npm - netreq-auth - Versions diffs - 0.1.1 - Mend

netreq-auth 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/dist/Auth.js ADDED Viewed

@@ -0,0 +1,440 @@
+/**
+ * @fileoverview Authentication plugin for netreq.
+ * Provides automatic token injection, seamless token refresh with queue management,
+ * and session state events.
+ */
+import { MemoryStorage } from './Storage.js';
+/**
+ * Generates a unique request ID for queue management.
+ * @internal
+ */
+function generateRequestId() {
+    return `${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
+}
+/**
+ * Authentication plugin for netreq HTTP client.
+ *
+ * This plugin provides:
+ * 1. Automatic Authorization header injection
+ * 2. Seamless token refresh with mutex/queue pattern
+ * 3. Flexible storage adapters
+ * 4. Session state events
+ *
+ * @example
+ * ```typescript
+ * import { createClient } from 'netreq';
+ * import { Auth, WebStorage } from '@netreq/auth';
+ *
+ * const auth = new Auth({
+ *   storage: new WebStorage('localStorage'),
+ *   refreshEndpoint: '/auth/refresh',
+ *   onSessionExpired: () => {
+ *     window.location.href = '/login';
+ *   }
+ * });
+ *
+ * const client = createClient({
+ *   baseUrl: 'https://api.example.com'
+ * });
+ *
+ * // Apply the plugin
+ * client.use(auth.middleware());
+ *
+ * // Login
+ * await auth.login('/auth/login', {
+ *   email: 'user@example.com',
+ *   password: 'secret'
+ * });
+ *
+ * // All subsequent requests automatically include Authorization header
+ * const user = await client.get('/me');
+ * ```
+ */
+export class Auth {
+    options;
+    state;
+    /**
+     * Creates a new Auth instance.
+     *
+     * @param options - Plugin configuration options
+     */
+    constructor(options) {
+        this.options = {
+            storage: options.storage ?? new MemoryStorage(),
+            refreshEndpoint: options.refreshEndpoint,
+            refreshMethod: options.refreshMethod ?? 'POST',
+            extractTokenPair: options.extractTokenPair ?? ((response) => response),
+            buildRefreshBody: options.buildRefreshBody ?? ((refreshToken) => ({ refreshToken })),
+            refreshHeaders: options.refreshHeaders ?? { 'Content-Type': 'application/json' },
+            authHeaderName: options.authHeaderName ?? 'Authorization',
+            tokenPrefix: options.tokenPrefix ?? 'Bearer ',
+            maxRefreshRetries: options.maxRefreshRetries ?? 3,
+            refreshTimeout: options.refreshTimeout ?? 10000,
+            fetch: options.fetch ?? fetch,
+            onLogin: options.onLogin,
+            onLogout: options.onLogout,
+            onSessionExpired: options.onSessionExpired,
+            onTokenRefreshed: options.onTokenRefreshed,
+        };
+        this.state = {
+            accessToken: null,
+            refreshToken: null,
+            isRefreshing: false,
+            refreshQueue: [],
+            refreshRetryCount: 0,
+        };
+        // Initialize tokens from storage
+        this.initializeFromStorage();
+    }
+    /**
+     * Initializes tokens from storage on plugin creation.
+     * @internal
+     */
+    async initializeFromStorage() {
+        try {
+            const tokens = await this.options.storage.getTokens();
+            if (tokens) {
+                this.state.accessToken = tokens.accessToken;
+                this.state.refreshToken = tokens.refreshToken;
+            }
+        }
+        catch {
+            // Ignore storage errors on init
+        }
+    }
+    /**
+     * Emits a session event to registered listeners.
+     * @internal
+     */
+    emit(event, tokens) {
+        const listeners = {
+            login: this.options.onLogin,
+            logout: this.options.onLogout,
+            refresh: this.options.onTokenRefreshed,
+            expired: this.options.onSessionExpired,
+        };
+        const listener = listeners[event];
+        if (typeof listener === 'function') {
+            try {
+                listener(event, tokens);
+            }
+            catch {
+                // Ignore listener errors
+            }
+        }
+    }
+    /**
+     * Performs token refresh operation.
+     * This method implements the core refresh logic with retry mechanism.
+     *
+     * Step 1: Check if refresh token exists
+     * Step 2: Make refresh request to endpoint
+     * Step 3: Extract and store new tokens
+     * Step 4: Reset retry counter on success
+     * Step 5: Handle failures and retry logic
+     *
+     * @internal
+     */
+    async performRefresh() {
+        const refreshToken = this.state.refreshToken;
+        if (!refreshToken) {
+            this.handleRefreshFailure(new Error('No refresh token available'));
+            return null;
+        }
+        try {
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), this.options.refreshTimeout);
+            const response = await this.options.fetch(this.options.refreshEndpoint, {
+                method: this.options.refreshMethod,
+                headers: this.options.refreshHeaders,
+                body: JSON.stringify(this.options.buildRefreshBody(refreshToken)),
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            if (!response.ok) {
+                throw new Error(`Refresh failed: ${response.status} ${response.statusText}`);
+            }
+            const data = await response.json();
+            const tokens = this.options.extractTokenPair(data);
+            // Store new tokens
+            await this.options.storage.setTokens(tokens);
+            this.state.accessToken = tokens.accessToken;
+            this.state.refreshToken = tokens.refreshToken;
+            this.state.refreshRetryCount = 0;
+            // Emit refresh event
+            this.emit('refresh', tokens);
+            return tokens;
+        }
+        catch (error) {
+            this.state.refreshRetryCount++;
+            // Retry if we haven't exceeded max retries
+            if (this.state.refreshRetryCount < this.options.maxRefreshRetries) {
+                // Exponential backoff: 1s, 2s, 4s
+                const delay = Math.pow(2, this.state.refreshRetryCount - 1) * 1000;
+                await new Promise(resolve => setTimeout(resolve, delay));
+                return this.performRefresh();
+            }
+            this.handleRefreshFailure(error instanceof Error ? error : new Error(String(error)));
+            return null;
+        }
+    }
+    /**
+     * Handles refresh failure by clearing state and notifying listeners.
+     * @internal
+     */
+    async handleRefreshFailure(_error) {
+        // Clear all tokens
+        this.state.accessToken = null;
+        this.state.refreshToken = null;
+        this.state.refreshRetryCount = 0;
+        try {
+            await this.options.storage.clearTokens();
+        }
+        catch {
+            // Ignore storage clear errors
+        }
+        // Emit session expired event
+        this.emit('expired');
+    }
+    /**
+     * Processes the refresh queue after successful token refresh.
+     * Replays all queued requests with the new access token.
+     *
+     * Step 1: Get the new access token
+     * Step 2: Process each queued request
+     * Step 3: Resolve with updated headers or reject on failure
+     * Step 4: Clear the queue
+     *
+     * @internal
+     */
+    processQueue(error, token) {
+        const queue = [...this.state.refreshQueue];
+        this.state.refreshQueue = [];
+        for (const request of queue) {
+            if (error || !token) {
+                // Reject all queued requests if refresh failed
+                request.reject(error || new Error('Token refresh failed'));
+            }
+            else {
+                // Update request headers with new token
+                const updatedConfig = {
+                    ...request.config,
+                    headers: {
+                        ...request.config.headers,
+                        [this.options.authHeaderName]: `${this.options.tokenPrefix}${token}`,
+                    },
+                };
+                request.resolve(updatedConfig);
+            }
+        }
+    }
+    /**
+     * Handles 401 Unauthorized responses by initiating token refresh.
+     * Implements the mutex pattern to prevent multiple concurrent refresh attempts.
+     *
+     * Mutex Pattern Explanation:
+     * - When a 401 is received, we check if a refresh is already in progress
+     * - If yes: Add the request to queue and wait for refresh to complete
+     * - If no: Start refresh, queue other requests that arrive during refresh
+     * - After refresh: Process all queued requests with new token or reject them
+     *
+     * This prevents the "race condition" where multiple 401s trigger multiple
+     * refresh requests simultaneously.
+     *
+     * @internal
+     */
+    async handleUnauthorized(originalConfig) {
+        return new Promise((resolve, reject) => {
+            const requestId = generateRequestId();
+            // Add request to queue
+            this.state.refreshQueue.push({
+                id: requestId,
+                config: originalConfig,
+                resolve: (config) => resolve(config),
+                reject,
+            });
+            // If refresh is already in progress, just wait in queue
+            if (this.state.isRefreshing) {
+                return;
+            }
+            // Start refresh process
+            this.state.isRefreshing = true;
+            this.performRefresh()
+                .then(tokens => {
+                this.state.isRefreshing = false;
+                if (tokens) {
+                    // Success: Process all queued requests with new token
+                    this.processQueue(null, tokens.accessToken);
+                }
+                else {
+                    // Failure: Reject all queued requests
+                    this.processQueue(new Error('Token refresh failed'), null);
+                }
+            })
+                .catch(error => {
+                this.state.isRefreshing = false;
+                this.processQueue(error instanceof Error ? error : new Error(String(error)), null);
+            });
+        });
+    }
+    /**
+     * Returns the netreq middleware function.
+     * This function is passed to client.use() to enable authentication.
+     *
+     * The middleware:
+     * 1. Injects Authorization header if token exists
+     * 2. Intercepts 401 responses and triggers token refresh
+     * 3. Queues requests during refresh to prevent race conditions
+     *
+     * @returns Middleware function for netreq client
+     */
+    middleware() {
+        const self = this;
+        return {
+            /**
+             * Request interceptor - adds Authorization header.
+             */
+            async onRequest(config) {
+                // Check if token exists and isn't expired
+                const token = self.state.accessToken;
+                if (token) {
+                    return {
+                        ...config,
+                        headers: {
+                            ...config.headers,
+                            [self.options.authHeaderName]: `${self.options.tokenPrefix}${token}`,
+                        },
+                    };
+                }
+                return config;
+            },
+            /**
+             * Response interceptor - handles 401 errors and triggers refresh.
+             */
+            async onResponse(response, requestConfig) {
+                // If response is not 401, return as-is
+                if (response.status !== 401) {
+                    return response;
+                }
+                // Check if this request already has Authorization header
+                // If yes and we got 401, token might be expired - try refresh
+                const hasAuthHeader = requestConfig.headers?.[self.options.authHeaderName] !== undefined;
+                if (!hasAuthHeader) {
+                    // No auth header was sent, this is a genuine 401 (no token)
+                    return response;
+                }
+                // Attempt to refresh token and retry request
+                try {
+                    const updatedConfig = await self.handleUnauthorized(requestConfig);
+                    // Retry the request with new token
+                    // Note: This assumes the client will retry with updated config
+                    // In a real implementation, you might need to trigger a retry manually
+                    throw {
+                        __netreq_auth_retry: true,
+                        config: updatedConfig,
+                        originalResponse: response,
+                    };
+                }
+                catch (error) {
+                    // If it's our retry signal, re-throw for client to handle
+                    if (error && typeof error === 'object' && '__netreq_auth_retry' in error) {
+                        throw error;
+                    }
+                    // Otherwise, return original 401 response
+                    return response;
+                }
+            },
+            /**
+             * Error interceptor - handles network errors.
+             */
+            async onError(error) {
+                return error;
+            },
+        };
+    }
+    /**
+     * Logs in a user and stores tokens.
+     *
+     * @param endpoint - Login API endpoint
+     * @param credentials - Login credentials
+     * @returns Login result with success status
+     */
+    async login(endpoint, credentials) {
+        try {
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), 30000);
+            const response = await this.options.fetch(endpoint, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(credentials),
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            if (!response.ok) {
+                const errorData = await response.json().catch(() => ({}));
+                return {
+                    success: false,
+                    error: errorData.message || `Login failed: ${response.status}`,
+                };
+            }
+            const data = await response.json();
+            const tokens = this.options.extractTokenPair(data);
+            // Store tokens
+            await this.options.storage.setTokens(tokens);
+            this.state.accessToken = tokens.accessToken;
+            this.state.refreshToken = tokens.refreshToken;
+            // Emit login event
+            this.emit('login', tokens);
+            return {
+                success: true,
+                tokens,
+            };
+        }
+        catch (error) {
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : 'Login failed',
+            };
+        }
+    }
+    /**
+     * Logs out the current user and clears all tokens.
+     */
+    async logout() {
+        this.state.accessToken = null;
+        this.state.refreshToken = null;
+        this.state.refreshRetryCount = 0;
+        try {
+            await this.options.storage.clearTokens();
+        }
+        catch {
+            // Ignore storage clear errors
+        }
+        this.emit('logout');
+    }
+    /**
+     * Gets the current access token.
+     * @returns Current access token or null if not logged in
+     */
+    getAccessToken() {
+        return this.state.accessToken;
+    }
+    /**
+     * Checks if user is currently authenticated.
+     * @returns True if access token exists
+     */
+    isAuthenticated() {
+        return this.state.accessToken !== null;
+    }
+    /**
+     * Manually sets tokens (useful for OAuth flows or testing).
+     *
+     * @param tokens - Token pair to set
+     */
+    async setTokens(tokens) {
+        await this.options.storage.setTokens(tokens);
+        this.state.accessToken = tokens.accessToken;
+        this.state.refreshToken = tokens.refreshToken;
+    }
+}
+//# sourceMappingURL=Auth.js.map

package/dist/Auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Auth.js","sourceRoot":"","sources":["../src/Auth.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C;;;GAGG;AACH,SAAS,iBAAiB;IACxB,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;AACpE,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,MAAM,OAAO,IAAI;IACE,OAAO,CAQtB;IAEM,KAAK,CAAY;IAEzB;;;;OAIG;IACH,YAAY,OAA0B;QACpC,IAAI,CAAC,OAAO,GAAG;YACb,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,IAAI,aAAa,EAAE;YAC/C,eAAe,EAAE,OAAO,CAAC,eAAe;YACxC,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,MAAM;YAC9C,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,CAAC,CAAC,QAAiB,EAAE,EAAE,CAAC,QAAqB,CAAC;YAC5F,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,CAAC,CAAC,YAAoB,EAAE,EAAE,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC;YAC5F,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAChF,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,eAAe;YACzD,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,SAAS;YAC7C,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,CAAC;YACjD,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,KAAK;YAC/C,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,KAAK;YAC7B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;YAC1C,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;SAC3C,CAAC;QAEF,IAAI,CAAC,KAAK,GAAG;YACX,WAAW,EAAE,IAAI;YACjB,YAAY,EAAE,IAAI;YAClB,YAAY,EAAE,KAAK;YACnB,YAAY,EAAE,EAAE;YAChB,iBAAiB,EAAE,CAAC;SACrB,CAAC;QAEF,iCAAiC;QACjC,IAAI,CAAC,qBAAqB,EAAE,CAAC;IAC/B,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,qBAAqB;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACtD,IAAI,MAAM,EAAE,CAAC;gBACX,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;gBAC5C,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;YAChD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,gCAAgC;QAClC,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,IAAI,CAAC,KAAmB,EAAE,MAAkB;QAClD,MAAM,SAAS,GAA2E;YACxF,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;YAC3B,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ;YAC7B,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,gBAAgB;YACtC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,gBAAgB;SACvC,CAAC;QAEF,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAClC,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC1B,CAAC;YAAC,MAAM,CAAC;gBACP,yBAAyB;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;;;;OAWG;IACK,KAAK,CAAC,cAAc;QAC1B,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC;QAE7C,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,IAAI,CAAC,oBAAoB,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;YACnE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAC1B,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EACxB,IAAI,CAAC,OAAO,CAAC,cAAc,CAC5B,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE;gBACtE,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa;gBAClC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,cAAc;gBACpC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;gBACjE,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;YAC/E,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;YAEnD,mBAAmB;YACnB,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC7C,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;YAC9C,IAAI,CAAC,KAAK,CAAC,iBAAiB,GAAG,CAAC,CAAC;YAEjC,qBAAqB;YACrB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YAE7B,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,KAAK,CAAC,iBAAiB,EAAE,CAAC;YAE/B,2CAA2C;YAC3C,IAAI,IAAI,CAAC,KAAK,CAAC,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;gBAClE,kCAAkC;gBAClC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,iBAAiB,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC;gBACnE,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;gBACzD,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC;YAC/B,CAAC;YAED,IAAI,CAAC,oBAAoB,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,oBAAoB,CAAC,MAAa;QAC9C,mBAAmB;QACnB,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,IAAI,CAAC;QAC9B,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC;QAC/B,IAAI,CAAC,KAAK,CAAC,iBAAiB,GAAG,CAAC,CAAC;QAEjC,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,8BAA8B;QAChC,CAAC;QAED,6BAA6B;QAC7B,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvB,CAAC;IAED;;;;;;;;;;OAUG;IACK,YAAY,CAAC,KAAmB,EAAE,KAAoB;QAC5D,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,EAAE,CAAC;QAE7B,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;YAC5B,IAAI,KAAK,IAAI,CAAC,KAAK,EAAE,CAAC;gBACpB,+CAA+C;gBAC/C,OAAO,CAAC,MAAM,CAAC,KAAK,IAAI,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;YAC7D,CAAC;iBAAM,CAAC;gBACN,wCAAwC;gBACxC,MAAM,aAAa,GAAG;oBACpB,GAAG,OAAO,CAAC,MAAM;oBACjB,OAAO,EAAE;wBACP,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO;wBACzB,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,GAAG,KAAK,EAAE;qBACrE;iBACF,CAAC;gBACF,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACK,KAAK,CAAC,kBAAkB,CAC9B,cAAuC;QAEvC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,SAAS,GAAG,iBAAiB,EAAE,CAAC;YAEtC,uBAAuB;YACvB,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC;gBAC3B,EAAE,EAAE,SAAS;gBACb,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,CAAC,MAAe,EAAE,EAAE,CAAC,OAAO,CAAC,MAAiC,CAAC;gBACxE,MAAM;aACP,CAAC,CAAC;YAEH,wDAAwD;YACxD,IAAI,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;gBAC5B,OAAO;YACT,CAAC;YAED,wBAAwB;YACxB,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC;YAE/B,IAAI,CAAC,cAAc,EAAE;iBAClB,IAAI,CAAC,MAAM,CAAC,EAAE;gBACb,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,KAAK,CAAC;gBAEhC,IAAI,MAAM,EAAE,CAAC;oBACX,sDAAsD;oBACtD,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;gBAC9C,CAAC;qBAAM,CAAC;oBACN,sCAAsC;oBACtC,IAAI,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,EAAE,IAAI,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC,CAAC;iBACD,KAAK,CAAC,KAAK,CAAC,EAAE;gBACb,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,KAAK,CAAC;gBAChC,IAAI,CAAC,YAAY,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YACrF,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;OAUG;IACH,UAAU;QACR,MAAM,IAAI,GAAG,IAAI,CAAC;QAElB,OAAO;YACL;;eAEG;YACH,KAAK,CAAC,SAAS,CAAC,MAKf;gBACC,0CAA0C;gBAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;gBAErC,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO;wBACL,GAAG,MAAM;wBACT,OAAO,EAAE;4BACP,GAAG,MAAM,CAAC,OAAO;4BACjB,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,GAAG,KAAK,EAAE;yBACrE;qBACF,CAAC;gBACJ,CAAC;gBAED,OAAO,MAAM,CAAC;YAChB,CAAC;YAED;;eAEG;YACH,KAAK,CAAC,UAAU,CACd,QAKC,EACD,aAKC;gBAED,uCAAuC;gBACvC,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAC5B,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,yDAAyD;gBACzD,8DAA8D;gBAC9D,MAAM,aAAa,GAAG,aAAa,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,KAAK,SAAS,CAAC;gBAEzF,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,4DAA4D;oBAC5D,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,6CAA6C;gBAC7C,IAAI,CAAC;oBACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;oBAEnE,mCAAmC;oBACnC,+DAA+D;oBAC/D,uEAAuE;oBACvE,MAAM;wBACJ,mBAAmB,EAAE,IAAI;wBACzB,MAAM,EAAE,aAAa;wBACrB,gBAAgB,EAAE,QAAQ;qBAC3B,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,0DAA0D;oBAC1D,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,qBAAqB,IAAI,KAAK,EAAE,CAAC;wBACzE,MAAM,KAAK,CAAC;oBACd,CAAC;oBAED,0CAA0C;oBAC1C,OAAO,QAAQ,CAAC;gBAClB,CAAC;YACH,CAAC;YAED;;eAEG;YACH,KAAK,CAAC,OAAO,CAAC,KAAY;gBACxB,OAAO,KAAK,CAAC;YACf,CAAC;SACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,KAAK,CAAC,QAAgB,EAAE,WAA6B;QACzD,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,KAAK,CAAC,CAAC;YAE9D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE;gBAClD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;gBACjC,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC1D,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,SAAS,CAAC,OAAO,IAAI,iBAAiB,QAAQ,CAAC,MAAM,EAAE;iBAC/D,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;YAEnD,eAAe;YACf,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC7C,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;YAE9C,mBAAmB;YACnB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAE3B,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM;aACP,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc;aAC/D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,IAAI,CAAC;QAC9B,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC;QAC/B,IAAI,CAAC,KAAK,CAAC,iBAAiB,GAAG,CAAC,CAAC;QAEjC,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,8BAA8B;QAChC,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtB,CAAC;IAED;;;OAGG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;IAChC,CAAC;IAED;;;OAGG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,KAAK,IAAI,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,MAAiB;QAC/B,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QAC5C,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;IAChD,CAAC;CACF"}

package/dist/Storage.d.ts ADDED Viewed

@@ -0,0 +1,146 @@
+/**
+ * @fileoverview Storage adapter implementations for @netreq/auth.
+ * Provides both in-memory and web storage (localStorage/sessionStorage) adapters.
+ */
+import type { TokenPair, TokenStorage } from './types.js';
+/**
+ * In-memory storage adapter.
+ * Stores tokens in JavaScript memory. Data is lost on page refresh.
+ *
+ * Use this for:
+ * - Server-side rendering (SSR)
+ * - Testing environments
+ * - When you don't need persistence across page reloads
+ *
+ * @example
+ * ```typescript
+ * import { MemoryStorage } from '@netreq/auth';
+ *
+ * const auth = new AuthPlugin({
+ *   storage: new MemoryStorage(),
+ *   refreshEndpoint: '/auth/refresh'
+ * });
+ * ```
+ */
+export declare class MemoryStorage implements TokenStorage {
+    private tokens;
+    /**
+     * Retrieves tokens from memory.
+     * @returns Promise resolving to stored tokens or null
+     */
+    getTokens(): Promise<TokenPair | null>;
+    /**
+     * Stores tokens in memory.
+     * @param tokens - Token pair to store
+     */
+    setTokens(tokens: TokenPair): Promise<void>;
+    /**
+     * Clears tokens from memory.
+     */
+    clearTokens(): Promise<void>;
+}
+/**
+ * Web Storage adapter for browsers.
+ * Uses localStorage or sessionStorage to persist tokens.
+ *
+ * Use this for:
+ * - Browser applications requiring token persistence
+ * - Remember me functionality (localStorage)
+ * - Session-only persistence (sessionStorage)
+ *
+ * @example
+ * ```typescript
+ * import { WebStorage } from '@netreq/auth';
+ *
+ * // Use localStorage (persists across browser sessions)
+ * const auth = new AuthPlugin({
+ *   storage: new WebStorage('localStorage', 'myapp_tokens'),
+ *   refreshEndpoint: '/auth/refresh'
+ * });
+ *
+ * // Use sessionStorage (cleared when tab closes)
+ * const authSession = new AuthPlugin({
+ *   storage: new WebStorage('sessionStorage', 'myapp_tokens'),
+ *   refreshEndpoint: '/auth/refresh'
+ * });
+ * ```
+ */
+export declare class WebStorage implements TokenStorage {
+    private storage;
+    private key;
+    /**
+     * Creates a new WebStorage instance.
+     *
+     * @param storageType - Type of web storage ('localStorage' or 'sessionStorage')
+     * @param key - Storage key name (default: 'netreq_auth_tokens')
+     * @throws Error if storage type is invalid or not available (SSR)
+     */
+    constructor(storageType?: 'localStorage' | 'sessionStorage', key?: string);
+    /**
+     * Retrieves tokens from web storage.
+     * @returns Promise resolving to stored tokens or null
+     */
+    getTokens(): Promise<TokenPair | null>;
+    /**
+     * Stores tokens in web storage.
+     * @param tokens - Token pair to store
+     */
+    setTokens(tokens: TokenPair): Promise<void>;
+    /**
+     * Clears tokens from web storage.
+     */
+    clearTokens(): Promise<void>;
+}
+/**
+ * Cookie storage adapter for browsers.
+ * Stores tokens in HTTP-only or JavaScript-accessible cookies.
+ *
+ * Note: This is a basic implementation. For production use with HTTP-only cookies,
+ * you should handle cookies server-side to prevent XSS attacks.
+ *
+ * @example
+ * ```typescript
+ * import { CookieStorage } from '@netreq/auth';
+ *
+ * const auth = new AuthPlugin({
+ *   storage: new CookieStorage({
+ *     name: 'auth_tokens',
+ *     expires: 7, // 7 days
+ *     secure: true,
+ *     sameSite: 'strict'
+ *   }),
+   *   refreshEndpoint: '/auth/refresh'
+ * });
+ * ```
+ */
+export interface CookieOptions {
+    /** Cookie name */
+    name: string;
+    /** Cookie expiration in days */
+    expires?: number;
+    /** Cookie path */
+    path?: string;
+    /** Cookie domain */
+    domain?: string;
+    /** Whether cookie requires HTTPS */
+    secure?: boolean;
+    /** SameSite attribute */
+    sameSite?: 'strict' | 'lax' | 'none';
+}
+export declare class CookieStorage implements TokenStorage {
+    private options;
+    constructor(options: CookieOptions);
+    /**
+     * Retrieves tokens from cookies.
+     */
+    getTokens(): Promise<TokenPair | null>;
+    /**
+     * Stores tokens in cookies.
+     */
+    setTokens(tokens: TokenPair): Promise<void>;
+    /**
+     * Clears tokens from cookies.
+     */
+    clearTokens(): Promise<void>;
+}
+//# sourceMappingURL=Storage.d.ts.map

package/dist/Storage.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Storage.d.ts","sourceRoot":"","sources":["../src/Storage.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE1D;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,aAAc,YAAW,YAAY;IAChD,OAAO,CAAC,MAAM,CAA0B;IAExC;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAI5C;;;OAGG;IACG,SAAS,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAIjD;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CAGnC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,UAAW,YAAW,YAAY;IAC7C,OAAO,CAAC,OAAO,CAAU;IACzB,OAAO,CAAC,GAAG,CAAS;IAEpB;;;;;;OAMG;gBAED,WAAW,GAAE,cAAc,GAAG,gBAAiC,EAC/D,GAAG,GAAE,MAA6B;IAmBpC;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAc5C;;;OAGG;IACG,SAAS,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAIjD;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CAGnC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,WAAW,aAAa;IAC5B,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,gCAAgC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,oBAAoB;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oCAAoC;IACpC,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;CACtC;AAED,qBAAa,aAAc,YAAW,YAAY;IAChD,OAAO,CAAC,OAAO,CACqD;gBAExD,OAAO,EAAE,aAAa;IAkBlC;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAiB5C;;OAEG;IACG,SAAS,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBjD;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CASnC"}