npm - simple-m-auth - Versions diffs - 1.0.0 - Mend

simple-m-auth 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,186 @@
+# simple-m-auth
+Dead simple session-based authentication. Just create `auth.config.ts` and go.
+Based on [Lucia Auth](https://lucia-auth.com) principles: separate session ID and secret, SHA-256 hashed secrets, constant-time comparison.
+## Install
+```bash
+npm install simple-m-auth
+```
+## Setup
+Create `auth.config.ts` in your project root:
+```typescript
+import type { AuthConfig } from 'simple-m-auth';
+import { prisma } from './db';
+export const authConfig: AuthConfig = {
+  db: {
+    insertSession: async (session) => {
+      await prisma.session.create({
+        data: {
+          id: session.id,
+          secretHash: Buffer.from(session.secretHash),
+          userId: session.userId,
+          createdAt: session.createdAt,
+        },
+      });
+    },
+    getSessionById: async (sessionId) => {
+      const session = await prisma.session.findUnique({
+        where: { id: sessionId },
+      });
+      if (!session) return null;
+      return {
+        ...session,
+        secretHash: new Uint8Array(session.secretHash),
+      };
+    },
+    deleteSession: async (sessionId) => {
+      await prisma.session.deleteMany({ where: { id: sessionId } });
+    },
+    getUserById: async (userId) => {
+      return prisma.user.findUnique({ where: { id: userId } });
+    },
+  },
+  cookie: {
+    // Example for Next.js App Router
+    set: async (name, value, options) => {
+      const { cookies } = await import('next/headers');
+      const cookieStore = await cookies();
+      cookieStore.set(name, value, options);
+    },
+    get: async (name) => {
+      const { cookies } = await import('next/headers');
+      const cookieStore = await cookies();
+      return cookieStore.get(name)?.value ?? null;
+    },
+    delete: async (name) => {
+      const { cookies } = await import('next/headers');
+      const cookieStore = await cookies();
+      cookieStore.delete(name);
+    },
+  },
+  sessionExpiresIn: 60 * 60 * 24 * 7, // 1 week
+  cookieName: 'session_token',
+};
+```
+## Database Schema
+```sql
+CREATE TABLE session (
+  id TEXT PRIMARY KEY,
+  secret_hash BLOB NOT NULL,
+  user_id TEXT NOT NULL REFERENCES user(id),
+  created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+```
+Prisma:
+```prisma
+model Session {
+  id         String   @id
+  secretHash Bytes    @map("secret_hash")
+  userId     String   @map("user_id")
+  user       User     @relation(fields: [userId], references: [id])
+  createdAt  DateTime @default(now()) @map("created_at")
+  @@map("session")
+}
+```
+## Usage
+```typescript
+import { createSession, validateSession, getUser, deleteSession } from 'simple-m-auth';
+// Login - create session after verifying password
+async function login(userId: string) {
+  const session = await createSession(userId);
+  // Cookie is automatically set
+  return session;
+}
+// Check if user is authenticated
+async function auth() {
+  const session = await validateSession();
+  if (!session) {
+    redirect('/login');
+  }
+  return session;
+}
+// Get current user
+async function getCurrentUser() {
+  const user = await getUser();
+  return user; // null if not authenticated
+}
+// Logout
+async function logout() {
+  await deleteSession();
+  // Cookie is automatically cleared
+}
+```
+## Next.js Example
+```typescript
+// app/api/auth/login/route.ts
+import { createSession } from 'simple-m-auth';
+import { verifyPassword } from '@/lib/password';
+import { prisma } from '@/lib/db';
+export async function POST(request: Request) {
+  const { email, password } = await request.json();
+  const user = await prisma.user.findUnique({ where: { email } });
+  if (!user || !await verifyPassword(password, user.passwordHash)) {
+    return Response.json({ error: 'Invalid credentials' }, { status: 401 });
+  }
+  await createSession(user.id);
+  return Response.json({ success: true });
+}
+```
+```typescript
+// app/api/auth/logout/route.ts
+import { deleteSession } from 'simple-m-auth';
+export async function POST() {
+  await deleteSession();
+  return Response.json({ success: true });
+}
+```
+```typescript
+// lib/auth.ts
+import { getUser } from 'simple-m-auth';
+import { redirect } from 'next/navigation';
+export async function requireAuth() {
+  const user = await getUser();
+  if (!user) {
+    redirect('/login');
+  }
+  return user;
+}
+```
+## License
+MIT

package/dist/config.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { AuthConfig } from './types.js';
+export declare function loadConfig(): Promise<AuthConfig>;
+export declare function setConfig(config: AuthConfig): void;
+export declare function clearConfig(): void;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAa7C,wBAAsB,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC,CA+BtD;AAiCD,wBAAgB,SAAS,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,CAGlD;AAED,wBAAgB,WAAW,IAAI,IAAI,CAElC"}

package/dist/config.js ADDED Viewed

@@ -0,0 +1,72 @@
+import { pathToFileURL } from 'url';
+import { existsSync } from 'fs';
+import { join } from 'path';
+let cachedConfig = null;
+const CONFIG_FILENAMES = [
+    'auth.config.ts',
+    'auth.config.js',
+    'auth.config.mjs',
+];
+export async function loadConfig() {
+    if (cachedConfig) {
+        return cachedConfig;
+    }
+    const cwd = process.cwd();
+    for (const filename of CONFIG_FILENAMES) {
+        const configPath = join(cwd, filename);
+        if (existsSync(configPath)) {
+            try {
+                const configModule = await import(pathToFileURL(configPath).href);
+                const config = configModule.authConfig || configModule.default;
+                if (!config) {
+                    throw new Error(`Config file ${filename} must export 'authConfig' or default export`);
+                }
+                validateConfig(config);
+                cachedConfig = config;
+                return config;
+            }
+            catch (error) {
+                throw new Error(`Failed to load ${filename}: ${error}`);
+            }
+        }
+    }
+    throw new Error(`No auth config found. Create one of: ${CONFIG_FILENAMES.join(', ')} in your project root.`);
+}
+function validateConfig(config) {
+    if (!config.db) {
+        throw new Error('AuthConfig.db is required');
+    }
+    if (typeof config.db.insertSession !== 'function') {
+        throw new Error('AuthConfig.db.insertSession must be a function');
+    }
+    if (typeof config.db.getSessionById !== 'function') {
+        throw new Error('AuthConfig.db.getSessionById must be a function');
+    }
+    if (typeof config.db.deleteSession !== 'function') {
+        throw new Error('AuthConfig.db.deleteSession must be a function');
+    }
+    if (typeof config.db.getUserById !== 'function') {
+        throw new Error('AuthConfig.db.getUserById must be a function');
+    }
+    if (!config.cookie) {
+        throw new Error('AuthConfig.cookie is required');
+    }
+    if (typeof config.cookie.set !== 'function') {
+        throw new Error('AuthConfig.cookie.set must be a function');
+    }
+    if (typeof config.cookie.get !== 'function') {
+        throw new Error('AuthConfig.cookie.get must be a function');
+    }
+    if (typeof config.cookie.delete !== 'function') {
+        throw new Error('AuthConfig.cookie.delete must be a function');
+    }
+}
+// Allow manual config setting (useful for testing or non-standard setups)
+export function setConfig(config) {
+    validateConfig(config);
+    cachedConfig = config;
+}
+export function clearConfig() {
+    cachedConfig = null;
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAChC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,IAAI,YAAY,GAAsB,IAAI,CAAC;AAE3C,MAAM,gBAAgB,GAAG;IACvB,gBAAgB;IAChB,gBAAgB;IAChB,iBAAiB;CAClB,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,UAAU;IAC9B,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAE1B,KAAK,MAAM,QAAQ,IAAI,gBAAgB,EAAE,CAAC;QACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEvC,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC;gBACH,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC;gBAClE,MAAM,MAAM,GAAG,YAAY,CAAC,UAAU,IAAI,YAAY,CAAC,OAAO,CAAC;gBAE/D,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,eAAe,QAAQ,6CAA6C,CAAC,CAAC;gBACxF,CAAC;gBAED,cAAc,CAAC,MAAM,CAAC,CAAC;gBACvB,YAAY,GAAG,MAAM,CAAC;gBACtB,OAAO,MAAM,CAAC;YAChB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,kBAAkB,QAAQ,KAAK,KAAK,EAAE,CAAC,CAAC;YAC1D,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,wCAAwC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAC5F,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,MAAW;IACjC,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/C,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,EAAE,CAAC,aAAa,KAAK,UAAU,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,EAAE,CAAC,cAAc,KAAK,UAAU,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,EAAE,CAAC,aAAa,KAAK,UAAU,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,EAAE,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;AACH,CAAC;AAED,0EAA0E;AAC1E,MAAM,UAAU,SAAS,CAAC,MAAkB;IAC1C,cAAc,CAAC,MAAM,CAAC,CAAC;IACvB,YAAY,GAAG,MAAM,CAAC;AACxB,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,YAAY,GAAG,IAAI,CAAC;AACtB,CAAC"}

package/dist/crypto.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export declare function generateSecureRandomString(): string;
+export declare function hashSecret(secret: string): Promise<Uint8Array>;
+export declare function constantTimeEqual(a: Uint8Array, b: Uint8Array): boolean;
+export declare function parseToken(token: string): {
+    id: string;
+    secret: string;
+} | null;
+//# sourceMappingURL=crypto.d.ts.map

package/dist/crypto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAEA,wBAAgB,0BAA0B,IAAI,MAAM,CASnD;AAED,wBAAsB,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAIpE;AAED,wBAAgB,iBAAiB,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,GAAG,OAAO,CASvE;AAED,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAM/E"}

package/dist/crypto.js ADDED Viewed

@@ -0,0 +1,33 @@
+const ALPHABET = 'abcdefghijkmnpqrstuvwxyz23456789'; // human readable, no confusing chars
+export function generateSecureRandomString() {
+    const bytes = new Uint8Array(24); // 120 bits of entropy
+    crypto.getRandomValues(bytes);
+    let result = '';
+    for (let i = 0; i < bytes.length; i++) {
+        result += ALPHABET[bytes[i] >> 3];
+    }
+    return result;
+}
+export async function hashSecret(secret) {
+    const secretBytes = new TextEncoder().encode(secret);
+    const hashBuffer = await crypto.subtle.digest('SHA-256', secretBytes);
+    return new Uint8Array(hashBuffer);
+}
+export function constantTimeEqual(a, b) {
+    if (a.byteLength !== b.byteLength) {
+        return false;
+    }
+    let c = 0;
+    for (let i = 0; i < a.byteLength; i++) {
+        c |= a[i] ^ b[i];
+    }
+    return c === 0;
+}
+export function parseToken(token) {
+    const parts = token.split('.');
+    if (parts.length !== 2) {
+        return null;
+    }
+    return { id: parts[0], secret: parts[1] };
+}
+//# sourceMappingURL=crypto.js.map

package/dist/crypto.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAAA,MAAM,QAAQ,GAAG,kCAAkC,CAAC,CAAC,qCAAqC;AAE1F,MAAM,UAAU,0BAA0B;IACxC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,sBAAsB;IACxD,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAE9B,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,MAAc;IAC7C,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACrD,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IACtE,OAAO,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,CAAa,EAAE,CAAa;IAC5D,IAAI,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,UAAU,EAAE,CAAC;QAClC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AAC5C,CAAC"}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export type { AuthConfig, Session, SessionWithToken, CookieOptions, } from './types.js';
+export { createSession, validateSession, getUser, deleteSession, deleteSessionById, } from './session.js';
+export { setConfig, clearConfig } from './config.js';
+export { generateSecureRandomString, hashSecret, constantTimeEqual, } from './crypto.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EACV,UAAU,EACV,OAAO,EACP,gBAAgB,EAChB,aAAa,GACd,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,aAAa,EACb,eAAe,EACf,OAAO,EACP,aAAa,EACb,iBAAiB,GAClB,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAGrD,OAAO,EACL,0BAA0B,EAC1B,UAAU,EACV,iBAAiB,GAClB,MAAM,aAAa,CAAC"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+// Session functions
+export { createSession, validateSession, getUser, deleteSession, deleteSessionById, } from './session.js';
+// Config utilities (for advanced use)
+export { setConfig, clearConfig } from './config.js';
+// Crypto utilities (if someone needs them)
+export { generateSecureRandomString, hashSecret, constantTimeEqual, } from './crypto.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAQA,oBAAoB;AACpB,OAAO,EACL,aAAa,EACb,eAAe,EACf,OAAO,EACP,aAAa,EACb,iBAAiB,GAClB,MAAM,cAAc,CAAC;AAEtB,sCAAsC;AACtC,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAErD,2CAA2C;AAC3C,OAAO,EACL,0BAA0B,EAC1B,UAAU,EACV,iBAAiB,GAClB,MAAM,aAAa,CAAC"}

package/dist/session.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import type { Session, SessionWithToken } from './types.js';
+/**
+ * Create a new session for a user and set the cookie
+ */
+export declare function createSession(userId: string): Promise<SessionWithToken>;
+/**
+ * Validate the current session from cookie
+ * Returns the session if valid, null otherwise
+ */
+export declare function validateSession(): Promise<Session | null>;
+/**
+ * Get the current user from session
+ * Returns null if no valid session or user not found
+ */
+export declare function getUser<TUser = any>(): Promise<TUser | null>;
+/**
+ * Delete the current session and clear cookie
+ */
+export declare function deleteSession(): Promise<void>;
+/**
+ * Delete a specific session by ID (useful for "logout all devices")
+ */
+export declare function deleteSessionById(sessionId: string): Promise<void>;
+//# sourceMappingURL=session.d.ts.map

package/dist/session.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAY5D;;GAEG;AACH,wBAAsB,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAoC7E;AAED;;;GAGG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAoC/D;AAED;;;GAGG;AACH,wBAAsB,OAAO,CAAC,KAAK,GAAG,GAAG,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CASlE;AAED;;GAEG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC,CAenD;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAGxE"}

package/dist/session.js ADDED Viewed

@@ -0,0 +1,109 @@
+import { loadConfig } from './config.js';
+import { generateSecureRandomString, hashSecret, constantTimeEqual, parseToken, } from './crypto.js';
+const DEFAULT_EXPIRES_IN = 60 * 60 * 24; // 24 hours
+const DEFAULT_COOKIE_NAME = 'session_token';
+/**
+ * Create a new session for a user and set the cookie
+ */
+export async function createSession(userId) {
+    const config = await loadConfig();
+    const id = generateSecureRandomString();
+    const secret = generateSecureRandomString();
+    const secretHash = await hashSecret(secret);
+    const createdAt = new Date();
+    const token = `${id}.${secret}`;
+    const session = {
+        id,
+        secretHash,
+        userId,
+        createdAt,
+        token,
+    };
+    await config.db.insertSession({
+        id,
+        secretHash,
+        userId,
+        createdAt,
+    });
+    const cookieName = config.cookieName ?? DEFAULT_COOKIE_NAME;
+    const maxAge = config.sessionExpiresIn ?? DEFAULT_EXPIRES_IN;
+    await config.cookie.set(cookieName, token, {
+        maxAge,
+        httpOnly: true,
+        secure: true,
+        path: '/',
+        sameSite: 'lax',
+    });
+    return session;
+}
+/**
+ * Validate the current session from cookie
+ * Returns the session if valid, null otherwise
+ */
+export async function validateSession() {
+    const config = await loadConfig();
+    const cookieName = config.cookieName ?? DEFAULT_COOKIE_NAME;
+    const expiresIn = config.sessionExpiresIn ?? DEFAULT_EXPIRES_IN;
+    const token = await config.cookie.get(cookieName);
+    if (!token) {
+        return null;
+    }
+    const parsed = parseToken(token);
+    if (!parsed) {
+        return null;
+    }
+    const session = await config.db.getSessionById(parsed.id);
+    if (!session) {
+        return null;
+    }
+    // Check expiration
+    const now = Date.now();
+    const sessionAge = now - session.createdAt.getTime();
+    if (sessionAge >= expiresIn * 1000) {
+        await config.db.deleteSession(session.id);
+        await config.cookie.delete(cookieName);
+        return null;
+    }
+    // Verify secret
+    const tokenSecretHash = await hashSecret(parsed.secret);
+    if (!constantTimeEqual(tokenSecretHash, session.secretHash)) {
+        return null;
+    }
+    return session;
+}
+/**
+ * Get the current user from session
+ * Returns null if no valid session or user not found
+ */
+export async function getUser() {
+    const config = await loadConfig();
+    const session = await validateSession();
+    if (!session) {
+        return null;
+    }
+    return config.db.getUserById(session.userId);
+}
+/**
+ * Delete the current session and clear cookie
+ */
+export async function deleteSession() {
+    const config = await loadConfig();
+    const cookieName = config.cookieName ?? DEFAULT_COOKIE_NAME;
+    const token = await config.cookie.get(cookieName);
+    if (!token) {
+        return;
+    }
+    const parsed = parseToken(token);
+    if (parsed) {
+        await config.db.deleteSession(parsed.id);
+    }
+    await config.cookie.delete(cookieName);
+}
+/**
+ * Delete a specific session by ID (useful for "logout all devices")
+ */
+export async function deleteSessionById(sessionId) {
+    const config = await loadConfig();
+    await config.db.deleteSession(sessionId);
+}
+//# sourceMappingURL=session.js.map

package/dist/session.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"session.js","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EACL,0BAA0B,EAC1B,UAAU,EACV,iBAAiB,EACjB,UAAU,GACX,MAAM,aAAa,CAAC;AAErB,MAAM,kBAAkB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,WAAW;AACpD,MAAM,mBAAmB,GAAG,eAAe,CAAC;AAE5C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,MAAc;IAChD,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAElC,MAAM,EAAE,GAAG,0BAA0B,EAAE,CAAC;IACxC,MAAM,MAAM,GAAG,0BAA0B,EAAE,CAAC;IAC5C,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,KAAK,GAAG,GAAG,EAAE,IAAI,MAAM,EAAE,CAAC;IAEhC,MAAM,OAAO,GAAqB;QAChC,EAAE;QACF,UAAU;QACV,MAAM;QACN,SAAS;QACT,KAAK;KACN,CAAC;IAEF,MAAM,MAAM,CAAC,EAAE,CAAC,aAAa,CAAC;QAC5B,EAAE;QACF,UAAU;QACV,MAAM;QACN,SAAS;KACV,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,gBAAgB,IAAI,kBAAkB,CAAC;IAE7D,MAAM,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE;QACzC,MAAM;QACN,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,IAAI;QACZ,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,KAAK;KAChB,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAC5D,MAAM,SAAS,GAAG,MAAM,CAAC,gBAAgB,IAAI,kBAAkB,CAAC;IAEhE,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC1D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,IAAI,CAAC;IACd,CAAC;IAED,mBAAmB;IACnB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,UAAU,GAAG,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;IACrD,IAAI,UAAU,IAAI,SAAS,GAAG,IAAI,EAAE,CAAC;QACnC,MAAM,MAAM,CAAC,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,CAAC,iBAAiB,CAAC,eAAe,EAAE,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO;IAC3B,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,MAAM,eAAe,EAAE,CAAC;IAExC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAE5D,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,MAAM,CAAC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,SAAiB;IACvD,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAClC,MAAM,MAAM,CAAC,EAAE,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;AAC3C,CAAC"}

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,32 @@
+export interface Session {
+    id: string;
+    secretHash: Uint8Array;
+    userId: string;
+    createdAt: Date;
+}
+export interface SessionWithToken extends Session {
+    token: string;
+}
+export interface CookieOptions {
+    maxAge: number;
+    httpOnly: boolean;
+    secure: boolean;
+    path: string;
+    sameSite: 'lax' | 'strict' | 'none';
+}
+export interface AuthConfig<TUser = any> {
+    db: {
+        insertSession: (session: Session) => Promise<void>;
+        getSessionById: (sessionId: string) => Promise<Session | null>;
+        deleteSession: (sessionId: string) => Promise<void>;
+        getUserById: (userId: string) => Promise<TUser | null>;
+    };
+    cookie: {
+        set: (name: string, value: string, options: CookieOptions) => void | Promise<void>;
+        get: (name: string) => string | null | Promise<string | null>;
+        delete: (name: string) => void | Promise<void>;
+    };
+    sessionExpiresIn?: number;
+    cookieName?: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,UAAU,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,gBAAiB,SAAQ,OAAO;IAC/C,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACrC;AAED,MAAM,WAAW,UAAU,CAAC,KAAK,GAAG,GAAG;IACrC,EAAE,EAAE;QACF,aAAa,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QACnD,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;QAC/D,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;KACxD,CAAC;IAEF,MAAM,EAAE;QACN,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACnF,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;QAC9D,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;KAChD,CAAC;IAEF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB"}

package/dist/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=types.js.map

package/dist/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/package.json ADDED Viewed

@@ -0,0 +1,37 @@
+{
+  "name": "simple-m-auth",
+  "version": "1.0.0",
+  "description": "Dead simple session-based authentication. Just create auth.config.ts and go.",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "auth",
+    "authentication",
+    "session",
+    "lucia",
+    "simple"
+  ],
+  "author": "",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^25.0.3",
+    "typescript": "^5.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}