secure-auth-kit 1.0.1

package/dist/constants/index.d.ts

@@ -0,0 +1,9 @@
+export declare const SALT_ROUNDS = 10;
+export declare const SENSITIVE_FIELDS: Set<string>;
+export declare const EMAIL_REGEX: RegExp;
+export declare const MIN_PASSWORD_LENGTH = 8;
+export declare const PASSWORD_UPPERCASE_REGEX: RegExp;
+export declare const PASSWORD_LOWERCASE_REGEX: RegExp;
+export declare const PASSWORD_NUMBER_REGEX: RegExp;
+export declare const PASSWORD_SPECIAL_CHARACTER_REGEX: RegExp;
+//# sourceMappingURL=index.d.ts.map

package/dist/constants/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/constants/index.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,WAAW,KAAK,CAAC;AAE9B,eAAO,MAAM,gBAAgB,aAA+B,CAAC;AAE7D,eAAO,MAAM,WAAW,QAA+B,CAAC;AAExD,eAAO,MAAM,mBAAmB,IAAI,CAAC;AAErC,eAAO,MAAM,wBAAwB,QAAU,CAAC;AAEhD,eAAO,MAAM,wBAAwB,QAAU,CAAC;AAEhD,eAAO,MAAM,qBAAqB,QAAO,CAAC;AAE1C,eAAO,MAAM,gCAAgC,QAAc,CAAC"}

package/dist/constants/index.js

@@ -0,0 +1,9 @@
+export const SALT_ROUNDS = 10;
+export const SENSITIVE_FIELDS = new Set(['password', '__v']);
+export const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+export const MIN_PASSWORD_LENGTH = 8;
+export const PASSWORD_UPPERCASE_REGEX = /[A-Z]/;
+export const PASSWORD_LOWERCASE_REGEX = /[a-z]/;
+export const PASSWORD_NUMBER_REGEX = /\d/;
+export const PASSWORD_SPECIAL_CHARACTER_REGEX = /[@$!%*?&]/;
+//# sourceMappingURL=index.js.map

package/dist/constants/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/constants/index.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,WAAW,GAAG,EAAE,CAAC;AAE9B,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC;AAE7D,MAAM,CAAC,MAAM,WAAW,GAAG,4BAA4B,CAAC;AAExD,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC;AAErC,MAAM,CAAC,MAAM,wBAAwB,GAAG,OAAO,CAAC;AAEhD,MAAM,CAAC,MAAM,wBAAwB,GAAG,OAAO,CAAC;AAEhD,MAAM,CAAC,MAAM,qBAAqB,GAAG,IAAI,CAAC;AAE1C,MAAM,CAAC,MAAM,gCAAgC,GAAG,WAAW,CAAC"}

package/dist/core/middleware/error.middleware.d.ts

@@ -0,0 +1,3 @@
+import { NextFunction, Request, Response } from 'express';
+export declare function errorMiddleware(err: Error, req: Request, res: Response, next: NextFunction): void;
+//# sourceMappingURL=error.middleware.d.ts.map

package/dist/core/middleware/error.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"error.middleware.d.ts","sourceRoot":"","sources":["../../../src/core/middleware/error.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAI1D,wBAAgB,eAAe,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CASjG"}

package/dist/core/middleware/error.middleware.js

@@ -0,0 +1,12 @@
+import { AppError } from '../../utils/AppError.js';
+import { sendError } from '../../utils/response.js';
+export function errorMiddleware(err, req, res, next) {
+    if (err instanceof AppError && err.isOperational) {
+        sendError(res, err.message, err.statusCode, err.code);
+        return;
+    }
+    // Unknown Errors
+    console.error('[secure-auth-kit] Unhandled error', err);
+    sendError(res, 'An unexpected error occurred', 500, 'INTERNAL_ERROR');
+}
+//# sourceMappingURL=error.middleware.js.map

package/dist/core/middleware/error.middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"error.middleware.js","sourceRoot":"","sources":["../../../src/core/middleware/error.middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAEpD,MAAM,UAAU,eAAe,CAAC,GAAU,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB;IACvF,IAAI,GAAG,YAAY,QAAQ,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;QAC/C,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QACtD,OAAO;IACX,CAAC;IAED,iBAAiB;IACjB,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAC;IACxD,SAAS,CAAC,GAAG,EAAE,8BAA8B,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;AAC1E,CAAC"}

package/dist/core/routes/auth.routes.d.ts

@@ -0,0 +1,3 @@
+import { Router } from 'express';
+export declare const createAuthRouter: () => Router;
+//# sourceMappingURL=auth.routes.d.ts.map

package/dist/core/routes/auth.routes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.routes.d.ts","sourceRoot":"","sources":["../../../src/core/routes/auth.routes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAMjC,eAAO,MAAM,gBAAgB,QAAO,MAWnC,CAAC"}

package/dist/core/routes/auth.routes.js

@@ -0,0 +1,15 @@
+import { Router } from 'express';
+import { loginController } from '../../features/login/login.controller.js';
+import { meController } from '../../features/me/me.controller.js';
+import { registerController } from '../../features/register/register.controller.js';
+import { authenticate } from '../../middleware/authenticate.middleware.js';
+export const createAuthRouter = () => {
+    const router = Router();
+    // Public routes
+    router.post('/register', registerController);
+    router.post('/login', loginController);
+    // Protected routes
+    router.get('/me', authenticate, meController);
+    return router;
+};
+//# sourceMappingURL=auth.routes.js.map

package/dist/core/routes/auth.routes.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.routes.js","sourceRoot":"","sources":["../../../src/core/routes/auth.routes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,0CAA0C,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,MAAM,gDAAgD,CAAC;AACpF,OAAO,EAAE,YAAY,EAAE,MAAM,6CAA6C,CAAC;AAE3E,MAAM,CAAC,MAAM,gBAAgB,GAAG,GAAW,EAAE;IACzC,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC;IAExB,gBAAgB;IAChB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;IAC7C,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAEvC,mBAAmB;IACnB,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;IAE9C,OAAO,MAAM,CAAC;AAClB,CAAC,CAAC"}

package/dist/core/stores/config.store.d.ts

@@ -0,0 +1,4 @@
+import { SecureAuthConfig } from '../../types/config.types.js';
+export declare function setConfig(config: SecureAuthConfig): void;
+export declare function getConfig(): SecureAuthConfig;
+//# sourceMappingURL=config.store.d.ts.map

package/dist/core/stores/config.store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.store.d.ts","sourceRoot":"","sources":["../../../src/core/stores/config.store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAK/D,wBAAgB,SAAS,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI,CAExD;AAED,wBAAgB,SAAS,IAAI,gBAAgB,CAQ5C"}

package/dist/core/stores/config.store.js

@@ -0,0 +1,12 @@
+import { AppError } from '../../utils/AppError.js';
+let _config = null;
+export function setConfig(config) {
+    _config = config;
+}
+export function getConfig() {
+    if (!_config) {
+        throw AppError.internal('secure-auth-kit: config has not been initialized. Call secureAuth() first.');
+    }
+    return _config;
+}
+//# sourceMappingURL=config.store.js.map

package/dist/core/stores/config.store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.store.js","sourceRoot":"","sources":["../../../src/core/stores/config.store.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAEnD,IAAI,OAAO,GAA4B,IAAI,CAAC;AAE5C,MAAM,UAAU,SAAS,CAAC,MAAwB;IAC9C,OAAO,GAAG,MAAM,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,SAAS;IACrB,IAAI,CAAC,OAAO,EAAE,CAAC;QACX,MAAM,QAAQ,CAAC,QAAQ,CACnB,4EAA4E,CAC/E,CAAC;IACN,CAAC;IAED,OAAO,OAAO,CAAC;AACnB,CAAC"}

package/dist/features/login/login.controller.d.ts

@@ -0,0 +1,3 @@
+import { NextFunction, Request, Response } from 'express';
+export declare const loginController: (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=login.controller.d.ts.map

package/dist/features/login/login.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.controller.d.ts","sourceRoot":"","sources":["../../../src/features/login/login.controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAM1D,eAAO,MAAM,eAAe,GACxB,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,MAAM,YAAY,KACnB,OAAO,CAAC,IAAI,CAUd,CAAC"}

package/dist/features/login/login.controller.js

@@ -0,0 +1,16 @@
+import { getConfig } from '../../core/stores/config.store.js';
+import { sendSuccess } from '../../utils/response.js';
+import { validateRegisterInput } from '../register/register.validator.js';
+import { loginUser } from './login.service.js';
+export const loginController = async (req, res, next) => {
+    try {
+        const input = validateRegisterInput(req.body);
+        const config = getConfig();
+        const result = await loginUser(input, config);
+        sendSuccess(res, result, 'Login successful');
+    }
+    catch (err) {
+        next(err);
+    }
+};
+//# sourceMappingURL=login.controller.js.map

package/dist/features/login/login.controller.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.controller.js","sourceRoot":"","sources":["../../../src/features/login/login.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,mCAAmC,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAC1E,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAChC,GAAY,EACZ,GAAa,EACb,IAAkB,EACL,EAAE;IACf,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAE9C,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,kBAAkB,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,CAAC;AACL,CAAC,CAAC"}

package/dist/features/login/login.service.d.ts

@@ -0,0 +1,4 @@
+import { LoginInput, LoginResult } from '../../types/auth.types.js';
+import { SecureAuthConfig } from '../../types/config.types.js';
+export declare const loginUser: (input: LoginInput, config: SecureAuthConfig) => Promise<LoginResult>;
+//# sourceMappingURL=login.service.d.ts.map

package/dist/features/login/login.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.service.d.ts","sourceRoot":"","sources":["../../../src/features/login/login.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAM/D,eAAO,MAAM,SAAS,GAClB,OAAO,UAAU,EACjB,QAAQ,gBAAgB,KACzB,OAAO,CAAC,WAAW,CAkBrB,CAAC"}

package/dist/features/login/login.service.js

@@ -0,0 +1,20 @@
+import { AppError } from '../../utils/AppError.js';
+import { comparePassword } from '../../utils/hash.js';
+import { generateAccessToken, generateRefreshToken } from '../../utils/jwt.js';
+import { sanitizeUser } from '../../utils/sanitizeUser.js';
+export const loginUser = async (input, config) => {
+    const { userModel, jwt: jwtConfig } = config;
+    const user = await userModel.findOne({ email: input.email }).select('+password');
+    if (!user) {
+        throw AppError.unauthorized('Invalid email or password', 'INVALID_CREDENTIALS');
+    }
+    const isMatch = await comparePassword(input.password, user.password);
+    if (!isMatch) {
+        throw AppError.unauthorized('Invalid email or password', 'INVALID_CREDENTIALS');
+    }
+    const tokenPayload = { userId: String(user._id), email: user.email };
+    const accessToken = generateAccessToken(tokenPayload, jwtConfig);
+    const refreshToken = generateRefreshToken(tokenPayload, jwtConfig);
+    return { user: sanitizeUser(user), tokens: { accessToken, refreshToken } };
+};
+//# sourceMappingURL=login.service.js.map

package/dist/features/login/login.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.service.js","sourceRoot":"","sources":["../../../src/features/login/login.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC/E,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,MAAM,CAAC,MAAM,SAAS,GAAG,KAAK,EAC1B,KAAiB,EACjB,MAAwB,EACJ,EAAE;IACtB,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;IAE7C,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACjF,IAAI,CAAC,IAAI,EAAE,CAAC;QACR,MAAM,QAAQ,CAAC,YAAY,CAAC,2BAA2B,EAAE,qBAAqB,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrE,IAAI,CAAC,OAAO,EAAE,CAAC;QACX,MAAM,QAAQ,CAAC,YAAY,CAAC,2BAA2B,EAAE,qBAAqB,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,YAAY,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;IACrE,MAAM,WAAW,GAAG,mBAAmB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IACjE,MAAM,YAAY,GAAG,oBAAoB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAEnE,OAAO,EAAE,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,EAAE,CAAC;AAC/E,CAAC,CAAC"}

package/dist/features/login/login.validator.d.ts

@@ -0,0 +1,3 @@
+import { LoginInput } from '../../types/auth.types.js';
+export declare const validateLoginInput: (body: unknown) => LoginInput;
+//# sourceMappingURL=login.validator.d.ts.map

package/dist/features/login/login.validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.validator.d.ts","sourceRoot":"","sources":["../../../src/features/login/login.validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AAGvD,eAAO,MAAM,kBAAkB,GAAI,MAAM,OAAO,KAAG,UAgBlD,CAAC"}

package/dist/features/login/login.validator.js

@@ -0,0 +1,15 @@
+import { AppError } from '../../utils/AppError.js';
+export const validateLoginInput = (body) => {
+    if (typeof body !== 'object' || body === null) {
+        throw AppError.badRequest('Request body is required', 'INVALID_BODY');
+    }
+    const { email, password } = body;
+    if (typeof email !== 'string' || !email.trim()) {
+        throw AppError.badRequest('Email is required', 'EMAIL_REQUIRED');
+    }
+    if (typeof password !== 'string' || !password) {
+        throw AppError.badRequest('Password is required', 'PASSWORD_REQUIRED');
+    }
+    return { email: email.toLowerCase().trim(), password };
+};
+//# sourceMappingURL=login.validator.js.map

package/dist/features/login/login.validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.validator.js","sourceRoot":"","sources":["../../../src/features/login/login.validator.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAEnD,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,IAAa,EAAc,EAAE;IAC5D,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;QAC5C,MAAM,QAAQ,CAAC,UAAU,CAAC,0BAA0B,EAAE,cAAc,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,IAA+B,CAAC;IAE5D,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAC7C,MAAM,QAAQ,CAAC,UAAU,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5C,MAAM,QAAQ,CAAC,UAAU,CAAC,sBAAsB,EAAE,mBAAmB,CAAC,CAAC;IAC3E,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,CAAC;AAC3D,CAAC,CAAC"}

package/dist/features/me/me.controller.d.ts

@@ -0,0 +1,3 @@
+import { NextFunction, Request, Response } from 'express';
+export declare const meController: (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=me.controller.d.ts.map

package/dist/features/me/me.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"me.controller.d.ts","sourceRoot":"","sources":["../../../src/features/me/me.controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAM1D,eAAO,MAAM,YAAY,GACrB,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,MAAM,YAAY,KACnB,OAAO,CAAC,IAAI,CAiBd,CAAC"}

package/dist/features/me/me.controller.js

@@ -0,0 +1,21 @@
+import { getConfig } from '../../core/stores/config.store.js';
+import { AppError } from '../../utils/AppError.js';
+import { sendSuccess } from '../../utils/response.js';
+import { sanitizeUser } from '../../utils/sanitizeUser.js';
+export const meController = async (req, res, next) => {
+    try {
+        if (!req.user) {
+            throw AppError.unauthorized('Authentication required');
+        }
+        const { userModel } = getConfig();
+        const user = await userModel.findById(req.user.id);
+        if (!user) {
+            throw AppError.notFound('User not found', 'USER_NOT_FOUND');
+        }
+        sendSuccess(res, sanitizeUser(user));
+    }
+    catch (err) {
+        next(err);
+    }
+};
+//# sourceMappingURL=me.controller.js.map

package/dist/features/me/me.controller.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"me.controller.js","sourceRoot":"","sources":["../../../src/features/me/me.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,mCAAmC,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAC7B,GAAY,EACZ,GAAa,EACb,IAAkB,EACL,EAAE;IACf,IAAI,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;YACZ,MAAM,QAAQ,CAAC,YAAY,CAAC,yBAAyB,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,GAAG,SAAS,EAAE,CAAC;QAElC,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACnD,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;QAChE,CAAC;QAED,WAAW,CAAC,GAAG,EAAE,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,CAAC;AACL,CAAC,CAAC"}

package/dist/features/register/register.controller.d.ts

@@ -0,0 +1,3 @@
+import { NextFunction, Request, Response } from 'express';
+export declare const registerController: (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=register.controller.d.ts.map

package/dist/features/register/register.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.controller.d.ts","sourceRoot":"","sources":["../../../src/features/register/register.controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAM1D,eAAO,MAAM,kBAAkB,GAC3B,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,MAAM,YAAY,KACnB,OAAO,CAAC,IAAI,CAUd,CAAC"}

package/dist/features/register/register.controller.js

@@ -0,0 +1,16 @@
+import { getConfig } from '../../core/stores/config.store.js';
+import { sendSuccess } from '../../utils/response.js';
+import { registerUser } from './register.service.js';
+import { validateRegisterInput } from './register.validator.js';
+export const registerController = async (req, res, next) => {
+    try {
+        const input = validateRegisterInput(req.body);
+        const config = getConfig();
+        const result = await registerUser(input, config);
+        sendSuccess(res, result, 'Registration successful', 201);
+    }
+    catch (err) {
+        next(err);
+    }
+};
+//# sourceMappingURL=register.controller.js.map

package/dist/features/register/register.controller.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.controller.js","sourceRoot":"","sources":["../../../src/features/register/register.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,mCAAmC,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAEhE,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EACnC,GAAY,EACZ,GAAa,EACb,IAAkB,EACL,EAAE;IACf,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAEjD,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,yBAAyB,EAAE,GAAG,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,CAAC;AACL,CAAC,CAAC"}

package/dist/features/register/register.service.d.ts

@@ -0,0 +1,4 @@
+import { RegisterInput, RegisterResult } from '../../types/auth.types.js';
+import { SecureAuthConfig } from '../../types/config.types.js';
+export declare const registerUser: (input: RegisterInput, config: SecureAuthConfig) => Promise<RegisterResult>;
+//# sourceMappingURL=register.service.d.ts.map

package/dist/features/register/register.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.service.d.ts","sourceRoot":"","sources":["../../../src/features/register/register.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAM/D,eAAO,MAAM,YAAY,GACrB,OAAO,aAAa,EACpB,QAAQ,gBAAgB,KACzB,OAAO,CAAC,cAAc,CAuBxB,CAAC"}

package/dist/features/register/register.service.js

@@ -0,0 +1,24 @@
+import { AppError } from '../../utils/AppError.js';
+import { hashPassword } from '../../utils/hash.js';
+import { generateAccessToken, generateRefreshToken } from '../../utils/jwt.js';
+import { sanitizeUser } from '../../utils/sanitizeUser.js';
+export const registerUser = async (input, config) => {
+    const { userModel, jwt: jwtConfig } = config;
+    const existingUser = await userModel.findOne({ email: input.email });
+    if (existingUser) {
+        throw AppError.badRequest('Email is already registered', 'EMAIL_TAKEN');
+    }
+    const hash_password = await hashPassword(input.password);
+    const user = await userModel.create({
+        ...input,
+        password: hash_password,
+    });
+    const tokenPayload = { userId: String(user._id), email: user.email };
+    const accessToken = generateAccessToken(tokenPayload, jwtConfig);
+    const refreshToken = generateRefreshToken(tokenPayload, jwtConfig);
+    return {
+        user: sanitizeUser(user),
+        tokens: { accessToken, refreshToken },
+    };
+};
+//# sourceMappingURL=register.service.js.map

package/dist/features/register/register.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.service.js","sourceRoot":"","sources":["../../../src/features/register/register.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC/E,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAC7B,KAAoB,EACpB,MAAwB,EACD,EAAE;IACzB,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;IAE7C,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;IACrE,IAAI,YAAY,EAAE,CAAC;QACf,MAAM,QAAQ,CAAC,UAAU,CAAC,6BAA6B,EAAE,aAAa,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAEzD,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC;QAChC,GAAG,KAAK;QACR,QAAQ,EAAE,aAAa;KAC1B,CAAC,CAAC;IAEH,MAAM,YAAY,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;IACrE,MAAM,WAAW,GAAG,mBAAmB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IACjE,MAAM,YAAY,GAAG,oBAAoB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAEnE,OAAO;QACH,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC;QACxB,MAAM,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE;KACxC,CAAC;AACN,CAAC,CAAC"}

package/dist/features/register/register.validator.d.ts

@@ -0,0 +1,3 @@
+import { RegisterInput } from '../../types/auth.types.js';
+export declare const validateRegisterInput: (body: unknown) => RegisterInput;
+//# sourceMappingURL=register.validator.d.ts.map

package/dist/features/register/register.validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.validator.d.ts","sourceRoot":"","sources":["../../../src/features/register/register.validator.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAG1D,eAAO,MAAM,qBAAqB,GAAI,MAAM,OAAO,KAAG,aAuDrD,CAAC"}

package/dist/features/register/register.validator.js

@@ -0,0 +1,34 @@
+import { EMAIL_REGEX, MIN_PASSWORD_LENGTH, PASSWORD_LOWERCASE_REGEX, PASSWORD_NUMBER_REGEX, PASSWORD_SPECIAL_CHARACTER_REGEX, PASSWORD_UPPERCASE_REGEX, } from '../../constants/index.js';
+import { AppError } from '../../utils/AppError.js';
+export const validateRegisterInput = (body) => {
+    if (typeof body !== 'object' || body === null) {
+        throw AppError.badRequest('Request body is required', 'INVALID_BODY');
+    }
+    const { email, password, ...rest } = body;
+    if (typeof email !== 'string' || !email.trim()) {
+        throw AppError.badRequest('Email is required', 'EMAIL_REQUIRED');
+    }
+    if (!EMAIL_REGEX.test(email)) {
+        throw AppError.badRequest('Invalid email format', 'EMAIL_INVALID');
+    }
+    if (typeof password !== 'string' || !password) {
+        throw AppError.badRequest('Password is required', 'PASSWORD_REQUIRED');
+    }
+    if (password.length < MIN_PASSWORD_LENGTH) {
+        throw AppError.badRequest(`Password must be at least ${MIN_PASSWORD_LENGTH} characters`, 'PASSWORD_TOO_SHORT');
+    }
+    if (!PASSWORD_UPPERCASE_REGEX.test(password)) {
+        throw AppError.badRequest('Password must be at least one uppercase letter', 'PASSWORD_MISSING_UPPERCASE_LETTER');
+    }
+    if (!PASSWORD_LOWERCASE_REGEX.test(password)) {
+        throw AppError.badRequest('Password must be at least one lowercase letter', 'PASSWORD_MISSING_LOWERCASE_LETTER');
+    }
+    if (!PASSWORD_NUMBER_REGEX.test(password)) {
+        throw AppError.badRequest('Password must contain at least one number', 'PASSWORD_MISSING_NUMBER');
+    }
+    if (!PASSWORD_SPECIAL_CHARACTER_REGEX.test(password)) {
+        throw AppError.badRequest('Password must be at least one special character', 'PASSWORD_MISSING_SPECIAL_CHARACTER');
+    }
+    return { email: email.toLowerCase().trim(), password, ...rest };
+};
+//# sourceMappingURL=register.validator.js.map

package/dist/features/register/register.validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.validator.js","sourceRoot":"","sources":["../../../src/features/register/register.validator.ts"],"names":[],"mappings":"AAAA,OAAO,EACH,WAAW,EACX,mBAAmB,EACnB,wBAAwB,EACxB,qBAAqB,EACrB,gCAAgC,EAChC,wBAAwB,GAC3B,MAAM,0BAA0B,CAAC;AAElC,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAEnD,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,IAAa,EAAiB,EAAE;IAClE,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;QAC5C,MAAM,QAAQ,CAAC,UAAU,CAAC,0BAA0B,EAAE,cAAc,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,GAAG,IAA+B,CAAC;IAErE,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAC7C,MAAM,QAAQ,CAAC,UAAU,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,QAAQ,CAAC,UAAU,CAAC,sBAAsB,EAAE,eAAe,CAAC,CAAC;IACvE,CAAC;IAED,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5C,MAAM,QAAQ,CAAC,UAAU,CAAC,sBAAsB,EAAE,mBAAmB,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,mBAAmB,EAAE,CAAC;QACxC,MAAM,QAAQ,CAAC,UAAU,CACrB,6BAA6B,mBAAmB,aAAa,EAC7D,oBAAoB,CACvB,CAAC;IACN,CAAC;IAED,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3C,MAAM,QAAQ,CAAC,UAAU,CACrB,gDAAgD,EAChD,mCAAmC,CACtC,CAAC;IACN,CAAC;IAED,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3C,MAAM,QAAQ,CAAC,UAAU,CACrB,gDAAgD,EAChD,mCAAmC,CACtC,CAAC;IACN,CAAC;IAED,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACxC,MAAM,QAAQ,CAAC,UAAU,CACrB,2CAA2C,EAC3C,yBAAyB,CAC5B,CAAC;IACN,CAAC;IAED,IAAI,CAAC,gCAAgC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnD,MAAM,QAAQ,CAAC,UAAU,CACrB,iDAAiD,EACjD,oCAAoC,CACvC,CAAC;IACN,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC;AACpE,CAAC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+import { Express } from 'express';
+import { SecureAuthConfig } from './types/config.types.js';
+export declare function secureAuth(app: Express, config: SecureAuthConfig): void;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,wBAAgB,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,gBAAgB,GAAG,IAAI,CAWvE"}

package/dist/index.js

@@ -0,0 +1,33 @@
+import { errorMiddleware } from './core/middleware/error.middleware.js';
+import { createAuthRouter } from './core/routes/auth.routes.js';
+import { setConfig } from './core/stores/config.store.js';
+export function secureAuth(app, config) {
+    validateConfig(config);
+    setConfig(config);
+    const prefix = config.routePrefix ?? '/auth';
+    // Core auth router
+    app.use(prefix, createAuthRouter());
+    // Error Handler
+    app.use(errorMiddleware);
+}
+const validateConfig = (config) => {
+    if (!config.userModel) {
+        throw new Error('[secure-auth-kit] config.userModel is required. ' +
+            'Pass your Mongoose User model: secureAuth(app, {userModel: User, ... })');
+    }
+    if (!config.jwt?.secret) {
+        throw new Error('[secure-auth-kit] config.jwt.secret is required. ' +
+            'Set JWT_SECRET in your environment and pass it via: jwt: { secret: process.env.JWT_SECRET }');
+    }
+    const emailPath = config.userModel.schema.path('email');
+    if (!emailPath) {
+        throw new Error('[secure-auth-kit] Your User model is missing the required "email" field.' +
+            'Add `email: { type: String, required: true, unique: true }` to your schema.');
+    }
+    const passwordPath = config.userModel.schema.path('password');
+    if (!passwordPath) {
+        throw new Error('[secure-auth-kit] Your User model is missing the required "password" field.' +
+            'Add `password: { type: String, required: true}` to your schema.');
+    }
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,uCAAuC,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,SAAS,EAAE,MAAM,+BAA+B,CAAC;AAG1D,MAAM,UAAU,UAAU,CAAC,GAAY,EAAE,MAAwB;IAC7D,cAAc,CAAC,MAAM,CAAC,CAAC;IAEvB,SAAS,CAAC,MAAM,CAAC,CAAC;IAElB,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,IAAI,OAAO,CAAC;IAC7C,mBAAmB;IACnB,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,gBAAgB,EAAE,CAAC,CAAC;IAEpC,gBAAgB;IAChB,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,cAAc,GAAG,CAAC,MAAwB,EAAQ,EAAE;IACtD,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CACX,kDAAkD;YAC9C,yEAAyE,CAChF,CAAC;IACN,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CACX,mDAAmD;YAC/C,6FAA6F,CACpG,CAAC;IACN,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACxD,IAAI,CAAC,SAAS,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACX,0EAA0E;YACtE,6EAA6E,CACpF,CAAC;IACN,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC9D,IAAI,CAAC,YAAY,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CACX,6EAA6E;YACzE,iEAAiE,CACxE,CAAC;IACN,CAAC;AACL,CAAC,CAAC"}

package/dist/middleware/authenticate.middleware.d.ts

@@ -0,0 +1,4 @@
+import { NextFunction, Request, Response } from 'express';
+export declare const extractBearerToken: (authHeader: string | undefined) => string | null;
+export declare const authenticate: (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=authenticate.middleware.d.ts.map

package/dist/middleware/authenticate.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authenticate.middleware.d.ts","sourceRoot":"","sources":["../../src/middleware/authenticate.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAK1D,eAAO,MAAM,kBAAkB,GAAI,YAAY,MAAM,GAAG,SAAS,KAAG,MAAM,GAAG,IAI5E,CAAC;AAEF,eAAO,MAAM,YAAY,GAAI,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,IAqB9E,CAAC"}

package/dist/middleware/authenticate.middleware.js

@@ -0,0 +1,28 @@
+import { getConfig } from '../core/stores/config.store.js';
+import { AppError } from '../utils/AppError.js';
+import { verifyToken } from '../utils/jwt.js';
+export const extractBearerToken = (authHeader) => {
+    if (!authHeader?.startsWith('Bearer '))
+        return null;
+    const token = authHeader.slice(7).trim();
+    return token || null;
+};
+export const authenticate = (req, res, next) => {
+    try {
+        const token = extractBearerToken(req.headers.authorization);
+        if (!token) {
+            throw AppError.unauthorized('Bearer token is required', 'TOKEN_MISSING');
+        }
+        const config = getConfig();
+        const payload = verifyToken(token, config.jwt);
+        if (payload.type === 'access') {
+            throw AppError.unauthorized('Invalid token type', 'TOKEN_TYPE_MISMATCH');
+        }
+        req.user = { id: payload.userId, email: payload.email };
+        next();
+    }
+    catch (err) {
+        next(err);
+    }
+};
+//# sourceMappingURL=authenticate.middleware.js.map

package/dist/middleware/authenticate.middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authenticate.middleware.js","sourceRoot":"","sources":["../../src/middleware/authenticate.middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,gCAAgC,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAE9C,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,UAA8B,EAAiB,EAAE;IAChF,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACpD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACzC,OAAO,KAAK,IAAI,IAAI,CAAC;AACzB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;IAClF,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QAE5D,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,MAAM,QAAQ,CAAC,YAAY,CAAC,0BAA0B,EAAE,eAAe,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QAE/C,IAAI,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC5B,MAAM,QAAQ,CAAC,YAAY,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,CAAC;QAC7E,CAAC;QAED,GAAG,CAAC,IAAI,GAAG,EAAE,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC;QAExD,IAAI,EAAE,CAAC;IACX,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,CAAC;AACL,CAAC,CAAC"}

package/dist/types/auth.types.d.ts

@@ -0,0 +1,32 @@
+export interface AuthenticatedUser {
+    id: string;
+    email: string;
+    [key: string]: unknown;
+}
+export interface RegisterInput {
+    email: string;
+    password: string;
+    [key: string]: unknown;
+}
+export interface LoginInput {
+    email: string;
+    password: string;
+}
+export interface SanitizedUser {
+    id: string;
+    email: string;
+    [key: string]: unknown;
+}
+export interface AuthTokens {
+    accessToken: string;
+    refreshToken: string;
+}
+export interface RegisterResult {
+    user: SanitizedUser;
+    tokens: AuthTokens;
+}
+export interface LoginResult {
+    user: SanitizedUser;
+    tokens: AuthTokens;
+}
+//# sourceMappingURL=auth.types.d.ts.map

package/dist/types/auth.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.types.d.ts","sourceRoot":"","sources":["../../src/types/auth.types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,iBAAiB;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,aAAa;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,UAAU;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,aAAa;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,cAAc;IAC3B,IAAI,EAAE,aAAa,CAAC;IACpB,MAAM,EAAE,UAAU,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IACxB,IAAI,EAAE,aAAa,CAAC;IACpB,MAAM,EAAE,UAAU,CAAC;CACtB"}

package/dist/types/auth.types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=auth.types.js.map

package/dist/types/auth.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.types.js","sourceRoot":"","sources":["../../src/types/auth.types.ts"],"names":[],"mappings":""}

package/dist/types/config.types.d.ts

@@ -0,0 +1,13 @@
+import { Document, Model } from 'mongoose';
+import { JWTConfig } from './jwt.types.js';
+export interface UserDocument extends Document {
+    email: string;
+    password: string;
+    [key: string]: unknown;
+}
+export interface SecureAuthConfig {
+    userModel: Model<UserDocument>;
+    jwt: JWTConfig;
+    routePrefix?: string;
+}
+//# sourceMappingURL=config.types.d.ts.map

package/dist/types/config.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.types.d.ts","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,MAAM,WAAW,YAAa,SAAQ,QAAQ;IAC1C,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,gBAAgB;IAC7B,SAAS,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;IAC/B,GAAG,EAAE,SAAS,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;CACxB"}

package/dist/types/config.types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=config.types.js.map

package/dist/types/config.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.types.js","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":""}

package/dist/types/jwt.types.d.ts

@@ -0,0 +1,12 @@
+export interface TokenPayload {
+    userId: string;
+    email: string;
+    type: 'access' | 'refresh';
+    exp?: number;
+}
+export interface JWTConfig {
+    secret: string;
+    accessTokenExpiry?: string;
+    refreshTokenExpiry?: string;
+}
+//# sourceMappingURL=jwt.types.d.ts.map

package/dist/types/jwt.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.types.d.ts","sourceRoot":"","sources":["../../src/types/jwt.types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,GAAG,SAAS,CAAC;IAC3B,GAAG,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,SAAS;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B"}

package/dist/types/jwt.types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=jwt.types.js.map

package/dist/types/jwt.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.types.js","sourceRoot":"","sources":["../../src/types/jwt.types.ts"],"names":[],"mappings":""}

package/dist/utils/AppError.d.ts

@@ -0,0 +1,12 @@
+export declare class AppError extends Error {
+    readonly statusCode: number;
+    readonly isOperational: boolean;
+    readonly code?: string;
+    constructor(message: string, statusCode: number, code?: string);
+    static badRequest(message: string, code?: string): AppError;
+    static unauthorized(message?: string, code?: string): AppError;
+    static forbidden(message?: string, code?: string): AppError;
+    static notFound(message?: string, code?: string): AppError;
+    static internal(message?: string, code?: string): AppError;
+}
+//# sourceMappingURL=AppError.d.ts.map

package/dist/utils/AppError.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AppError.d.ts","sourceRoot":"","sources":["../../src/utils/AppError.ts"],"names":[],"mappings":"AAAA,qBAAa,QAAS,SAAQ,KAAK;IAC/B,SAAgB,UAAU,EAAE,MAAM,CAAC;IACnC,SAAgB,aAAa,EAAE,OAAO,CAAC;IACvC,SAAgB,IAAI,CAAC,EAAE,MAAM,CAAC;gBAElB,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM;IAW9D,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,QAAQ;IAI3D,MAAM,CAAC,YAAY,CAAC,OAAO,SAAiB,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,QAAQ;IAItE,MAAM,CAAC,SAAS,CAAC,OAAO,SAAc,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,QAAQ;IAIhE,MAAM,CAAC,QAAQ,CAAC,OAAO,SAAc,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,QAAQ;IAI/D,MAAM,CAAC,QAAQ,CAAC,OAAO,SAA0B,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,QAAQ;CAG9E"}

package/dist/utils/AppError.js

@@ -0,0 +1,30 @@
+export class AppError extends Error {
+    statusCode;
+    isOperational;
+    code;
+    constructor(message, statusCode, code) {
+        super(message);
+        this.statusCode = statusCode;
+        this.isOperational = true;
+        this.code = code;
+        // Restore prototype chain
+        Object.setPrototypeOf(this, new.target.prototype);
+        Error.captureStackTrace(this, this.constructor);
+    }
+    static badRequest(message, code) {
+        return new AppError(message, 400, code);
+    }
+    static unauthorized(message = 'Unauthorized', code) {
+        return new AppError(message, 401, code);
+    }
+    static forbidden(message = 'Forbidden', code) {
+        return new AppError(message, 403, code);
+    }
+    static notFound(message = 'Not found', code) {
+        return new AppError(message, 404, code);
+    }
+    static internal(message = 'Internal server error', code) {
+        return new AppError(message, 500, code);
+    }
+}
+//# sourceMappingURL=AppError.js.map

package/dist/utils/AppError.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AppError.js","sourceRoot":"","sources":["../../src/utils/AppError.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,QAAS,SAAQ,KAAK;IACf,UAAU,CAAS;IACnB,aAAa,CAAU;IACvB,IAAI,CAAU;IAE9B,YAAY,OAAe,EAAE,UAAkB,EAAE,IAAa;QAC1D,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QAEjB,0BAA0B;QAC1B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAClD,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,OAAe,EAAE,IAAa;QAC5C,OAAO,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,YAAY,CAAC,OAAO,GAAG,cAAc,EAAE,IAAa;QACvD,OAAO,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,OAAO,GAAG,WAAW,EAAE,IAAa;QACjD,OAAO,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAO,GAAG,WAAW,EAAE,IAAa;QAChD,OAAO,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAO,GAAG,uBAAuB,EAAE,IAAa;QAC5D,OAAO,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;CACJ"}

package/dist/utils/hash.d.ts

@@ -0,0 +1,3 @@
+export declare function hashPassword(plaintext: string): Promise<string>;
+export declare function comparePassword(plaintext: string, hashed: string): Promise<boolean>;
+//# sourceMappingURL=hash.d.ts.map

package/dist/utils/hash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../src/utils/hash.ts"],"names":[],"mappings":"AAGA,wBAAsB,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAErE;AAED,wBAAsB,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAEzF"}

package/dist/utils/hash.js

@@ -0,0 +1,9 @@
+import bcrypt from 'bcryptjs';
+import { SALT_ROUNDS } from '../constants/index.js';
+export async function hashPassword(plaintext) {
+    return bcrypt.hash(plaintext, SALT_ROUNDS);
+}
+export async function comparePassword(plaintext, hashed) {
+    return bcrypt.compare(plaintext, hashed);
+}
+//# sourceMappingURL=hash.js.map

package/dist/utils/hash.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.js","sourceRoot":"","sources":["../../src/utils/hash.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,SAAiB;IAChD,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,SAAiB,EAAE,MAAc;IACnE,OAAO,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;AAC7C,CAAC"}

package/dist/utils/jwt.d.ts

@@ -0,0 +1,5 @@
+import { JWTConfig, TokenPayload } from '../types/jwt.types.js';
+export declare function generateAccessToken(payload: Omit<TokenPayload, 'type' | 'exp'>, config: JWTConfig): string;
+export declare function generateRefreshToken(payload: Omit<TokenPayload, 'type' | 'exp'>, config: JWTConfig): string;
+export declare function verifyToken(token: string, config: JWTConfig): TokenPayload;
+//# sourceMappingURL=jwt.d.ts.map

package/dist/utils/jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/utils/jwt.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAGhE,wBAAgB,mBAAmB,CAC/B,OAAO,EAAE,IAAI,CAAC,YAAY,EAAE,MAAM,GAAG,KAAK,CAAC,EAC3C,MAAM,EAAE,SAAS,GAClB,MAAM,CAIR;AAED,wBAAgB,oBAAoB,CAChC,OAAO,EAAE,IAAI,CAAC,YAAY,EAAE,MAAM,GAAG,KAAK,CAAC,EAC3C,MAAM,EAAE,SAAS,GAClB,MAAM,CAIR;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,GAAG,YAAY,CAc1E"}

package/dist/utils/jwt.js

@@ -0,0 +1,27 @@
+import jwt from 'jsonwebtoken';
+import { AppError } from './AppError.js';
+export function generateAccessToken(payload, config) {
+    return jwt.sign({ ...payload, type: 'access' }, config.secret, {
+        expiresIn: config.accessTokenExpiry ?? '15m',
+    });
+}
+export function generateRefreshToken(payload, config) {
+    return jwt.sign({ ...payload, type: 'refresh' }, config.secret, {
+        expiresIn: config.refreshTokenExpiry ?? '7d',
+    });
+}
+export function verifyToken(token, config) {
+    try {
+        return jwt.verify(token, config.secret);
+    }
+    catch (error) {
+        if (error instanceof jwt.TokenExpiredError) {
+            throw AppError.unauthorized('Token has expired', 'TOKEN_EXPIRED');
+        }
+        if (error instanceof jwt.JsonWebTokenError) {
+            throw AppError.unauthorized('Invalid token', 'TOKEN_INVALID');
+        }
+        throw AppError.unauthorized('Token verification failed');
+    }
+}
+//# sourceMappingURL=jwt.js.map

package/dist/utils/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../src/utils/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,GAAG,MAAM,cAAc,CAAC;AAE/B,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,MAAM,UAAU,mBAAmB,CAC/B,OAA2C,EAC3C,MAAiB;IAEjB,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE;QAC3D,SAAS,EAAE,MAAM,CAAC,iBAAiB,IAAI,KAAK;KAC5B,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,oBAAoB,CAChC,OAA2C,EAC3C,MAAiB;IAEjB,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE;QAC5D,SAAS,EAAE,MAAM,CAAC,kBAAkB,IAAI,IAAI;KAC5B,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAa,EAAE,MAAiB;IACxD,IAAI,CAAC;QACD,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAiB,CAAC;IAC5D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,IAAI,KAAK,YAAY,GAAG,CAAC,iBAAiB,EAAE,CAAC;YACzC,MAAM,QAAQ,CAAC,YAAY,CAAC,mBAAmB,EAAE,eAAe,CAAC,CAAC;QACtE,CAAC;QAED,IAAI,KAAK,YAAY,GAAG,CAAC,iBAAiB,EAAE,CAAC;YACzC,MAAM,QAAQ,CAAC,YAAY,CAAC,eAAe,EAAE,eAAe,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,QAAQ,CAAC,YAAY,CAAC,2BAA2B,CAAC,CAAC;IAC7D,CAAC;AACL,CAAC"}

package/dist/utils/response.d.ts

@@ -0,0 +1,17 @@
+import { Response } from 'express';
+export interface SuccessResponse<T = unknown> {
+    success: true;
+    data: T;
+    message?: string;
+}
+export interface ErrorResponse {
+    success: false;
+    error: {
+        message: string;
+        code?: string;
+        statusCode: number;
+    };
+}
+export declare function sendSuccess<T>(res: Response, data: T, message?: string, statusCode?: number): void;
+export declare function sendError(res: Response, message: string, statusCode?: number, code?: string): void;
+//# sourceMappingURL=response.d.ts.map

package/dist/utils/response.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"response.d.ts","sourceRoot":"","sources":["../../src/utils/response.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEnC,MAAM,WAAW,eAAe,CAAC,CAAC,GAAG,OAAO;IACxC,OAAO,EAAE,IAAI,CAAC;IACd,IAAI,EAAE,CAAC,CAAC;IACR,OAAO,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,aAAa;IAC1B,OAAO,EAAE,KAAK,CAAC;IACf,KAAK,EAAE;QACH,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,UAAU,EAAE,MAAM,CAAC;KACtB,CAAC;CACL;AAED,wBAAgB,WAAW,CAAC,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,MAAM,EAAE,UAAU,SAAM,GAAG,IAAI,CAO/F;AAED,wBAAgB,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,SAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAU/F"}

package/dist/utils/response.js

@@ -0,0 +1,20 @@
+export function sendSuccess(res, data, message, statusCode = 200) {
+    const body = {
+        success: true,
+        data,
+        ...(message ? { message } : {}),
+    };
+    res.status(statusCode).json(body);
+}
+export function sendError(res, message, statusCode = 500, code) {
+    const body = {
+        success: false,
+        error: {
+            message,
+            statusCode,
+            ...(code ? { code } : {}),
+        },
+    };
+    res.status(statusCode).json(body);
+}
+//# sourceMappingURL=response.js.map

package/dist/utils/response.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"response.js","sourceRoot":"","sources":["../../src/utils/response.ts"],"names":[],"mappings":"AAiBA,MAAM,UAAU,WAAW,CAAI,GAAa,EAAE,IAAO,EAAE,OAAgB,EAAE,UAAU,GAAG,GAAG;IACrF,MAAM,IAAI,GAAuB;QAC7B,OAAO,EAAE,IAAI;QACb,IAAI;QACJ,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAClC,CAAC;IACF,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,GAAa,EAAE,OAAe,EAAE,UAAU,GAAG,GAAG,EAAE,IAAa;IACrF,MAAM,IAAI,GAAkB;QACxB,OAAO,EAAE,KAAK;QACd,KAAK,EAAE;YACH,OAAO;YACP,UAAU;YACV,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC5B;KACJ,CAAC;IACF,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACtC,CAAC"}

package/dist/utils/sanitizeUser.d.ts

@@ -0,0 +1,4 @@
+import { SanitizedUser } from '../types/auth.types.js';
+import { UserDocument } from '../types/config.types.js';
+export declare function sanitizeUser(user: UserDocument): SanitizedUser;
+//# sourceMappingURL=sanitizeUser.d.ts.map

package/dist/utils/sanitizeUser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizeUser.d.ts","sourceRoot":"","sources":["../../src/utils/sanitizeUser.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,wBAAgB,YAAY,CAAC,IAAI,EAAE,YAAY,GAAG,aAAa,CAkB9D"}

package/dist/utils/sanitizeUser.js

@@ -0,0 +1,17 @@
+import { SENSITIVE_FIELDS } from '../constants/index.js';
+export function sanitizeUser(user) {
+    const raw = typeof user.toObject === 'function' ? user.toObject() : { ...user };
+    const sanitized = {};
+    for (const [key, val] of Object.entries(raw)) {
+        if (!SENSITIVE_FIELDS.has(key)) {
+            sanitized[key] = val;
+        }
+    }
+    // Normalize _id -> id
+    if (raw._id !== undefined) {
+        sanitized['id'] = String(raw._id);
+        delete sanitized['_id'];
+    }
+    return sanitized;
+}
+//# sourceMappingURL=sanitizeUser.js.map

package/dist/utils/sanitizeUser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizeUser.js","sourceRoot":"","sources":["../../src/utils/sanitizeUser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAIzD,MAAM,UAAU,YAAY,CAAC,IAAkB;IAC3C,MAAM,GAAG,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,CAAC;IAEhF,MAAM,SAAS,GAA4B,EAAE,CAAC;IAE9C,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3C,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;QACzB,CAAC;IACL,CAAC;IAED,sBAAsB;IACtB,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QACxB,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC;IAED,OAAO,SAA0B,CAAC;AACtC,CAAC"}

package/package.json

@@ -0,0 +1,49 @@
+{
+    "name": "secure-auth-kit",
+    "version": "1.0.1",
+    "description": "Authentication toolkit for Express and MongoDB",
+    "type": "module",
+    "main": "./dist/index.js",
+    "types": "./dist/index.d.ts",
+    "exports": {
+        ".": {
+            "types": "./dist/index.d.ts",
+            "import": "./dist/index.js"
+        }
+    },
+    "files": [
+        "dist"
+    ],
+    "engines": {
+        "node": ">=18"
+    },
+    "scripts": {
+        "build": "tsc"
+    },
+    "keywords": [
+        "authentication",
+        "jwt",
+        "express",
+        "mongoose",
+        "typescript",
+        "auth"
+    ],
+    "license": "MIT",
+    "peerDependencies": {
+        "express": "^5.0.0",
+        "mongoose": "^8.0.0"
+    },
+    "dependencies": {
+        "bcryptjs": "^2.4.3",
+        "jsonwebtoken": "^9.0.2"
+    },
+    "devDependencies": {
+        "@types/bcryptjs": "^2.4.6",
+        "@types/express": "^5.0.0",
+        "@types/jsonwebtoken": "^9.0.6",
+        "@types/node": "^20.0.0",
+        "typescript": "^5.4.0",
+        "express": "^5.2.1",
+        "mongoose": "^8.24.0"
+    }
+}