naystack 1.7.0 → 1.7.1

package/README.md

@@ -24,12 +24,12 @@ Naystack provides a seamless email-based authentication system with optional sup
 Define your auth routes in `app/api/(auth)/email/route.ts`. The library reads `SIGNING_KEY` and `REFRESH_KEY` from environment variables automatically.
 
 ```typescript
-import { getEmailAuthRoutes } from "naystack/auth";
+import { setupEmailAuth } from "naystack/auth";
 import { db } from "@/app/api/lib/db";
 import { UserTable } from "@/app/api/(graphql)/User/db";
 import { eq } from "drizzle-orm";
 
-export const { GET, POST, PUT, DELETE } = getEmailAuthRoutes({
+export const { GET, POST, PUT, DELETE } = setupEmailAuth({
   // Fetch user by request data (used for login & sign-up duplicate check)
   getUser: async ({ email }: { email: string }) => {
     const [user] = await db
@@ -214,9 +214,9 @@ await checkAuthStatus("/login"); // Redirects to /login if not authorized
 ### Google OAuth
 
 ```typescript
-import { initGoogleAuth } from "naystack/auth";
+import { setupGoogleAuth } from "naystack/auth";
 
-export const { GET } = initGoogleAuth({
+export const { GET } = setupGoogleAuth({
   getUserIdFromEmail: async (googleUser) => {
     // Find or create user by Google email
     return findOrCreateUserByEmail(googleUser.email!);
@@ -229,18 +229,27 @@ export const { GET } = initGoogleAuth({
 ### Instagram OAuth
 
 ```typescript
-import { initInstagramAuth } from "naystack/auth";
+import { setupInstagramAuth } from "naystack/auth";
 
-export const { GET, getRefreshedAccessToken } = initInstagramAuth({
+export const { GET } = setupInstagramAuth({
   onUser: async (igUser, appUserId, accessToken) => {
     await saveInstagramUser(appUserId, igUser, accessToken);
   },
-  successRedirectURL: "/dashboard",
+  redirectURL: "/dashboard",
   errorRedirectURL: "/login",
-  refreshKey: process.env.REFRESH_KEY!,
 });
 ```
 
+#### `getRefreshedInstagramAccessToken(token)`
+
+Refreshes a long-lived Instagram access token. Exported separately from `naystack/auth`.
+
+```typescript
+import { getRefreshedInstagramAccessToken } from "naystack/auth";
+
+const newToken = await getRefreshedInstagramAccessToken(existingToken);
+```
+
 ---
 
 ## 2. GraphQL
@@ -249,13 +258,13 @@ Naystack provides a type-safe GraphQL layer built on `type-graphql` and `Apollo
 
 ### Defining Queries and Mutations
 
-Use `query()` to define a resolver. It returns an object with the resolver function, plus `.call()` and `.authCall()` for direct server-side invocation (e.g. in Server Components).
+Use `resolver()` to define a resolver. It returns an object with the resolver function, plus `.call()` and `.authCall()` for direct server-side invocation (e.g. in Server Components).
 
 ```typescript
 // app/api/(graphql)/User/resolvers/get-current-user.ts
-import { query } from "naystack/graphql";
+import { resolver } from "naystack/graphql";
 
-export default query(
+export default resolver(
   async (ctx) => {
     if (!ctx.userId) return null;
     const [user] = await db
@@ -275,9 +284,9 @@ export default query(
 
 ```typescript
 // app/api/(graphql)/Feedback/resolvers/submit-feedback.ts
-import { query } from "naystack/graphql";
+import { resolver } from "naystack/graphql";
 
-export default query(
+export default resolver(
   async (ctx, input: SubmitFeedbackInput) => {
     await db.insert(FeedbackTable).values({
       userId: ctx.userId,  // guaranteed non-null when authorized: true
@@ -321,7 +330,7 @@ export default field(
 
 ### Registering Resolvers
 
-Use `QueryLibrary()` for queries/mutations and `FieldLibrary()` for field resolvers. Pass the result to `initGraphQLServer`.
+Use `QueryLibrary()` for queries/mutations and `FieldLibrary()` for field resolvers. Pass the returned classes to `setupGraphQL`.
 
 ```typescript
 // app/api/(graphql)/User/graphql.ts
@@ -349,12 +358,12 @@ export const UserFieldResolvers = FieldLibrary<UserDB>(User, {
 
 ```typescript
 // app/api/(graphql)/route.ts
-import { initGraphQLServer } from "naystack/graphql";
+import { setupGraphQL } from "naystack/graphql";
 import { UserResolvers, UserFieldResolvers } from "./User/graphql";
 import { ChatResolvers } from "./Chat/graphql";
 import { FeedbackResolvers } from "./Feedback/graphql";
 
-export const { GET, POST } = await initGraphQLServer({
+export const { GET, POST } = await setupGraphQL({
   resolvers: [UserResolvers, UserFieldResolvers, ChatResolvers, FeedbackResolvers],
 });
 ```
@@ -374,18 +383,20 @@ if (!ctx.userId)  throw GQLError(403);                  // "You are not allowed
 if (!deal)        throw GQLError(404, "Deal not found"); // Custom message
 ```
 
-### Type Helper: `QueryResponseType`
+### Type Helpers: `QueryResponseType` / `FieldResponseType`
 
-Infer the return type of a query definition. Use it to type component props that receive query results.
+Infer the return type of a query or field resolver definition. Use them to type component props that receive resolver results.
 
 ```typescript
-import type { QueryResponseType } from "naystack/graphql";
+import type { QueryResponseType, FieldResponseType } from "naystack/graphql";
 import type getCurrentUser from "@/app/api/(graphql)/User/resolvers/get-current-user";
 import type getDeal from "@/app/api/(graphql)/Deal/queries/get-deal";
+import type sellerField from "@/app/api/(graphql)/Property/resolvers/seller-field";
 
 interface DealDetailsProps {
   user: QueryResponseType<typeof getCurrentUser>;
   deal: QueryResponseType<typeof getDeal>;
+  seller: FieldResponseType<typeof sellerField>;
 }
 ```
 
@@ -571,9 +582,7 @@ function FileUploader({ dealId }: { dealId: number }) {
     setUploading(true);
     try {
       const result = await uploadFile(file, "DealDocument", {
-        dealId,
-        fileName: file.name,
-        category: "Contract",
+        data: { dealId, fileName: file.name, category: "Contract" },
       });
       if (result?.url) {
         console.log("Uploaded:", result.url);
@@ -653,6 +662,8 @@ import {
   getInstagramMedia,
   getInstagramConversations,
   getInstagramConversation,
+  getInstagramConversationByUser,
+  getInstagramConversationsByUser,
   getInstagramMessage,
   sendInstagramMessage,
   setupInstagramWebhook,
@@ -675,6 +686,12 @@ if (convos.fetchMore) {
   const nextPage = await convos.fetchMore();
 }
 
+// Fetch conversations filtered by a specific user
+const userConvos = await getInstagramConversationsByUser(accessToken, userId);
+
+// Fetch the single conversation with a specific user (2-participant thread)
+const convo = await getInstagramConversationByUser(accessToken, userId);
+
 // Send a message
 await sendInstagramMessage(accessToken, recipientId, "Hello!");
 

package/dist/auth/email/client.d.mts

@@ -16,6 +16,7 @@ declare const TokenContext: React__default.Context<{
  * Must be placed **above** `ApolloWrapper` in the component tree (since `ApolloWrapper` needs the token).
  *
  * @param children - React children (e.g. your app or a layout).
+ * @param onTokenUpdate - Optional callback fired whenever the token changes (after initial load). Receives `token` (string) or `null` on logout.
  * @returns TokenContext.Provider wrapping children.
  *
  * @example
@@ -43,7 +44,23 @@ declare const AuthWrapper: ({ children, onTokenUpdate, }: {
     children: React__default.ReactNode;
     onTokenUpdate?: (token: string | null) => void;
 }) => React__default.JSX.Element;
+/**
+ * Fetches the access token on mount by calling the auth endpoint. Stores the result in TokenContext.
+ * Used internally by auth setup; prefer `AuthWrapper` for typical usage.
+ *
+ * @param getRefreshToken - Optional async function that returns a refresh token string (e.g. from cookies or storage). If omitted, the request relies on httpOnly cookies via `credentials: "include"`.
+ *
+ * @category Auth
+ */
 declare function useAuthFetch(getRefreshToken?: () => Promise<string | null>): void;
+/**
+ * Component that applies a server-provided access token into TokenContext on mount.
+ * Useful for hydrating auth state from server-side rendering.
+ *
+ * @param data - The access token string to set. If falsy, no update occurs.
+ *
+ * @category Auth
+ */
 declare function AuthApply({ data }: {
     data?: string | null;
 }): null;

package/dist/auth/email/client.d.ts

@@ -16,6 +16,7 @@ declare const TokenContext: React__default.Context<{
  * Must be placed **above** `ApolloWrapper` in the component tree (since `ApolloWrapper` needs the token).
  *
  * @param children - React children (e.g. your app or a layout).
+ * @param onTokenUpdate - Optional callback fired whenever the token changes (after initial load). Receives `token` (string) or `null` on logout.
  * @returns TokenContext.Provider wrapping children.
  *
  * @example
@@ -43,7 +44,23 @@ declare const AuthWrapper: ({ children, onTokenUpdate, }: {
     children: React__default.ReactNode;
     onTokenUpdate?: (token: string | null) => void;
 }) => React__default.JSX.Element;
+/**
+ * Fetches the access token on mount by calling the auth endpoint. Stores the result in TokenContext.
+ * Used internally by auth setup; prefer `AuthWrapper` for typical usage.
+ *
+ * @param getRefreshToken - Optional async function that returns a refresh token string (e.g. from cookies or storage). If omitted, the request relies on httpOnly cookies via `credentials: "include"`.
+ *
+ * @category Auth
+ */
 declare function useAuthFetch(getRefreshToken?: () => Promise<string | null>): void;
+/**
+ * Component that applies a server-provided access token into TokenContext on mount.
+ * Useful for hydrating auth state from server-side rendering.
+ *
+ * @param data - The access token string to set. If falsy, no update occurs.
+ *
+ * @category Auth
+ */
 declare function AuthApply({ data }: {
     data?: string | null;
 }): null;

package/dist/auth/email/index.cjs.js

@@ -33,7 +33,7 @@ __export(email_exports, {
   AuthFetch: () => AuthFetch,
   checkAuthStatus: () => checkAuthStatus,
   getContext: () => getContext,
-  getEmailAuthRoutes: () => getEmailAuthRoutes
+  setupEmailAuth: () => setupEmailAuth
 });
 module.exports = __toCommonJS(email_exports);
 var import_server5 = require("next/server");
@@ -400,7 +400,7 @@ function AuthFetch() {
 }
 
 // src/auth/email/index.ts
-function getEmailAuthRoutes(options) {
+function setupEmailAuth(options) {
   const { allowedOrigins } = options;
   return {
     GET: withCors(getGetRoute(options), allowedOrigins),
@@ -426,5 +426,5 @@ function getEmailAuthRoutes(options) {
   AuthFetch,
   checkAuthStatus,
   getContext,
-  getEmailAuthRoutes
+  setupEmailAuth
 });

package/dist/auth/email/index.d.mts

@@ -1,5 +1,5 @@
 import { NextRequest, NextResponse } from 'next/server';
-import { InitRoutesOptions } from './types.mjs';
+import { SetupEmailAuthOptions } from './types.mjs';
 export { default as AuthFetch } from './server.mjs';
 export { checkAuthStatus } from './token.mjs';
 export { getContext } from './utils.mjs';
@@ -13,7 +13,7 @@ import '../../graphql/types.mjs';
  * The library automatically hashes passwords on sign-up and reads `SIGNING_KEY` / `REFRESH_KEY` from env vars.
  * Optionally supports Cloudflare Turnstile captcha validation when `TURNSTILE_KEY` is set.
  *
- * @param options - Configuration for the auth routes. See {@link InitRoutesOptions}.
+ * @param options - Configuration for the auth routes. See {@link SetupEmailAuthOptions}.
  * @param options.getUser - Given request body (e.g. `{ email }`), returns the user from DB or undefined. Used for login and duplicate check on sign-up.
  * @param options.createUser - Given sign-up data with hashed password, inserts the user and returns the created record.
  * @param options.onError - Optional. Called on validation/auth errors; return a NextResponse to customize the error response.
@@ -26,9 +26,9 @@ import '../../graphql/types.mjs';
  * @example
  * ```ts
  * // app/api/(auth)/email/route.ts
- * import { getEmailAuthRoutes } from "naystack/auth";
+ * import { setupEmailAuth } from "naystack/auth";
  *
- * export const { GET, POST, PUT, DELETE } = getEmailAuthRoutes({
+ * export const { GET, POST, PUT, DELETE } = setupEmailAuth({
  *   getUser: async ({ email }: { email: string }) => {
  *     const [user] = await db.select({ id: UserTable.id, password: UserTable.password })
  *       .from(UserTable).where(eq(UserTable.email, email));
@@ -47,7 +47,7 @@ import '../../graphql/types.mjs';
  *
  * @category Auth
  */
-declare function getEmailAuthRoutes(options: InitRoutesOptions): {
+declare function setupEmailAuth(options: SetupEmailAuthOptions): {
     OPTIONS?: ((req: NextRequest) => NextResponse<unknown>) | undefined;
     GET: (req: NextRequest) => Promise<NextResponse<{
         accessToken: string | undefined;
@@ -61,4 +61,4 @@ declare function getEmailAuthRoutes(options: InitRoutesOptions): {
     }>>;
 };
 
-export { getEmailAuthRoutes };
+export { setupEmailAuth };

package/dist/auth/email/index.d.ts

@@ -1,5 +1,5 @@
 import { NextRequest, NextResponse } from 'next/server';
-import { InitRoutesOptions } from './types.js';
+import { SetupEmailAuthOptions } from './types.js';
 export { default as AuthFetch } from './server.js';
 export { checkAuthStatus } from './token.js';
 export { getContext } from './utils.js';
@@ -13,7 +13,7 @@ import '../../graphql/types.js';
  * The library automatically hashes passwords on sign-up and reads `SIGNING_KEY` / `REFRESH_KEY` from env vars.
  * Optionally supports Cloudflare Turnstile captcha validation when `TURNSTILE_KEY` is set.
  *
- * @param options - Configuration for the auth routes. See {@link InitRoutesOptions}.
+ * @param options - Configuration for the auth routes. See {@link SetupEmailAuthOptions}.
  * @param options.getUser - Given request body (e.g. `{ email }`), returns the user from DB or undefined. Used for login and duplicate check on sign-up.
  * @param options.createUser - Given sign-up data with hashed password, inserts the user and returns the created record.
  * @param options.onError - Optional. Called on validation/auth errors; return a NextResponse to customize the error response.
@@ -26,9 +26,9 @@ import '../../graphql/types.js';
  * @example
  * ```ts
  * // app/api/(auth)/email/route.ts
- * import { getEmailAuthRoutes } from "naystack/auth";
+ * import { setupEmailAuth } from "naystack/auth";
  *
- * export const { GET, POST, PUT, DELETE } = getEmailAuthRoutes({
+ * export const { GET, POST, PUT, DELETE } = setupEmailAuth({
  *   getUser: async ({ email }: { email: string }) => {
  *     const [user] = await db.select({ id: UserTable.id, password: UserTable.password })
  *       .from(UserTable).where(eq(UserTable.email, email));
@@ -47,7 +47,7 @@ import '../../graphql/types.js';
  *
  * @category Auth
  */
-declare function getEmailAuthRoutes(options: InitRoutesOptions): {
+declare function setupEmailAuth(options: SetupEmailAuthOptions): {
     OPTIONS?: ((req: NextRequest) => NextResponse<unknown>) | undefined;
     GET: (req: NextRequest) => Promise<NextResponse<{
         accessToken: string | undefined;
@@ -61,4 +61,4 @@ declare function getEmailAuthRoutes(options: InitRoutesOptions): {
     }>>;
 };
 
-export { getEmailAuthRoutes };
+export { setupEmailAuth };

package/dist/auth/email/index.esm.js

@@ -367,7 +367,7 @@ function AuthFetch() {
 }
 
 // src/auth/email/index.ts
-function getEmailAuthRoutes(options) {
+function setupEmailAuth(options) {
   const { allowedOrigins } = options;
   return {
     GET: withCors(getGetRoute(options), allowedOrigins),
@@ -392,5 +392,5 @@ export {
   AuthFetch,
   checkAuthStatus,
   getContext,
-  getEmailAuthRoutes
+  setupEmailAuth
 };

package/dist/auth/email/routes/delete.d.mts

@@ -1,14 +1,14 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.mjs';
+import { SetupEmailAuthOptions } from '../types.mjs';
 import '../../types.mjs';
 
 /**
  * Returns the DELETE route handler for logout.
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getDeleteRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
+declare const getDeleteRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
     accessToken: string | undefined;
     refreshToken: string | undefined;
 }>>;

package/dist/auth/email/routes/delete.d.ts

@@ -1,14 +1,14 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.js';
+import { SetupEmailAuthOptions } from '../types.js';
 import '../../types.js';
 
 /**
  * Returns the DELETE route handler for logout.
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getDeleteRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
+declare const getDeleteRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
     accessToken: string | undefined;
     refreshToken: string | undefined;
 }>>;

package/dist/auth/email/routes/get.d.mts

@@ -1,14 +1,14 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.mjs';
+import { SetupEmailAuthOptions } from '../types.mjs';
 import '../../types.mjs';
 
 /**
  * Returns the GET route handler for token refresh (exchange refresh cookie for new tokens).
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getGetRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
+declare const getGetRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
     accessToken: string | undefined;
     refreshToken: string | undefined;
 }>>;

package/dist/auth/email/routes/get.d.ts

@@ -1,14 +1,14 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.js';
+import { SetupEmailAuthOptions } from '../types.js';
 import '../../types.js';
 
 /**
  * Returns the GET route handler for token refresh (exchange refresh cookie for new tokens).
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getGetRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
+declare const getGetRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<{
     accessToken: string | undefined;
     refreshToken: string | undefined;
 }>>;

package/dist/auth/email/routes/post.d.mts

@@ -1,13 +1,13 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.mjs';
+import { SetupEmailAuthOptions } from '../types.mjs';
 import '../../types.mjs';
 
 /**
  * Returns the POST route handler for sign up.
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getPostRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+declare const getPostRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
 
 export { getPostRoute };

package/dist/auth/email/routes/post.d.ts

@@ -1,13 +1,13 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.js';
+import { SetupEmailAuthOptions } from '../types.js';
 import '../../types.js';
 
 /**
  * Returns the POST route handler for sign up.
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getPostRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+declare const getPostRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
 
 export { getPostRoute };

package/dist/auth/email/routes/put.d.mts

@@ -1,13 +1,13 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.mjs';
+import { SetupEmailAuthOptions } from '../types.mjs';
 import '../../types.mjs';
 
 /**
  * Returns the PUT route handler for login.
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getPutRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+declare const getPutRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
 
 export { getPutRoute };

package/dist/auth/email/routes/put.d.ts

@@ -1,13 +1,13 @@
 import * as next_server from 'next/server';
 import { NextRequest } from 'next/server';
-import { InitRoutesOptions } from '../types.js';
+import { SetupEmailAuthOptions } from '../types.js';
 import '../../types.js';
 
 /**
  * Returns the PUT route handler for login.
- * @param options - InitRoutesOptions
+ * @param options - SetupEmailAuthOptions
  * @returns Async route handler
  */
-declare const getPutRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+declare const getPutRoute: (options: SetupEmailAuthOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
 
 export { getPutRoute };

package/dist/auth/email/token.cjs.js

@@ -130,10 +130,10 @@ function getUserIdFromRefreshToken(refreshToken) {
     }
   return null;
 }
-function getUserIdFromAccessToken(refreshToken) {
-  if (refreshToken)
+function getUserIdFromAccessToken(accessToken) {
+  if (accessToken)
     try {
-      const decoded = (0, import_jsonwebtoken.verify)(refreshToken, getEnv("SIGNING_KEY" /* SIGNING_KEY */));
+      const decoded = (0, import_jsonwebtoken.verify)(accessToken, getEnv("SIGNING_KEY" /* SIGNING_KEY */));
       if (typeof decoded !== "string" && typeof decoded.id === "number")
         return decoded.id;
     } catch (e) {

package/dist/auth/email/token.d.mts

@@ -42,11 +42,11 @@ declare function getTokenizedResponse(accessToken?: string, refreshToken?: strin
 declare function getUserIdFromRefreshToken(refreshToken?: string): number | null;
 /**
  * Decodes an access token and returns the user id from the JWT payload.
- * @param refreshToken - JWT access token string (parameter name is legacy).
+ * @param accessToken - JWT access token string.
  * @returns User id (number) or `null` if the token is invalid, expired, or missing.
  * @category Auth
  */
-declare function getUserIdFromAccessToken(refreshToken?: string): number | null;
+declare function getUserIdFromAccessToken(accessToken?: string): number | null;
 /**
  * Verifies a plain password against the user's stored bcrypt hash.
  * @param user - User object with `password` hash.

package/dist/auth/email/token.d.ts

@@ -42,11 +42,11 @@ declare function getTokenizedResponse(accessToken?: string, refreshToken?: strin
 declare function getUserIdFromRefreshToken(refreshToken?: string): number | null;
 /**
  * Decodes an access token and returns the user id from the JWT payload.
- * @param refreshToken - JWT access token string (parameter name is legacy).
+ * @param accessToken - JWT access token string.
  * @returns User id (number) or `null` if the token is invalid, expired, or missing.
  * @category Auth
  */
-declare function getUserIdFromAccessToken(refreshToken?: string): number | null;
+declare function getUserIdFromAccessToken(accessToken?: string): number | null;
 /**
  * Verifies a plain password against the user's stored bcrypt hash.
  * @param user - User object with `password` hash.

package/dist/auth/email/token.esm.js

@@ -100,10 +100,10 @@ function getUserIdFromRefreshToken(refreshToken) {
     }
   return null;
 }
-function getUserIdFromAccessToken(refreshToken) {
-  if (refreshToken)
+function getUserIdFromAccessToken(accessToken) {
+  if (accessToken)
     try {
-      const decoded = verify(refreshToken, getEnv("SIGNING_KEY" /* SIGNING_KEY */));
+      const decoded = verify(accessToken, getEnv("SIGNING_KEY" /* SIGNING_KEY */));
       if (typeof decoded !== "string" && typeof decoded.id === "number")
         return decoded.id;
     } catch (e) {

package/dist/auth/email/types.d.mts

@@ -2,7 +2,7 @@ import { UserOutput, ErrorHandler } from '../types.mjs';
 import 'next/server';
 
 /**
- * Options for initializing email auth routes (GET/POST/PUT/DELETE) via `getEmailAuthRoutes`.
+ * Options for initializing email auth routes (GET/POST/PUT/DELETE) via `setupEmailAuth`.
  *
  * @property getUser - Fetches user by request data (e.g. `{ email }`); used for login and sign-up duplicate check. Must return a {@link UserOutput} or `undefined`.
  * @property createUser - Creates a new user with the hashed password; returns the created user as {@link UserOutput}.
@@ -11,10 +11,11 @@ import 'next/server';
  * @property onLogin - Optional callback after successful login. Receives `(userId, requestBody)`.
  * @property onRefresh - Optional callback when GET refresh is used. Receives `(userId, requestBody)`.
  * @property onLogout - Optional callback when DELETE logout is used. Receives `(userId, requestBody)`.
+ * @property allowedOrigins - Optional list of allowed CORS origins. If set, cross-origin requests from unlisted origins are rejected with 403.
  *
  * @example
  * ```ts
- * const options: InitRoutesOptions = {
+ * const options: SetupEmailAuthOptions = {
  *   getUser: async ({ email }) => db.query.users.findFirst({ where: eq(users.email, email) }),
  *   createUser: async (data) => (await db.insert(users).values(data).returning())[0],
  *   onSignUp: async (userId, body) => { console.log("New user:", userId); },
@@ -23,7 +24,7 @@ import 'next/server';
  *
  * @category Auth
  */
-type InitRoutesOptions = {
+type SetupEmailAuthOptions = {
     getUser: (data: any) => Promise<UserOutput | undefined>;
     createUser: (user: any) => Promise<UserOutput | undefined>;
     onError?: ErrorHandler;
@@ -34,4 +35,4 @@ type InitRoutesOptions = {
     allowedOrigins?: string[];
 };
 
-export type { InitRoutesOptions };
+export type { SetupEmailAuthOptions };

package/dist/auth/email/types.d.ts

@@ -2,7 +2,7 @@ import { UserOutput, ErrorHandler } from '../types.js';
 import 'next/server';
 
 /**
- * Options for initializing email auth routes (GET/POST/PUT/DELETE) via `getEmailAuthRoutes`.
+ * Options for initializing email auth routes (GET/POST/PUT/DELETE) via `setupEmailAuth`.
  *
  * @property getUser - Fetches user by request data (e.g. `{ email }`); used for login and sign-up duplicate check. Must return a {@link UserOutput} or `undefined`.
  * @property createUser - Creates a new user with the hashed password; returns the created user as {@link UserOutput}.
@@ -11,10 +11,11 @@ import 'next/server';
  * @property onLogin - Optional callback after successful login. Receives `(userId, requestBody)`.
  * @property onRefresh - Optional callback when GET refresh is used. Receives `(userId, requestBody)`.
  * @property onLogout - Optional callback when DELETE logout is used. Receives `(userId, requestBody)`.
+ * @property allowedOrigins - Optional list of allowed CORS origins. If set, cross-origin requests from unlisted origins are rejected with 403.
  *
  * @example
  * ```ts
- * const options: InitRoutesOptions = {
+ * const options: SetupEmailAuthOptions = {
  *   getUser: async ({ email }) => db.query.users.findFirst({ where: eq(users.email, email) }),
  *   createUser: async (data) => (await db.insert(users).values(data).returning())[0],
  *   onSignUp: async (userId, body) => { console.log("New user:", userId); },
@@ -23,7 +24,7 @@ import 'next/server';
  *
  * @category Auth
  */
-type InitRoutesOptions = {
+type SetupEmailAuthOptions = {
     getUser: (data: any) => Promise<UserOutput | undefined>;
     createUser: (user: any) => Promise<UserOutput | undefined>;
     onError?: ErrorHandler;
@@ -34,4 +35,4 @@ type InitRoutesOptions = {
     allowedOrigins?: string[];
 };
 
-export type { InitRoutesOptions };
+export type { SetupEmailAuthOptions };