orange-auth 0.1.2 → 1.1.0

package/README.md

@@ -1,118 +1,177 @@
-# 🍊 Orange Auth
-
-### THIS IS A VERY EARLY WIP, AND SHOULD NOT BE USED
-
-A lightweight authentication handler built for [@universal-middleware/core](https://www.npmjs.com/package/@universal-middleware/core), with support for plug-and-play providers and strategies. This package manages login/logout and session deserialization through HTTP handlers and secure cookies.
-
----
-
-## ✨ Features
-
-- Provider-based authentication (e.g., Credentials, OAuth)
-- Strategy-based token serialization and deserialization (e.g., JWT)
-- Secure, HTTP-only cookie session management
-- Framework-agnostic and middleware-compatible
-- Written in TypeScript
-
----
-
-## 📦 Installation
-
-```bash
-npm install universal-auth
-```
-
-📁 Project Structure
-
-```bash
-src/
-├── @types/          # Custom type definitions (e.g., Session)
-├── functions/       # Utility functions
-├── providers/       # Implementations of IProvider
-├── strategies/      # Implementations of IStrategy
-├── lib.ts           # Main exports
-```
-
-## 🚀 Usage
-
-### 1. Define your auth configuration:
-
-```ts
-import { CreateAuth } from "universal-auth";
-import { JwtStrategy } from "./strategies/jwt";
-import { CredentialsProvider } from "./providers/Credentials";
-
-const handler = CreateAuth({
-  providers: [CredentialsProvider],
-  secret: "your-secret-key",
-  cookieName: "my-auth-cookie", // optional (default: "orange.auth")
-  strategy: JwtStrategy,
-  basePath: "/api/auth",
-});
-```
-
-This will expose two routes:
-
-`GET /api/auth/login/:provider`
-
-`GET /api/auth/logout/:provider`
-
-You must implement a matching `provider.ID`, e.g. `"credentials"`.
-
-### 2. Use in a universal middleware router:`
-
-```ts
-import { router } from "@universal-middleware/core";
-import { handler as authHandler } from "./path-to-your-auth";
-
-export const app = router();
-app.use(authHandler);
-```
-
-### 3. Getting the current session:
-
-```ts
-import { getSession } from "universal-auth";
-
-const session = await getSession(req);
-if (session) {
-  console.log("Logged in as", session.user);
-}
-```
-
-## 🧩 Interfaces
-
-`IProvider`
-
-Defines how to log in a user and return a token:
-
-```ts
-interface IProvider {
-  ID: string;
-  logIn(req: Request, config: ConfigOptions): Promise<string>;
-}
-```
-
-`IStrategy`
-
-Defines how to serialize and deserialize tokens:
-
-```ts
-interface IStrategy {
-  deserialize(token: string, config: ConfigOptions): Promise<Session | null>;
-  logOut(req: Request, config: ConfigOptions): Promise<void>;
-}
-```
-
-## 🔐 Security
-Cookies are set with:
-
-`HttpOnly: true`
-
-`SameSite: "Lax"`
-
-`Secure: true`
-
-`Max-Age: 600` (10 minutes)
-
-You may customize these by modifying the `CreateAuth` implementation.
+# 🍊 Orange Auth
+
+### THIS IS A VERY EARLY WIP, AND SHOULD NOT BE USED IN PRODUCTION
+
+Authentication middleware for [@universal-middleware/core](https://www.npmjs.com/package/@universal-middleware/core), supporting provider-based login/logout and strategy-driven session handling via secure cookies.
+
+## 🚀 Features
+
+- Provider-based login/logout flow
+- Pluggable strategies (e.g. JWT)
+- Secure cookie-based session storage
+- Simple, composable handler with session retrieval
+- Optional cookie settings
+- Framework-agnostic
+
+## 📦 Install
+
+```bash
+npm install orange-auth
+```
+
+## 🧠 Usage
+
+### Setup
+
+```ts
+import { CreateAuth } from "orange-auth";
+import { JWT } from "orange-auth/strategies";
+import { Credentials } from "orange-auth/providers";
+
+const { handler, getSession } = CreateAuth({
+  providers: [new Credentials({ ... })],
+  strategy: new JWT({ ... }),
+  secret: "your-secret",
+  basePath: "/api/auth/:action/:provider",
+});
+```
+
+You can now use:
+- `POST /api/auth/login/:provider`
+- `POST /api/auth/logout/:provider`
+
+### Example (express middleware router)
+
+```ts
+import express from "express";
+import { handler } from "./auth";
+import { createHandler } from "@universal-middleware/express";
+
+const app = express();
+app.get("/api/auth/{*auth}", createHandler(handler)());
+```
+
+## 🧾 Session Access
+
+```ts
+import { getSession } from "./auth";
+
+const session = await getSession(req);
+
+if (session) {
+  console.log("Logged in user:", session.user);
+}
+```
+
+## 🧩 Config Options
+
+```ts
+type ConfigOptionsProps = {
+    /**
+     * All the available providers.
+     * If multiple instance of a single provider are used with the same name, the order does matter.
+     */
+    providers: IProvider[];
+
+    /**
+     * Your secret key.
+     */
+    secret: string;
+
+    /**
+     * A custom name for the cookie.
+     * Otherwise, the default name will be `orange.auth`
+     */
+    cookieName?: string;
+
+    /**
+     * The strategy to be used.
+     */
+    strategy: IStrategy;
+
+    /**
+     * This should be the url path that your auth is set up on, including the action and provider variables.
+     * @example
+     * ```js
+     * const app = express();
+     * 
+     * const { handler } = CreateAuth({
+     *   basePath: "/api/auth/:action/:provider",
+     *   ...
+     * });
+     *
+     * app.all("/api/auth/{*auth}", createHandler(handler)());
+     * ```
+     */
+    basePath: string;
+
+    /**
+     * Cookie serialization options. see [MDN Cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies)
+     */
+    cookieSettings?: SerializeOptions;
+};
+```
+
+## 🧱 Interfaces
+
+### IProvider
+
+```ts
+abstract class IProvider {
+    /**
+     * Custom name for a provider
+     */
+    ID: string;
+
+    /**
+     * Login function. This is used to call all the login flows of each provider.
+     * For now, the request's body **MUST** be JSON.
+     * @param req The request object.
+     * @param globalCfg The global auth config.
+     */
+    logIn(req: Request, globalCfg: ConfigOptions): Promise<string | null>;
+}
+```
+
+### IStrategy
+
+```ts
+abstract class IStrategy {
+    /**
+     * Handles how a session token is generated.
+     * @param session The validated session object.
+     * @param globalCfg The global auth config.
+     * @returns A newly generated token that will be sent as a cookie.
+     */
+    serialize(session: Session, globalCfg: ConfigOptions): Promise<string>;
+
+    /**
+     * Handles how a token is validated and deserialized into a session object.
+     * @param token A user's token.
+     * @param globalCfg The global auth config.
+     * @returns A user's session if validated and found, else `null`.
+     */
+    deserialize(token: string, globalCfg: ConfigOptions): Promise<Session | null>;
+
+    /**
+     * Handles how a session is destroyed when a user is logging out.
+     * @param req The request object.
+     * @param globalCfg The global auth config.
+     */
+    logOut(req: Request, globalCfg: ConfigOptions): Promise<void>;
+}
+```
+
+---
+
+## 🔐 Cookie Defaults
+
+By default, the cookie is:
+
+- `httpOnly: true`
+- `secure: true`
+- `sameSite: "lax"`
+- `path: "/"`
+- `maxAge: 3600` (1 hour)
+
+This can be customized via `cookieSettings` in the initial config.

package/dist/@types/globals.d.ts

@@ -1,10 +1,97 @@
-declare global {
-    type MaybePromise<T> = T | Promise<T>;
-}
+import type { SerializeOptions } from "cookie";
+import type { IProvider } from "../providers/IProvider";
+import type { IStrategy } from "../strategies/IStrategy";
+/**
+ * This is a Promise, or not...
+ */
+export type MaybePromise<T> = T | Promise<T>;
 /**
  * General session type. This should be augmented to include your session's fields.
  */
 export interface Session extends Record<string, unknown> {
     id: string;
 }
+/**
+ * Parameters for the custom callbacks
+ */
+type CallbackParams = {
+    /**
+     * The current token
+     */
+    token: string;
+    /**
+     * The current deserialized token
+     */
+    session: Session;
+    /**
+     * TThe request's headers
+     */
+    headers: Headers;
+};
+/**
+ * Auth Configuration props.
+ */
+export type ConfigOptionsProps = Readonly<{
+    /**
+     * All the available providers.
+     * If multiple instance of a single provider are used, the order does matter.
+     */
+    providers: IProvider[];
+    /**
+     * Your secret key.
+     */
+    secret: string | {
+        publicKey: string;
+        privateKey: string;
+    };
+    /**
+     * A custom name for the cookie.
+     * Otherwise, the default name will be `orange.auth`
+     */
+    cookieName?: string;
+    /**
+     * The strategy to be used.
+     */
+    strategy: IStrategy;
+    /**
+     * This should be the url path that your auth is set up on, including the action and provider variables.
+     * @example
+     * ```js
+     * const app = express();
+     *
+     * const { handler } = CreateAuth({
+     *   basePath: "/api/auth/:action/:provider",
+     *   ...
+     * });
+     *
+     * app.all("/api/auth/{*auth}", createHandler(handler)());
+     * ```
+     */
+    basePath: string;
+    /**
+     * Cookie serialization options. see [MDN Cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies)
+     */
+    cookieSettings?: SerializeOptions;
+    /**
+     * Custom callbacks
+     */
+    callbacks?: {
+        /**
+         * Custom login callback. This is ran after logging in with the provider.
+         * This can accept 2 return types: a boolean that indicates if the login is valid,
+         * or a url which will redirect the user.
+         * @param params An object containing the token, session and headers of a request.
+         * @returns a boolean that indicates if the login is valid,
+         * or a url which will redirect the user.
+         */
+        login?: (params: CallbackParams) => MaybePromise<boolean | string>;
+        /**
+         * Custom logout callback. This is ran before logging out with the strategy.
+         * @param params An object containing the token, session and headers of a request.
+         * @returns Nothing, or an empty promise.
+         */
+        logout?: (params: CallbackParams) => MaybePromise<void>;
+    };
+}>;
+export {};
 //# sourceMappingURL=globals.d.ts.map

package/dist/@types/globals.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"globals.d.ts","sourceRoot":"","sources":["../../src/@types/globals.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,CAAC;IACX,KAAK,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,OAAQ,SAAQ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IACpD,EAAE,EAAE,MAAM,CAAC;CACd"}
+{"version":3,"file":"globals.d.ts","sourceRoot":"","sources":["../../src/@types/globals.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAC/C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;AAE7C;;GAEG;AACH,MAAM,WAAW,OAAQ,SAAQ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IACpD,EAAE,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,KAAK,cAAc,GAAG;IAClB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IACd;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IACjB;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,QAAQ,CAAC;IACtC;;;OAGG;IACH,SAAS,EAAE,SAAS,EAAE,CAAC;IAEvB;;OAEG;IACH,MAAM,EAAE,MAAM,GAAG;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAE3D;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,EAAE,SAAS,CAAC;IAEpB;;;;;;;;;;;;;OAaG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,cAAc,CAAC,EAAE,gBAAgB,CAAC;IAElC;;OAEG;IACH,SAAS,CAAC,EAAE;QACR;;;;;;;WAOG;QACH,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,cAAc,KAAK,YAAY,CAAC,OAAO,GAAG,MAAM,CAAC,CAAC;QAEnE;;;;WAIG;QACH,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,cAAc,KAAK,YAAY,CAAC,IAAI,CAAC,CAAC;KAC3D,CAAC;CACL,CAAC,CAAC"}

package/dist/@types/internals.d.ts

@@ -0,0 +1,13 @@
+import type { RequiredDeep } from "type-fest";
+import type { ConfigOptionsProps } from "./globals";
+/**
+ * Internally used version of the options
+ */
+export type ConfigOptions = Omit<RequiredDeep<Omit<ConfigOptionsProps, "basePath">>, "cookieSettings"> & {
+    cookieSettings: NonNullable<ConfigOptionsProps["cookieSettings"]>;
+};
+/**
+ * Maybe there is a value, maybe not 🤷‍♂️
+ */
+export type Maybe<T> = T | null | undefined;
+//# sourceMappingURL=internals.d.ts.map

package/dist/@types/internals.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"internals.d.ts","sourceRoot":"","sources":["../../src/@types/internals.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAC;AAEpD;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC,EAAE,gBAAgB,CAAC,GAAG;IAErG,cAAc,EAAE,WAAW,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,CAAC,CAAC;CACrE,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC"}

package/dist/@types/internals.js

@@ -0,0 +1 @@
+export {};

package/dist/functions/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./jwt";
+export * from "./urlencodedToJson";
+//# sourceMappingURL=index.d.ts.map

package/dist/functions/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,oBAAoB,CAAC"}

package/dist/functions/index.js

@@ -0,0 +1,2 @@
+export * from "./jwt";
+export * from "./urlencodedToJson";

package/dist/functions/jwt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/functions/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAEH,KAAK,UAAU,EACf,KAAK,SAAS,EACd,KAAK,MAAM,EACX,KAAK,aAAa,EACrB,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAEpC;;;;;;GAMG;AACH,wBAAgB,MAAM,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,EACpD,KAAK,EAAE,MAAM,EACb,iBAAiB,EAAE,MAAM,GAAG,SAAS,EACrC,OAAO,CAAC,EAAE,aAAa,qBAS1B"}
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/functions/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,KAAK,UAAU,EAAE,KAAK,SAAS,EAAE,KAAK,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,cAAc,CAAC;AAGtH,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAEpC;;;;;;GAMG;AACH,wBAAgB,MAAM,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,EACpD,KAAK,EAAE,MAAM,EACb,iBAAiB,EAAE,MAAM,GAAG,SAAS,EACrC,OAAO,CAAC,EAAE,aAAa,qBAS1B"}

package/dist/functions/jwt.js

@@ -1,4 +1,4 @@
-import { verify as baseVerify, } from "jsonwebtoken";
+import { verify as baseVerify } from "jsonwebtoken";
 // The sign function is fine as-is
 export { sign } from "jsonwebtoken";
 /**

package/dist/functions/urlencodedToJson.d.ts

@@ -0,0 +1,2 @@
+export declare function urlencodedToJson<T extends object = object>(value: string): T;
+//# sourceMappingURL=urlencodedToJson.d.ts.map

package/dist/functions/urlencodedToJson.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"urlencodedToJson.d.ts","sourceRoot":"","sources":["../../src/functions/urlencodedToJson.ts"],"names":[],"mappings":"AAAA,wBAAgB,gBAAgB,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAS5E"}

package/dist/functions/urlencodedToJson.js

@@ -0,0 +1,8 @@
+export function urlencodedToJson(value) {
+    return Object.fromEntries(value
+        .trim()
+        .split("&")
+        .map((s) => s.split("="))
+        .filter((pair) => pair.length === 2)
+        .map((pair) => pair.map(decodeURIComponent)));
+}

package/dist/index.d.ts

@@ -1,4 +1,5 @@
 export * from "./lib";
-export * from "./providers";
-export * from "./strategies";
+export * from "./@types/globals";
+export * as providers from "./providers";
+export * as strategies from "./strategies";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,kBAAkB,CAAC;AACjC,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AACzC,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC"}

package/dist/index.js

@@ -1,3 +1,4 @@
 export * from "./lib";
-export * from "./providers";
-export * from "./strategies";
+export * from "./@types/globals";
+export * as providers from "./providers";
+export * as strategies from "./strategies";

package/dist/lib.d.ts

@@ -1,60 +1,46 @@
+import type { Maybe } from "./@types/internals";
 import type { Session } from "./@types/globals";
-import type { IStrategy } from "./strategies/IStrategy";
-import type { IProvider } from "./providers/IProvider";
-import { type SerializeOptions } from "cookie";
-type Maybe<T> = T | null | undefined;
 /**
- * Auth Configuration props.
+ * Initializes the auth. This should be called once per backend.
+ * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.
+ * @returns A session if found and valid, or `null`.
  */
-export type ConfigOptionsProps = Readonly<{
-    /**
-     * All the available providers.
-     * If multiple instance of a single provider are used, the order does matter.
-     */
-    providers: IProvider[];
-    /**
-     * Your secret key.
-     */
-    secret: string;
-    /**
-     * A custom name for the cookie.
-     * Otherwise, the default name will be `orange.auth`
-     */
+export declare const CreateAuth: (config: Readonly<{
+    providers: import("./providers").IProvider[];
+    secret: string | {
+        publicKey: string;
+        privateKey: string;
+    };
     cookieName?: string;
+    strategy: import("./strategies").IStrategy;
+    basePath: string;
+    cookieSettings?: import("cookie").SerializeOptions;
+    callbacks?: {
+        login?: (params: {
+            token: string;
+            session: Session;
+            headers: Headers;
+        }) => import(".").MaybePromise<boolean | string>;
+        logout?: (params: {
+            token: string;
+            session: Session;
+            headers: Headers;
+        }) => import(".").MaybePromise<void>;
+    };
+}>) => {
     /**
-     * The strategy to be used.
-     */
-    strategy: IStrategy;
-    /**
-     * This should be the url path that your auth is set up on, including the action and provider variables.
-     * @example
-     * ```js
-     * const app = express();
-     *
-     * app.all("/api/auth/{*auth}", createHandler(CreateAuth)({
-     *      basePath: "/api/auth/:action/:provider",
-     *      ...
-     * }))
-     * ```
+     * Universal handler route. You can use this with the `createHandler()` method
+     * @returns
      */
-    basePath: string;
+    handler: () => (req: Request, _: Universal.Context, runtime: import("@universal-middleware/core").RuntimeAdapter) => Promise<Response>;
     /**
-     * Cookie serialization options. see [MDN Cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies)
+     * Deserialize a user's session.
+     * @param globalCfg The global auth config
+     * @param req An object having a headers field
+     * @returns A user's token and session, if found and valid
      */
-    cookieSettings?: SerializeOptions;
-}>;
-/**
- * Internally used version of the options
- */
-export type __internal__Options = Required<Omit<ConfigOptionsProps, "basePath">>;
-export declare const CreateAuth: (config: ConfigOptionsProps) => (req: Request, _: Universal.Context, runtime: import("@universal-middleware/core").RuntimeAdapter) => Promise<Response>;
-/**
- * Access a user's session.
- * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.
- * @returns A session if found and valid, or `null`.
- */
-export declare const getSession: <T extends Session = Session>(req: {
-    headers: Maybe<Headers | Record<string, string>>;
-}) => Promise<T | null> | null;
-export {};
+    getSession: <T extends Session = Session>(req: {
+        headers: Maybe<Headers | Record<string, string>>;
+    }) => Promise<T | null>;
+};
 //# sourceMappingURL=lib.d.ts.map

package/dist/lib.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"lib.d.ts","sourceRoot":"","sources":["../src/lib.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,KAAK,EAAW,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAuB,KAAK,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAGpE,KAAK,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC;AAErC;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,QAAQ,CAAC;IACtC;;;OAGG;IACH,SAAS,EAAE,SAAS,EAAE,CAAC;IAEvB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,EAAE,SAAS,CAAC;IAEpB;;;;;;;;;;;OAWG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,cAAc,CAAC,EAAE,gBAAgB,CAAC;CACrC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,QAAQ,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC,CAAC;AAWjF,eAAO,MAAM,UAAU,WAAa,kBAAkB,4HA6EU,CAAC;AAEjE;;;;GAIG;AACH,eAAO,MAAM,UAAU,GAAI,CAAC,SAAS,OAAO,GAAG,OAAO,EAAE,KAAK;IAAE,OAAO,EAAE,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;CAAE,6BAehH,CAAC"}
+{"version":3,"file":"lib.d.ts","sourceRoot":"","sources":["../src/lib.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAiB,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAE/D,OAAO,KAAK,EAAsB,OAAO,EAAE,MAAM,kBAAkB,CAAC;AA4CpE;;;;GAIG;AACH,eAAO,MAAM,UAAU;;;;;;;;;;;aAYuB,CAAA;;;;;cAUvB,CAAC;;;;;;;IAOhB;;;OAGG;;IAwGH;;;;;OAKG;iBACU,CAAC,SAAS,OAAO,iBAAiB;QAAE,OAAO,EAAE,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;KAAE,KAEnC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;CAUxF,CAAC"}

package/dist/lib.js

@@ -1,17 +1,47 @@
 import Cookies from "universal-cookie";
-import { assign, find, isNil } from "lodash-es";
 import { serialize as cookie } from "cookie";
+import { assign, find, isNil, isString, merge } from "lodash-es";
 import { params } from "@universal-middleware/core";
-// Default config, only set otherwise `assign` doesn't like it.
-let globalCfg = {
-    cookieName: "orange.auth",
-    providers: [],
-    secret: crypto.randomUUID(),
-    strategy: null,
-    cookieSettings: {},
+/**
+ * Deserialize a user's session based of the headers
+ * @param globalCfg The global auth config
+ * @param req An object having a headers field
+ * @returns A user's token and session, if found and valid
+ */
+const getSession = async (globalCfg, req) => {
+    if (isNil(req.headers))
+        return {
+            session: null,
+            token: null,
+        };
+    // Find the correct cookie header
+    const cookieHeader = req.headers instanceof Headers ? req.headers.get("cookie") : req.headers["cookie"];
+    const cookie = new Cookies(cookieHeader);
+    if (isNil(cookie))
+        return {
+            session: null,
+            token: null,
+        };
+    // Tries to extract the specific cookie.
+    const token = cookie.get(globalCfg.cookieName);
+    if (isNil(token))
+        return {
+            session: null,
+            token: null,
+        };
+    // Tries to deserialize it
+    return {
+        session: (await globalCfg.strategy.deserialize(token, globalCfg)),
+        token: token,
+    };
 };
+/**
+ * Initializes the auth. This should be called once per backend.
+ * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.
+ * @returns A session if found and valid, or `null`.
+ */
 export const CreateAuth = ((config) => {
-    const { secret, strategy, cookieName, providers, cookieSettings, basePath } = config;
+    const { secret, strategy, cookieName, providers, cookieSettings, basePath, callbacks } = config;
     if (isNil(secret)) {
         throw new Error('[ERROR]: Auth secret missing! Make sure to set the "secret" variable in the auth\'s config.');
     }
@@ -20,7 +50,7 @@ export const CreateAuth = ((config) => {
     }
     // We set the global config on startup, and not on the route handler,
     // otherwise a session cannot be accessed until someone logs in
-    assign(globalCfg, {
+    const globalCfg = {
         cookieName: cookieName ?? "orange.auth",
         providers: providers ?? [],
         secret,
@@ -32,65 +62,100 @@ export const CreateAuth = ((config) => {
             secure: true,
             maxAge: 3600,
         },
-    });
-    return async (req, _, runtime) => {
-        // Tries to get the action and provider info from the url
-        const routeParams = params(req, runtime, basePath);
-        if (isNil(routeParams?.["action"]) || isNil(routeParams["provider"])) {
-            throw new Error('[ERROR]: Base path is missing! Make sure to set the "basePath" variable in the auth\'s config.');
-        }
-        // Finds the requested provider by name
-        const path = routeParams["provider"];
-        const provider = find(providers, (p) => p.ID === path);
-        if (isNil(provider)) {
-            return new Response("Page not found", { status: 404 });
-        }
-        // Handles each action independently
-        switch (routeParams["action"]) {
-            case "login": {
-                // Use the found provider to login
-                const token = await provider.logIn(req, globalCfg).catch(() => null);
-                // If failed, return Bad Request response
-                if (isNil(token))
-                    return new Response(null, { status: 400 });
-                // Creates the set-cookie header
-                const headers = new Headers();
-                headers.set("Set-Cookie", cookie(globalCfg.cookieName, token, globalCfg.cookieSettings));
-                // And returns it
-                return new Response(null, { status: 200, headers });
-            }
-            case "logout": {
-                // Use the strategy  to logout
-                await globalCfg.strategy.logOut(req, globalCfg);
-                // Clears the header.
-                const headers = new Headers();
-                headers.set("Set-Cookie", cookie(globalCfg.cookieName, ""));
-                // And send them
-                return new Response(null, { status: 200, headers });
+        callbacks: merge({}, { login: () => ({}), logout: () => ({}) }, callbacks),
+    };
+    return {
+        /**
+         * Universal handler route. You can use this with the `createHandler()` method
+         * @returns
+         */
+        handler: () => async (req, _, runtime) => {
+            // Tries to get the action and provider info from the url
+            const routeParams = params(req, runtime, basePath);
+            if (isNil(routeParams?.["action"]) || isNil(routeParams["provider"])) {
+                throw new Error('[ERROR]: Base path is missing! Make sure to set the "basePath" variable in the auth\'s config.');
             }
-            default:
-                // If a wrong action is requested, return a 404
+            // Finds the requested provider by name
+            const path = routeParams["provider"];
+            const provider = find(providers, (p) => p.ID === path);
+            if (isNil(provider)) {
                 return new Response("Page not found", { status: 404 });
-        }
+            }
+            // Handles each action independently
+            switch (routeParams["action"]) {
+                case "login": {
+                    // Use the found provider to login
+                    const token = await provider.logIn(req, globalCfg).catch(() => null);
+                    // If failed, return Bad Request response
+                    if (isNil(token))
+                        return new Response(null, { status: 400 });
+                    const params = await getSession(globalCfg, {
+                        // The cookie header is faked here, since the request does not have any token yet.
+                        headers: { cookie: cookie(globalCfg.cookieName, token) },
+                    });
+                    // If there is no session at this point, something as gone wrong
+                    if (isNil(params.session) || isNil(params.token)) {
+                        console.error("[AUTH ERROR]: Missing session after login");
+                        return new Response("internal server error", { status: 500 });
+                    }
+                    // Run the login callback
+                    const customRes = await globalCfg.callbacks.login({
+                        headers: req.headers,
+                        token: params.token,
+                        session: params.session,
+                    });
+                    // If the result is false, fail the login
+                    if (customRes === false) {
+                        return new Response("Bad Request", { status: 400 });
+                    }
+                    // If the result is a string, assume it is a redirection path
+                    if (isString(customRes)) {
+                        const headers = new Headers();
+                        headers.set("Location", customRes);
+                        return new Response(null, { status: 308, headers });
+                    }
+                    // Creates the set-cookie header
+                    const headers = new Headers();
+                    headers.set("Set-Cookie", cookie(globalCfg.cookieName, token, globalCfg.cookieSettings));
+                    // And return it
+                    return new Response(null, { status: 200, headers });
+                }
+                case "logout": {
+                    const params = await getSession(globalCfg, req);
+                    // If there is no session, no need to call the callback
+                    if (!isNil(params.session) && !isNil(params.token)) {
+                        await globalCfg.callbacks.logout({
+                            headers: req.headers,
+                            token: params.token,
+                            session: params.session,
+                        });
+                    }
+                    // Use the strategy  to logout
+                    await globalCfg.strategy.logOut(req, globalCfg);
+                    // Clears the header.
+                    const headers = new Headers();
+                    headers.set("Set-Cookie", cookie(globalCfg.cookieName, "deleted", 
+                    // Use the same cookie config, but make sure it is expired
+                    assign({}, globalCfg.cookieSettings, {
+                        expires: new Date(0),
+                        maxAge: undefined,
+                    })));
+                    // And send them
+                    return new Response(null, { status: 200, headers });
+                }
+                default:
+                    // If a wrong action is requested, return a 404
+                    return new Response("Page not found", { status: 404 });
+            }
+        },
+        /**
+         * Deserialize a user's session.
+         * @param globalCfg The global auth config
+         * @param req An object having a headers field
+         * @returns A user's token and session, if found and valid
+         */
+        getSession: (req) => 
+        // Only returns the session
+        getSession(globalCfg, req).then((doc) => doc.session),
     };
 });
-/**
- * Access a user's session.
- * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.
- * @returns A session if found and valid, or `null`.
- */
-export const getSession = (req) => {
-    if (isNil(req.headers))
-        return null;
-    // Find the correct cookie header
-    const cookieHeader = req.headers instanceof Headers ? req.headers.get("cookie") : req.headers["cookie"];
-    const cookie = new Cookies(cookieHeader);
-    if (isNil(cookie))
-        return null;
-    // Tries to extract the specific cookie.
-    const token = cookie.get(globalCfg.cookieName);
-    if (isNil(token))
-        return null;
-    // Tries to deserialize it
-    return globalCfg.strategy.deserialize(token, globalCfg);
-};

package/dist/providers/Credentials.d.ts

@@ -1,6 +1,6 @@
 import { IProvider } from "./IProvider";
-import type { __internal__Options } from "../lib";
-import type { Session } from "../@types/globals";
+import type { ConfigOptions } from "../@types/internals";
+import type { Session, MaybePromise } from "../@types/globals";
 /**
  * Configuration options of the Credentials provider
  */
@@ -28,7 +28,6 @@ export type CredentialsConfig<TCredentials extends string> = Readonly<{
 export declare class Credentials<TCredentials extends string = string> extends IProvider {
     private config;
     constructor(config: CredentialsConfig<TCredentials>);
-    getSession(): Promise<Session | null>;
-    logIn(req: Request, globalCfg: __internal__Options): Promise<string | null>;
+    logIn(req: Request, globalCfg: ConfigOptions): Promise<string | null>;
 }
 //# sourceMappingURL=Credentials.d.ts.map

package/dist/providers/Credentials.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Credentials.d.ts","sourceRoot":"","sources":["../../src/providers/Credentials.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAAC,YAAY,SAAS,MAAM,IAAI,QAAQ,CAAC;IAClE;;;OAGG;IACH,IAAI,CAAC,EAAE,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACrC;;OAEG;IACH,WAAW,EAAE,YAAY,EAAE,CAAC;IAC5B;;;;;OAKG;IACH,SAAS,EAAE,CAAC,WAAW,EAAE,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,KAAK,YAAY,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;CAC1F,CAAC,CAAC;AAEH;;GAEG;AACH,qBAAa,WAAW,CAAC,YAAY,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,SAAS;IAC5E,OAAO,CAAC,MAAM,CAAkC;gBAEpC,MAAM,EAAE,iBAAiB,CAAC,YAAY,CAAC;IAK7B,UAAU,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAIrC,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAWpG"}
+{"version":3,"file":"Credentials.d.ts","sourceRoot":"","sources":["../../src/providers/Credentials.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAAC,YAAY,SAAS,MAAM,IAAI,QAAQ,CAAC;IAClE;;;OAGG;IACH,IAAI,CAAC,EAAE,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACrC;;OAEG;IACH,WAAW,EAAE,YAAY,EAAE,CAAC;IAC5B;;;;;OAKG;IACH,SAAS,EAAE,CAAC,WAAW,EAAE,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,KAAK,YAAY,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;CAC1F,CAAC,CAAC;AAEH;;GAEG;AACH,qBAAa,WAAW,CAAC,YAAY,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,SAAS;IAC5E,OAAO,CAAC,MAAM,CAAkC;gBAEpC,MAAM,EAAE,iBAAiB,CAAC,YAAY,CAAC;IAK7B,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CA6B9F"}

package/dist/providers/Credentials.js

@@ -1,20 +1,34 @@
 import { isNil } from "lodash-es";
 import { IProvider } from "./IProvider";
+import { urlencodedToJson } from "../functions";
 /**
  * Provider used to login a user using basic credentials.
  */
 export class Credentials extends IProvider {
     config;
     constructor(config) {
-        super("credentials");
+        super(config.name ?? "credentials");
         this.config = config;
     }
-    async getSession() {
-        throw new Error("This should never be used");
-    }
     async logIn(req, globalCfg) {
-        // We assume the  body is json here, might change that later to be more flexible
-        const body = (await req.json());
+        const contentType = req.headers.get("Content-Type")?.split(";")[0] ?? "text/plain";
+        let body;
+        switch (contentType) {
+            case "application/json":
+                body = await req.json();
+                break;
+            case "application/x-www-urlencoded":
+                body = await req.text().then((urlencodedToJson));
+                break;
+            case "multipart/form-data":
+                const data = await req.formData();
+                body = Object.fromEntries(data);
+                break;
+            // fields should come from a form, so every un-supported types will be failing.
+            case "text/plain":
+            default:
+                return null;
+        }
         // Calls the user defined authorize callback
         const session = await this.config.authorize(body);
         if (isNil(session))

package/dist/providers/IProvider.d.ts

@@ -1,5 +1,4 @@
-import type { __internal__Options } from "../lib";
-import type { Session } from "../@types/globals";
+import type { ConfigOptions } from "../@types/internals";
 /**
  * Available url callback actions.
  */
@@ -18,15 +17,13 @@ declare abstract class IProvider {
      * The provider ID.
      */
     get ID(): string;
-    /** @deprecated You can use the top level `getSession` instead. */
-    abstract getSession(req: Request, globalCfg: __internal__Options): Promise<Session | null>;
     /**
      * Login function. This is used to call all the login flows of each provider.
      * For now, the request's body **MUST** be JSON.
      * @param req The request object.
      * @param globalCfg The global auth config.
      */
-    abstract logIn(req: Request, globalCfg: __internal__Options): Promise<string | null>;
+    abstract logIn(req: Request, globalCfg: ConfigOptions): Promise<string | null>;
 }
 export { IProvider };
 //# sourceMappingURL=IProvider.d.ts.map

package/dist/providers/IProvider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"IProvider.d.ts","sourceRoot":"","sources":["../../src/providers/IProvider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEzC;;;GAGG;AACH,uBAAe,SAAS;IACpB;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAS;gBAElB,EAAE,EAAE,MAAM;IAItB;;OAEG;IACH,IAAW,EAAE,IAAI,MAAM,CAEtB;IAED,kEAAkE;aAClD,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAEjG;;;;;OAKG;aACa,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAC9F;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}
+{"version":3,"file":"IProvider.d.ts","sourceRoot":"","sources":["../../src/providers/IProvider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEzC;;;GAGG;AACH,uBAAe,SAAS;IACpB;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAS;gBAElB,EAAE,EAAE,MAAM;IAItB;;OAEG;IACH,IAAW,EAAE,IAAI,MAAM,CAEtB;IAED;;;;;OAKG;aACa,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CACxF;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/strategies/IStrategy.d.ts

@@ -1,5 +1,5 @@
-import type { __internal__Options } from "../lib";
 import { type Session } from "../@types/globals";
+import type { ConfigOptions } from "../@types/internals";
 /**
  * A strategy is used to handle the creation, validation and accessing a user's session.
  */
@@ -10,20 +10,20 @@ declare abstract class IStrategy {
      * @param globalCfg The global auth config.
      * @returns A newly generated token that will be sent as a cookie.
      */
-    abstract serialize(session: Session, globalCfg: __internal__Options): Promise<string>;
+    abstract serialize(session: Session, globalCfg: ConfigOptions): Promise<string>;
     /**
      * Handles how a token is validated and deserialized into a session object.
      * @param token A user's token.
      * @param globalCfg The global auth config.
      * @returns A user's session if validated and found, else `null`.
      */
-    abstract deserialize(token: string, globalCfg: __internal__Options): Promise<Session | null>;
+    abstract deserialize(token: string, globalCfg: ConfigOptions): Promise<Session | null>;
     /**
      * Handles how a session is destroyed when a user is logging out.
      * @param req The request object.
      * @param globalCfg The global auth config.
      */
-    abstract logOut(req: Request, globalCfg: __internal__Options): Promise<void>;
+    abstract logOut(req: Request, globalCfg: ConfigOptions): Promise<void>;
 }
 export { IStrategy };
 //# sourceMappingURL=IStrategy.d.ts.map

package/dist/strategies/IStrategy.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"IStrategy.d.ts","sourceRoot":"","sources":["../../src/strategies/IStrategy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,uBAAe,SAAS;IACpB;;;;;OAKG;aACa,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;IAE5F;;;;;OAKG;aACa,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAEnG;;;;OAIG;aACa,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;CACtF;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}
+{"version":3,"file":"IStrategy.d.ts","sourceRoot":"","sources":["../../src/strategies/IStrategy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEzD;;GAEG;AACH,uBAAe,SAAS;IACpB;;;;;OAKG;aACa,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC;IAEtF;;;;;OAKG;aACa,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAE7F;;;;OAIG;aACa,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;CAChF;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/strategies/jwt.d.ts

@@ -1,7 +1,7 @@
 import { IStrategy } from "./IStrategy";
-import type { __internal__Options } from "../lib";
 import type { SignOptions } from "jsonwebtoken";
 import type { Session } from "../@types/globals";
+import type { ConfigOptions } from "../@types/internals";
 /**
  * Basic JWT strategy
  */
@@ -11,8 +11,8 @@ declare class JWT extends IStrategy {
      */
     private signOptions;
     constructor(options?: SignOptions);
-    serialize(session: Session, globalCfg: __internal__Options): Promise<string>;
-    deserialize(token: string, globalCfg: __internal__Options): Promise<Session | null>;
+    serialize(session: Session, globalCfg: ConfigOptions): Promise<string>;
+    deserialize(token: string, globalCfg: ConfigOptions): Promise<Session | null>;
     logOut(): Promise<void>;
 }
 export { JWT };

package/dist/strategies/jwt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/strategies/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAElD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;GAEG;AACH,cAAM,GAAI,SAAQ,SAAS;IACvB;;OAEG;IACH,OAAO,CAAC,WAAW,CAAc;gBAErB,OAAO,GAAE,WAAiC;IAMtC,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;IAK5E,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAKnF,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAI1C;AAED,OAAO,EAAE,GAAG,EAAE,CAAC"}
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/strategies/jwt.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAgBzD;;GAEG;AACH,cAAM,GAAI,SAAQ,SAAS;IACvB;;OAEG;IACH,OAAO,CAAC,WAAW,CAAc;gBAErB,OAAO,GAAE,WAAiC;IAMtC,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC;IAKtE,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAK7E,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAI1C;AAED,OAAO,EAAE,GAAG,EAAE,CAAC"}

package/dist/strategies/jwt.js

@@ -1,5 +1,18 @@
+import { isString } from "lodash-es";
 import { IStrategy } from "./IStrategy";
 import { verify, sign } from "../functions/jwt";
+/**
+ * Retrieves either the secret or a private key, depending on the used JWT algorithm
+ * @param secret Secret key, or key pair
+ * @returns The secret or private key
+ */
+const secretOrPrivateKey = (secret) => isString(secret) ? secret : secret.privateKey;
+/**
+ * Retrieves either the secret or a public key, depending on the used JWT algorithm
+ * @param secret Secret key, or key pair
+ * @returns The secret or public key
+ */
+const secretOrPublicKey = (secret) => isString(secret) ? secret : secret.publicKey;
 /**
  * Basic JWT strategy
  */
@@ -14,11 +27,11 @@ class JWT extends IStrategy {
     }
     serialize(session, globalCfg) {
         // Directly call the sign function, but make it async.
-        return Promise.resolve(sign(session, globalCfg.secret, this.signOptions));
+        return Promise.resolve(sign(session, secretOrPrivateKey(globalCfg.secret), this.signOptions));
     }
     deserialize(token, globalCfg) {
         // The verify function does everything for us, in this case.
-        return verify(token, globalCfg.secret);
+        return verify(token, secretOrPublicKey(globalCfg.secret));
     }
     logOut() {
         // Since a JWT does not have any data in a DB, there is nothing to do here.

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "orange-auth",
-    "version": "0.1.2",
+    "version": "1.1.0",
     "type": "module",
     "description": "Simple modular auth library",
     "main": "dist/index.js",
@@ -8,8 +8,19 @@
     "files": [
         "dist"
     ],
+    "exports": {
+        ".": {
+            "require": "./dist/index.js",
+            "default": "./dist/index.js",
+            "types": "./dist/index.d.ts"
+        },
+        "./strategies": "./dist/strategies/index.js",
+        "./providers": "./dist/providers/index.js",
+        "./functions": "./dist/functions/index.js"
+    },
     "scripts": {
-        "build": "tsc"
+        "build": "tsc",
+        "test": "vitest"
     },
     "author": "Mathieu Dery mathieu.dery@bananastreaming.ca",
     "license": "MIT",
@@ -23,8 +34,10 @@
         "@types/node": "^24.0.15",
         "eslint-plugin-prettier": "^5.5.3",
         "tslib": "^2.8.1",
+        "type-fest": "^4.41.0",
         "typescript": "^5.8.3",
-        "typescript-eslint": "^8.37.0"
+        "typescript-eslint": "^8.37.0",
+        "vitest": "^3.2.4"
     },
     "dependencies": {
         "@universal-middleware/core": "^0.4.8",