if(!s.signUp)return{success:!1,error:"Sign up is not configured",errorCode:r.VALIDATION_ERROR};try{const e=await s.signUp(n);if(e.success&&e.session)try{const{cookieName:o,config:t}=s._getSessionConfig(),c=typeof e.session=="object"&&"token"in e.session?String(e.session.token):JSON.stringify(e.session),i=l(o,c,t);await u(i)}catch(o){process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session cookie:",o)}return e}catch(e){return{success:!1,error:e instanceof Error?e.message:"Sign up failed",errorCode:r.UNKNOWN_ERROR}}}const _=Object.freeze(Object.defineProperty({__proto__:null,signInEmailAction:d,signOutAction:N,signUpAction:E,verify2FAAction:g},Symbol.toStringTag,{value:"Module"}));exports.AuthErrorCode=r;exports.actions=_;exports.buildCookieOptions=l;exports.deleteCookie=f;exports.getCookie=R;exports.setCookie=u;exports.signInEmailAction=d;exports.signOutAction=N;exports.signUpAction=E;exports.verify2FAAction=g;

package/dist/client/index.d.ts

@@ -1,5 +0,0 @@
-/**
- * Client-side hooks and utilities for Next.js
- */
-export * from './hooks';
-export * from './provider';

package/dist/core/auth/index.d.ts

@@ -1,40 +0,0 @@
-import { EmailCredentials, RegisterData, AuthResult, ApiClient } from '../types';
-import { OAuthMethods } from './oauth';
-import { PassKeyMethods } from './passkey';
-import { TwoFactorMethods } from './two-factor';
-import { AccountPickerMethods } from '../account-picker';
-export interface AuthMethods {
-    signIn: {
-        email(credentials: EmailCredentials): Promise<AuthResult>;
-        oauth(provider: string): Promise<{
-            url: string;
-            state: string;
-        }>;
-        passkey(options?: {
-            userId?: string;
-        }): Promise<AuthResult>;
-    };
-    signUp(data: RegisterData): Promise<AuthResult>;
-    signOut(): Promise<void>;
-    resetPassword(email: string): Promise<{
-        success: boolean;
-        error?: string;
-    }>;
-    verifyEmail(token: string): Promise<{
-        success: boolean;
-        error?: string;
-    }>;
-    oauth: OAuthMethods;
-    passkey: PassKeyMethods;
-    twoFactor: TwoFactorMethods;
-    accountPicker: AccountPickerMethods;
-}
-/**
- * Create authentication methods
- */
-export declare function createAuthMethods(client: ApiClient, oauthProviders?: Record<string, {
-    clientId: string;
-    redirectUri: string;
-    scopes?: string[];
-    name?: string;
-}>, accountPickerConfig?: import('../account-picker').AccountPickerConfig): AuthMethods;

package/dist/core/auth/oauth.d.ts

@@ -1,20 +0,0 @@
-import { ApiClient, AuthResult } from '../types';
-export interface OAuthProvider {
-    id: string;
-    name: string;
-    clientId: string;
-    redirectUri: string;
-    scopes?: string[];
-}
-export interface OAuthMethods {
-    initiate(provider: string): Promise<{
-        url: string;
-        state: string;
-    }>;
-    handleCallback(provider: string, code: string, state: string): Promise<AuthResult>;
-    getProviders(): Promise<OAuthProvider[]>;
-}
-/**
- * Create OAuth methods
- */
-export declare function createOAuthMethods(client: ApiClient, providers: Record<string, OAuthProvider>): OAuthMethods;

package/dist/middleware/index.d.ts

@@ -1,28 +0,0 @@
-import { NextResponse, NextRequest } from 'next/server';
-import { MulguardInstance } from '../mulguard';
-export interface AuthMiddlewareConfig {
-    /**
-     * Protected routes - require authentication
-     */
-    protectedRoutes?: string[];
-    /**
-     * Public routes - accessible without authentication
-     */
-    publicRoutes?: string[];
-    /**
-     * Redirect to login if not authenticated
-     */
-    redirectTo?: string;
-    /**
-     * Redirect to home if authenticated (for login/register pages)
-     */
-    redirectIfAuthenticated?: string;
-}
-/**
- * Create authentication middleware
- */
-export declare function createAuthMiddleware(auth: MulguardInstance, config?: AuthMiddlewareConfig): (request: NextRequest) => Promise<NextResponse<unknown>>;
-/**
- * Helper to check if user has required role
- */
-export declare function checkRole(auth: MulguardInstance, requiredRole: string): Promise<boolean>;

package/dist/middleware/proxy.d.ts

@@ -1,53 +0,0 @@
-import { NextResponse, NextRequest } from 'next/server';
-import { MulguardInstance } from '../mulguard';
-export interface ProxyMiddlewareConfig {
-    /**
-     * Auth instance
-     */
-    auth: MulguardInstance;
-    /**
-     * Protected routes - require authentication
-     */
-    protectedRoutes?: string[];
-    /**
-     * Public routes - accessible without authentication
-     */
-    publicRoutes?: string[];
-    /**
-     * Redirect to login if not authenticated
-     */
-    redirectTo?: string;
-    /**
-     * Redirect to home if authenticated (for login/register pages)
-     */
-    redirectIfAuthenticated?: string;
-    /**
-     * API routes prefix (default: '/api/auth')
-     */
-    apiPrefix?: string;
-}
-/**
- * Create proxy middleware for authentication
- *
- * @example
- * ```typescript
- * // middleware.ts
- * import { auth } from '@/auth'
- * import { createProxyMiddleware } from 'mulguard/middleware/proxy'
- *
- * export default createProxyMiddleware({
- *   auth,
- *   protectedRoutes: ['/dashboard', '/profile'],
- *   redirectTo: '/login',
- * })
- *
- * export const config = {
- *   matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
- * }
- * ```
- */
-export declare function createProxyMiddleware(config: ProxyMiddlewareConfig): (request: NextRequest) => Promise<NextResponse<unknown>>;
-/**
- * Helper to check if user has required role
- */
-export declare function checkRole(auth: MulguardInstance, requiredRole: string): Promise<boolean>;