orange-auth 0.1.0 → 0.1.2

package/dist/@types/globals.d.ts

@@ -1,6 +1,9 @@
 declare global {
     type MaybePromise<T> = T | Promise<T>;
 }
+/**
+ * General session type. This should be augmented to include your session's fields.
+ */
 export interface Session extends Record<string, unknown> {
     id: string;
 }

package/dist/@types/globals.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"globals.d.ts","sourceRoot":"","sources":["../../src/@types/globals.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,CAAC;IACX,KAAK,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;CACzC;AAED,MAAM,WAAW,OAAQ,SAAQ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IACpD,EAAE,EAAE,MAAM,CAAC;CACd"}
+{"version":3,"file":"globals.d.ts","sourceRoot":"","sources":["../../src/@types/globals.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,CAAC;IACX,KAAK,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,OAAQ,SAAQ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IACpD,EAAE,EAAE,MAAM,CAAC;CACd"}

package/dist/functions/jwt.d.ts

@@ -1,4 +1,11 @@
 import { type JwtPayload, type PublicKey, type Secret, type VerifyOptions } from "jsonwebtoken";
 export { sign } from "jsonwebtoken";
+/**
+ * Promisified version of the jwt's verify function.
+ * @param token The user's token.
+ * @param secretOrPublicKey Your secret key, or a public key.
+ * @param options Jwt options.
+ * @returns The user's payload, or null on errors.
+ */
 export declare function verify<T extends JwtPayload = JwtPayload>(token: string, secretOrPublicKey: Secret | PublicKey, options?: VerifyOptions): Promise<T | null>;
 //# sourceMappingURL=jwt.d.ts.map

package/dist/functions/jwt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/functions/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAEH,KAAK,UAAU,EACf,KAAK,SAAS,EACd,KAAK,MAAM,EACX,KAAK,aAAa,EACrB,MAAM,cAAc,CAAC;AAEtB,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAEpC,wBAAgB,MAAM,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,EACpD,KAAK,EAAE,MAAM,EACb,iBAAiB,EAAE,MAAM,GAAG,SAAS,EACrC,OAAO,CAAC,EAAE,aAAa,qBAQ1B"}
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/functions/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAEH,KAAK,UAAU,EACf,KAAK,SAAS,EACd,KAAK,MAAM,EACX,KAAK,aAAa,EACrB,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAEpC;;;;;;GAMG;AACH,wBAAgB,MAAM,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,EACpD,KAAK,EAAE,MAAM,EACb,iBAAiB,EAAE,MAAM,GAAG,SAAS,EACrC,OAAO,CAAC,EAAE,aAAa,qBAS1B"}

package/dist/functions/jwt.js

@@ -1,9 +1,18 @@
 import { verify as baseVerify, } from "jsonwebtoken";
+// The sign function is fine as-is
 export { sign } from "jsonwebtoken";
+/**
+ * Promisified version of the jwt's verify function.
+ * @param token The user's token.
+ * @param secretOrPublicKey Your secret key, or a public key.
+ * @param options Jwt options.
+ * @returns The user's payload, or null on errors.
+ */
 export function verify(token, secretOrPublicKey, options) {
     return new Promise((resolve) => {
         baseVerify(token, secretOrPublicKey, { ...options, complete: false }, (err, payload) => {
-            if (err)
+            // In case of error, it is assumed as a malicious token, so we invalidate it.
+            if (err?.cause)
                 resolve(null);
             resolve(payload);
         });

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export * from "./lib";
+export * from "./providers";
+export * from "./strategies";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC"}

package/dist/index.js

@@ -0,0 +1,3 @@
+export * from "./lib";
+export * from "./providers";
+export * from "./strategies";

package/dist/lib.d.ts

@@ -1,16 +1,58 @@
 import type { Session } from "./@types/globals";
 import type { IStrategy } from "./strategies/IStrategy";
 import type { IProvider } from "./providers/IProvider";
+import { type SerializeOptions } from "cookie";
 type Maybe<T> = T | null | undefined;
+/**
+ * Auth Configuration props.
+ */
 export type ConfigOptionsProps = Readonly<{
+    /**
+     * All the available providers.
+     * If multiple instance of a single provider are used, the order does matter.
+     */
     providers: IProvider[];
+    /**
+     * Your secret key.
+     */
     secret: string;
+    /**
+     * A custom name for the cookie.
+     * Otherwise, the default name will be `orange.auth`
+     */
     cookieName?: string;
+    /**
+     * The strategy to be used.
+     */
     strategy: IStrategy;
+    /**
+     * This should be the url path that your auth is set up on, including the action and provider variables.
+     * @example
+     * ```js
+     * const app = express();
+     *
+     * app.all("/api/auth/{*auth}", createHandler(CreateAuth)({
+     *      basePath: "/api/auth/:action/:provider",
+     *      ...
+     * }))
+     * ```
+     */
     basePath: string;
+    /**
+     * Cookie serialization options. see [MDN Cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies)
+     */
+    cookieSettings?: SerializeOptions;
 }>;
-export type ConfigOptions = Required<Omit<ConfigOptionsProps, "basePath">>;
+/**
+ * Internally used version of the options
+ */
+export type __internal__Options = Required<Omit<ConfigOptionsProps, "basePath">>;
 export declare const CreateAuth: (config: ConfigOptionsProps) => (req: Request, _: Universal.Context, runtime: import("@universal-middleware/core").RuntimeAdapter) => Promise<Response>;
+/**
+ * Access a user's session.
+ * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.
+ * @returns A session if found and valid, or `null`.
+ */
 export declare const getSession: <T extends Session = Session>(req: {
     headers: Maybe<Headers | Record<string, string>>;
 }) => Promise<T | null> | null;

package/dist/lib.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"lib.d.ts","sourceRoot":"","sources":["../src/lib.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,KAAK,EAAW,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAGhE,KAAK,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC;AAErC,MAAM,MAAM,kBAAkB,GAAG,QAAQ,CAAC;IACtC,SAAS,EAAE,SAAS,EAAE,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,SAAS,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CACpB,CAAC,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,QAAQ,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC,CAAC;AAI3E,eAAO,MAAM,UAAU,WAAa,kBAAkB,4HAgEU,CAAC;AAEjE,eAAO,MAAM,UAAU,GAAI,CAAC,SAAS,OAAO,GAAG,OAAO,EAAE,KAAK;IAAE,OAAO,EAAE,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;CAAE,6BAYhH,CAAC"}
+{"version":3,"file":"lib.d.ts","sourceRoot":"","sources":["../src/lib.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,KAAK,EAAW,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAuB,KAAK,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAGpE,KAAK,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC;AAErC;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,QAAQ,CAAC;IACtC;;;OAGG;IACH,SAAS,EAAE,SAAS,EAAE,CAAC;IAEvB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,EAAE,SAAS,CAAC;IAEpB;;;;;;;;;;;OAWG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,cAAc,CAAC,EAAE,gBAAgB,CAAC;CACrC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,QAAQ,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC,CAAC;AAWjF,eAAO,MAAM,UAAU,WAAa,kBAAkB,4HA6EU,CAAC;AAEjE;;;;GAIG;AACH,eAAO,MAAM,UAAU,GAAI,CAAC,SAAS,OAAO,GAAG,OAAO,EAAE,KAAK;IAAE,OAAO,EAAE,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;CAAE,6BAehH,CAAC"}

package/dist/lib.js

@@ -1,65 +1,96 @@
 import Cookies from "universal-cookie";
-import { find, isNil } from "lodash-es";
+import { assign, find, isNil } from "lodash-es";
 import { serialize as cookie } from "cookie";
 import { params } from "@universal-middleware/core";
-let globalCfg;
-export const CreateAuth = ((config) => async (req, _, runtime) => {
-    const { secret, strategy, cookieName, providers, basePath } = config;
-    const routeParams = params(req, runtime, basePath);
-    if (isNil(routeParams?.["action"]) || isNil(routeParams["provider"])) {
-        throw new Error('[ERROR]: Base path is missing! Make sure to set the "basePath" variable in the auth\'s config.');
-    }
+// Default config, only set otherwise `assign` doesn't like it.
+let globalCfg = {
+    cookieName: "orange.auth",
+    providers: [],
+    secret: crypto.randomUUID(),
+    strategy: null,
+    cookieSettings: {},
+};
+export const CreateAuth = ((config) => {
+    const { secret, strategy, cookieName, providers, cookieSettings, basePath } = config;
     if (isNil(secret)) {
         throw new Error('[ERROR]: Auth secret missing! Make sure to set the "secret" variable in the auth\'s config.');
     }
     if (isNil(strategy)) {
         throw new Error('[ERROR]: No strategy chosen! Make sure to set the "strategy" variable in the auth\'s config.');
     }
-    globalCfg = {
+    // We set the global config on startup, and not on the route handler,
+    // otherwise a session cannot be accessed until someone logs in
+    assign(globalCfg, {
         cookieName: cookieName ?? "orange.auth",
         providers: providers ?? [],
         secret,
         strategy,
-    };
-    const path = routeParams["provider"];
-    const provider = find(providers, (p) => p.ID === path);
-    if (isNil(provider)) {
-        return new Response("Page not found", { status: 404 });
-    }
-    switch (routeParams["action"]) {
-        case "login": {
-            const token = await provider.logIn(req, globalCfg).catch(() => null);
-            if (isNil(token))
-                return new Response(null, { status: 400 });
-            const headers = new Headers();
-            headers.set("Set-Cookie", cookie(globalCfg.cookieName, token, {
-                path: "/",
-                httpOnly: true,
-                sameSite: "lax",
-                secure: true,
-                maxAge: 600,
-            }));
-            return new Response(null, { status: 200, headers });
-        }
-        case "logout": {
-            await globalCfg.strategy.logOut(req, globalCfg);
-            const headers = new Headers();
-            headers.set("Set-Cookie", cookie(globalCfg.cookieName, ""));
-            return new Response(null, { status: 200, headers });
+        cookieSettings: cookieSettings ?? {
+            path: "/",
+            httpOnly: true,
+            sameSite: "lax",
+            secure: true,
+            maxAge: 3600,
+        },
+    });
+    return async (req, _, runtime) => {
+        // Tries to get the action and provider info from the url
+        const routeParams = params(req, runtime, basePath);
+        if (isNil(routeParams?.["action"]) || isNil(routeParams["provider"])) {
+            throw new Error('[ERROR]: Base path is missing! Make sure to set the "basePath" variable in the auth\'s config.');
         }
-        default:
+        // Finds the requested provider by name
+        const path = routeParams["provider"];
+        const provider = find(providers, (p) => p.ID === path);
+        if (isNil(provider)) {
             return new Response("Page not found", { status: 404 });
-    }
+        }
+        // Handles each action independently
+        switch (routeParams["action"]) {
+            case "login": {
+                // Use the found provider to login
+                const token = await provider.logIn(req, globalCfg).catch(() => null);
+                // If failed, return Bad Request response
+                if (isNil(token))
+                    return new Response(null, { status: 400 });
+                // Creates the set-cookie header
+                const headers = new Headers();
+                headers.set("Set-Cookie", cookie(globalCfg.cookieName, token, globalCfg.cookieSettings));
+                // And returns it
+                return new Response(null, { status: 200, headers });
+            }
+            case "logout": {
+                // Use the strategy  to logout
+                await globalCfg.strategy.logOut(req, globalCfg);
+                // Clears the header.
+                const headers = new Headers();
+                headers.set("Set-Cookie", cookie(globalCfg.cookieName, ""));
+                // And send them
+                return new Response(null, { status: 200, headers });
+            }
+            default:
+                // If a wrong action is requested, return a 404
+                return new Response("Page not found", { status: 404 });
+        }
+    };
 });
+/**
+ * Access a user's session.
+ * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.
+ * @returns A session if found and valid, or `null`.
+ */
 export const getSession = (req) => {
     if (isNil(req.headers))
         return null;
+    // Find the correct cookie header
     const cookieHeader = req.headers instanceof Headers ? req.headers.get("cookie") : req.headers["cookie"];
     const cookie = new Cookies(cookieHeader);
     if (isNil(cookie))
         return null;
+    // Tries to extract the specific cookie.
     const token = cookie.get(globalCfg.cookieName);
     if (isNil(token))
         return null;
+    // Tries to deserialize it
     return globalCfg.strategy.deserialize(token, globalCfg);
 };

package/dist/providers/Credentials.d.ts

@@ -1,15 +1,34 @@
 import { IProvider } from "./IProvider";
-import type { ConfigOptions } from "../lib";
+import type { __internal__Options } from "../lib";
 import type { Session } from "../@types/globals";
+/**
+ * Configuration options of the Credentials provider
+ */
 export type CredentialsConfig<TCredentials extends string> = Readonly<{
+    /**
+     * The name of this provider, should not be changed unless you are
+     * using multiple instance of the same provider.
+     */
     name?: "credentials" | (string & {});
+    /**
+     * The available fields coming from the request containing credentials.
+     */
     credentials: TCredentials[];
+    /**
+     * Function that gets called when a user tries to login.
+     * This is where you should look inside your database for the user.
+     * @param credentials An object containing the credentials from the request's body.
+     * @returns A session object if a user is found, or `null`.
+     */
     authorize: (credentials: Record<TCredentials, string>) => MaybePromise<Session | null>;
 }>;
+/**
+ * Provider used to login a user using basic credentials.
+ */
 export declare class Credentials<TCredentials extends string = string> extends IProvider {
     private config;
     constructor(config: CredentialsConfig<TCredentials>);
-    getSession(req: Request, globalCfg: ConfigOptions): Promise<Session | null>;
-    logIn(req: Request, globalCfg: ConfigOptions): Promise<string | null>;
+    getSession(): Promise<Session | null>;
+    logIn(req: Request, globalCfg: __internal__Options): Promise<string | null>;
 }
 //# sourceMappingURL=Credentials.d.ts.map

package/dist/providers/Credentials.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Credentials.d.ts","sourceRoot":"","sources":["../../src/providers/Credentials.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD,MAAM,MAAM,iBAAiB,CAAC,YAAY,SAAS,MAAM,IAAI,QAAQ,CAAC;IAClE,IAAI,CAAC,EAAE,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACrC,WAAW,EAAE,YAAY,EAAE,CAAC;IAC5B,SAAS,EAAE,CAAC,WAAW,EAAE,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,KAAK,YAAY,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;CAC1F,CAAC,CAAC;AAEH,qBAAa,WAAW,CAAC,YAAY,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,SAAS;IAC5E,OAAO,CAAC,MAAM,CAAkC;gBAEpC,MAAM,EAAE,iBAAiB,CAAC,YAAY,CAAC;IAK7B,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAS3E,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAQ9F"}
+{"version":3,"file":"Credentials.d.ts","sourceRoot":"","sources":["../../src/providers/Credentials.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAAC,YAAY,SAAS,MAAM,IAAI,QAAQ,CAAC;IAClE;;;OAGG;IACH,IAAI,CAAC,EAAE,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACrC;;OAEG;IACH,WAAW,EAAE,YAAY,EAAE,CAAC;IAC5B;;;;;OAKG;IACH,SAAS,EAAE,CAAC,WAAW,EAAE,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,KAAK,YAAY,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;CAC1F,CAAC,CAAC;AAEH;;GAEG;AACH,qBAAa,WAAW,CAAC,YAAY,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,SAAS;IAC5E,OAAO,CAAC,MAAM,CAAkC;gBAEpC,MAAM,EAAE,iBAAiB,CAAC,YAAY,CAAC;IAK7B,UAAU,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAIrC,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAWpG"}

package/dist/providers/Credentials.js

@@ -1,24 +1,25 @@
 import { isNil } from "lodash-es";
-import Cookies from "universal-cookie";
 import { IProvider } from "./IProvider";
+/**
+ * Provider used to login a user using basic credentials.
+ */
 export class Credentials extends IProvider {
     config;
     constructor(config) {
         super("credentials");
         this.config = config;
     }
-    async getSession(req, globalCfg) {
-        const cookies = new Cookies(req.headers.get("cookie"));
-        const token = cookies.get(globalCfg.cookieName);
-        if (token == null)
-            return null;
-        return globalCfg.strategy.deserialize(token, globalCfg);
+    async getSession() {
+        throw new Error("This should never be used");
     }
     async logIn(req, globalCfg) {
+        // We assume the  body is json here, might change that later to be more flexible
         const body = (await req.json());
+        // Calls the user defined authorize callback
         const session = await this.config.authorize(body);
         if (isNil(session))
             return null;
+        // Create a token
         return globalCfg.strategy.serialize(session, globalCfg);
     }
 }

package/dist/providers/IProvider.d.ts

@@ -1,12 +1,32 @@
-import type { ConfigOptions } from "../lib";
+import type { __internal__Options } from "../lib";
 import type { Session } from "../@types/globals";
+/**
+ * Available url callback actions.
+ */
 export type Actions = "login" | "logout";
+/**
+ * Providers are used to implement certain services (E.g. facebook, github, credentials) as login methods.
+ * Every provider should inherit from this.
+ */
 declare abstract class IProvider {
-    private __ID;
+    /**
+     * This is used to map a callback to a provider.
+     */
+    private readonly __ID;
     constructor(ID: string);
+    /**
+     * The provider ID.
+     */
     get ID(): string;
-    abstract getSession(req: Request, globalCfg: ConfigOptions): Promise<Session | null>;
-    abstract logIn(req: Request, globalCfg: ConfigOptions): Promise<string | null>;
+    /** @deprecated You can use the top level `getSession` instead. */
+    abstract getSession(req: Request, globalCfg: __internal__Options): Promise<Session | null>;
+    /**
+     * Login function. This is used to call all the login flows of each provider.
+     * For now, the request's body **MUST** be JSON.
+     * @param req The request object.
+     * @param globalCfg The global auth config.
+     */
+    abstract logIn(req: Request, globalCfg: __internal__Options): Promise<string | null>;
 }
 export { IProvider };
 //# sourceMappingURL=IProvider.d.ts.map

package/dist/providers/IProvider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"IProvider.d.ts","sourceRoot":"","sources":["../../src/providers/IProvider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD,MAAM,MAAM,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEzC,uBAAe,SAAS;IACpB,OAAO,CAAC,IAAI,CAAS;gBAET,EAAE,EAAE,MAAM;IAItB,IAAW,EAAE,IAAI,MAAM,CAEtB;aAEe,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;aAC3E,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CACxF;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}
+{"version":3,"file":"IProvider.d.ts","sourceRoot":"","sources":["../../src/providers/IProvider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEzC;;;GAGG;AACH,uBAAe,SAAS;IACpB;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAS;gBAElB,EAAE,EAAE,MAAM;IAItB;;OAEG;IACH,IAAW,EAAE,IAAI,MAAM,CAEtB;IAED,kEAAkE;aAClD,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAEjG;;;;;OAKG;aACa,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAC9F;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/providers/IProvider.js

@@ -1,8 +1,18 @@
+/**
+ * Providers are used to implement certain services (E.g. facebook, github, credentials) as login methods.
+ * Every provider should inherit from this.
+ */
 class IProvider {
+    /**
+     * This is used to map a callback to a provider.
+     */
     __ID;
     constructor(ID) {
         this.__ID = ID;
     }
+    /**
+     * The provider ID.
+     */
     get ID() {
         return this.__ID;
     }

package/dist/providers/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./IProvider";
+export * from "./Credentials";
+//# sourceMappingURL=index.d.ts.map

package/dist/providers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/providers/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC"}

package/dist/providers/index.js

@@ -0,0 +1,2 @@
+export * from "./IProvider";
+export * from "./Credentials";

package/dist/strategies/IStrategy.d.ts

@@ -1,9 +1,29 @@
-import type { ConfigOptions } from "../lib";
+import type { __internal__Options } from "../lib";
 import { type Session } from "../@types/globals";
+/**
+ * A strategy is used to handle the creation, validation and accessing a user's session.
+ */
 declare abstract class IStrategy {
-    abstract serialize(session: Session, globalCfg: ConfigOptions): Promise<string>;
-    abstract deserialize(token: string, globalCfg: ConfigOptions): Promise<Session | null>;
-    abstract logOut(req: Request, globalCfg: ConfigOptions): Promise<void>;
+    /**
+     * Handles how a session token is generated.
+     * @param session The validated session object.
+     * @param globalCfg The global auth config.
+     * @returns A newly generated token that will be sent as a cookie.
+     */
+    abstract serialize(session: Session, globalCfg: __internal__Options): Promise<string>;
+    /**
+     * Handles how a token is validated and deserialized into a session object.
+     * @param token A user's token.
+     * @param globalCfg The global auth config.
+     * @returns A user's session if validated and found, else `null`.
+     */
+    abstract deserialize(token: string, globalCfg: __internal__Options): Promise<Session | null>;
+    /**
+     * Handles how a session is destroyed when a user is logging out.
+     * @param req The request object.
+     * @param globalCfg The global auth config.
+     */
+    abstract logOut(req: Request, globalCfg: __internal__Options): Promise<void>;
 }
 export { IStrategy };
 //# sourceMappingURL=IStrategy.d.ts.map

package/dist/strategies/IStrategy.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"IStrategy.d.ts","sourceRoot":"","sources":["../../src/strategies/IStrategy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAC5C,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD,uBAAe,SAAS;aACJ,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC;aACtE,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;aAC7E,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;CAChF;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}
+{"version":3,"file":"IStrategy.d.ts","sourceRoot":"","sources":["../../src/strategies/IStrategy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,uBAAe,SAAS;IACpB;;;;;OAKG;aACa,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;IAE5F;;;;;OAKG;aACa,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAEnG;;;;OAIG;aACa,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;CACtF;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/strategies/IStrategy.js

@@ -1,4 +1,7 @@
 import {} from "../@types/globals";
+/**
+ * A strategy is used to handle the creation, validation and accessing a user's session.
+ */
 class IStrategy {
 }
 export { IStrategy };

package/dist/strategies/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./jwt";
+export * from "./IStrategy";
+//# sourceMappingURL=index.d.ts.map

package/dist/strategies/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/strategies/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,aAAa,CAAC"}

package/dist/strategies/index.js

@@ -0,0 +1,2 @@
+export * from "./jwt";
+export * from "./IStrategy";

package/dist/strategies/jwt.d.ts

@@ -1,12 +1,18 @@
 import { IStrategy } from "./IStrategy";
-import type { ConfigOptions } from "../lib";
+import type { __internal__Options } from "../lib";
 import type { SignOptions } from "jsonwebtoken";
 import type { Session } from "../@types/globals";
+/**
+ * Basic JWT strategy
+ */
 declare class JWT extends IStrategy {
+    /**
+     * Forwarded standard JWT options
+     */
     private signOptions;
     constructor(options?: SignOptions);
-    serialize(session: Session, globalCfg: ConfigOptions): Promise<string>;
-    deserialize(token: string, globalCfg: ConfigOptions): Promise<Session | null>;
+    serialize(session: Session, globalCfg: __internal__Options): Promise<string>;
+    deserialize(token: string, globalCfg: __internal__Options): Promise<Session | null>;
     logOut(): Promise<void>;
 }
 export { JWT };

package/dist/strategies/jwt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/strategies/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAE5C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD,cAAM,GAAI,SAAQ,SAAS;IACvB,OAAO,CAAC,WAAW,CAAc;gBAErB,OAAO,GAAE,WAAiC;IAMtC,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC;IAItE,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAI7E,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAG1C;AAED,OAAO,EAAE,GAAG,EAAE,CAAC"}
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/strategies/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAElD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,cAAM,GAAI,SAAQ,SAAS;IACvB;;OAEG;IACH,OAAO,CAAC,WAAW,CAAc;gBAErB,OAAO,GAAE,WAAiC;IAMtC,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;IAK5E,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAKnF,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAI1C;AAED,OAAO,EAAE,GAAG,EAAE,CAAC"}

package/dist/strategies/jwt.js

@@ -1,18 +1,27 @@
 import { IStrategy } from "./IStrategy";
 import { verify, sign } from "../functions/jwt";
+/**
+ * Basic JWT strategy
+ */
 class JWT extends IStrategy {
+    /**
+     * Forwarded standard JWT options
+     */
     signOptions;
     constructor(options = { expiresIn: "1h" }) {
         super();
         this.signOptions = options;
     }
     serialize(session, globalCfg) {
+        // Directly call the sign function, but make it async.
         return Promise.resolve(sign(session, globalCfg.secret, this.signOptions));
     }
     deserialize(token, globalCfg) {
+        // The verify function does everything for us, in this case.
         return verify(token, globalCfg.secret);
     }
     logOut() {
+        // Since a JWT does not have any data in a DB, there is nothing to do here.
         return Promise.resolve();
     }
 }

package/package.json

@@ -1,10 +1,13 @@
 {
     "name": "orange-auth",
-    "version": "0.1.0",
+    "version": "0.1.2",
     "type": "module",
     "description": "Simple modular auth library",
-    "main": "dist/lib.js",
-    "types": "dist/lib.d.ts",
+    "main": "dist/index.js",
+    "types": "dist/index.d.ts",
+    "files": [
+        "dist"
+    ],
     "scripts": {
         "build": "tsc"
     },

package/.prettierignore

@@ -1,153 +0,0 @@
-# Logs
-logs
-*.log
-npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-lerna-debug.log*
-.pnpm-debug.log*
-
-# Diagnostic reports (https://nodejs.org/api/report.html)
-report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
-
-# Runtime data
-pids
-*.pid
-*.seed
-*.pid.lock
-
-# Directory for instrumented libs generated by jscoverage/JSCover
-lib-cov
-
-# Coverage directory used by tools like istanbul
-coverage
-*.lcov
-
-# nyc test coverage
-.nyc_output
-
-# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
-.grunt
-
-# Bower dependency directory (https://bower.io/)
-bower_components
-
-# node-waf configuration
-.lock-wscript
-
-# Compiled binary addons (https://nodejs.org/api/addons.html)
-build/Release
-
-# Dependency directories
-node_modules/
-jspm_packages/
-
-# Snowpack dependency directory (https://snowpack.dev/)
-web_modules/
-
-# TypeScript cache
-*.tsbuildinfo
-
-# Optional npm cache directory
-.npm
-
-# Optional eslint cache
-.eslintcache
-
-# Optional stylelint cache
-.stylelintcache
-
-# Microbundle cache
-.rpt2_cache/
-.rts2_cache_cjs/
-.rts2_cache_es/
-.rts2_cache_umd/
-
-# Optional REPL history
-.node_repl_history
-
-# Output of 'npm pack'
-*.tgz
-
-# Yarn Integrity file
-.yarn-integrity
-
-# dotenv environment variable files
-.env
-.env.development.local
-.env.test.local
-.env.production.local
-.env.local
-
-# parcel-bundler cache (https://parceljs.org/)
-.cache
-.parcel-cache
-
-# firebase-admin service-account
-firebase
-
-# Next.js build output
-.next
-out
-
-# Nuxt.js build / generate output
-.nuxt
-dist
-
-# Gatsby files
-.cache/
-# Comment in the public line in if your project uses Gatsby and not Next.js
-# https://nextjs.org/blog/next-9-1#public-directory-support
-# public
-
-# vuepress build output
-.vuepress/dist
-
-# vuepress v2.x temp and cache directory
-.temp
-
-# Docusaurus cache and generated files
-.docusaurus
-
-# Serverless directories
-.serverless/
-
-# FuseBox cache
-.fusebox/
-
-# DynamoDB Local files
-.dynamodb/
-
-# TernJS port file
-.tern-port
-
-# Stores VSCode versions used for testing VSCode extensions
-.vscode-test
-
-# yarn v2
-.yarn/cache
-.yarn/unplugged
-.yarn/build-state.yml
-.yarn/install-state.gz
-.pnp.*
-
-# Cloudflare
-.wrangler/
-
-# Vercel
-.vercel/
-
-# Sentry Vite Plugin
-.env.sentry-build-plugin
-
-# aws-cdk
-.cdk.staging
-cdk.out
-
-## Panda
-styled-system
-styled-system-studio
-
-# Shadcn
-lib/components/ui/
-server/dbClient/

package/.prettierrc

@@ -1,8 +0,0 @@
-{
-    "printWidth": 120,
-    "useTabs": false,
-    "tabWidth": 4,
-    "semi": true,
-    "singleQuote": false,
-    "trailingComma": "all"
-}

package/eslint.config.d.ts

@@ -1,3 +0,0 @@
-declare const _default: import("@typescript-eslint/utils/ts-eslint").FlatConfig.ConfigArray;
-export default _default;
-//# sourceMappingURL=eslint.config.d.ts.map

package/eslint.config.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"eslint.config.d.ts","sourceRoot":"","sources":["eslint.config.ts"],"names":[],"mappings":";AAIA,wBAyGE"}

package/eslint.config.js

@@ -1,99 +0,0 @@
-import eslint from "@eslint/js";
-import tseslint from "typescript-eslint";
-import prettier from "eslint-plugin-prettier/recommended";
-export default tseslint.config({
-    ignores: [
-        "dist/*",
-        "**/*.ts.build-*.mjs",
-        "*.js",
-        "*.cjs",
-        "*.mjs",
-    ],
-}, eslint.configs.recommended, ...tseslint.configs.recommended, {
-    languageOptions: {
-        parserOptions: {
-            warnOnUnsupportedTypeScriptVersion: false,
-            sourceType: "module",
-            ecmaVersion: "latest",
-        },
-    },
-}, {
-    rules: {
-        "arrow-spacing": [
-            "warn",
-            {
-                before: true,
-                after: true,
-            },
-        ],
-        "brace-style": [
-            "error",
-            "stroustrup",
-            {
-                allowSingleLine: true,
-            },
-        ],
-        "comma-dangle": ["error", "always-multiline"],
-        "comma-spacing": "error",
-        "comma-style": "error",
-        curly: ["error", "multi-line", "consistent"],
-        "dot-location": ["error", "property"],
-        "handle-callback-err": "off",
-        indent: ["error", 4],
-        "keyword-spacing": "error",
-        "max-nested-callbacks": [
-            "error",
-            {
-                max: 4,
-            },
-        ],
-        "max-statements-per-line": [
-            "error",
-            {
-                max: 2,
-            },
-        ],
-        "no-console": "off",
-        "no-empty-function": "error",
-        "no-floating-decimal": "error",
-        "no-inline-comments": "error",
-        "no-lonely-if": "error",
-        "no-multi-spaces": "error",
-        "no-multiple-empty-lines": [
-            "error",
-            {
-                max: 2,
-                maxEOF: 1,
-                maxBOF: 0,
-            },
-        ],
-        "no-shadow": [
-            "error",
-            {
-                allow: ["err", "resolve", "reject"],
-            },
-        ],
-        "no-trailing-spaces": ["error"],
-        "no-var": "error",
-        "object-curly-spacing": ["error", "always"],
-        "prefer-const": "error",
-        quotes: ["error", "double"],
-        semi: ["error", "always"],
-        "space-before-blocks": "error",
-        "space-before-function-paren": [
-            "error",
-            {
-                anonymous: "never",
-                named: "never",
-                asyncArrow: "always",
-            },
-        ],
-        "space-in-parens": "error",
-        "space-infix-ops": "error",
-        "space-unary-ops": "error",
-        "spaced-comment": "error",
-        yoda: "error",
-        "@typescript-eslint/no-misused-promises": "off",
-        "@typescript-eslint/no-unused-vars": "warn",
-    },
-}, prettier);

package/tsconfig.json

@@ -1,46 +0,0 @@
-{
-    "compilerOptions": {
-        "incremental": true,
-
-        "target": "es2022",
-        "lib": ["dom", "dom.iterable", "ES2022"],
-
-        "module": "es2022",
-        "moduleResolution": "bundler",
-        "resolveJsonModule": true,
-
-        "checkJs": true,
-
-        "declaration": true,
-        "declarationMap": true,
-        "outDir": "dist",
-        "rootDir": "src",
-        "removeComments": true,
-        "importHelpers": true,
-        "newLine": "lf",
-
-        "verbatimModuleSyntax": true,
-        "erasableSyntaxOnly": true,
-        "esModuleInterop": true,
-        "forceConsistentCasingInFileNames": true,
-
-        "strict": true,
-        "noImplicitAny": true,
-        "strictNullChecks": true,
-        "strictFunctionTypes": true,
-        "strictPropertyInitialization": true,
-        "noImplicitThis": true,
-        "useUnknownInCatchVariables": true,
-        "alwaysStrict": true,
-        "noUnusedLocals": true,
-        "noUnusedParameters": true,
-        "noImplicitReturns": true,
-        "noFallthroughCasesInSwitch": true,
-        "noUncheckedIndexedAccess": true,
-        "noImplicitOverride": true,
-        "noPropertyAccessFromIndexSignature": true,
-
-        "skipLibCheck": true
-    },
-    "include": ["src/**/*.ts", "eslint.config.ts"]
-}