naystack 1.4.16 → 1.4.21

package/dist/auth/email/routes/delete.esm.js

@@ -5,6 +5,55 @@ import { cookies } from "next/headers";
 import { redirect } from "next/navigation";
 import { NextResponse } from "next/server";
 
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/constants.ts
 var REFRESH_COOKIE_NAME = "refresh";
 
@@ -50,17 +99,20 @@ import { verify as verify2 } from "jsonwebtoken";
 import { NextResponse as NextResponse2 } from "next/server";
 
 // src/auth/email/utils.ts
-var getContext = (keys, req) => {
+var getContext = (req) => {
   const bearer = req.headers.get("authorization");
   if (!bearer) {
     const refresh = req.cookies.get(REFRESH_COOKIE_NAME)?.value;
-    const userId = getUserIdFromRefreshToken(keys.refresh, refresh);
+    const userId = getUserIdFromRefreshToken(
+      getEnv("REFRESH_KEY" /* REFRESH_KEY */),
+      refresh
+    );
     if (userId) return { userId, isRefreshID: true };
     return { userId: null };
   }
   const token = bearer.slice(7);
   try {
-    const res = verify2(token, keys.signing);
+    const res = verify2(token, getEnv("SIGNING_KEY" /* SIGNING_KEY */));
     if (typeof res === "string") {
       return { userId: null };
     }
@@ -75,7 +127,7 @@ var getContext = (keys, req) => {
 // src/auth/email/routes/delete.ts
 var getDeleteRoute = (options) => async (req) => {
   if (options.onLogout) {
-    const ctx = await getContext(options.keys, req);
+    const ctx = await getContext(req);
     const body = await req.json();
     await options.onLogout?.(ctx.userId, body);
   }

package/dist/auth/email/routes/get.cjs.js

@@ -24,6 +24,55 @@ __export(get_exports, {
 });
 module.exports = __toCommonJS(get_exports);
 
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/constants.ts
 var REFRESH_COOKIE_NAME = "refresh";
 
@@ -75,14 +124,17 @@ function getUserIdFromRefreshToken(refreshKey, refreshToken) {
 // src/auth/email/routes/get.ts
 var getGetRoute = (options) => async (req) => {
   const refresh = req.cookies.get(REFRESH_COOKIE_NAME)?.value;
-  const userID = getUserIdFromRefreshToken(options.keys.refresh, refresh);
+  const userID = getUserIdFromRefreshToken(
+    getEnv("REFRESH_KEY" /* REFRESH_KEY */),
+    refresh
+  );
   if (userID) {
     if (options.onRefresh) {
       const body = await req.json();
       await options.onRefresh?.(userID, body);
     }
     return getTokenizedResponse(
-      generateAccessToken(userID, options.keys.signing)
+      generateAccessToken(userID, getEnv("SIGNING_KEY" /* SIGNING_KEY */))
     );
   }
   return getTokenizedResponse();

package/dist/auth/email/routes/get.esm.js

@@ -1,3 +1,52 @@
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/constants.ts
 var REFRESH_COOKIE_NAME = "refresh";
 
@@ -49,14 +98,17 @@ function getUserIdFromRefreshToken(refreshKey, refreshToken) {
 // src/auth/email/routes/get.ts
 var getGetRoute = (options) => async (req) => {
   const refresh = req.cookies.get(REFRESH_COOKIE_NAME)?.value;
-  const userID = getUserIdFromRefreshToken(options.keys.refresh, refresh);
+  const userID = getUserIdFromRefreshToken(
+    getEnv("REFRESH_KEY" /* REFRESH_KEY */),
+    refresh
+  );
   if (userID) {
     if (options.onRefresh) {
       const body = await req.json();
       await options.onRefresh?.(userID, body);
     }
     return getTokenizedResponse(
-      generateAccessToken(userID, options.keys.signing)
+      generateAccessToken(userID, getEnv("SIGNING_KEY" /* SIGNING_KEY */))
     );
   }
   return getTokenizedResponse();

package/dist/auth/email/routes/post.cjs.js

@@ -25,6 +25,55 @@ __export(post_exports, {
 module.exports = __toCommonJS(post_exports);
 var import_bcryptjs2 = require("bcryptjs");
 
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/utils/errors.ts
 var import_server = require("next/server");
 function handleError(status, message, onError) {
@@ -86,12 +135,13 @@ async function massageRequest(req, options) {
     return {
       error: handleError(400, "Missing password", options.onError)
     };
-  if (options.turnstileKey) {
+  const turnstileKey = getEnv("TURNSTILE_KEY" /* TURNSTILE_KEY */, true);
+  if (turnstileKey) {
     if (!data.captchaToken)
       return {
         error: handleError(400, "Missing captchaToken", options.onError)
       };
-    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+    if (!await verifyCaptcha(data.captchaToken, turnstileKey))
       return {
         error: handleError(400, "Invalid captcha", options.onError)
       };
@@ -133,8 +183,11 @@ var getPostRoute = (options) => async (req) => {
   if (existingUser) {
     if (await verifyUser(existingUser, data.password)) {
       return getTokenizedResponse(
-        generateAccessToken(existingUser.id, options.keys.signing),
-        generateRefreshToken(existingUser.id, options.keys.refresh)
+        generateAccessToken(existingUser.id, getEnv("SIGNING_KEY" /* SIGNING_KEY */)),
+        generateRefreshToken(
+          existingUser.id,
+          getEnv("REFRESH_KEY" /* REFRESH_KEY */)
+        )
       );
     }
     return handleError(400, "A user already exists", options.onError);
@@ -149,8 +202,8 @@ var getPostRoute = (options) => async (req) => {
       await options.onSignUp?.(newUser.id, data);
     }
     return getTokenizedResponse(
-      generateAccessToken(newUser.id, options.keys.signing),
-      generateRefreshToken(newUser.id, options.keys.refresh)
+      generateAccessToken(newUser.id, getEnv("SIGNING_KEY" /* SIGNING_KEY */)),
+      generateRefreshToken(newUser.id, getEnv("REFRESH_KEY" /* REFRESH_KEY */))
     );
   }
   return getTokenizedResponse();

package/dist/auth/email/routes/post.esm.js

@@ -1,6 +1,55 @@
 // src/auth/email/routes/post.ts
 import { hash } from "bcryptjs";
 
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/utils/errors.ts
 import { NextResponse } from "next/server";
 function handleError(status, message, onError) {
@@ -62,12 +111,13 @@ async function massageRequest(req, options) {
     return {
       error: handleError(400, "Missing password", options.onError)
     };
-  if (options.turnstileKey) {
+  const turnstileKey = getEnv("TURNSTILE_KEY" /* TURNSTILE_KEY */, true);
+  if (turnstileKey) {
     if (!data.captchaToken)
       return {
         error: handleError(400, "Missing captchaToken", options.onError)
       };
-    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+    if (!await verifyCaptcha(data.captchaToken, turnstileKey))
       return {
         error: handleError(400, "Invalid captcha", options.onError)
       };
@@ -109,8 +159,11 @@ var getPostRoute = (options) => async (req) => {
   if (existingUser) {
     if (await verifyUser(existingUser, data.password)) {
       return getTokenizedResponse(
-        generateAccessToken(existingUser.id, options.keys.signing),
-        generateRefreshToken(existingUser.id, options.keys.refresh)
+        generateAccessToken(existingUser.id, getEnv("SIGNING_KEY" /* SIGNING_KEY */)),
+        generateRefreshToken(
+          existingUser.id,
+          getEnv("REFRESH_KEY" /* REFRESH_KEY */)
+        )
       );
     }
     return handleError(400, "A user already exists", options.onError);
@@ -125,8 +178,8 @@ var getPostRoute = (options) => async (req) => {
       await options.onSignUp?.(newUser.id, data);
     }
     return getTokenizedResponse(
-      generateAccessToken(newUser.id, options.keys.signing),
-      generateRefreshToken(newUser.id, options.keys.refresh)
+      generateAccessToken(newUser.id, getEnv("SIGNING_KEY" /* SIGNING_KEY */)),
+      generateRefreshToken(newUser.id, getEnv("REFRESH_KEY" /* REFRESH_KEY */))
     );
   }
   return getTokenizedResponse();

package/dist/auth/email/routes/put.cjs.js

@@ -24,6 +24,55 @@ __export(put_exports, {
 });
 module.exports = __toCommonJS(put_exports);
 
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/utils/errors.ts
 var import_server = require("next/server");
 function handleError(status, message, onError) {
@@ -85,12 +134,13 @@ async function massageRequest(req, options) {
     return {
       error: handleError(400, "Missing password", options.onError)
     };
-  if (options.turnstileKey) {
+  const turnstileKey = getEnv("TURNSTILE_KEY" /* TURNSTILE_KEY */, true);
+  if (turnstileKey) {
     if (!data.captchaToken)
       return {
         error: handleError(400, "Missing captchaToken", options.onError)
       };
-    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+    if (!await verifyCaptcha(data.captchaToken, turnstileKey))
       return {
         error: handleError(400, "Invalid captcha", options.onError)
       };
@@ -136,8 +186,8 @@ var getPutRoute = (options) => async (req) => {
       await options.onLogin?.(user.id, data);
     }
     return getTokenizedResponse(
-      generateAccessToken(user.id, options.keys.signing),
-      generateRefreshToken(user.id, options.keys.refresh)
+      generateAccessToken(user.id, getEnv("SIGNING_KEY" /* SIGNING_KEY */)),
+      generateRefreshToken(user.id, getEnv("REFRESH_KEY" /* REFRESH_KEY */))
     );
   }
   return handleError(403, "Invalid password", options.onError);

package/dist/auth/email/routes/put.esm.js

@@ -1,3 +1,52 @@
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/utils/errors.ts
 import { NextResponse } from "next/server";
 function handleError(status, message, onError) {
@@ -59,12 +108,13 @@ async function massageRequest(req, options) {
     return {
       error: handleError(400, "Missing password", options.onError)
     };
-  if (options.turnstileKey) {
+  const turnstileKey = getEnv("TURNSTILE_KEY" /* TURNSTILE_KEY */, true);
+  if (turnstileKey) {
     if (!data.captchaToken)
       return {
         error: handleError(400, "Missing captchaToken", options.onError)
       };
-    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+    if (!await verifyCaptcha(data.captchaToken, turnstileKey))
       return {
         error: handleError(400, "Invalid captcha", options.onError)
       };
@@ -110,8 +160,8 @@ var getPutRoute = (options) => async (req) => {
       await options.onLogin?.(user.id, data);
     }
     return getTokenizedResponse(
-      generateAccessToken(user.id, options.keys.signing),
-      generateRefreshToken(user.id, options.keys.refresh)
+      generateAccessToken(user.id, getEnv("SIGNING_KEY" /* SIGNING_KEY */)),
+      generateRefreshToken(user.id, getEnv("REFRESH_KEY" /* REFRESH_KEY */))
     );
   }
   return handleError(403, "Invalid password", options.onError);

package/dist/auth/email/token.cjs.js

@@ -35,6 +35,55 @@ var import_headers = require("next/headers");
 var import_navigation = require("next/navigation");
 var import_server = require("next/server");
 
+// src/env.ts
+var getEnvValue = (key) => {
+  switch (key) {
+    case "NEXT_PUBLIC_GRAPHQL_ENDPOINT" /* NEXT_PUBLIC_GRAPHQL_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT;
+    case "NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT" /* NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_EMAIL_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT" /* NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_GOOGLE_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT" /* NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_INSTAGRAM_AUTH_ENDPOINT;
+    case "NEXT_PUBLIC_FILE_ENDPOINT" /* NEXT_PUBLIC_FILE_ENDPOINT */:
+      return process.env.NEXT_PUBLIC_FILE_ENDPOINT;
+    case "NEXT_PUBLIC_BASE_URL" /* NEXT_PUBLIC_BASE_URL */:
+      return process.env.NEXT_PUBLIC_BASE_URL;
+    case "REFRESH_KEY" /* REFRESH_KEY */:
+      return process.env.REFRESH_KEY;
+    case "SIGNING_KEY" /* SIGNING_KEY */:
+      return process.env.SIGNING_KEY;
+    case "INSTAGRAM_CLIENT_SECRET" /* INSTAGRAM_CLIENT_SECRET */:
+      return process.env.INSTAGRAM_CLIENT_SECRET;
+    case "INSTAGRAM_CLIENT_ID" /* INSTAGRAM_CLIENT_ID */:
+      return process.env.INSTAGRAM_CLIENT_ID;
+    case "GOOGLE_CLIENT_SECRET" /* GOOGLE_CLIENT_SECRET */:
+      return process.env.GOOGLE_CLIENT_SECRET;
+    case "GOOGLE_CLIENT_ID" /* GOOGLE_CLIENT_ID */:
+      return process.env.GOOGLE_CLIENT_ID;
+    case "TURNSTILE_KEY" /* TURNSTILE_KEY */:
+      return process.env.TURNSTILE_KEY;
+    case "AWS_ACCESS_KEY_ID" /* AWS_ACCESS_KEY_ID */:
+      return process.env.AWS_ACCESS_KEY_ID;
+    case "AWS_ACCESS_KEY_SECRET" /* AWS_ACCESS_KEY_SECRET */:
+      return process.env.AWS_ACCESS_KEY_SECRET;
+    case "AWS_REGION" /* AWS_REGION */:
+      return process.env.AWS_REGION;
+    case "AWS_BUCKET" /* AWS_BUCKET */:
+      return process.env.AWS_BUCKET;
+    case "NODE_ENV" /* NODE_ENV */:
+      return process.env.NODE_ENV;
+    default:
+      return process.env[key];
+  }
+};
+function getEnv(key, skipCheck) {
+  const value = getEnvValue(key);
+  if (!skipCheck && !value) throw new Error(`${key} is not defined`);
+  return value;
+}
+
 // src/auth/constants.ts
 var REFRESH_COOKIE_NAME = "refresh";
 
@@ -81,9 +130,9 @@ function getUserIdFromRefreshToken(refreshKey, refreshToken) {
   return null;
 }
 function getUserIdFromAccessToken(refreshToken) {
-  if (refreshToken && process.env.SIGNING_KEY)
+  if (refreshToken)
     try {
-      const decoded = (0, import_jsonwebtoken.verify)(refreshToken, process.env.SIGNING_KEY);
+      const decoded = (0, import_jsonwebtoken.verify)(refreshToken, getEnv("SIGNING_KEY" /* SIGNING_KEY */));
       if (typeof decoded !== "string" && typeof decoded.id === "number")
         return decoded.id;
     } catch (e) {