orange-auth 1.2.0 → 1.3.1

package/dist/index.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.mts","names":[],"sources":["../packages/orange-auth/lib.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAeA;;cAAa,UAAA,GAAU,MAAA,EAAA,QAAA;aA8FtB,SAAA;;;;;;;aAnDyC,MAAA;;;;;cAK0E,MAAA;;;;;;;EAmCtC;;;;;;;;;;;;;;;;;IAAlD,OAAA,EAAS,KAAA,CAAM,OAAA,GAAU,MAAA;EAAA,MAAyB,OAAA,CAAA,OAAA;AAAA"}

package/dist/index.mjs

@@ -0,0 +1,19 @@
+/*
+    Orange Auth, a simple modular auth library
+    Copyright (C) 2026  Mathieu Dery
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+import{params as e}from"@universal-middleware/core";import{join as t}from"node:path/posix";import{getCookie as n,setCookie as r}from"@universal-middleware/core/cookie";var i=Object.defineProperty,a=(e,t)=>{let n={};for(var r in e)i(n,r,{get:e[r],enumerable:!0});return t&&i(n,Symbol.toStringTag,{value:`Module`}),n};const o=async({req:e,globalCfg:t,provider:n})=>{let i=await n.logIn(e,t).catch(()=>null);if(i==null)return new Response(null,{status:400});let a=await t.callbacks?.login?.({headers:e.headers,token:i.token,session:i.session});if(a===!1)return new Response(`Bad Request`,{status:400});if(typeof a==`string`){let e=new Headers;return e.set(`Location`,a),new Response(null,{status:308,headers:e})}let o=new Response(null,{status:200});return r(o,t.cookieName,i.token,t.cookieSettings),o};async function s(e,t){if(t.headers==null)return{session:null,token:null};let r=n(new Request(`http://localhost`,{headers:t.headers}),e.cookieName);if(r==null)return{session:null,token:null};let i=r.value;return{session:await e.strategy.deserialize(i,e),token:i}}const c=async({req:e,globalCfg:t})=>{let n=await s(t,e);n.session!=null&&n.token!=null&&await t.callbacks?.logout?.({headers:e.headers,token:n.token,session:n.session}),await t.strategy.logOut(e,t);let i=new Response(null,{status:200});return r(i,t.cookieName,`deleted`,{...t.cookieSettings,expires:new Date(0),maxAge:void 0}),i};var l=a({login:()=>o,logout:()=>c});const u=(n=>{let{secret:r,strategy:i,cookieName:a,providers:o,cookieSettings:c,basePath:u,callbacks:d}=n,f=t(u,`:action`,`:provider`);if(r==null)throw Error(`[ERROR]: Auth secret missing! Make sure to set the "secret" variable in the auth's config.`);if(i==null)throw Error(`[ERROR]: No strategy chosen! Make sure to set the "strategy" variable in the auth's config.`);let p={cookieName:a??`orange.auth`,providers:o??[],secret:r,strategy:i,cookieSettings:{path:`/`,httpOnly:!0,sameSite:`lax`,secure:!0,maxAge:3600,...c},callbacks:d};return{handler:()=>async(t,n,r)=>{if(t.method.toUpperCase()!==`POST`)return new Response(`Method Not Allowed`,{status:405});let i=e(t,r,f);if(i?.action==null||i.provider==null)throw Error(`[ERROR]: Base path is missing! Make sure to set the "basePath" variable in the auth's config.`);let a=i.provider,s=o.find(e=>e.ID===a);if(s==null)return new Response(`Page not found`,{status:404});let c=l[i.action];return c==null?new Response(`Page not found`,{status:404}):Promise.resolve(c({globalCfg:p,provider:s,req:t}))},clientConfig:{basePath:n.basePath,providers:p.providers.map(e=>e.ID),cookieName:p.cookieName},getSession:e=>s(p,e).then(e=>e.session)}});export{u as CreateAuth};
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","names":["actions"],"sources":["../packages/orange-auth/actions/login.ts","../packages/orange-auth/functions/getSession.ts","../packages/orange-auth/actions/logout.ts","../packages/orange-auth/actions/index.ts","../packages/orange-auth/lib.ts"],"sourcesContent":["import { setCookie } from \"@universal-middleware/core/cookie\";\n\nimport type { IAction } from \"./IAction\";\n\nconst login: IAction = async ({ req, globalCfg, provider }) => {\n    // Use the found provider to login\n    const params = await provider.logIn(req, globalCfg).catch(() => null);\n\n    // If failed, return Bad Request response\n    if (params == null) return new Response(null, { status: 400 });\n\n    // Run the login callback\n    const customRes = await globalCfg.callbacks?.login?.({\n        headers: req.headers,\n        token: params.token,\n        session: params.session,\n    });\n\n    // If the result is false, fail the login\n    if (customRes === false) {\n        return new Response(\"Bad Request\", { status: 400 });\n    }\n\n    // If the result is a string, assume it is a redirection path\n    if (typeof customRes === \"string\") {\n        const headers = new Headers();\n        headers.set(\"Location\", customRes);\n\n        return new Response(null, { status: 308, headers });\n    }\n\n    const res = new Response(null, { status: 200 });\n\n    // Creates the set-cookie header\n    setCookie(res, globalCfg.cookieName, params.token, globalCfg.cookieSettings);\n\n    // And send it\n    return res;\n};\n\nexport { login };\n","import { getCookie } from \"@universal-middleware/core/cookie\";\n\nimport type { ConfigOptions, Maybe } from \"../@types/internals\";\n\n/**\n * Deserialize a user's session based of the headers\n * @param globalCfg The global auth config\n * @param req An object having a headers field\n * @returns A user's token and session, if found and valid\n */\nasync function getSession(globalCfg: ConfigOptions, req: { headers: Maybe<Headers | Record<string, string>> }) {\n    if (req.headers == null)\n        return {\n            session: null,\n            token: null,\n        };\n\n    const r = new Request(\"http://localhost\", { headers: req.headers });\n\n    // Tries to extract the specific cookie.\n    const cookie = getCookie(r, globalCfg.cookieName);\n\n    if (cookie == null)\n        return {\n            session: null,\n            token: null,\n        };\n\n    const token = cookie.value;\n    // Tries to deserialize it\n    return {\n        session: await globalCfg.strategy.deserialize(token, globalCfg),\n        token,\n    };\n}\n\nexport { getSession };\n","import { setCookie } from \"@universal-middleware/core/cookie\";\n\nimport { getSession } from \"../functions/index\";\nimport type { IAction } from \"./IAction\";\n\nconst logout: IAction = async ({ req, globalCfg }) => {\n    const params = await getSession(globalCfg, req);\n\n    // If there is no session, no need to call the callback\n    if (params.session != null && params.token != null) {\n        await globalCfg.callbacks?.logout?.({\n            headers: req.headers,\n            token: params.token,\n            session: params.session,\n        });\n    }\n\n    // Use the strategy to logout\n    await globalCfg.strategy.logOut(req, globalCfg);\n\n    const res = new Response(null, { status: 200 });\n    // Clears the header.\n    setCookie(res, globalCfg.cookieName, \"deleted\", {\n        // Use the same cookie config, but make sure it is expired\n        ...globalCfg.cookieSettings,\n        expires: new Date(0),\n        maxAge: undefined,\n    });\n\n    // And send it\n    return res;\n};\n\nexport { logout };\n","export * from \"./login\";\nexport * from \"./logout\";\n","import { type Get, params, type UniversalHandler } from \"@universal-middleware/core\";\nimport { join } from \"node:path/posix\";\n\nimport type { ClientConfigOptions } from \"../client/@types/globals\";\nimport type { ConfigOptionsProps, Session } from \"./@types/globals\";\nimport type { ConfigOptions, Maybe } from \"./@types/internals\";\nimport * as actions from \"./actions/index\";\nimport { getSession } from \"./functions/index\";\nimport type { Actions } from \"./providers/IProvider\";\n\n/**\n * Initializes the auth. This should be called once per backend.\n * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.\n * @returns A session if found and valid, or `null`.\n */\nexport const CreateAuth = ((config) => {\n    const { secret, strategy, cookieName, providers, cookieSettings, basePath: basePathAsProp, callbacks } = config;\n\n    // Adds the dynamic actions to the base url\n    const basePath = join(basePathAsProp, \":action\", \":provider\");\n\n    if (secret == null) {\n        throw new Error('[ERROR]: Auth secret missing! Make sure to set the \"secret\" variable in the auth\\'s config.');\n    }\n\n    if (strategy == null) {\n        throw new Error('[ERROR]: No strategy chosen! Make sure to set the \"strategy\" variable in the auth\\'s config.');\n    }\n\n    // We set the global config on startup, and not on the route handler,\n    // otherwise a session cannot be accessed until someone logs in\n    const globalCfg = {\n        cookieName: cookieName ?? \"orange.auth\",\n        providers: providers ?? [],\n        secret,\n        strategy,\n        cookieSettings: {\n            path: \"/\",\n            httpOnly: true,\n            sameSite: \"lax\",\n            secure: true,\n            maxAge: 3600,\n            ...cookieSettings,\n        },\n        callbacks,\n    } satisfies ConfigOptions;\n\n    return {\n        /**\n         * Universal handler route. You can use this with the `createHandler()` method\n         * @returns\n         */\n        handler: () => async (req, _, runtime) => {\n            if (req.method.toUpperCase() !== \"POST\") {\n                // Do not accept other methods\n                return new Response(\"Method Not Allowed\", { status: 405 });\n            }\n\n            // Tries to get the action and provider info from the url\n            const routeParams = params(req, runtime, basePath);\n\n            if (routeParams?.[\"action\"] == null || routeParams[\"provider\"] == null) {\n                throw new Error(\n                    '[ERROR]: Base path is missing! Make sure to set the \"basePath\" variable in the auth\\'s config.',\n                );\n            }\n\n            // Finds the requested provider by name\n            const path = routeParams[\"provider\"];\n            const provider = providers.find((p) => p.ID === path);\n\n            if (provider == null) {\n                return new Response(\"Page not found\", { status: 404 });\n            }\n\n            const actionParam = routeParams[\"action\"] as Actions;\n\n            const action = actions[actionParam];\n\n            if (action == null) {\n                // If a wrong action is requested, return a 404\n                return new Response(\"Page not found\", { status: 404 });\n            }\n\n            // Handles each action independently\n            return Promise.resolve(action({ globalCfg, provider, req }));\n        },\n        clientConfig: {\n            basePath: config.basePath,\n            providers: globalCfg.providers.map((p) => p.ID),\n            cookieName: globalCfg.cookieName,\n        },\n        /**\n         * Deserialize a user's session.\n         * @param globalCfg The global auth config\n         * @param req An object having a headers field\n         * @returns A user's token and session, if found and valid\n         */\n        getSession: (req: { headers: Maybe<Headers | Record<string, string>> }) =>\n            // Only returns the session\n            getSession(globalCfg, req).then((doc) => doc.session),\n    };\n}) satisfies Get<\n    [config: ConfigOptionsProps],\n    {\n        clientConfig: ClientConfigOptions;\n        handler: Get<[], UniversalHandler>;\n        getSession: (req: { headers: Maybe<Headers | Record<string, string>> }) => Promise<Session | null>;\n    }\n>;\n"],"mappings":";;;;;;;;;;;;;;;;;4TAIA,MAAM,EAAiB,MAAO,CAAE,MAAK,YAAW,cAAe,CAE3D,IAAM,EAAS,MAAM,EAAS,MAAM,EAAK,EAAU,CAAC,UAAY,KAAK,CAGrE,GAAI,GAAU,KAAM,OAAO,IAAI,SAAS,KAAM,CAAE,OAAQ,IAAK,CAAC,CAG9D,IAAM,EAAY,MAAM,EAAU,WAAW,QAAQ,CACjD,QAAS,EAAI,QACb,MAAO,EAAO,MACd,QAAS,EAAO,QACnB,CAAC,CAGF,GAAI,IAAc,GACd,OAAO,IAAI,SAAS,cAAe,CAAE,OAAQ,IAAK,CAAC,CAIvD,GAAI,OAAO,GAAc,SAAU,CAC/B,IAAM,EAAU,IAAI,QAGpB,OAFA,EAAQ,IAAI,WAAY,EAAU,CAE3B,IAAI,SAAS,KAAM,CAAE,OAAQ,IAAK,UAAS,CAAC,CAGvD,IAAM,EAAM,IAAI,SAAS,KAAM,CAAE,OAAQ,IAAK,CAAC,CAM/C,OAHA,EAAU,EAAK,EAAU,WAAY,EAAO,MAAO,EAAU,eAAe,CAGrE,GC3BX,eAAe,EAAW,EAA0B,EAA2D,CAC3G,GAAI,EAAI,SAAW,KACf,MAAO,CACH,QAAS,KACT,MAAO,KACV,CAKL,IAAM,EAAS,EAHL,IAAI,QAAQ,mBAAoB,CAAE,QAAS,EAAI,QAAS,CAAC,CAGvC,EAAU,WAAW,CAEjD,GAAI,GAAU,KACV,MAAO,CACH,QAAS,KACT,MAAO,KACV,CAEL,IAAM,EAAQ,EAAO,MAErB,MAAO,CACH,QAAS,MAAM,EAAU,SAAS,YAAY,EAAO,EAAU,CAC/D,QACH,CC5BL,MAAM,EAAkB,MAAO,CAAE,MAAK,eAAgB,CAClD,IAAM,EAAS,MAAM,EAAW,EAAW,EAAI,CAG3C,EAAO,SAAW,MAAQ,EAAO,OAAS,MAC1C,MAAM,EAAU,WAAW,SAAS,CAChC,QAAS,EAAI,QACb,MAAO,EAAO,MACd,QAAS,EAAO,QACnB,CAAC,CAIN,MAAM,EAAU,SAAS,OAAO,EAAK,EAAU,CAE/C,IAAM,EAAM,IAAI,SAAS,KAAM,CAAE,OAAQ,IAAK,CAAC,CAU/C,OARA,EAAU,EAAK,EAAU,WAAY,UAAW,CAE5C,GAAG,EAAU,eACb,QAAS,IAAI,KAAK,EAAE,CACpB,OAAQ,IAAA,GACX,CAAC,CAGK,uCEfX,MAAa,GAAe,GAAW,CACnC,GAAM,CAAE,SAAQ,WAAU,aAAY,YAAW,iBAAgB,SAAU,EAAgB,aAAc,EAGnG,EAAW,EAAK,EAAgB,UAAW,YAAY,CAE7D,GAAI,GAAU,KACV,MAAU,MAAM,6FAA8F,CAGlH,GAAI,GAAY,KACZ,MAAU,MAAM,8FAA+F,CAKnH,IAAM,EAAY,CACd,WAAY,GAAc,cAC1B,UAAW,GAAa,EAAE,CAC1B,SACA,WACA,eAAgB,CACZ,KAAM,IACN,SAAU,GACV,SAAU,MACV,OAAQ,GACR,OAAQ,KACR,GAAG,EACN,CACD,YACH,CAED,MAAO,CAKH,YAAe,MAAO,EAAK,EAAG,IAAY,CACtC,GAAI,EAAI,OAAO,aAAa,GAAK,OAE7B,OAAO,IAAI,SAAS,qBAAsB,CAAE,OAAQ,IAAK,CAAC,CAI9D,IAAM,EAAc,EAAO,EAAK,EAAS,EAAS,CAElD,GAAI,GAAc,QAAa,MAAQ,EAAY,UAAe,KAC9D,MAAU,MACN,gGACH,CAIL,IAAM,EAAO,EAAY,SACnB,EAAW,EAAU,KAAM,GAAM,EAAE,KAAO,EAAK,CAErD,GAAI,GAAY,KACZ,OAAO,IAAI,SAAS,iBAAkB,CAAE,OAAQ,IAAK,CAAC,CAK1D,IAAM,EAASA,EAFK,EAAY,QAUhC,OANI,GAAU,KAEH,IAAI,SAAS,iBAAkB,CAAE,OAAQ,IAAK,CAAC,CAInD,QAAQ,QAAQ,EAAO,CAAE,YAAW,WAAU,MAAK,CAAC,CAAC,EAEhE,aAAc,CACV,SAAU,EAAO,SACjB,UAAW,EAAU,UAAU,IAAK,GAAM,EAAE,GAAG,CAC/C,WAAY,EAAU,WACzB,CAOD,WAAa,GAET,EAAW,EAAW,EAAI,CAAC,KAAM,GAAQ,EAAI,QAAQ,CAC5D"}

package/dist/providers.d.mts

@@ -0,0 +1,20 @@
+/*
+    Orange Auth, a simple modular auth library
+    Copyright (C) 2026  Mathieu Dery
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+import { n as IProvider, t as Actions } from "./IProvider-BH8TjziQ.mjs";
+import { n as CredentialsConfig, t as Credentials } from "./index-D-dMFhOD.mjs";
+export { Actions, Credentials, CredentialsConfig, IProvider };

package/dist/providers.mjs

@@ -0,0 +1,19 @@
+/*
+    Orange Auth, a simple modular auth library
+    Copyright (C) 2026  Mathieu Dery
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+function e(e){return Object.fromEntries(e.trim().split(`&`).map(e=>e.split(`=`)).filter(e=>e.length===2).map(e=>e.map(decodeURIComponent)))}var t=class{__ID;constructor(e){this.__ID=e}get ID(){return this.__ID}},n=class extends t{config;constructor(e){super(e.name??`credentials`),this.config=e}async logIn(t,n){let r=(t.headers.get(`Content-Type`)?.split(`;`)[0]??`text/plain`).toLowerCase(),i;switch(r){case`application/json`:i=await t.json();break;case`application/x-www-urlencoded`:i=await t.text().then(e);break;case`multipart/form-data`:{let e=await t.formData();i=Object.fromEntries(e)}break;default:return null}let a=await this.config.authorize(i);if(a==null)return null;let o=await n.strategy.serialize(a,n).catch(e=>(console.log(e),null));return o==null?null:{session:a,token:o}}};export{n as Credentials,t as IProvider};
+//# sourceMappingURL=providers.mjs.map

package/dist/providers.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"providers.mjs","names":[],"sources":["../packages/orange-auth/functions/urlencodedToJson.ts","../packages/orange-auth/providers/IProvider.ts","../packages/orange-auth/providers/Credentials.ts"],"sourcesContent":["export function urlencodedToJson<T extends object = object>(value: string): T {\n    return Object.fromEntries(\n        value\n            .trim()\n            .split(\"&\")\n            .map((s) => s.split(\"=\"))\n            .filter((pair) => pair.length === 2)\n            .map((pair) => pair.map(decodeURIComponent)),\n    );\n}\n","import type { Session } from \"../@types/globals\";\nimport type { ConfigOptions } from \"../@types/internals\";\n\n/**\n * Available url callback actions.\n */\nexport type Actions = \"login\" | \"logout\";\n\n/**\n * Providers are used to implement certain services (E.g. facebook, github, credentials) as login methods.\n * Every provider should inherit from this.\n */\nabstract class IProvider {\n    /**\n     * This is used to map a callback to a provider.\n     */\n    private readonly __ID: string;\n\n    constructor(ID: string) {\n        this.__ID = ID;\n    }\n\n    /**\n     * The provider ID.\n     */\n    public get ID(): string {\n        return this.__ID;\n    }\n\n    /**\n     * Login function. This is used to call all the login flows of each provider.\n     * For now, the request's body **MUST** be JSON.\n     * @param req The request object.\n     * @param globalCfg The global auth config.\n     */\n    public abstract logIn(req: Request, globalCfg: ConfigOptions): Promise<{ session: Session; token: string } | null>;\n}\n\nexport { IProvider };\n","import type { MaybePromise, Session } from \"../@types/globals\";\nimport type { ConfigOptions } from \"../@types/internals\";\nimport { urlencodedToJson } from \"../functions/index\";\nimport { IProvider } from \"./IProvider\";\n\n/**\n * Configuration options of the Credentials provider\n */\nexport type CredentialsConfig<TCredentials extends string> = Readonly<{\n    /**\n     * The name of this provider, should not be changed unless you are\n     * using multiple instance of the same provider.\n     */\n    name?: \"credentials\" | (string & {});\n    /**\n     * The available fields coming from the request containing credentials.\n     */\n    credentials: TCredentials[];\n    /**\n     * Function that gets called when a user tries to login.\n     * This is where you should look inside your database for the user.\n     * @param credentials An object containing the credentials from the request's body.\n     * @returns A session object if a user is found, or `null`.\n     */\n    authorize: (credentials: Record<TCredentials, string>) => MaybePromise<Session | null>;\n}>;\n\n/**\n * Provider used to login a user using basic credentials.\n */\nexport class Credentials<TCredentials extends string = string> extends IProvider {\n    private config: CredentialsConfig<TCredentials>;\n\n    constructor(config: CredentialsConfig<TCredentials>) {\n        super(config.name ?? \"credentials\");\n        this.config = config;\n    }\n\n    public override async logIn(\n        req: Request,\n        globalCfg: ConfigOptions,\n    ): Promise<{ session: Session; token: string } | null> {\n        const contentType = (req.headers.get(\"Content-Type\")?.split(\";\")[0] ?? \"text/plain\").toLowerCase();\n\n        let body: Record<TCredentials, string>;\n\n        switch (contentType) {\n            case \"application/json\":\n                body = (await req.json()) as Record<TCredentials, string>;\n                break;\n            case \"application/x-www-urlencoded\":\n                body = await req.text().then(urlencodedToJson<Record<TCredentials, string>>);\n                break;\n            case \"multipart/form-data\":\n                {\n                    const data = await req.formData();\n                    body = Object.fromEntries(data) as Record<TCredentials, string>;\n                }\n                break;\n            // fields should come from a form, so every un-supported types will be failing.\n            case \"text/plain\":\n            default:\n                return null;\n        }\n\n        // Calls the user defined authorize callback\n        const session = await this.config.authorize(body);\n        if (session == null) return null;\n\n        // Create a token\n        const token = await globalCfg.strategy.serialize(session, globalCfg).catch((err) => {\n            console.log(err);\n            return null;\n        });\n\n        if (token == null) return null;\n\n        return { session, token };\n    }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAAA,SAAgB,EAA4C,EAAkB,CAC1E,OAAO,OAAO,YACV,EACK,MAAM,CACN,MAAM,IAAI,CACV,IAAK,GAAM,EAAE,MAAM,IAAI,CAAC,CACxB,OAAQ,GAAS,EAAK,SAAW,EAAE,CACnC,IAAK,GAAS,EAAK,IAAI,mBAAmB,CAAC,CACnD,CCIL,IAAe,EAAf,KAAyB,CAIrB,KAEA,YAAY,EAAY,CACpB,KAAK,KAAO,EAMhB,IAAW,IAAa,CACpB,OAAO,KAAK,OCIP,EAAb,cAAuE,CAAU,CAC7E,OAEA,YAAY,EAAyC,CACjD,MAAM,EAAO,MAAQ,cAAc,CACnC,KAAK,OAAS,EAGlB,MAAsB,MAClB,EACA,EACmD,CACnD,IAAM,GAAe,EAAI,QAAQ,IAAI,eAAe,EAAE,MAAM,IAAI,CAAC,IAAM,cAAc,aAAa,CAE9F,EAEJ,OAAQ,EAAR,CACI,IAAK,mBACD,EAAQ,MAAM,EAAI,MAAM,CACxB,MACJ,IAAK,+BACD,EAAO,MAAM,EAAI,MAAM,CAAC,KAAK,EAA+C,CAC5E,MACJ,IAAK,sBACD,CACI,IAAM,EAAO,MAAM,EAAI,UAAU,CACjC,EAAO,OAAO,YAAY,EAAK,CAEnC,MAGJ,QACI,OAAO,KAIf,IAAM,EAAU,MAAM,KAAK,OAAO,UAAU,EAAK,CACjD,GAAI,GAAW,KAAM,OAAO,KAG5B,IAAM,EAAQ,MAAM,EAAU,SAAS,UAAU,EAAS,EAAU,CAAC,MAAO,IACxE,QAAQ,IAAI,EAAI,CACT,MACT,CAIF,OAFI,GAAS,KAAa,KAEnB,CAAE,UAAS,QAAO"}

package/dist/strategies.d.mts

@@ -0,0 +1,20 @@
+/*
+    Orange Auth, a simple modular auth library
+    Copyright (C) 2026  Mathieu Dery
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+import { c as IStrategy, s as Callbacks } from "./IProvider-BH8TjziQ.mjs";
+import { t as JWT } from "./index-DjPz5vTX.mjs";
+export { Callbacks, IStrategy, JWT };

package/dist/strategies.mjs

@@ -0,0 +1,19 @@
+/*
+    Orange Auth, a simple modular auth library
+    Copyright (C) 2026  Mathieu Dery
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+import{sign as e,verify as t}from"jsonwebtoken";function n(e,n,r){return new Promise(i=>{t(e,n,{...r,complete:!1},(e,t)=>{e?.cause&&i(null),i(t)})})}var r=class{callbacks;constructor(e){this.callbacks=e}},i=class extends r{signOptions;constructor(e={expiresIn:`1h`},t={}){super(t),this.signOptions=e}async serialize(t,n){return await Promise.resolve(this.callbacks.serialize?.(t)??!0)?Promise.resolve(e(t,n.secret,this.signOptions)):Promise.reject(`Serialize callback rejection`)}deserialize(e,t){return n(e,t.secret).then(async t=>t==null?null:await Promise.resolve(this.callbacks.deserialize?.(e,t)??!0)?t:null)}logOut(){return Promise.resolve()}};export{r as IStrategy,i as JWT};
+//# sourceMappingURL=strategies.mjs.map

package/dist/strategies.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"strategies.mjs","names":["verify","verify"],"sources":["../packages/orange-auth/functions/jwt.ts","../packages/orange-auth/strategies/IStrategy.ts","../packages/orange-auth/strategies/jwt.ts"],"sourcesContent":["import { verify as baseVerify, type JwtPayload, type PublicKey, type Secret, type VerifyOptions } from \"jsonwebtoken\";\n\n// The sign function is fine as-is\nexport { sign } from \"jsonwebtoken\";\n\n/**\n * Promisified version of the jwt's verify function.\n * @param token The user's token.\n * @param secretOrPublicKey Your secret key, or a public key.\n * @param options Jwt options.\n * @returns The user's payload, or null on errors.\n */\nexport function verify<T extends JwtPayload = JwtPayload>(\n    token: string,\n    secretOrPublicKey: Secret | PublicKey,\n    options?: VerifyOptions,\n) {\n    return new Promise<T | null>((resolve) => {\n        baseVerify(token, secretOrPublicKey, { ...options, complete: false }, (err, payload) => {\n            // In case of error, it is assumed as a malicious token, so we invalidate it.\n            if (err?.cause) resolve(null);\n            resolve(payload as T);\n        });\n    });\n}\n","import { type MaybePromise, type Session } from \"../@types/globals\";\nimport type { ConfigOptions } from \"../@types/internals\";\n\n/**\n * Strategies callbacks\n */\nexport type Callbacks = Partial<{\n    /**\n     * Pre-serialization callback. This can be used to add some steps to this process.\n     * @param session The session to be serialized.\n     * @returns A boolean representing if the serialization should occur.\n     */\n    serialize: (session: Session) => MaybePromise<boolean>;\n    /**\n     * Post-deserialization callback. This can be used to add some validation to this process.\n     * @param session The token that was deserialized.\n     * @returns A boolean representing if the deserialization is valid.\n     */\n    deserialize: (token: string, session: Session) => MaybePromise<boolean>;\n}>;\n\n/**\n * A strategy is used to handle the creation, validation and accessing a user's session.\n */\nabstract class IStrategy {\n    protected callbacks: Callbacks;\n\n    constructor(callbacks: Callbacks) {\n        this.callbacks = callbacks;\n    }\n\n    /**\n     * Handles how a session token is generated.\n     * @param session The validated session object.\n     * @param globalCfg The global auth config.\n     * @returns A newly generated token that will be sent as a cookie.\n     */\n    public abstract serialize(session: Session, globalCfg: ConfigOptions): Promise<string>;\n\n    /**\n     * Handles how a token is validated and deserialized into a session object.\n     * @param token A user's token.\n     * @param globalCfg The global auth config.\n     * @returns A user's session if validated and found, else `null`.\n     */\n    public abstract deserialize(token: string, globalCfg: ConfigOptions): Promise<Session | null>;\n\n    /**\n     * Handles how a session is destroyed when a user is logging out.\n     * @param req The request object.\n     * @param globalCfg The global auth config.\n     */\n    public abstract logOut(req: Request, globalCfg: ConfigOptions): Promise<void>;\n}\n\nexport { IStrategy };\n","import type { SignOptions } from \"jsonwebtoken\";\n\nimport type { Session } from \"../@types/globals\";\nimport type { ConfigOptions } from \"../@types/internals\";\nimport { sign, verify } from \"../functions/jwt\";\nimport { type Callbacks, IStrategy } from \"./IStrategy\";\n\n/**\n * Basic JWT strategy\n */\nclass JWT extends IStrategy {\n    /**\n     * Forwarded standard JWT options\n     */\n    private signOptions: SignOptions;\n\n    constructor(options: SignOptions = { expiresIn: \"1h\" }, callbacks: Callbacks = {}) {\n        super(callbacks);\n\n        this.signOptions = options;\n    }\n\n    public override async serialize(session: Session, globalCfg: ConfigOptions): Promise<string> {\n        // If there is no callback set, we can just run normally, so fallback to true.\n        const shouldRun = await Promise.resolve(this.callbacks.serialize?.(session) ?? true);\n\n        if (!shouldRun) {\n            return Promise.reject(\"Serialize callback rejection\");\n        }\n\n        // Directly call the sign function, but make it async.\n        return Promise.resolve(sign(session, globalCfg.secret, this.signOptions));\n    }\n\n    public override deserialize(token: string, globalCfg: ConfigOptions): Promise<Session | null> {\n        // The verify function does everything for us, in this case.\n        return verify<Session>(token, globalCfg.secret).then(async (session) => {\n            if (session == null) return null;\n            const isValid = await Promise.resolve(this.callbacks.deserialize?.(token, session) ?? true);\n            return isValid ? session : null;\n        });\n    }\n\n    public override logOut(): Promise<void> {\n        // Since a JWT does not have any data in a DB, there is nothing to do here.\n        return Promise.resolve();\n    }\n}\n\nexport { JWT };\n"],"mappings":";;;;;;;;;;;;;;;;;gDAYA,SAAgBA,EACZ,EACA,EACA,EACF,CACE,OAAO,IAAI,QAAmB,GAAY,CACtC,EAAW,EAAO,EAAmB,CAAE,GAAG,EAAS,SAAU,GAAO,EAAG,EAAK,IAAY,CAEhF,GAAK,OAAO,EAAQ,KAAK,CAC7B,EAAQ,EAAa,EACvB,EACJ,CCCN,IAAe,EAAf,KAAyB,CACrB,UAEA,YAAY,EAAsB,CAC9B,KAAK,UAAY,IClBnB,EAAN,cAAkB,CAAU,CAIxB,YAEA,YAAY,EAAuB,CAAE,UAAW,KAAM,CAAE,EAAuB,EAAE,CAAE,CAC/E,MAAM,EAAU,CAEhB,KAAK,YAAc,EAGvB,MAAsB,UAAU,EAAkB,EAA2C,CASzF,OAPkB,MAAM,QAAQ,QAAQ,KAAK,UAAU,YAAY,EAAQ,EAAI,GAAK,CAO7E,QAAQ,QAAQ,EAAK,EAAS,EAAU,OAAQ,KAAK,YAAY,CAAC,CAJ9D,QAAQ,OAAO,+BAA+B,CAO7D,YAA4B,EAAe,EAAmD,CAE1F,OAAOC,EAAgB,EAAO,EAAU,OAAO,CAAC,KAAK,KAAO,IACpD,GAAW,KAAa,KACZ,MAAM,QAAQ,QAAQ,KAAK,UAAU,cAAc,EAAO,EAAQ,EAAI,GAAK,CAC1E,EAAU,KAC7B,CAGN,QAAwC,CAEpC,OAAO,QAAQ,SAAS"}

package/package.json

@@ -1,49 +1,71 @@
 {
     "name": "orange-auth",
-    "version": "1.2.0",
+    "version": "1.3.1",
     "type": "module",
+    "sideEffects": false,
     "description": "Simple modular auth library",
-    "main": "dist/index.js",
-    "types": "dist/index.d.ts",
+    "author": "Mathieu Dery mathieu.dery@bananastreaming.ca",
+    "license": "GPL-3.0-or-later",
+    "repository": {
+        "url": "https://github.com/Unimat45/OrangeAuth.git"
+    },
+    "engines": {
+        "node": ">=20.0.0"
+    },
     "files": [
         "dist"
     ],
+    "types": "./dist/index.d.mts",
     "exports": {
         ".": {
-            "require": "./dist/index.js",
-            "default": "./dist/index.js",
-            "types": "./dist/index.d.ts"
+            "types": "./dist/index.d.mts",
+            "import": "./dist/index.mjs"
+        },
+        "./client": {
+            "types": "./dist/client.d.ts",
+            "import": "./dist/client.js"
+        },
+        "./providers": {
+            "types": "./dist/providers.d.mts",
+            "import": "./dist/providers.mjs"
         },
-        "./strategies": "./dist/strategies/index.js",
-        "./providers": "./dist/providers/index.js",
-        "./functions": "./dist/functions/index.js"
+        "./strategies": {
+            "types": "./dist/strategies.d.mts",
+            "import": "./dist/strategies.mjs"
+        },
+        "./package.json": {
+            "import": "./package.json"
+        }
     },
     "scripts": {
-        "build": "tsc",
-        "test": "vitest"
+        "build": "tsdown",
+        "test": "bun test",
+        "lint": "eslint . --cache",
+        "check": "tsc --noEmit",
+        "prettier:fix": "prettier --write \"**/*.{ts,js}\" --cache",
+        "prettier:check": "prettier --check \"**/*.{ts,js}\" --cache"
     },
-    "author": "Mathieu Dery mathieu.dery@bananastreaming.ca",
-    "license": "MIT",
-    "repository": {
-        "url": "https://github.com/Unimat45/OrangeAuth.git"
+    "dependencies": {
+        "@universal-middleware/core": "^0.4.16",
+        "jsonwebtoken": "^9.0.3"
     },
     "devDependencies": {
-        "@eslint/js": "^9.31.0",
+        "@arethetypeswrong/cli": "^0.18.2",
+        "@eslint/js": "^9.39.2",
+        "@trivago/prettier-plugin-sort-imports": "^6.0.2",
+        "@types/bun": "^1.3.8",
         "@types/jsonwebtoken": "^9.0.10",
-        "@types/lodash-es": "^4.17.12",
-        "@types/node": "^24.0.15",
-        "eslint-plugin-prettier": "^5.5.3",
-        "tslib": "^2.8.1",
-        "type-fest": "^4.41.0",
-        "typescript": "^5.8.3",
-        "typescript-eslint": "^8.37.0",
-        "vitest": "^3.2.4"
-    },
-    "dependencies": {
-        "@universal-middleware/core": "^0.4.8",
-        "cookie": "^1.0.2",
-        "jsonwebtoken": "^9.0.2",
-        "lodash-es": "^4.17.21",
-        "universal-cookie": "^8.0.1"
+        "@types/node": "^25.1.0",
+        "eslint": "^9.39.2",
+        "eslint-config-prettier": "^10.1.8",
+        "eslint-plugin-prettier": "^5.5.5",
+        "prettier": "^3.8.1",
+        "prettier-plugin-brace-style": "^0.9.0",
+        "prettier-plugin-merge": "^0.9.0",
+        "publint": "^0.3.17",
+        "tsdown": "^0.20.1",
+        "type-fest": "^5.4.3",
+        "typescript": "^5.9.3",
+        "typescript-eslint": "^8.54.0"
     }
 }

package/LICENSE

@@ -1,21 +0,0 @@
-    MIT License
-
-    Copyright (c) Mathieu Dery.
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE

package/dist/@types/globals.d.ts

@@ -1,97 +0,0 @@
-import type { SerializeOptions } from "cookie";
-import type { IProvider } from "../providers/IProvider";
-import type { IStrategy } from "../strategies/IStrategy";
-/**
- * This is a Promise, or not...
- */
-export type MaybePromise<T> = T | Promise<T>;
-/**
- * General session type. This should be augmented to include your session's fields.
- */
-export interface Session extends Record<string, unknown> {
-    id: string;
-}
-/**
- * Parameters for the custom callbacks
- */
-type CallbackParams = {
-    /**
-     * The current token
-     */
-    token: string;
-    /**
-     * The current deserialized token
-     */
-    session: Session;
-    /**
-     * TThe request's headers
-     */
-    headers: Headers;
-};
-/**
- * Auth Configuration props.
- */
-export type ConfigOptionsProps = Readonly<{
-    /**
-     * All the available providers.
-     * If multiple instance of a single provider are used, the order does matter.
-     */
-    providers: IProvider[];
-    /**
-     * Your secret key.
-     */
-    secret: string | {
-        publicKey: string;
-        privateKey: string;
-    };
-    /**
-     * A custom name for the cookie.
-     * Otherwise, the default name will be `orange.auth`
-     */
-    cookieName?: string;
-    /**
-     * The strategy to be used.
-     */
-    strategy: IStrategy;
-    /**
-     * This should be the url path that your auth is set up on, including the action and provider variables.
-     * @example
-     * ```js
-     * const app = express();
-     *
-     * const { handler } = CreateAuth({
-     *   basePath: "/api/auth/:action/:provider",
-     *   ...
-     * });
-     *
-     * app.all("/api/auth/{*auth}", createHandler(handler)());
-     * ```
-     */
-    basePath: string;
-    /**
-     * Cookie serialization options. see [MDN Cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies)
-     */
-    cookieSettings?: SerializeOptions;
-    /**
-     * Custom callbacks
-     */
-    callbacks?: {
-        /**
-         * Custom login callback. This is ran after logging in with the provider.
-         * This can accept 2 return types: a boolean that indicates if the login is valid,
-         * or a url which will redirect the user.
-         * @param params An object containing the token, session and headers of a request.
-         * @returns a boolean that indicates if the login is valid,
-         * or a url which will redirect the user.
-         */
-        login?: (params: CallbackParams) => MaybePromise<boolean | string>;
-        /**
-         * Custom logout callback. This is ran before logging out with the strategy.
-         * @param params An object containing the token, session and headers of a request.
-         * @returns Nothing, or an empty promise.
-         */
-        logout?: (params: CallbackParams) => MaybePromise<void>;
-    };
-}>;
-export {};
-//# sourceMappingURL=globals.d.ts.map

package/dist/@types/globals.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"globals.d.ts","sourceRoot":"","sources":["../../src/@types/globals.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAC/C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;AAE7C;;GAEG;AACH,MAAM,WAAW,OAAQ,SAAQ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IACpD,EAAE,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,KAAK,cAAc,GAAG;IAClB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IACd;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IACjB;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,QAAQ,CAAC;IACtC;;;OAGG;IACH,SAAS,EAAE,SAAS,EAAE,CAAC;IAEvB;;OAEG;IACH,MAAM,EAAE,MAAM,GAAG;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAE3D;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,EAAE,SAAS,CAAC;IAEpB;;;;;;;;;;;;;OAaG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,cAAc,CAAC,EAAE,gBAAgB,CAAC;IAElC;;OAEG;IACH,SAAS,CAAC,EAAE;QACR;;;;;;;WAOG;QACH,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,cAAc,KAAK,YAAY,CAAC,OAAO,GAAG,MAAM,CAAC,CAAC;QAEnE;;;;WAIG;QACH,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,cAAc,KAAK,YAAY,CAAC,IAAI,CAAC,CAAC;KAC3D,CAAC;CACL,CAAC,CAAC"}

package/dist/@types/globals.js

@@ -1 +0,0 @@
-export {};

package/dist/@types/internals.d.ts

@@ -1,13 +0,0 @@
-import type { RequiredDeep } from "type-fest";
-import type { ConfigOptionsProps } from "./globals";
-/**
- * Internally used version of the options
- */
-export type ConfigOptions = Omit<RequiredDeep<Omit<ConfigOptionsProps, "basePath">>, "cookieSettings"> & {
-    cookieSettings: NonNullable<ConfigOptionsProps["cookieSettings"]>;
-};
-/**
- * Maybe there is a value, maybe not 🤷‍♂️
- */
-export type Maybe<T> = T | null | undefined;
-//# sourceMappingURL=internals.d.ts.map

package/dist/@types/internals.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"internals.d.ts","sourceRoot":"","sources":["../../src/@types/internals.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAC;AAEpD;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC,EAAE,gBAAgB,CAAC,GAAG;IAErG,cAAc,EAAE,WAAW,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,CAAC,CAAC;CACrE,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC"}

package/dist/@types/internals.js

@@ -1 +0,0 @@
-export {};

package/dist/functions/index.d.ts

@@ -1,3 +0,0 @@
-export * from "./jwt";
-export * from "./urlencodedToJson";
-//# sourceMappingURL=index.d.ts.map

package/dist/functions/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,oBAAoB,CAAC"}

package/dist/functions/index.js

@@ -1,2 +0,0 @@
-export * from "./jwt";
-export * from "./urlencodedToJson";

package/dist/functions/jwt.d.ts

@@ -1,11 +0,0 @@
-import { type JwtPayload, type PublicKey, type Secret, type VerifyOptions } from "jsonwebtoken";
-export { sign } from "jsonwebtoken";
-/**
- * Promisified version of the jwt's verify function.
- * @param token The user's token.
- * @param secretOrPublicKey Your secret key, or a public key.
- * @param options Jwt options.
- * @returns The user's payload, or null on errors.
- */
-export declare function verify<T extends JwtPayload = JwtPayload>(token: string, secretOrPublicKey: Secret | PublicKey, options?: VerifyOptions): Promise<T | null>;
-//# sourceMappingURL=jwt.d.ts.map

package/dist/functions/jwt.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/functions/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,KAAK,UAAU,EAAE,KAAK,SAAS,EAAE,KAAK,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,cAAc,CAAC;AAGtH,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAEpC;;;;;;GAMG;AACH,wBAAgB,MAAM,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,EACpD,KAAK,EAAE,MAAM,EACb,iBAAiB,EAAE,MAAM,GAAG,SAAS,EACrC,OAAO,CAAC,EAAE,aAAa,qBAS1B"}

package/dist/functions/jwt.js

@@ -1,20 +0,0 @@
-import { verify as baseVerify } from "jsonwebtoken";
-// The sign function is fine as-is
-export { sign } from "jsonwebtoken";
-/**
- * Promisified version of the jwt's verify function.
- * @param token The user's token.
- * @param secretOrPublicKey Your secret key, or a public key.
- * @param options Jwt options.
- * @returns The user's payload, or null on errors.
- */
-export function verify(token, secretOrPublicKey, options) {
-    return new Promise((resolve) => {
-        baseVerify(token, secretOrPublicKey, { ...options, complete: false }, (err, payload) => {
-            // In case of error, it is assumed as a malicious token, so we invalidate it.
-            if (err?.cause)
-                resolve(null);
-            resolve(payload);
-        });
-    });
-}

package/dist/functions/urlencodedToJson.d.ts

@@ -1,2 +0,0 @@
-export declare function urlencodedToJson<T extends object = object>(value: string): T;
-//# sourceMappingURL=urlencodedToJson.d.ts.map

package/dist/functions/urlencodedToJson.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"urlencodedToJson.d.ts","sourceRoot":"","sources":["../../src/functions/urlencodedToJson.ts"],"names":[],"mappings":"AAAA,wBAAgB,gBAAgB,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAS5E"}

package/dist/functions/urlencodedToJson.js

@@ -1,8 +0,0 @@
-export function urlencodedToJson(value) {
-    return Object.fromEntries(value
-        .trim()
-        .split("&")
-        .map((s) => s.split("="))
-        .filter((pair) => pair.length === 2)
-        .map((pair) => pair.map(decodeURIComponent)));
-}

package/dist/index.d.ts

@@ -1,5 +0,0 @@
-export * from "./lib";
-export * from "./@types/globals";
-export * as providers from "./providers";
-export * as strategies from "./strategies";
-//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,kBAAkB,CAAC;AACjC,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AACzC,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC"}

package/dist/index.js

@@ -1,4 +0,0 @@
-export * from "./lib";
-export * from "./@types/globals";
-export * as providers from "./providers";
-export * as strategies from "./strategies";

package/dist/lib.d.ts

@@ -1,46 +0,0 @@
-import type { Maybe } from "./@types/internals";
-import type { Session } from "./@types/globals";
-/**
- * Initializes the auth. This should be called once per backend.
- * @param req Something that has a `headers` field; either a Headers instance, or just a plain object.
- * @returns A session if found and valid, or `null`.
- */
-export declare const CreateAuth: (config: Readonly<{
-    providers: import("./providers").IProvider[];
-    secret: string | {
-        publicKey: string;
-        privateKey: string;
-    };
-    cookieName?: string;
-    strategy: import("./strategies").IStrategy;
-    basePath: string;
-    cookieSettings?: import("cookie").SerializeOptions;
-    callbacks?: {
-        login?: (params: {
-            token: string;
-            session: Session;
-            headers: Headers;
-        }) => import(".").MaybePromise<boolean | string>;
-        logout?: (params: {
-            token: string;
-            session: Session;
-            headers: Headers;
-        }) => import(".").MaybePromise<void>;
-    };
-}>) => {
-    /**
-     * Universal handler route. You can use this with the `createHandler()` method
-     * @returns
-     */
-    handler: () => (req: Request, _: Universal.Context, runtime: import("@universal-middleware/core").RuntimeAdapter) => Promise<Response>;
-    /**
-     * Deserialize a user's session.
-     * @param globalCfg The global auth config
-     * @param req An object having a headers field
-     * @returns A user's token and session, if found and valid
-     */
-    getSession: <T extends Session = Session>(req: {
-        headers: Maybe<Headers | Record<string, string>>;
-    }) => Promise<T | null>;
-};
-//# sourceMappingURL=lib.d.ts.map

package/dist/lib.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"lib.d.ts","sourceRoot":"","sources":["../src/lib.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAiB,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAE/D,OAAO,KAAK,EAAsB,OAAO,EAAE,MAAM,kBAAkB,CAAC;AA4CpE;;;;GAIG;AACH,eAAO,MAAM,UAAU;;;;;;;;;;;aAYuB,CAAA;;;;;cAUvB,CAAC;;;;;;;IAOhB;;;OAGG;;IAwGH;;;;;OAKG;iBACU,CAAC,SAAS,OAAO,iBAAiB;QAAE,OAAO,EAAE,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;KAAE,KAEnC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;CAUxF,CAAC"}