whop-kit 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Colin McDermott
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/auth/index.d.ts

@@ -0,0 +1,85 @@
+/** The session payload stored in the JWT and used throughout the app */
+interface Session {
+    userId: string;
+    whopUserId: string;
+    email: string | null;
+    name: string | null;
+    profileImageUrl: string | null;
+    plan: string;
+    cancelAtPeriodEnd: boolean;
+    isAdmin: boolean;
+}
+/** Options for session token creation */
+interface SessionTokenOptions {
+    /** JWT max age in seconds. Defaults to 7 days. */
+    maxAge?: number;
+}
+/** Cookie adapter interface — implement per framework */
+interface CookieAdapter {
+    get(name: string): string | undefined | Promise<string | undefined>;
+    set(name: string, value: string, options: CookieOptions): void | Promise<void>;
+    delete(name: string): void | Promise<void>;
+}
+interface CookieOptions {
+    httpOnly: boolean;
+    secure: boolean;
+    sameSite: "lax" | "strict" | "none";
+    maxAge: number;
+    path: string;
+}
+/**
+ * Create a signed JWT session token.
+ *
+ * @param session - The session payload
+ * @param secret - The signing secret (Uint8Array)
+ * @param options - Optional token settings
+ */
+declare function createSessionToken(session: Session, secret: Uint8Array, options?: SessionTokenOptions): Promise<string>;
+/**
+ * Verify and decode a JWT session token.
+ *
+ * @param token - The JWT string
+ * @param secret - The signing secret (Uint8Array)
+ * @param validPlanKeys - Array of valid plan keys (to validate the plan field)
+ * @param defaultPlan - Fallback plan key if the JWT's plan is invalid
+ */
+declare function verifySessionToken(token: string, secret: Uint8Array, validPlanKeys: string[], defaultPlan: string): Promise<Session | null>;
+/**
+ * Set the session cookie (and a non-httpOnly login indicator).
+ *
+ * @param session - The session payload
+ * @param secret - JWT signing secret
+ * @param cookies - Framework-specific cookie adapter
+ * @param isProduction - Whether to set Secure flag
+ */
+declare function setSessionCookie(session: Session, secret: Uint8Array, cookies: CookieAdapter, isProduction?: boolean): Promise<void>;
+/**
+ * Clear the session cookie.
+ *
+ * @param cookies - Framework-specific cookie adapter
+ * @param isProduction - Whether to set Secure flag
+ */
+declare function clearSessionCookie(cookies: CookieAdapter, isProduction?: boolean): Promise<void>;
+/**
+ * Read and verify the session from cookies, optionally refreshing the plan
+ * from the database.
+ *
+ * @param cookies - Framework-specific cookie adapter
+ * @param secret - JWT signing secret
+ * @param validPlanKeys - Array of valid plan keys
+ * @param defaultPlan - Fallback plan key
+ * @param refreshPlan - Optional async function to fetch fresh plan from DB
+ */
+declare function getSessionFromCookie(cookies: CookieAdapter, secret: Uint8Array, validPlanKeys: string[], defaultPlan: string, refreshPlan?: (userId: string) => Promise<{
+    plan: string;
+    cancelAtPeriodEnd: boolean;
+} | null>): Promise<Session | null>;
+/**
+ * Generate a cryptographically secure secret string (hex-encoded).
+ * Useful for auto-generating SESSION_SECRET on first run.
+ */
+declare function generateSecret(byteLength?: number): string;
+/** Encode a secret string to Uint8Array (for use with jose) */
+declare function encodeSecret(secret: string): Uint8Array;
+
+export { type CookieAdapter, type CookieOptions, type Session, type SessionTokenOptions, clearSessionCookie, createSessionToken, encodeSecret, generateSecret, getSessionFromCookie, setSessionCookie, verifySessionToken };

package/dist/auth/index.js

@@ -0,0 +1,3 @@
+export { clearSessionCookie, createSessionToken, encodeSecret, generateSecret, getSessionFromCookie, setSessionCookie, verifySessionToken } from '../chunk-GXQLG4HV.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/chunk-BLQ7T7NQ.js

@@ -0,0 +1,18 @@
+// src/utils/index.ts
+function cn(...classes) {
+  return classes.filter(Boolean).join(" ");
+}
+function monthlyEquivalent(yearlyTotal) {
+  return Math.round(yearlyTotal / 12 * 100) / 100;
+}
+function formatDate(date) {
+  return new Intl.DateTimeFormat("en-US", {
+    month: "short",
+    day: "numeric",
+    year: "numeric"
+  }).format(new Date(date));
+}
+
+export { cn, formatDate, monthlyEquivalent };
+//# sourceMappingURL=chunk-BLQ7T7NQ.js.map
+//# sourceMappingURL=chunk-BLQ7T7NQ.js.map

package/dist/chunk-BLQ7T7NQ.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utils/index.ts"],"names":[],"mappings":";AAKO,SAAS,MAAM,OAAA,EAAwD;AAC5E,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,OAAO,CAAA,CAAE,KAAK,GAAG,CAAA;AACzC;AAGO,SAAS,kBAAkB,WAAA,EAA6B;AAC7D,EAAA,OAAO,IAAA,CAAK,KAAA,CAAO,WAAA,GAAc,EAAA,GAAM,GAAG,CAAA,GAAI,GAAA;AAChD;AAGO,SAAS,WAAW,IAAA,EAA6B;AACtD,EAAA,OAAO,IAAI,IAAA,CAAK,cAAA,CAAe,OAAA,EAAS;AAAA,IACtC,KAAA,EAAO,OAAA;AAAA,IACP,GAAA,EAAK,SAAA;AAAA,IACL,IAAA,EAAM;AAAA,GACP,CAAA,CAAE,MAAA,CAAO,IAAI,IAAA,CAAK,IAAI,CAAC,CAAA;AAC1B","file":"chunk-BLQ7T7NQ.js","sourcesContent":["// ---------------------------------------------------------------------------\n// Utilities — pure helper functions\n// ---------------------------------------------------------------------------\n\n/** Merge class names, filtering out falsy values */\nexport function cn(...classes: (string | false | null | undefined)[]): string {\n  return classes.filter(Boolean).join(\" \");\n}\n\n/** Calculate the monthly-equivalent price from a yearly total */\nexport function monthlyEquivalent(yearlyTotal: number): number {\n  return Math.round((yearlyTotal / 12) * 100) / 100;\n}\n\n/** Format a date for display (e.g. \"Jan 1, 2026\") */\nexport function formatDate(date: Date | string): string {\n  return new Intl.DateTimeFormat(\"en-US\", {\n    month: \"short\",\n    day: \"numeric\",\n    year: \"numeric\",\n  }).format(new Date(date));\n}\n"]}

package/dist/chunk-EYK3S5U2.js

@@ -0,0 +1,158 @@
+// src/whop/index.ts
+var WHOP_API_BASE = "https://api.whop.com";
+function base64url(bytes) {
+  return btoa(String.fromCharCode(...bytes)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function randomString(len) {
+  return base64url(crypto.getRandomValues(new Uint8Array(len)));
+}
+async function sha256(str) {
+  const hash = await crypto.subtle.digest(
+    "SHA-256",
+    new TextEncoder().encode(str)
+  );
+  return base64url(new Uint8Array(hash));
+}
+async function buildAuthorizationUrl(redirectUri, clientId) {
+  const codeVerifier = randomString(32);
+  const codeChallenge = await sha256(codeVerifier);
+  const state = randomString(16);
+  const nonce = randomString(16);
+  const params = new URLSearchParams({
+    response_type: "code",
+    client_id: clientId,
+    redirect_uri: redirectUri,
+    scope: "openid profile email",
+    state,
+    nonce,
+    code_challenge: codeChallenge,
+    code_challenge_method: "S256"
+  });
+  return {
+    url: `${WHOP_API_BASE}/oauth/authorize?${params}`,
+    codeVerifier,
+    state,
+    nonce
+  };
+}
+async function exchangeCodeForTokens(code, codeVerifier, redirectUri, clientId) {
+  const res = await fetch(`${WHOP_API_BASE}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({
+      grant_type: "authorization_code",
+      code,
+      redirect_uri: redirectUri,
+      client_id: clientId,
+      code_verifier: codeVerifier
+    })
+  });
+  if (!res.ok) {
+    const error = await res.text().catch(() => "Unknown error");
+    throw new Error(`Token exchange failed (${res.status}): ${error}`);
+  }
+  return res.json();
+}
+async function getWhopUser(accessToken) {
+  const res = await fetch(`${WHOP_API_BASE}/oauth/userinfo`, {
+    headers: { Authorization: `Bearer ${accessToken}` },
+    cache: "no-store"
+  });
+  if (!res.ok) {
+    throw new Error(`Failed to fetch user (${res.status})`);
+  }
+  return res.json();
+}
+async function checkWhopAccess(whopUserId, resourceId, apiKey) {
+  const res = await fetch(
+    `${WHOP_API_BASE}/api/v1/users/${whopUserId}/access/${resourceId}`,
+    {
+      headers: { Authorization: `Bearer ${apiKey}` },
+      cache: "no-store"
+    }
+  );
+  if (res.ok) {
+    const data = await res.json();
+    return {
+      hasAccess: data.has_access ?? false,
+      accessLevel: data.access_level ?? "no_access"
+    };
+  }
+  if (res.status === 403 || res.status === 404) {
+    return { hasAccess: false, accessLevel: "no_access" };
+  }
+  console.error(
+    `[whop-kit] Access check failed (${res.status}) for user ${whopUserId}`
+  );
+  return { hasAccess: false, accessLevel: "no_access" };
+}
+async function fetchWhopPlanDetails(planId, apiKey) {
+  try {
+    const res = await fetch(`${WHOP_API_BASE}/api/v1/plans/${planId}`, {
+      headers: { Authorization: `Bearer ${apiKey}` },
+      cache: "no-store"
+    });
+    if (!res.ok) {
+      console.error(
+        `[whop-kit] Failed to fetch plan ${planId} (${res.status})`
+      );
+      return null;
+    }
+    return res.json();
+  } catch (err) {
+    console.error(`[whop-kit] Error fetching plan ${planId}:`, err);
+    return null;
+  }
+}
+function getEffectivePrice(details) {
+  return details.plan_type === "renewal" ? details.renewal_price ?? 0 : details.initial_price ?? 0;
+}
+async function uncancelMembership(membershipId, apiKey) {
+  const res = await fetch(
+    `${WHOP_API_BASE}/api/v1/memberships/${membershipId}/uncancel`,
+    {
+      method: "POST",
+      headers: { Authorization: `Bearer ${apiKey}` }
+    }
+  );
+  return res.ok;
+}
+async function verifyWebhookSignature(body, headers, webhookSecret) {
+  const msgId = headers["webhook-id"];
+  const signature = headers["webhook-signature"];
+  const timestamp = headers["webhook-timestamp"];
+  if (!msgId || !signature || !timestamp) return false;
+  const now = Math.floor(Date.now() / 1e3);
+  const webhookTimestamp = parseInt(timestamp, 10);
+  if (Math.abs(now - webhookTimestamp) > 300) return false;
+  const secretBytes = new TextEncoder().encode(webhookSecret);
+  const toSign = `${msgId}.${timestamp}.${body}`;
+  const key = await crypto.subtle.importKey(
+    "raw",
+    secretBytes,
+    { name: "HMAC", hash: "SHA-256" },
+    false,
+    ["sign"]
+  );
+  const signatureBytes = await crypto.subtle.sign(
+    "HMAC",
+    key,
+    new TextEncoder().encode(toSign)
+  );
+  const expectedSignature = `v1,${base64url(new Uint8Array(signatureBytes))}`;
+  const providedSignatures = signature.split(" ");
+  const expectedBytes = new TextEncoder().encode(expectedSignature);
+  return providedSignatures.some((sig) => {
+    const sigBytes = new TextEncoder().encode(sig);
+    if (sigBytes.length !== expectedBytes.length) return false;
+    let diff = 0;
+    for (let i = 0; i < sigBytes.length; i++) {
+      diff |= sigBytes[i] ^ expectedBytes[i];
+    }
+    return diff === 0;
+  });
+}
+
+export { buildAuthorizationUrl, checkWhopAccess, exchangeCodeForTokens, fetchWhopPlanDetails, getEffectivePrice, getWhopUser, randomString, sha256, uncancelMembership, verifyWebhookSignature };
+//# sourceMappingURL=chunk-EYK3S5U2.js.map
+//# sourceMappingURL=chunk-EYK3S5U2.js.map

package/dist/chunk-EYK3S5U2.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/whop/index.ts"],"names":[],"mappings":";AAOA,IAAM,aAAA,GAAgB,sBAAA;AAMtB,SAAS,UAAU,KAAA,EAA2B;AAC5C,EAAA,OAAO,KAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA,CACtC,OAAA,CAAQ,KAAA,EAAO,GAAG,EAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,OAAO,EAAE,CAAA;AACtB;AAEO,SAAS,aAAa,GAAA,EAAqB;AAChD,EAAA,OAAO,UAAU,MAAA,CAAO,eAAA,CAAgB,IAAI,UAAA,CAAW,GAAG,CAAC,CAAC,CAAA;AAC9D;AAEA,eAAsB,OAAO,GAAA,EAA8B;AACzD,EAAA,MAAM,IAAA,GAAO,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA;AAAA,IAC/B,SAAA;AAAA,IACA,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,GAAG;AAAA,GAC9B;AACA,EAAA,OAAO,SAAA,CAAU,IAAI,UAAA,CAAW,IAAI,CAAC,CAAA;AACvC;AAmBA,eAAsB,qBAAA,CACpB,aACA,QAAA,EACiC;AACjC,EAAA,MAAM,YAAA,GAAe,aAAa,EAAE,CAAA;AACpC,EAAA,MAAM,aAAA,GAAgB,MAAM,MAAA,CAAO,YAAY,CAAA;AAC/C,EAAA,MAAM,KAAA,GAAQ,aAAa,EAAE,CAAA;AAC7B,EAAA,MAAM,KAAA,GAAQ,aAAa,EAAE,CAAA;AAE7B,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,IACjC,aAAA,EAAe,MAAA;AAAA,IACf,SAAA,EAAW,QAAA;AAAA,IACX,YAAA,EAAc,WAAA;AAAA,IACd,KAAA,EAAO,sBAAA;AAAA,IACP,KAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA,EAAgB,aAAA;AAAA,IAChB,qBAAA,EAAuB;AAAA,GACxB,CAAA;AAED,EAAA,OAAO;AAAA,IACL,GAAA,EAAK,CAAA,EAAG,aAAa,CAAA,iBAAA,EAAoB,MAAM,CAAA,CAAA;AAAA,IAC/C,YAAA;AAAA,IACA,KAAA;AAAA,IACA;AAAA,GACF;AACF;AAiBA,eAAsB,qBAAA,CACpB,IAAA,EACA,YAAA,EACA,WAAA,EACA,QAAA,EACwB;AACxB,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,CAAA,EAAG,aAAa,CAAA,YAAA,CAAA,EAAgB;AAAA,IACtD,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,MACnB,UAAA,EAAY,oBAAA;AAAA,MACZ,IAAA;AAAA,MACA,YAAA,EAAc,WAAA;AAAA,MACd,SAAA,EAAW,QAAA;AAAA,MACX,aAAA,EAAe;AAAA,KAChB;AAAA,GACF,CAAA;AAED,EAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,QAAQ,MAAM,GAAA,CAAI,MAAK,CAAE,KAAA,CAAM,MAAM,eAAe,CAAA;AAC1D,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uBAAA,EAA0B,IAAI,MAAM,CAAA,GAAA,EAAM,KAAK,CAAA,CAAE,CAAA;AAAA,EACnE;AAEA,EAAA,OAAO,IAAI,IAAA,EAAK;AAClB;AA4BA,eAAsB,YAAY,WAAA,EAAwC;AACxE,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,CAAA,EAAG,aAAa,CAAA,eAAA,CAAA,EAAmB;AAAA,IACzD,OAAA,EAAS,EAAE,aAAA,EAAe,CAAA,OAAA,EAAU,WAAW,CAAA,CAAA,EAAG;AAAA,IAClD,KAAA,EAAO;AAAA,GACR,CAAA;AAED,EAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,sBAAA,EAAyB,GAAA,CAAI,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACxD;AAEA,EAAA,OAAO,IAAI,IAAA,EAAK;AAClB;AAmBA,eAAsB,eAAA,CACpB,UAAA,EACA,UAAA,EACA,MAAA,EAC4B;AAC5B,EAAA,MAAM,MAAM,MAAM,KAAA;AAAA,IAChB,CAAA,EAAG,aAAa,CAAA,cAAA,EAAiB,UAAU,WAAW,UAAU,CAAA,CAAA;AAAA,IAChE;AAAA,MACE,OAAA,EAAS,EAAE,aAAA,EAAe,CAAA,OAAA,EAAU,MAAM,CAAA,CAAA,EAAG;AAAA,MAC7C,KAAA,EAAO;AAAA;AACT,GACF;AAEA,EAAA,IAAI,IAAI,EAAA,EAAI;AACV,IAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,CAAI,IAAA,EAAK;AAC7B,IAAA,OAAO;AAAA,MACL,SAAA,EAAY,KAAK,UAAA,IAA0B,KAAA;AAAA,MAC3C,WAAA,EAAc,KAAK,YAAA,IAA2B;AAAA,KAChD;AAAA,EACF;AAEA,EAAA,IAAI,GAAA,CAAI,MAAA,KAAW,GAAA,IAAO,GAAA,CAAI,WAAW,GAAA,EAAK;AAC5C,IAAA,OAAO,EAAE,SAAA,EAAW,KAAA,EAAO,WAAA,EAAa,WAAA,EAAY;AAAA,EACtD;AAEA,EAAA,OAAA,CAAQ,KAAA;AAAA,IACN,CAAA,gCAAA,EAAmC,GAAA,CAAI,MAAM,CAAA,WAAA,EAAc,UAAU,CAAA;AAAA,GACvE;AACA,EAAA,OAAO,EAAE,SAAA,EAAW,KAAA,EAAO,WAAA,EAAa,WAAA,EAAY;AACtD;AAmBA,eAAsB,oBAAA,CACpB,QACA,MAAA,EACiC;AACjC,EAAA,IAAI;AACF,IAAA,MAAM,MAAM,MAAM,KAAA,CAAM,GAAG,aAAa,CAAA,cAAA,EAAiB,MAAM,CAAA,CAAA,EAAI;AAAA,MACjE,OAAA,EAAS,EAAE,aAAA,EAAe,CAAA,OAAA,EAAU,MAAM,CAAA,CAAA,EAAG;AAAA,MAC7C,KAAA,EAAO;AAAA,KACR,CAAA;AAED,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN,CAAA,gCAAA,EAAmC,MAAM,CAAA,EAAA,EAAK,GAAA,CAAI,MAAM,CAAA,CAAA;AAAA,OAC1D;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,OAAO,IAAI,IAAA,EAAK;AAAA,EAClB,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,+BAAA,EAAkC,MAAM,CAAA,CAAA,CAAA,EAAK,GAAG,CAAA;AAC9D,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAMO,SAAS,kBAAkB,OAAA,EAAkC;AAClE,EAAA,OAAO,QAAQ,SAAA,KAAc,SAAA,GACxB,QAAQ,aAAA,IAAiB,CAAA,GACzB,QAAQ,aAAA,IAAiB,CAAA;AAChC;AAYA,eAAsB,kBAAA,CACpB,cACA,MAAA,EACkB;AAClB,EAAA,MAAM,MAAM,MAAM,KAAA;AAAA,IAChB,CAAA,EAAG,aAAa,CAAA,oBAAA,EAAuB,YAAY,CAAA,SAAA,CAAA;AAAA,IACnD;AAAA,MACE,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,aAAA,EAAe,CAAA,OAAA,EAAU,MAAM,CAAA,CAAA;AAAG;AAC/C,GACF;AACA,EAAA,OAAO,GAAA,CAAI,EAAA;AACb;AAoBA,eAAsB,sBAAA,CACpB,IAAA,EACA,OAAA,EACA,aAAA,EACkB;AAClB,EAAA,MAAM,KAAA,GAAQ,QAAQ,YAAY,CAAA;AAClC,EAAA,MAAM,SAAA,GAAY,QAAQ,mBAAmB,CAAA;AAC7C,EAAA,MAAM,SAAA,GAAY,QAAQ,mBAAmB,CAAA;AAE7C,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,SAAA,IAAa,CAAC,WAAW,OAAO,KAAA;AAG/C,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,EAAA,MAAM,gBAAA,GAAmB,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AAC/C,EAAA,IAAI,KAAK,GAAA,CAAI,GAAA,GAAM,gBAAgB,CAAA,GAAI,KAAK,OAAO,KAAA;AAEnD,EAAA,MAAM,WAAA,GAAc,IAAI,WAAA,EAAY,CAAE,OAAO,aAAa,CAAA;AAC1D,EAAA,MAAM,SAAS,CAAA,EAAG,KAAK,CAAA,CAAA,EAAI,SAAS,IAAI,IAAI,CAAA,CAAA;AAE5C,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,IAC9B,KAAA;AAAA,IACA,WAAA;AAAA,IACA,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,MAAM;AAAA,GACT;AAEA,EAAA,MAAM,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA,CAAO,IAAA;AAAA,IACzC,MAAA;AAAA,IACA,GAAA;AAAA,IACA,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,MAAM;AAAA,GACjC;AAEA,EAAA,MAAM,oBAAoB,CAAA,GAAA,EAAM,SAAA,CAAU,IAAI,UAAA,CAAW,cAAc,CAAC,CAAC,CAAA,CAAA;AAIzE,EAAA,MAAM,kBAAA,GAAqB,SAAA,CAAU,KAAA,CAAM,GAAG,CAAA;AAC9C,EAAA,MAAM,aAAA,GAAgB,IAAI,WAAA,EAAY,CAAE,OAAO,iBAAiB,CAAA;AAEhE,EAAA,OAAO,kBAAA,CAAmB,IAAA,CAAK,CAAC,GAAA,KAAQ;AACtC,IAAA,MAAM,QAAA,GAAW,IAAI,WAAA,EAAY,CAAE,OAAO,GAAG,CAAA;AAC7C,IAAA,IAAI,QAAA,CAAS,MAAA,KAAW,aAAA,CAAc,MAAA,EAAQ,OAAO,KAAA;AACrD,IAAA,IAAI,IAAA,GAAO,CAAA;AACX,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACxC,MAAA,IAAA,IAAQ,QAAA,CAAS,CAAC,CAAA,GAAI,aAAA,CAAc,CAAC,CAAA;AAAA,IACvC;AACA,IAAA,OAAO,IAAA,KAAS,CAAA;AAAA,EAClB,CAAC,CAAA;AACH","file":"chunk-EYK3S5U2.js","sourcesContent":["// ---------------------------------------------------------------------------\n// Whop API helpers — framework-agnostic\n// ---------------------------------------------------------------------------\n// Direct fetch calls to Whop's API. No SDK dependency — you can see\n// exactly what's happening. Works in any JS runtime with fetch + crypto.\n// ---------------------------------------------------------------------------\n\nconst WHOP_API_BASE = \"https://api.whop.com\";\n\n// ---------------------------------------------------------------------------\n// Crypto utilities\n// ---------------------------------------------------------------------------\n\nfunction base64url(bytes: Uint8Array): string {\n  return btoa(String.fromCharCode(...bytes))\n    .replace(/\\+/g, \"-\")\n    .replace(/\\//g, \"_\")\n    .replace(/=+$/, \"\");\n}\n\nexport function randomString(len: number): string {\n  return base64url(crypto.getRandomValues(new Uint8Array(len)));\n}\n\nexport async function sha256(str: string): Promise<string> {\n  const hash = await crypto.subtle.digest(\n    \"SHA-256\",\n    new TextEncoder().encode(str),\n  );\n  return base64url(new Uint8Array(hash));\n}\n\n// ---------------------------------------------------------------------------\n// OAuth helpers\n// ---------------------------------------------------------------------------\n\nexport interface AuthorizationUrlResult {\n  url: string;\n  codeVerifier: string;\n  state: string;\n  nonce: string;\n}\n\n/**\n * Build the Whop OAuth authorization URL with PKCE.\n *\n * @param redirectUri - Your OAuth callback URL\n * @param clientId - Whop App ID\n */\nexport async function buildAuthorizationUrl(\n  redirectUri: string,\n  clientId: string,\n): Promise<AuthorizationUrlResult> {\n  const codeVerifier = randomString(32);\n  const codeChallenge = await sha256(codeVerifier);\n  const state = randomString(16);\n  const nonce = randomString(16);\n\n  const params = new URLSearchParams({\n    response_type: \"code\",\n    client_id: clientId,\n    redirect_uri: redirectUri,\n    scope: \"openid profile email\",\n    state,\n    nonce,\n    code_challenge: codeChallenge,\n    code_challenge_method: \"S256\",\n  });\n\n  return {\n    url: `${WHOP_API_BASE}/oauth/authorize?${params}`,\n    codeVerifier,\n    state,\n    nonce,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Token exchange\n// ---------------------------------------------------------------------------\n\nexport interface TokenResponse {\n  access_token: string;\n  refresh_token: string;\n  token_type: string;\n  expires_in: number;\n  id_token?: string;\n}\n\n/**\n * Exchange an authorization code for tokens using PKCE.\n */\nexport async function exchangeCodeForTokens(\n  code: string,\n  codeVerifier: string,\n  redirectUri: string,\n  clientId: string,\n): Promise<TokenResponse> {\n  const res = await fetch(`${WHOP_API_BASE}/oauth/token`, {\n    method: \"POST\",\n    headers: { \"Content-Type\": \"application/json\" },\n    body: JSON.stringify({\n      grant_type: \"authorization_code\",\n      code,\n      redirect_uri: redirectUri,\n      client_id: clientId,\n      code_verifier: codeVerifier,\n    }),\n  });\n\n  if (!res.ok) {\n    const error = await res.text().catch(() => \"Unknown error\");\n    throw new Error(`Token exchange failed (${res.status}): ${error}`);\n  }\n\n  return res.json() as Promise<TokenResponse>;\n}\n\n// ---------------------------------------------------------------------------\n// User info\n// ---------------------------------------------------------------------------\n\n/**\n * OIDC UserInfo response from Whop.\n * Fields depend on the scopes granted: openid, profile, email.\n */\nexport interface WhopUser {\n  /** User ID (e.g. \"user_xxxxx\") */\n  sub: string;\n  /** Requires \"profile\" scope */\n  name?: string;\n  /** Requires \"profile\" scope */\n  preferred_username?: string;\n  /** Requires \"profile\" scope */\n  picture?: string;\n  /** Requires \"email\" scope */\n  email?: string;\n  /** Requires \"email\" scope */\n  email_verified?: boolean;\n}\n\n/**\n * Fetch the authenticated user's profile from Whop's OIDC userinfo endpoint.\n */\nexport async function getWhopUser(accessToken: string): Promise<WhopUser> {\n  const res = await fetch(`${WHOP_API_BASE}/oauth/userinfo`, {\n    headers: { Authorization: `Bearer ${accessToken}` },\n    cache: \"no-store\",\n  });\n\n  if (!res.ok) {\n    throw new Error(`Failed to fetch user (${res.status})`);\n  }\n\n  return res.json() as Promise<WhopUser>;\n}\n\n// ---------------------------------------------------------------------------\n// Access verification\n// ---------------------------------------------------------------------------\n\nexport interface AccessCheckResult {\n  hasAccess: boolean;\n  accessLevel: string;\n}\n\n/**\n * Check if a user has access to a specific Whop resource (product/experience).\n * Uses the Whop API directly for authoritative, real-time access checks.\n *\n * @param whopUserId - The user's Whop ID\n * @param resourceId - The product or experience ID to check\n * @param apiKey - Your Whop API key\n */\nexport async function checkWhopAccess(\n  whopUserId: string,\n  resourceId: string,\n  apiKey: string,\n): Promise<AccessCheckResult> {\n  const res = await fetch(\n    `${WHOP_API_BASE}/api/v1/users/${whopUserId}/access/${resourceId}`,\n    {\n      headers: { Authorization: `Bearer ${apiKey}` },\n      cache: \"no-store\",\n    },\n  );\n\n  if (res.ok) {\n    const data = (await res.json()) as Record<string, unknown>;\n    return {\n      hasAccess: (data.has_access as boolean) ?? false,\n      accessLevel: (data.access_level as string) ?? \"no_access\",\n    };\n  }\n\n  if (res.status === 403 || res.status === 404) {\n    return { hasAccess: false, accessLevel: \"no_access\" };\n  }\n\n  console.error(\n    `[whop-kit] Access check failed (${res.status}) for user ${whopUserId}`,\n  );\n  return { hasAccess: false, accessLevel: \"no_access\" };\n}\n\n// ---------------------------------------------------------------------------\n// Plan details\n// ---------------------------------------------------------------------------\n\nexport interface WhopPlanDetails {\n  id: string;\n  initial_price: number | null;\n  renewal_price: number | null;\n  billing_period: number | null;\n  currency: string;\n  plan_type: string;\n  trial_period_days: number | null;\n}\n\n/**\n * Fetch plan details from the Whop API.\n */\nexport async function fetchWhopPlanDetails(\n  planId: string,\n  apiKey: string,\n): Promise<WhopPlanDetails | null> {\n  try {\n    const res = await fetch(`${WHOP_API_BASE}/api/v1/plans/${planId}`, {\n      headers: { Authorization: `Bearer ${apiKey}` },\n      cache: \"no-store\",\n    });\n\n    if (!res.ok) {\n      console.error(\n        `[whop-kit] Failed to fetch plan ${planId} (${res.status})`,\n      );\n      return null;\n    }\n\n    return res.json() as Promise<WhopPlanDetails>;\n  } catch (err) {\n    console.error(`[whop-kit] Error fetching plan ${planId}:`, err);\n    return null;\n  }\n}\n\n/**\n * Get the effective price from a Whop plan's details.\n * Renewal plans use renewal_price; others use initial_price.\n */\nexport function getEffectivePrice(details: WhopPlanDetails): number {\n  return details.plan_type === \"renewal\"\n    ? (details.renewal_price ?? 0)\n    : (details.initial_price ?? 0);\n}\n\n// ---------------------------------------------------------------------------\n// Membership management\n// ---------------------------------------------------------------------------\n\n/**\n * Uncancel a membership via the Whop API.\n *\n * @param membershipId - The Whop membership ID\n * @param apiKey - Your Whop API key\n */\nexport async function uncancelMembership(\n  membershipId: string,\n  apiKey: string,\n): Promise<boolean> {\n  const res = await fetch(\n    `${WHOP_API_BASE}/api/v1/memberships/${membershipId}/uncancel`,\n    {\n      method: \"POST\",\n      headers: { Authorization: `Bearer ${apiKey}` },\n    },\n  );\n  return res.ok;\n}\n\n// ---------------------------------------------------------------------------\n// Webhook verification\n// ---------------------------------------------------------------------------\n\nexport interface WebhookHeaders {\n  \"webhook-id\"?: string | null;\n  \"webhook-signature\"?: string | null;\n  \"webhook-timestamp\"?: string | null;\n}\n\n/**\n * Verify a Whop webhook signature.\n * Whop uses the standardwebhooks format: HMAC-SHA256 of \"{msg_id}.{timestamp}.{body}\".\n *\n * @param body - The raw request body string\n * @param headers - The webhook headers\n * @param webhookSecret - Your webhook signing secret\n */\nexport async function verifyWebhookSignature(\n  body: string,\n  headers: WebhookHeaders,\n  webhookSecret: string,\n): Promise<boolean> {\n  const msgId = headers[\"webhook-id\"];\n  const signature = headers[\"webhook-signature\"];\n  const timestamp = headers[\"webhook-timestamp\"];\n\n  if (!msgId || !signature || !timestamp) return false;\n\n  // Check timestamp to prevent replay attacks (5 minute tolerance)\n  const now = Math.floor(Date.now() / 1000);\n  const webhookTimestamp = parseInt(timestamp, 10);\n  if (Math.abs(now - webhookTimestamp) > 300) return false;\n\n  const secretBytes = new TextEncoder().encode(webhookSecret);\n  const toSign = `${msgId}.${timestamp}.${body}`;\n\n  const key = await crypto.subtle.importKey(\n    \"raw\",\n    secretBytes,\n    { name: \"HMAC\", hash: \"SHA-256\" },\n    false,\n    [\"sign\"],\n  );\n\n  const signatureBytes = await crypto.subtle.sign(\n    \"HMAC\",\n    key,\n    new TextEncoder().encode(toSign),\n  );\n\n  const expectedSignature = `v1,${base64url(new Uint8Array(signatureBytes))}`;\n\n  // Check against all provided signatures (space-separated)\n  // Use constant-time comparison to prevent timing attacks\n  const providedSignatures = signature.split(\" \");\n  const expectedBytes = new TextEncoder().encode(expectedSignature);\n\n  return providedSignatures.some((sig) => {\n    const sigBytes = new TextEncoder().encode(sig);\n    if (sigBytes.length !== expectedBytes.length) return false;\n    let diff = 0;\n    for (let i = 0; i < sigBytes.length; i++) {\n      diff |= sigBytes[i] ^ expectedBytes[i];\n    }\n    return diff === 0;\n  });\n}\n"]}

package/dist/chunk-GXQLG4HV.js

@@ -0,0 +1,87 @@
+import { SignJWT, jwtVerify } from 'jose';
+
+// src/auth/index.ts
+var DEFAULT_MAX_AGE = 60 * 60 * 24 * 7;
+var SESSION_COOKIE = "session";
+var LOGGED_IN_COOKIE = "logged_in";
+async function createSessionToken(session, secret, options) {
+  const maxAge = options?.maxAge ?? DEFAULT_MAX_AGE;
+  return new SignJWT({ ...session }).setProtectedHeader({ alg: "HS256" }).setIssuedAt().setExpirationTime(`${maxAge}s`).sign(secret);
+}
+async function verifySessionToken(token, secret, validPlanKeys, defaultPlan) {
+  try {
+    const { payload } = await jwtVerify(token, secret);
+    if (typeof payload.userId !== "string" || typeof payload.whopUserId !== "string" || typeof payload.plan !== "string") {
+      return null;
+    }
+    const plan = validPlanKeys.includes(payload.plan) ? payload.plan : defaultPlan;
+    return {
+      userId: payload.userId,
+      whopUserId: payload.whopUserId,
+      email: payload.email ?? null,
+      name: payload.name ?? null,
+      profileImageUrl: payload.profileImageUrl ?? null,
+      plan,
+      cancelAtPeriodEnd: payload.cancelAtPeriodEnd ?? false,
+      isAdmin: payload.isAdmin ?? false
+    };
+  } catch {
+    return null;
+  }
+}
+async function setSessionCookie(session, secret, cookies, isProduction = false) {
+  const token = await createSessionToken(session, secret);
+  const opts = {
+    httpOnly: true,
+    secure: isProduction,
+    sameSite: "lax",
+    maxAge: DEFAULT_MAX_AGE,
+    path: "/"
+  };
+  await cookies.set(SESSION_COOKIE, token, opts);
+  await cookies.set(LOGGED_IN_COOKIE, "1", {
+    ...opts,
+    httpOnly: false
+  });
+}
+async function clearSessionCookie(cookies, isProduction = false) {
+  const opts = {
+    httpOnly: true,
+    secure: isProduction,
+    sameSite: "lax",
+    maxAge: 0,
+    path: "/"
+  };
+  await cookies.set(SESSION_COOKIE, "", opts);
+  await cookies.set(LOGGED_IN_COOKIE, "", { ...opts, httpOnly: false });
+}
+async function getSessionFromCookie(cookies, secret, validPlanKeys, defaultPlan, refreshPlan) {
+  const token = await cookies.get(SESSION_COOKIE);
+  if (!token) return null;
+  const session = await verifySessionToken(
+    token,
+    secret,
+    validPlanKeys,
+    defaultPlan
+  );
+  if (!session) return null;
+  if (refreshPlan) {
+    const fresh = await refreshPlan(session.userId);
+    if (!fresh) return null;
+    const plan = validPlanKeys.includes(fresh.plan) ? fresh.plan : defaultPlan;
+    return { ...session, plan, cancelAtPeriodEnd: fresh.cancelAtPeriodEnd };
+  }
+  return session;
+}
+function generateSecret(byteLength = 32) {
+  const bytes = new Uint8Array(byteLength);
+  crypto.getRandomValues(bytes);
+  return Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+}
+function encodeSecret(secret) {
+  return new TextEncoder().encode(secret);
+}
+
+export { clearSessionCookie, createSessionToken, encodeSecret, generateSecret, getSessionFromCookie, setSessionCookie, verifySessionToken };
+//# sourceMappingURL=chunk-GXQLG4HV.js.map
+//# sourceMappingURL=chunk-GXQLG4HV.js.map

package/dist/chunk-GXQLG4HV.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/auth/index.ts"],"names":[],"mappings":";;;AAuDA,IAAM,eAAA,GAAkB,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,CAAA;AACvC,IAAM,cAAA,GAAiB,SAAA;AACvB,IAAM,gBAAA,GAAmB,WAAA;AAazB,eAAsB,kBAAA,CACpB,OAAA,EACA,MAAA,EACA,OAAA,EACiB;AACjB,EAAA,MAAM,MAAA,GAAS,SAAS,MAAA,IAAU,eAAA;AAClC,EAAA,OAAO,IAAI,QAAQ,EAAE,GAAG,SAAS,CAAA,CAC9B,mBAAmB,EAAE,GAAA,EAAK,SAAS,CAAA,CACnC,aAAY,CACZ,iBAAA,CAAkB,GAAG,MAAM,CAAA,CAAA,CAAG,CAAA,CAC9B,IAAA,CAAK,MAAM,CAAA;AAChB;AAUA,eAAsB,kBAAA,CACpB,KAAA,EACA,MAAA,EACA,aAAA,EACA,WAAA,EACyB;AACzB,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,SAAA,CAAU,OAAO,MAAM,CAAA;AAEjD,IAAA,IACE,OAAO,OAAA,CAAQ,MAAA,KAAW,QAAA,IAC1B,OAAO,OAAA,CAAQ,UAAA,KAAe,QAAA,IAC9B,OAAO,OAAA,CAAQ,IAAA,KAAS,QAAA,EACxB;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,OAAO,aAAA,CAAc,QAAA,CAAS,QAAQ,IAAI,CAAA,GAC5C,QAAQ,IAAA,GACR,WAAA;AAEJ,IAAA,OAAO;AAAA,MACL,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,YAAY,OAAA,CAAQ,UAAA;AAAA,MACpB,KAAA,EAAQ,QAAQ,KAAA,IAAoB,IAAA;AAAA,MACpC,IAAA,EAAO,QAAQ,IAAA,IAAmB,IAAA;AAAA,MAClC,eAAA,EAAkB,QAAQ,eAAA,IAA8B,IAAA;AAAA,MACxD,IAAA;AAAA,MACA,iBAAA,EAAoB,QAAQ,iBAAA,IAAiC,KAAA;AAAA,MAC7D,OAAA,EAAU,QAAQ,OAAA,IAAuB;AAAA,KAC3C;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAcA,eAAsB,gBAAA,CACpB,OAAA,EACA,MAAA,EACA,OAAA,EACA,eAAe,KAAA,EACA;AACf,EAAA,MAAM,KAAA,GAAQ,MAAM,kBAAA,CAAmB,OAAA,EAAS,MAAM,CAAA;AACtD,EAAA,MAAM,IAAA,GAAsB;AAAA,IAC1B,QAAA,EAAU,IAAA;AAAA,IACV,MAAA,EAAQ,YAAA;AAAA,IACR,QAAA,EAAU,KAAA;AAAA,IACV,MAAA,EAAQ,eAAA;AAAA,IACR,IAAA,EAAM;AAAA,GACR;AACA,EAAA,MAAM,OAAA,CAAQ,GAAA,CAAI,cAAA,EAAgB,KAAA,EAAO,IAAI,CAAA;AAC7C,EAAA,MAAM,OAAA,CAAQ,GAAA,CAAI,gBAAA,EAAkB,GAAA,EAAK;AAAA,IACvC,GAAG,IAAA;AAAA,IACH,QAAA,EAAU;AAAA,GACX,CAAA;AACH;AAQA,eAAsB,kBAAA,CACpB,OAAA,EACA,YAAA,GAAe,KAAA,EACA;AACf,EAAA,MAAM,IAAA,GAAsB;AAAA,IAC1B,QAAA,EAAU,IAAA;AAAA,IACV,MAAA,EAAQ,YAAA;AAAA,IACR,QAAA,EAAU,KAAA;AAAA,IACV,MAAA,EAAQ,CAAA;AAAA,IACR,IAAA,EAAM;AAAA,GACR;AACA,EAAA,MAAM,OAAA,CAAQ,GAAA,CAAI,cAAA,EAAgB,EAAA,EAAI,IAAI,CAAA;AAC1C,EAAA,MAAM,OAAA,CAAQ,IAAI,gBAAA,EAAkB,EAAA,EAAI,EAAE,GAAG,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,CAAA;AACtE;AAYA,eAAsB,oBAAA,CACpB,OAAA,EACA,MAAA,EACA,aAAA,EACA,aACA,WAAA,EAGyB;AACzB,EAAA,MAAM,KAAA,GAAQ,MAAM,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA;AAC9C,EAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AAEnB,EAAA,MAAM,UAAU,MAAM,kBAAA;AAAA,IACpB,KAAA;AAAA,IACA,MAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AAErB,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,MAAM,KAAA,GAAQ,MAAM,WAAA,CAAY,OAAA,CAAQ,MAAM,CAAA;AAC9C,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,IAAA,MAAM,OAAO,aAAA,CAAc,QAAA,CAAS,MAAM,IAAI,CAAA,GAC1C,MAAM,IAAA,GACN,WAAA;AACJ,IAAA,OAAO,EAAE,GAAG,OAAA,EAAS,IAAA,EAAM,iBAAA,EAAmB,MAAM,iBAAA,EAAkB;AAAA,EACxE;AAEA,EAAA,OAAO,OAAA;AACT;AAUO,SAAS,cAAA,CAAe,aAAa,EAAA,EAAY;AACtD,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,UAAU,CAAA;AACvC,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAO,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,MAAM,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,SAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAC1E;AAGO,SAAS,aAAa,MAAA,EAA4B;AACvD,EAAA,OAAO,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,MAAM,CAAA;AACxC","file":"chunk-GXQLG4HV.js","sourcesContent":["// ---------------------------------------------------------------------------\n// Auth — JWT session management (framework-agnostic)\n// ---------------------------------------------------------------------------\n// Pure functions that take their dependencies as arguments.\n// Framework-specific wrappers (Next.js cookies(), Astro.cookies, etc.)\n// live in the template, not the kit.\n// ---------------------------------------------------------------------------\n\nimport { SignJWT, jwtVerify } from \"jose\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** The session payload stored in the JWT and used throughout the app */\nexport interface Session {\n  userId: string;\n  whopUserId: string;\n  email: string | null;\n  name: string | null;\n  profileImageUrl: string | null;\n  plan: string;\n  cancelAtPeriodEnd: boolean;\n  isAdmin: boolean;\n}\n\n/** Options for session token creation */\nexport interface SessionTokenOptions {\n  /** JWT max age in seconds. Defaults to 7 days. */\n  maxAge?: number;\n}\n\n/** Cookie adapter interface — implement per framework */\nexport interface CookieAdapter {\n  get(name: string): string | undefined | Promise<string | undefined>;\n  set(\n    name: string,\n    value: string,\n    options: CookieOptions,\n  ): void | Promise<void>;\n  delete(name: string): void | Promise<void>;\n}\n\nexport interface CookieOptions {\n  httpOnly: boolean;\n  secure: boolean;\n  sameSite: \"lax\" | \"strict\" | \"none\";\n  maxAge: number;\n  path: string;\n}\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nconst DEFAULT_MAX_AGE = 60 * 60 * 24 * 7; // 7 days\nconst SESSION_COOKIE = \"session\";\nconst LOGGED_IN_COOKIE = \"logged_in\";\n\n// ---------------------------------------------------------------------------\n// JWT helpers (pure functions)\n// ---------------------------------------------------------------------------\n\n/**\n * Create a signed JWT session token.\n *\n * @param session - The session payload\n * @param secret - The signing secret (Uint8Array)\n * @param options - Optional token settings\n */\nexport async function createSessionToken(\n  session: Session,\n  secret: Uint8Array,\n  options?: SessionTokenOptions,\n): Promise<string> {\n  const maxAge = options?.maxAge ?? DEFAULT_MAX_AGE;\n  return new SignJWT({ ...session })\n    .setProtectedHeader({ alg: \"HS256\" })\n    .setIssuedAt()\n    .setExpirationTime(`${maxAge}s`)\n    .sign(secret);\n}\n\n/**\n * Verify and decode a JWT session token.\n *\n * @param token - The JWT string\n * @param secret - The signing secret (Uint8Array)\n * @param validPlanKeys - Array of valid plan keys (to validate the plan field)\n * @param defaultPlan - Fallback plan key if the JWT's plan is invalid\n */\nexport async function verifySessionToken(\n  token: string,\n  secret: Uint8Array,\n  validPlanKeys: string[],\n  defaultPlan: string,\n): Promise<Session | null> {\n  try {\n    const { payload } = await jwtVerify(token, secret);\n\n    if (\n      typeof payload.userId !== \"string\" ||\n      typeof payload.whopUserId !== \"string\" ||\n      typeof payload.plan !== \"string\"\n    ) {\n      return null;\n    }\n\n    const plan = validPlanKeys.includes(payload.plan)\n      ? payload.plan\n      : defaultPlan;\n\n    return {\n      userId: payload.userId,\n      whopUserId: payload.whopUserId,\n      email: (payload.email as string) ?? null,\n      name: (payload.name as string) ?? null,\n      profileImageUrl: (payload.profileImageUrl as string) ?? null,\n      plan,\n      cancelAtPeriodEnd: (payload.cancelAtPeriodEnd as boolean) ?? false,\n      isAdmin: (payload.isAdmin as boolean) ?? false,\n    };\n  } catch {\n    return null;\n  }\n}\n\n// ---------------------------------------------------------------------------\n// Cookie-based session helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Set the session cookie (and a non-httpOnly login indicator).\n *\n * @param session - The session payload\n * @param secret - JWT signing secret\n * @param cookies - Framework-specific cookie adapter\n * @param isProduction - Whether to set Secure flag\n */\nexport async function setSessionCookie(\n  session: Session,\n  secret: Uint8Array,\n  cookies: CookieAdapter,\n  isProduction = false,\n): Promise<void> {\n  const token = await createSessionToken(session, secret);\n  const opts: CookieOptions = {\n    httpOnly: true,\n    secure: isProduction,\n    sameSite: \"lax\",\n    maxAge: DEFAULT_MAX_AGE,\n    path: \"/\",\n  };\n  await cookies.set(SESSION_COOKIE, token, opts);\n  await cookies.set(LOGGED_IN_COOKIE, \"1\", {\n    ...opts,\n    httpOnly: false,\n  });\n}\n\n/**\n * Clear the session cookie.\n *\n * @param cookies - Framework-specific cookie adapter\n * @param isProduction - Whether to set Secure flag\n */\nexport async function clearSessionCookie(\n  cookies: CookieAdapter,\n  isProduction = false,\n): Promise<void> {\n  const opts: CookieOptions = {\n    httpOnly: true,\n    secure: isProduction,\n    sameSite: \"lax\",\n    maxAge: 0,\n    path: \"/\",\n  };\n  await cookies.set(SESSION_COOKIE, \"\", opts);\n  await cookies.set(LOGGED_IN_COOKIE, \"\", { ...opts, httpOnly: false });\n}\n\n/**\n * Read and verify the session from cookies, optionally refreshing the plan\n * from the database.\n *\n * @param cookies - Framework-specific cookie adapter\n * @param secret - JWT signing secret\n * @param validPlanKeys - Array of valid plan keys\n * @param defaultPlan - Fallback plan key\n * @param refreshPlan - Optional async function to fetch fresh plan from DB\n */\nexport async function getSessionFromCookie(\n  cookies: CookieAdapter,\n  secret: Uint8Array,\n  validPlanKeys: string[],\n  defaultPlan: string,\n  refreshPlan?: (\n    userId: string,\n  ) => Promise<{ plan: string; cancelAtPeriodEnd: boolean } | null>,\n): Promise<Session | null> {\n  const token = await cookies.get(SESSION_COOKIE);\n  if (!token) return null;\n\n  const session = await verifySessionToken(\n    token,\n    secret,\n    validPlanKeys,\n    defaultPlan,\n  );\n  if (!session) return null;\n\n  if (refreshPlan) {\n    const fresh = await refreshPlan(session.userId);\n    if (!fresh) return null; // user deleted\n    const plan = validPlanKeys.includes(fresh.plan)\n      ? fresh.plan\n      : defaultPlan;\n    return { ...session, plan, cancelAtPeriodEnd: fresh.cancelAtPeriodEnd };\n  }\n\n  return session;\n}\n\n// ---------------------------------------------------------------------------\n// Secret helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Generate a cryptographically secure secret string (hex-encoded).\n * Useful for auto-generating SESSION_SECRET on first run.\n */\nexport function generateSecret(byteLength = 32): string {\n  const bytes = new Uint8Array(byteLength);\n  crypto.getRandomValues(bytes);\n  return Array.from(bytes, (b) => b.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\n/** Encode a secret string to Uint8Array (for use with jose) */\nexport function encodeSecret(secret: string): Uint8Array {\n  return new TextEncoder().encode(secret);\n}\n"]}

package/dist/chunk-KQQGVBBH.js

@@ -0,0 +1,86 @@
+// src/email/index.ts
+async function sendEmail(config, options) {
+  try {
+    switch (config.provider) {
+      case "resend":
+        return await sendViaResend(config.apiKey, options);
+      case "sendgrid":
+        return await sendViaSendGrid(config.apiKey, options);
+      default:
+        return {
+          success: false,
+          error: `Unknown email provider: ${config.provider}`
+        };
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Unknown error";
+    console.error("[whop-kit] Email send failed:", message);
+    return { success: false, error: message };
+  }
+}
+async function sendViaResend(apiKey, options) {
+  const res = await fetch("https://api.resend.com/emails", {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${apiKey}`,
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify({
+      from: options.from,
+      to: [options.to],
+      subject: options.subject,
+      html: options.html
+    })
+  });
+  if (res.ok) return { success: true };
+  const data = await res.json().catch(() => ({}));
+  return {
+    success: false,
+    error: data.message || `Resend error (${res.status})`
+  };
+}
+async function sendViaSendGrid(apiKey, options) {
+  const res = await fetch("https://api.sendgrid.com/v3/mail/send", {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${apiKey}`,
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify({
+      personalizations: [{ to: [{ email: options.to }] }],
+      from: { email: options.from },
+      subject: options.subject,
+      content: [{ type: "text/html", value: options.html }]
+    })
+  });
+  if (res.ok || res.status === 202) return { success: true };
+  const data = await res.json().catch(() => ({}));
+  const errors = data.errors;
+  return {
+    success: false,
+    error: errors?.[0]?.message || `SendGrid error (${res.status})`
+  };
+}
+function escapeHtml(text) {
+  return text.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+}
+function emailWrapper(body, footerText) {
+  return `<!DOCTYPE html>
+<html>
+<head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"></head>
+<body style="margin:0;padding:0;background:#f4f4f5;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif">
+  <table width="100%" cellpadding="0" cellspacing="0" style="padding:40px 16px">
+    <tr><td align="center">
+      <table width="100%" style="max-width:480px;background:#ffffff;border-radius:12px;border:1px solid #e4e4e7;padding:32px">
+        <tr><td>${body}</td></tr>
+      </table>
+      <p style="margin-top:24px;font-size:12px;color:#a1a1aa">${escapeHtml(footerText)}</p>
+    </td></tr>
+  </table>
+</body>
+</html>`;
+}
+
+export { emailWrapper, escapeHtml, sendEmail };
+//# sourceMappingURL=chunk-KQQGVBBH.js.map
+//# sourceMappingURL=chunk-KQQGVBBH.js.map

package/dist/chunk-KQQGVBBH.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/email/index.ts"],"names":[],"mappings":";AAiDA,eAAsB,SAAA,CACpB,QACA,OAAA,EAC0B;AAC1B,EAAA,IAAI;AACF,IAAA,QAAQ,OAAO,QAAA;AAAU,MACvB,KAAK,QAAA;AACH,QAAA,OAAO,MAAM,aAAA,CAAc,MAAA,CAAO,MAAA,EAAQ,OAAO,CAAA;AAAA,MACnD,KAAK,UAAA;AACH,QAAA,OAAO,MAAM,eAAA,CAAgB,MAAA,CAAO,MAAA,EAAQ,OAAO,CAAA;AAAA,MACrD;AACE,QAAA,OAAO;AAAA,UACL,OAAA,EAAS,KAAA;AAAA,UACT,KAAA,EAAO,CAAA,wBAAA,EAA2B,MAAA,CAAO,QAAQ,CAAA;AAAA,SACnD;AAAA;AACJ,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,OAAA,GAAU,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,eAAA;AACrD,IAAA,OAAA,CAAQ,KAAA,CAAM,iCAAiC,OAAO,CAAA;AACtD,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,OAAA,EAAQ;AAAA,EAC1C;AACF;AAEA,eAAe,aAAA,CACb,QACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,+BAAA,EAAiC;AAAA,IACvD,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACP,aAAA,EAAe,UAAU,MAAM,CAAA,CAAA;AAAA,MAC/B,cAAA,EAAgB;AAAA,KAClB;AAAA,IACA,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,MACnB,MAAM,OAAA,CAAQ,IAAA;AAAA,MACd,EAAA,EAAI,CAAC,OAAA,CAAQ,EAAE,CAAA;AAAA,MACf,SAAS,OAAA,CAAQ,OAAA;AAAA,MACjB,MAAM,OAAA,CAAQ;AAAA,KACf;AAAA,GACF,CAAA;AAED,EAAA,IAAI,GAAA,CAAI,EAAA,EAAI,OAAO,EAAE,SAAS,IAAA,EAAK;AAEnC,EAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,CAAI,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC/C,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,KAAA;AAAA,IACT,KAAA,EAAO,IAAA,CAAK,OAAA,IAAW,CAAA,cAAA,EAAiB,IAAI,MAAM,CAAA,CAAA;AAAA,GACpD;AACF;AAEA,eAAe,eAAA,CACb,QACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,uCAAA,EAAyC;AAAA,IAC/D,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACP,aAAA,EAAe,UAAU,MAAM,CAAA,CAAA;AAAA,MAC/B,cAAA,EAAgB;AAAA,KAClB;AAAA,IACA,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,MACnB,gBAAA,EAAkB,CAAC,EAAE,EAAA,EAAI,CAAC,EAAE,KAAA,EAAO,OAAA,CAAQ,EAAA,EAAI,CAAA,EAAG,CAAA;AAAA,MAClD,IAAA,EAAM,EAAE,KAAA,EAAO,OAAA,CAAQ,IAAA,EAAK;AAAA,MAC5B,SAAS,OAAA,CAAQ,OAAA;AAAA,MACjB,OAAA,EAAS,CAAC,EAAE,IAAA,EAAM,aAAa,KAAA,EAAO,OAAA,CAAQ,MAAM;AAAA,KACrD;AAAA,GACF,CAAA;AAED,EAAA,IAAI,GAAA,CAAI,MAAM,GAAA,CAAI,MAAA,KAAW,KAAK,OAAO,EAAE,SAAS,IAAA,EAAK;AAEzD,EAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,CAAI,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC/C,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA;AACpB,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,KAAA;AAAA,IACT,OAAO,MAAA,GAAS,CAAC,GAAG,OAAA,IAAW,CAAA,gBAAA,EAAmB,IAAI,MAAM,CAAA,CAAA;AAAA,GAC9D;AACF;AAOO,SAAS,WAAW,IAAA,EAAsB;AAC/C,EAAA,OAAO,KACJ,OAAA,CAAQ,IAAA,EAAM,OAAO,CAAA,CACrB,OAAA,CAAQ,MAAM,MAAM,CAAA,CACpB,QAAQ,IAAA,EAAM,MAAM,EACpB,OAAA,CAAQ,IAAA,EAAM,QAAQ,CAAA,CACtB,OAAA,CAAQ,MAAM,OAAO,CAAA;AAC1B;AASO,SAAS,YAAA,CAAa,MAAc,UAAA,EAA4B;AACrE,EAAA,OAAO,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,gBAAA,EAOS,IAAI,CAAA;AAAA;AAAA,8DAAA,EAE0C,UAAA,CAAW,UAAU,CAAC,CAAA;AAAA;AAAA;AAAA;AAAA,OAAA,CAAA;AAKtF","file":"chunk-KQQGVBBH.js","sourcesContent":["// ---------------------------------------------------------------------------\n// Email — provider-agnostic email sending\n// ---------------------------------------------------------------------------\n// Supports Resend and SendGrid out of the box via direct fetch calls.\n// No SDK dependencies. Add new providers by extending the switch.\n// ---------------------------------------------------------------------------\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\nexport type EmailProvider = \"resend\" | \"sendgrid\";\n\nexport interface SendEmailOptions {\n  to: string;\n  subject: string;\n  html: string;\n  from: string;\n}\n\nexport interface SendEmailResult {\n  success: boolean;\n  error?: string;\n}\n\nexport interface EmailConfig {\n  provider: EmailProvider;\n  apiKey: string;\n}\n\n// ---------------------------------------------------------------------------\n// Sending\n// ---------------------------------------------------------------------------\n\n/**\n * Send an email via a configured provider (Resend or SendGrid).\n * Uses direct fetch — no SDK dependency.\n *\n * @example\n * const result = await sendEmail(\n *   { provider: \"resend\", apiKey: \"re_xxxxx\" },\n *   {\n *     to: \"user@example.com\",\n *     from: \"noreply@myapp.com\",\n *     subject: \"Welcome!\",\n *     html: \"<h1>Hello</h1>\",\n *   },\n * );\n */\nexport async function sendEmail(\n  config: EmailConfig,\n  options: SendEmailOptions,\n): Promise<SendEmailResult> {\n  try {\n    switch (config.provider) {\n      case \"resend\":\n        return await sendViaResend(config.apiKey, options);\n      case \"sendgrid\":\n        return await sendViaSendGrid(config.apiKey, options);\n      default:\n        return {\n          success: false,\n          error: `Unknown email provider: ${config.provider}`,\n        };\n    }\n  } catch (err) {\n    const message = err instanceof Error ? err.message : \"Unknown error\";\n    console.error(\"[whop-kit] Email send failed:\", message);\n    return { success: false, error: message };\n  }\n}\n\nasync function sendViaResend(\n  apiKey: string,\n  options: SendEmailOptions,\n): Promise<SendEmailResult> {\n  const res = await fetch(\"https://api.resend.com/emails\", {\n    method: \"POST\",\n    headers: {\n      Authorization: `Bearer ${apiKey}`,\n      \"Content-Type\": \"application/json\",\n    },\n    body: JSON.stringify({\n      from: options.from,\n      to: [options.to],\n      subject: options.subject,\n      html: options.html,\n    }),\n  });\n\n  if (res.ok) return { success: true };\n\n  const data = (await res.json().catch(() => ({}))) as Record<string, string>;\n  return {\n    success: false,\n    error: data.message || `Resend error (${res.status})`,\n  };\n}\n\nasync function sendViaSendGrid(\n  apiKey: string,\n  options: SendEmailOptions,\n): Promise<SendEmailResult> {\n  const res = await fetch(\"https://api.sendgrid.com/v3/mail/send\", {\n    method: \"POST\",\n    headers: {\n      Authorization: `Bearer ${apiKey}`,\n      \"Content-Type\": \"application/json\",\n    },\n    body: JSON.stringify({\n      personalizations: [{ to: [{ email: options.to }] }],\n      from: { email: options.from },\n      subject: options.subject,\n      content: [{ type: \"text/html\", value: options.html }],\n    }),\n  });\n\n  if (res.ok || res.status === 202) return { success: true };\n\n  const data = (await res.json().catch(() => ({}))) as Record<string, unknown>;\n  const errors = data.errors as Array<{ message?: string }> | undefined;\n  return {\n    success: false,\n    error: errors?.[0]?.message || `SendGrid error (${res.status})`,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Template helpers\n// ---------------------------------------------------------------------------\n\n/** Escape HTML special characters to prevent XSS in email templates */\nexport function escapeHtml(text: string): string {\n  return text\n    .replace(/&/g, \"&amp;\")\n    .replace(/</g, \"&lt;\")\n    .replace(/>/g, \"&gt;\")\n    .replace(/\"/g, \"&quot;\")\n    .replace(/'/g, \"&#39;\");\n}\n\n/**\n * Wrap email body content in a standard HTML email layout.\n * Inline CSS for maximum email client compatibility.\n *\n * @param body - The inner HTML content\n * @param footerText - Text shown in the footer (e.g. app name)\n */\nexport function emailWrapper(body: string, footerText: string): string {\n  return `<!DOCTYPE html>\n<html>\n<head><meta charset=\"utf-8\"><meta name=\"viewport\" content=\"width=device-width,initial-scale=1\"></head>\n<body style=\"margin:0;padding:0;background:#f4f4f5;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif\">\n  <table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"padding:40px 16px\">\n    <tr><td align=\"center\">\n      <table width=\"100%\" style=\"max-width:480px;background:#ffffff;border-radius:12px;border:1px solid #e4e4e7;padding:32px\">\n        <tr><td>${body}</td></tr>\n      </table>\n      <p style=\"margin-top:24px;font-size:12px;color:#a1a1aa\">${escapeHtml(footerText)}</p>\n    </td></tr>\n  </table>\n</body>\n</html>`;\n}\n"]}

package/dist/chunk-NS32METI.js

@@ -0,0 +1,72 @@
+// src/subscriptions/index.ts
+function createSubscriptionHelpers(db, defaultPlan, validPlanKeys) {
+  async function getSubscriptionDetails(userId) {
+    try {
+      const user = await db.findUserById(userId);
+      if (!user) {
+        return { hasSubscription: false, error: "User not found" };
+      }
+      const plan = validPlanKeys.includes(user.plan) ? user.plan : defaultPlan;
+      const isPaid = plan !== defaultPlan;
+      if (!isPaid) {
+        return { hasSubscription: false };
+      }
+      return {
+        hasSubscription: true,
+        subscription: {
+          plan,
+          whopMembershipId: user.whopMembershipId,
+          cancelAtPeriodEnd: user.cancelAtPeriodEnd,
+          status: user.cancelAtPeriodEnd ? "canceling" : "active"
+        }
+      };
+    } catch (error) {
+      console.error("[whop-kit] Failed to get subscription details:", error);
+      return { hasSubscription: false, error: "Database error" };
+    }
+  }
+  async function isUserSubscribed(userId) {
+    const result = await getSubscriptionDetails(userId);
+    return result.hasSubscription && result.subscription?.status === "active";
+  }
+  async function getUserSubscriptionStatus(userId) {
+    const result = await getSubscriptionDetails(userId);
+    if (!result.hasSubscription || !result.subscription) return "free";
+    return result.subscription.status;
+  }
+  async function getUserCreatedAt(userId) {
+    return db.getUserCreatedAt(userId);
+  }
+  async function getUserForNotification(whopUserId) {
+    const user = await db.findUserByWhopId(whopUserId);
+    if (!user?.email) return null;
+    return { email: user.email, name: user.name };
+  }
+  async function activateMembership(whopUserId, plan, membershipId) {
+    await db.upsertMembership(whopUserId, plan, membershipId);
+  }
+  async function deactivateMembership(whopUserId) {
+    await db.deactivateMembership(whopUserId, defaultPlan);
+  }
+  async function updateCancelAtPeriodEnd(whopUserId, cancelAtPeriodEnd) {
+    await db.updateCancelAtPeriodEnd(whopUserId, cancelAtPeriodEnd);
+  }
+  async function uncancelSubscription(userId) {
+    await db.uncancelSubscription(userId);
+  }
+  return {
+    getSubscriptionDetails,
+    isUserSubscribed,
+    getUserSubscriptionStatus,
+    getUserCreatedAt,
+    getUserForNotification,
+    activateMembership,
+    deactivateMembership,
+    updateCancelAtPeriodEnd,
+    uncancelSubscription
+  };
+}
+
+export { createSubscriptionHelpers };
+//# sourceMappingURL=chunk-NS32METI.js.map
+//# sourceMappingURL=chunk-NS32METI.js.map

package/dist/chunk-NS32METI.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/subscriptions/index.ts"],"names":[],"mappings":";AAwHO,SAAS,yBAAA,CACd,EAAA,EACA,WAAA,EACA,aAAA,EACqB;AACrB,EAAA,eAAe,uBACb,MAAA,EACoC;AACpC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,YAAA,CAAa,MAAM,CAAA;AACzC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,eAAA,EAAiB,KAAA,EAAO,KAAA,EAAO,gBAAA,EAAiB;AAAA,MAC3D;AAEA,MAAA,MAAM,OAAO,aAAA,CAAc,QAAA,CAAS,KAAK,IAAI,CAAA,GACzC,KAAK,IAAA,GACL,WAAA;AACJ,MAAA,MAAM,SAAS,IAAA,KAAS,WAAA;AAExB,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,OAAO,EAAE,iBAAiB,KAAA,EAAM;AAAA,MAClC;AAEA,MAAA,OAAO;AAAA,QACL,eAAA,EAAiB,IAAA;AAAA,QACjB,YAAA,EAAc;AAAA,UACZ,IAAA;AAAA,UACA,kBAAkB,IAAA,CAAK,gBAAA;AAAA,UACvB,mBAAmB,IAAA,CAAK,iBAAA;AAAA,UACxB,MAAA,EAAQ,IAAA,CAAK,iBAAA,GAAoB,WAAA,GAAc;AAAA;AACjD,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,kDAAkD,KAAK,CAAA;AACrE,MAAA,OAAO,EAAE,eAAA,EAAiB,KAAA,EAAO,KAAA,EAAO,gBAAA,EAAiB;AAAA,IAC3D;AAAA,EACF;AAEA,EAAA,eAAe,iBAAiB,MAAA,EAAkC;AAChE,IAAA,MAAM,MAAA,GAAS,MAAM,sBAAA,CAAuB,MAAM,CAAA;AAClD,IAAA,OACE,MAAA,CAAO,eAAA,IAAmB,MAAA,CAAO,YAAA,EAAc,MAAA,KAAW,QAAA;AAAA,EAE9D;AAEA,EAAA,eAAe,0BACb,MAAA,EAC6B;AAC7B,IAAA,MAAM,MAAA,GAAS,MAAM,sBAAA,CAAuB,MAAM,CAAA;AAClD,IAAA,IAAI,CAAC,MAAA,CAAO,eAAA,IAAmB,CAAC,MAAA,CAAO,cAAc,OAAO,MAAA;AAC5D,IAAA,OAAO,OAAO,YAAA,CAAa,MAAA;AAAA,EAC7B;AAEA,EAAA,eAAe,iBAAiB,MAAA,EAAsC;AACpE,IAAA,OAAO,EAAA,CAAG,iBAAiB,MAAM,CAAA;AAAA,EACnC;AAEA,EAAA,eAAe,uBACb,UAAA,EACwD;AACxD,IAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,gBAAA,CAAiB,UAAU,CAAA;AACjD,IAAA,IAAI,CAAC,IAAA,EAAM,KAAA,EAAO,OAAO,IAAA;AACzB,IAAA,OAAO,EAAE,KAAA,EAAO,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,KAAK,IAAA,EAAK;AAAA,EAC9C;AAEA,EAAA,eAAe,kBAAA,CACb,UAAA,EACA,IAAA,EACA,YAAA,EACe;AACf,IAAA,MAAM,EAAA,CAAG,gBAAA,CAAiB,UAAA,EAAY,IAAA,EAAM,YAAY,CAAA;AAAA,EAC1D;AAEA,EAAA,eAAe,qBAAqB,UAAA,EAAmC;AACrE,IAAA,MAAM,EAAA,CAAG,oBAAA,CAAqB,UAAA,EAAY,WAAW,CAAA;AAAA,EACvD;AAEA,EAAA,eAAe,uBAAA,CACb,YACA,iBAAA,EACe;AACf,IAAA,MAAM,EAAA,CAAG,uBAAA,CAAwB,UAAA,EAAY,iBAAiB,CAAA;AAAA,EAChE;AAEA,EAAA,eAAe,qBAAqB,MAAA,EAA+B;AACjE,IAAA,MAAM,EAAA,CAAG,qBAAqB,MAAM,CAAA;AAAA,EACtC;AAEA,EAAA,OAAO;AAAA,IACL,sBAAA;AAAA,IACA,gBAAA;AAAA,IACA,yBAAA;AAAA,IACA,gBAAA;AAAA,IACA,sBAAA;AAAA,IACA,kBAAA;AAAA,IACA,oBAAA;AAAA,IACA,uBAAA;AAAA,IACA;AAAA,GACF;AACF","file":"chunk-NS32METI.js","sourcesContent":["// ---------------------------------------------------------------------------\n// Subscription helpers — framework-agnostic\n// ---------------------------------------------------------------------------\n// All database operations go through the DbAdapter interface.\n// Templates provide their own adapter (Prisma, Drizzle, raw SQL, etc.).\n// ---------------------------------------------------------------------------\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Minimal user record for subscription operations */\nexport interface UserRecord {\n  id: string;\n  whopUserId: string;\n  email: string | null;\n  name: string | null;\n  plan: string;\n  whopMembershipId: string | null;\n  cancelAtPeriodEnd: boolean;\n  createdAt: Date;\n}\n\nexport type SubscriptionStatus = \"active\" | \"canceling\" | \"free\";\n\nexport interface SubscriptionDetails {\n  plan: string;\n  whopMembershipId: string | null;\n  cancelAtPeriodEnd: boolean;\n  status: SubscriptionStatus;\n}\n\nexport interface SubscriptionDetailsResult {\n  hasSubscription: boolean;\n  subscription?: SubscriptionDetails;\n  error?: string;\n}\n\n/** Database adapter — implement per ORM/driver */\nexport interface DbAdapter {\n  /** Find a user by internal ID */\n  findUserById(\n    id: string,\n  ): Promise<Pick<\n    UserRecord,\n    \"plan\" | \"whopMembershipId\" | \"cancelAtPeriodEnd\"\n  > | null>;\n\n  /** Find a user by Whop user ID */\n  findUserByWhopId(\n    whopUserId: string,\n  ): Promise<Pick<UserRecord, \"email\" | \"name\"> | null>;\n\n  /** Get a user's creation date */\n  getUserCreatedAt(id: string): Promise<Date | null>;\n\n  /** Create or update a user on membership activation */\n  upsertMembership(\n    whopUserId: string,\n    plan: string,\n    membershipId: string | null,\n  ): Promise<void>;\n\n  /** Downgrade a user to the default plan */\n  deactivateMembership(whopUserId: string, defaultPlan: string): Promise<void>;\n\n  /** Update the cancel-at-period-end flag */\n  updateCancelAtPeriodEnd(\n    whopUserId: string,\n    cancelAtPeriodEnd: boolean,\n  ): Promise<void>;\n\n  /** Reverse a pending cancellation by user ID */\n  uncancelSubscription(userId: string): Promise<void>;\n}\n\n// ---------------------------------------------------------------------------\n// Factory\n// ---------------------------------------------------------------------------\n\nexport interface SubscriptionHelpers {\n  getSubscriptionDetails(userId: string): Promise<SubscriptionDetailsResult>;\n  isUserSubscribed(userId: string): Promise<boolean>;\n  getUserSubscriptionStatus(userId: string): Promise<SubscriptionStatus>;\n  getUserCreatedAt(userId: string): Promise<Date | null>;\n  getUserForNotification(\n    whopUserId: string,\n  ): Promise<{ email: string; name: string | null } | null>;\n  activateMembership(\n    whopUserId: string,\n    plan: string,\n    membershipId: string | null,\n  ): Promise<void>;\n  deactivateMembership(whopUserId: string): Promise<void>;\n  updateCancelAtPeriodEnd(\n    whopUserId: string,\n    cancelAtPeriodEnd: boolean,\n  ): Promise<void>;\n  uncancelSubscription(userId: string): Promise<void>;\n}\n\n/**\n * Create subscription helpers bound to a database adapter.\n *\n * @param db - Your database adapter implementation\n * @param defaultPlan - The default/free plan key\n * @param validPlanKeys - Array of all valid plan keys\n *\n * @example\n * import { createSubscriptionHelpers } from 'whop-kit/subscriptions'\n * import { prismaDbAdapter } from './adapters/prisma'\n *\n * const subs = createSubscriptionHelpers(\n *   prismaDbAdapter(prisma),\n *   plans.defaultPlan,\n *   plans.keys,\n * );\n *\n * const result = await subs.getSubscriptionDetails(userId);\n */\nexport function createSubscriptionHelpers(\n  db: DbAdapter,\n  defaultPlan: string,\n  validPlanKeys: string[],\n): SubscriptionHelpers {\n  async function getSubscriptionDetails(\n    userId: string,\n  ): Promise<SubscriptionDetailsResult> {\n    try {\n      const user = await db.findUserById(userId);\n      if (!user) {\n        return { hasSubscription: false, error: \"User not found\" };\n      }\n\n      const plan = validPlanKeys.includes(user.plan)\n        ? user.plan\n        : defaultPlan;\n      const isPaid = plan !== defaultPlan;\n\n      if (!isPaid) {\n        return { hasSubscription: false };\n      }\n\n      return {\n        hasSubscription: true,\n        subscription: {\n          plan,\n          whopMembershipId: user.whopMembershipId,\n          cancelAtPeriodEnd: user.cancelAtPeriodEnd,\n          status: user.cancelAtPeriodEnd ? \"canceling\" : \"active\",\n        },\n      };\n    } catch (error) {\n      console.error(\"[whop-kit] Failed to get subscription details:\", error);\n      return { hasSubscription: false, error: \"Database error\" };\n    }\n  }\n\n  async function isUserSubscribed(userId: string): Promise<boolean> {\n    const result = await getSubscriptionDetails(userId);\n    return (\n      result.hasSubscription && result.subscription?.status === \"active\"\n    );\n  }\n\n  async function getUserSubscriptionStatus(\n    userId: string,\n  ): Promise<SubscriptionStatus> {\n    const result = await getSubscriptionDetails(userId);\n    if (!result.hasSubscription || !result.subscription) return \"free\";\n    return result.subscription.status;\n  }\n\n  async function getUserCreatedAt(userId: string): Promise<Date | null> {\n    return db.getUserCreatedAt(userId);\n  }\n\n  async function getUserForNotification(\n    whopUserId: string,\n  ): Promise<{ email: string; name: string | null } | null> {\n    const user = await db.findUserByWhopId(whopUserId);\n    if (!user?.email) return null;\n    return { email: user.email, name: user.name };\n  }\n\n  async function activateMembership(\n    whopUserId: string,\n    plan: string,\n    membershipId: string | null,\n  ): Promise<void> {\n    await db.upsertMembership(whopUserId, plan, membershipId);\n  }\n\n  async function deactivateMembership(whopUserId: string): Promise<void> {\n    await db.deactivateMembership(whopUserId, defaultPlan);\n  }\n\n  async function updateCancelAtPeriodEnd(\n    whopUserId: string,\n    cancelAtPeriodEnd: boolean,\n  ): Promise<void> {\n    await db.updateCancelAtPeriodEnd(whopUserId, cancelAtPeriodEnd);\n  }\n\n  async function uncancelSubscription(userId: string): Promise<void> {\n    await db.uncancelSubscription(userId);\n  }\n\n  return {\n    getSubscriptionDetails,\n    isUserSubscribed,\n    getUserSubscriptionStatus,\n    getUserCreatedAt,\n    getUserForNotification,\n    activateMembership,\n    deactivateMembership,\n    updateCancelAtPeriodEnd,\n    uncancelSubscription,\n  };\n}\n"]}

package/dist/chunk-PLZUFPEG.js

@@ -0,0 +1,53 @@
+// src/config/index.ts
+function createConfigManager(options) {
+  const { store, envMap = {}, cacheTtlMs = 3e4 } = options;
+  const getEnv = options.getEnv ?? ((name) => process.env[name]);
+  const cache = /* @__PURE__ */ new Map();
+  async function get(key) {
+    const cached = cache.get(key);
+    if (cached !== void 0 && Date.now() < cached.expiresAt) {
+      return cached.value;
+    }
+    if (cached !== void 0) cache.delete(key);
+    const envKey = envMap[key];
+    if (envKey) {
+      const envVal = getEnv(envKey);
+      if (envVal) {
+        cache.set(key, {
+          value: envVal,
+          expiresAt: Date.now() + cacheTtlMs
+        });
+        return envVal;
+      }
+    }
+    try {
+      const value = await store.get(key);
+      if (value !== null) {
+        cache.set(key, {
+          value,
+          expiresAt: Date.now() + cacheTtlMs
+        });
+        return value;
+      }
+    } catch {
+    }
+    return null;
+  }
+  async function set(key, value) {
+    await store.set(key, value);
+    cache.set(key, { value, expiresAt: Date.now() + cacheTtlMs });
+  }
+  async function setMany(configs) {
+    await Promise.all(
+      Object.entries(configs).filter(([, value]) => !!value).map(([key, value]) => set(key, value))
+    );
+  }
+  function clearCache() {
+    cache.clear();
+  }
+  return { get, set, setMany, clearCache };
+}
+
+export { createConfigManager };
+//# sourceMappingURL=chunk-PLZUFPEG.js.map
+//# sourceMappingURL=chunk-PLZUFPEG.js.map

package/dist/chunk-PLZUFPEG.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/config/index.ts"],"names":[],"mappings":";AA0DO,SAAS,oBACd,OAAA,EACe;AACf,EAAA,MAAM,EAAE,KAAA,EAAO,MAAA,GAAS,EAAC,EAAG,UAAA,GAAa,KAAO,GAAI,OAAA;AACpD,EAAA,MAAM,SACJ,OAAA,CAAQ,MAAA,KAAW,CAAC,IAAA,KAAiB,OAAA,CAAQ,IAAI,IAAI,CAAA,CAAA;AAEvD,EAAA,MAAM,KAAA,uBAAY,GAAA,EAAkD;AAEpE,EAAA,eAAe,IAAI,GAAA,EAAqC;AAEtD,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA;AAC5B,IAAA,IAAI,WAAW,MAAA,IAAa,IAAA,CAAK,GAAA,EAAI,GAAI,OAAO,SAAA,EAAW;AACzD,MAAA,OAAO,MAAA,CAAO,KAAA;AAAA,IAChB;AACA,IAAA,IAAI,MAAA,KAAW,MAAA,EAAW,KAAA,CAAM,MAAA,CAAO,GAAG,CAAA;AAG1C,IAAA,MAAM,MAAA,GAAS,OAAO,GAAG,CAAA;AACzB,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,MAAA,GAAS,OAAO,MAAM,CAAA;AAC5B,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,KAAA,CAAM,IAAI,GAAA,EAAK;AAAA,UACb,KAAA,EAAO,MAAA;AAAA,UACP,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI;AAAA,SACzB,CAAA;AACD,QAAA,OAAO,MAAA;AAAA,MACT;AAAA,IACF;AAGA,IAAA,IAAI;AACF,MAAA,MAAM,KAAA,GAAQ,MAAM,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA;AACjC,MAAA,IAAI,UAAU,IAAA,EAAM;AAClB,QAAA,KAAA,CAAM,IAAI,GAAA,EAAK;AAAA,UACb,KAAA;AAAA,UACA,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI;AAAA,SACzB,CAAA;AACD,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,IACF,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,eAAe,GAAA,CAAI,KAAa,KAAA,EAA8B;AAC5D,IAAA,MAAM,KAAA,CAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAC1B,IAAA,KAAA,CAAM,GAAA,CAAI,KAAK,EAAE,KAAA,EAAO,WAAW,IAAA,CAAK,GAAA,EAAI,GAAI,UAAA,EAAY,CAAA;AAAA,EAC9D;AAEA,EAAA,eAAe,QAAQ,OAAA,EAAgD;AACrE,IAAA,MAAM,OAAA,CAAQ,GAAA;AAAA,MACZ,MAAA,CAAO,QAAQ,OAAO,CAAA,CACnB,OAAO,CAAC,GAAG,KAAK,CAAA,KAAM,CAAC,CAAC,KAAK,CAAA,CAC7B,GAAA,CAAI,CAAC,CAAC,GAAA,EAAK,KAAK,CAAA,KAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAC;AAAA,KAC1C;AAAA,EACF;AAEA,EAAA,SAAS,UAAA,GAAmB;AAC1B,IAAA,KAAA,CAAM,KAAA,EAAM;AAAA,EACd;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,GAAA,EAAK,OAAA,EAAS,UAAA,EAAW;AACzC","file":"chunk-PLZUFPEG.js","sourcesContent":["// ---------------------------------------------------------------------------\n// Config system — framework-agnostic key-value store with caching\n// ---------------------------------------------------------------------------\n// Provides a ConfigStore interface that templates implement (e.g. with\n// Prisma, Drizzle, KV store, etc.). The config manager adds an in-memory\n// cache layer on top, plus optional env var fallback.\n// ---------------------------------------------------------------------------\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Persistent config store — implement per database/backend */\nexport interface ConfigStore {\n  get(key: string): Promise<string | null>;\n  set(key: string, value: string): Promise<void>;\n}\n\nexport interface ConfigManagerOptions {\n  /** The persistent store (database, KV, file, etc.) */\n  store: ConfigStore;\n  /** Map of config key → env var name for fallback lookups */\n  envMap?: Record<string, string>;\n  /** Cache TTL in milliseconds. Defaults to 30000 (30s). */\n  cacheTtlMs?: number;\n  /** Function to read env vars. Defaults to process.env lookup. */\n  getEnv?: (name: string) => string | undefined;\n}\n\nexport interface ConfigManager {\n  /** Read a config value (cache → env → store) */\n  get(key: string): Promise<string | null>;\n  /** Write a config value (store + cache) */\n  set(key: string, value: string): Promise<void>;\n  /** Bulk set config values */\n  setMany(configs: Record<string, string>): Promise<void>;\n  /** Clear the in-memory cache (useful for testing) */\n  clearCache(): void;\n}\n\n// ---------------------------------------------------------------------------\n// Implementation\n// ---------------------------------------------------------------------------\n\n/**\n * Create a config manager with in-memory caching and optional env var fallback.\n *\n * @example\n * const config = createConfigManager({\n *   store: prismaConfigStore(prisma),\n *   envMap: {\n *     whop_app_id: \"WHOP_APP_ID\",\n *     whop_api_key: \"WHOP_API_KEY\",\n *   },\n * });\n *\n * const appId = await config.get(\"whop_app_id\");\n */\nexport function createConfigManager(\n  options: ConfigManagerOptions,\n): ConfigManager {\n  const { store, envMap = {}, cacheTtlMs = 30_000 } = options;\n  const getEnv =\n    options.getEnv ?? ((name: string) => process.env[name]);\n\n  const cache = new Map<string, { value: string; expiresAt: number }>();\n\n  async function get(key: string): Promise<string | null> {\n    // 1. In-memory cache (with TTL)\n    const cached = cache.get(key);\n    if (cached !== undefined && Date.now() < cached.expiresAt) {\n      return cached.value;\n    }\n    if (cached !== undefined) cache.delete(key);\n\n    // 2. Env var fallback\n    const envKey = envMap[key];\n    if (envKey) {\n      const envVal = getEnv(envKey);\n      if (envVal) {\n        cache.set(key, {\n          value: envVal,\n          expiresAt: Date.now() + cacheTtlMs,\n        });\n        return envVal;\n      }\n    }\n\n    // 3. Persistent store\n    try {\n      const value = await store.get(key);\n      if (value !== null) {\n        cache.set(key, {\n          value,\n          expiresAt: Date.now() + cacheTtlMs,\n        });\n        return value;\n      }\n    } catch {\n      // Store might not be ready (e.g. during first build)\n    }\n\n    return null;\n  }\n\n  async function set(key: string, value: string): Promise<void> {\n    await store.set(key, value);\n    cache.set(key, { value, expiresAt: Date.now() + cacheTtlMs });\n  }\n\n  async function setMany(configs: Record<string, string>): Promise<void> {\n    await Promise.all(\n      Object.entries(configs)\n        .filter(([, value]) => !!value)\n        .map(([key, value]) => set(key, value)),\n    );\n  }\n\n  function clearCache(): void {\n    cache.clear();\n  }\n\n  return { get, set, setMany, clearCache };\n}\n"]}

package/dist/chunk-ZQ44KZRC.js

@@ -0,0 +1,30 @@
+// src/core/index.ts
+function definePlans(metadata) {
+  const keys = Object.keys(metadata);
+  const ranks = Object.fromEntries(
+    keys.map((key, index) => [key, index])
+  );
+  const defaultPlan = keys[0];
+  return {
+    metadata,
+    keys,
+    ranks,
+    defaultPlan,
+    hasMinimum(userPlan, minimumPlan) {
+      return (ranks[userPlan] ?? 0) >= (ranks[minimumPlan] ?? 0);
+    },
+    getBillingIntervals(key) {
+      const meta = metadata[key];
+      return [...meta.billingIntervals ?? ["monthly", "yearly"]];
+    },
+    configKey: (key) => `whop_${key}_plan_id`,
+    configKeyYearly: (key) => `whop_${key}_plan_id_yearly`,
+    priceConfigKey: (key) => `whop_${key}_price_monthly`,
+    priceConfigKeyYearly: (key) => `whop_${key}_price_yearly`,
+    nameConfigKey: (key) => `plan_${key}_name`
+  };
+}
+
+export { definePlans };
+//# sourceMappingURL=chunk-ZQ44KZRC.js.map
+//# sourceMappingURL=chunk-ZQ44KZRC.js.map

package/dist/chunk-ZQ44KZRC.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/core/index.ts"],"names":[],"mappings":";AAgEO,SAAS,YACd,QAAA,EACe;AACf,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA;AACjC,EAAA,MAAM,QAAQ,MAAA,CAAO,WAAA;AAAA,IACnB,IAAA,CAAK,IAAI,CAAC,GAAA,EAAK,UAAU,CAAC,GAAA,EAAK,KAAK,CAAC;AAAA,GACvC;AACA,EAAA,MAAM,WAAA,GAAc,KAAK,CAAC,CAAA;AAE1B,EAAA,OAAO;AAAA,IACL,QAAA;AAAA,IACA,IAAA;AAAA,IACA,KAAA;AAAA,IACA,WAAA;AAAA,IAEA,UAAA,CAAW,UAAa,WAAA,EAAyB;AAC/C,MAAA,OAAA,CAAQ,MAAM,QAAQ,CAAA,IAAK,CAAA,MAAO,KAAA,CAAM,WAAW,CAAA,IAAK,CAAA,CAAA;AAAA,IAC1D,CAAA;AAAA,IAEA,oBAAoB,GAAA,EAA2B;AAC7C,MAAA,MAAM,IAAA,GAAO,SAAS,GAAG,CAAA;AACzB,MAAA,OAAO,CAAC,GAAI,IAAA,CAAK,oBAAoB,CAAC,SAAA,EAAW,QAAQ,CAAE,CAAA;AAAA,IAC7D,CAAA;AAAA,IAEA,SAAA,EAAW,CAAC,GAAA,KAAW,CAAA,KAAA,EAAQ,GAAG,CAAA,QAAA,CAAA;AAAA,IAClC,eAAA,EAAiB,CAAC,GAAA,KAAW,CAAA,KAAA,EAAQ,GAAG,CAAA,eAAA,CAAA;AAAA,IACxC,cAAA,EAAgB,CAAC,GAAA,KAAW,CAAA,KAAA,EAAQ,GAAG,CAAA,cAAA,CAAA;AAAA,IACvC,oBAAA,EAAsB,CAAC,GAAA,KAAW,CAAA,KAAA,EAAQ,GAAG,CAAA,aAAA,CAAA;AAAA,IAC7C,aAAA,EAAe,CAAC,GAAA,KAAW,CAAA,KAAA,EAAQ,GAAG,CAAA,KAAA;AAAA,GACxC;AACF","file":"chunk-ZQ44KZRC.js","sourcesContent":["// ---------------------------------------------------------------------------\n// Core plan system — framework-agnostic, parameterized\n// ---------------------------------------------------------------------------\n// Users define their own plans via definePlans(). The kit never hardcodes\n// plan names, tiers, or pricing. Everything is derived from the definition.\n// ---------------------------------------------------------------------------\n\nexport type BillingInterval = \"monthly\" | \"yearly\";\n\n/** Shape of each plan entry passed to definePlans() */\nexport interface PlanMetadataEntry {\n  name: string;\n  description: string;\n  priceMonthly: number;\n  priceYearly: number;\n  features: readonly string[];\n  highlighted: boolean;\n  /** Display-only free trial length (configure the actual trial in Whop) */\n  trialDays?: number;\n  /** Which billing intervals to offer. Defaults to [\"monthly\", \"yearly\"]. */\n  billingIntervals?: readonly BillingInterval[];\n}\n\n/** The resolved plan system returned by definePlans() */\nexport interface PlanSystem<K extends string = string> {\n  /** The full metadata object as passed in */\n  metadata: Record<K, PlanMetadataEntry>;\n  /** Ordered array of plan keys (insertion order = hierarchy) */\n  keys: K[];\n  /** Numeric rank for each plan (used for comparisons) */\n  ranks: Record<K, number>;\n  /** The lowest-tier plan key (first in metadata) */\n  defaultPlan: K;\n  /** Check if a user's plan meets or exceeds a minimum plan level */\n  hasMinimum: (userPlan: K, minimumPlan: K) => boolean;\n  /** Get the billing intervals a plan supports */\n  getBillingIntervals: (key: K) => BillingInterval[];\n  /** Config key for a plan's Whop plan ID (monthly) */\n  configKey: (key: K) => string;\n  /** Config key for a plan's Whop plan ID (yearly) */\n  configKeyYearly: (key: K) => string;\n  /** Config key for a plan's cached price (monthly) */\n  priceConfigKey: (key: K) => string;\n  /** Config key for a plan's cached price (yearly) */\n  priceConfigKeyYearly: (key: K) => string;\n  /** Config key for a plan's admin-customized name */\n  nameConfigKey: (key: K) => string;\n}\n\n/**\n * Define your app's plan system. Key order defines the hierarchy\n * (first = lowest/free, last = highest).\n *\n * @example\n * const plans = definePlans({\n *   free: { name: \"Free\", description: \"Get started\", ... },\n *   starter: { name: \"Starter\", description: \"For teams\", ... },\n *   pro: { name: \"Pro\", description: \"For power users\", ... },\n * });\n *\n * plans.hasMinimum(\"starter\", \"free\") // true\n * plans.hasMinimum(\"free\", \"pro\")     // false\n * plans.defaultPlan                    // \"free\"\n */\nexport function definePlans<K extends string>(\n  metadata: Record<K, PlanMetadataEntry>,\n): PlanSystem<K> {\n  const keys = Object.keys(metadata) as K[];\n  const ranks = Object.fromEntries(\n    keys.map((key, index) => [key, index]),\n  ) as Record<K, number>;\n  const defaultPlan = keys[0];\n\n  return {\n    metadata,\n    keys,\n    ranks,\n    defaultPlan,\n\n    hasMinimum(userPlan: K, minimumPlan: K): boolean {\n      return (ranks[userPlan] ?? 0) >= (ranks[minimumPlan] ?? 0);\n    },\n\n    getBillingIntervals(key: K): BillingInterval[] {\n      const meta = metadata[key];\n      return [...(meta.billingIntervals ?? [\"monthly\", \"yearly\"])];\n    },\n\n    configKey: (key: K) => `whop_${key}_plan_id`,\n    configKeyYearly: (key: K) => `whop_${key}_plan_id_yearly`,\n    priceConfigKey: (key: K) => `whop_${key}_price_monthly`,\n    priceConfigKeyYearly: (key: K) => `whop_${key}_price_yearly`,\n    nameConfigKey: (key: K) => `plan_${key}_name`,\n  };\n}\n"]}

package/dist/config/index.d.ts

@@ -0,0 +1,42 @@
+/** Persistent config store — implement per database/backend */
+interface ConfigStore {
+    get(key: string): Promise<string | null>;
+    set(key: string, value: string): Promise<void>;
+}
+interface ConfigManagerOptions {
+    /** The persistent store (database, KV, file, etc.) */
+    store: ConfigStore;
+    /** Map of config key → env var name for fallback lookups */
+    envMap?: Record<string, string>;
+    /** Cache TTL in milliseconds. Defaults to 30000 (30s). */
+    cacheTtlMs?: number;
+    /** Function to read env vars. Defaults to process.env lookup. */
+    getEnv?: (name: string) => string | undefined;
+}
+interface ConfigManager {
+    /** Read a config value (cache → env → store) */
+    get(key: string): Promise<string | null>;
+    /** Write a config value (store + cache) */
+    set(key: string, value: string): Promise<void>;
+    /** Bulk set config values */
+    setMany(configs: Record<string, string>): Promise<void>;
+    /** Clear the in-memory cache (useful for testing) */
+    clearCache(): void;
+}
+/**
+ * Create a config manager with in-memory caching and optional env var fallback.
+ *
+ * @example
+ * const config = createConfigManager({
+ *   store: prismaConfigStore(prisma),
+ *   envMap: {
+ *     whop_app_id: "WHOP_APP_ID",
+ *     whop_api_key: "WHOP_API_KEY",
+ *   },
+ * });
+ *
+ * const appId = await config.get("whop_app_id");
+ */
+declare function createConfigManager(options: ConfigManagerOptions): ConfigManager;
+
+export { type ConfigManager, type ConfigManagerOptions, type ConfigStore, createConfigManager };

package/dist/config/index.js

@@ -0,0 +1,3 @@
+export { createConfigManager } from '../chunk-PLZUFPEG.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/config/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/core/index.d.ts

@@ -0,0 +1,57 @@
+type BillingInterval = "monthly" | "yearly";
+/** Shape of each plan entry passed to definePlans() */
+interface PlanMetadataEntry {
+    name: string;
+    description: string;
+    priceMonthly: number;
+    priceYearly: number;
+    features: readonly string[];
+    highlighted: boolean;
+    /** Display-only free trial length (configure the actual trial in Whop) */
+    trialDays?: number;
+    /** Which billing intervals to offer. Defaults to ["monthly", "yearly"]. */
+    billingIntervals?: readonly BillingInterval[];
+}
+/** The resolved plan system returned by definePlans() */
+interface PlanSystem<K extends string = string> {
+    /** The full metadata object as passed in */
+    metadata: Record<K, PlanMetadataEntry>;
+    /** Ordered array of plan keys (insertion order = hierarchy) */
+    keys: K[];
+    /** Numeric rank for each plan (used for comparisons) */
+    ranks: Record<K, number>;
+    /** The lowest-tier plan key (first in metadata) */
+    defaultPlan: K;
+    /** Check if a user's plan meets or exceeds a minimum plan level */
+    hasMinimum: (userPlan: K, minimumPlan: K) => boolean;
+    /** Get the billing intervals a plan supports */
+    getBillingIntervals: (key: K) => BillingInterval[];
+    /** Config key for a plan's Whop plan ID (monthly) */
+    configKey: (key: K) => string;
+    /** Config key for a plan's Whop plan ID (yearly) */
+    configKeyYearly: (key: K) => string;
+    /** Config key for a plan's cached price (monthly) */
+    priceConfigKey: (key: K) => string;
+    /** Config key for a plan's cached price (yearly) */
+    priceConfigKeyYearly: (key: K) => string;
+    /** Config key for a plan's admin-customized name */
+    nameConfigKey: (key: K) => string;
+}
+/**
+ * Define your app's plan system. Key order defines the hierarchy
+ * (first = lowest/free, last = highest).
+ *
+ * @example
+ * const plans = definePlans({
+ *   free: { name: "Free", description: "Get started", ... },
+ *   starter: { name: "Starter", description: "For teams", ... },
+ *   pro: { name: "Pro", description: "For power users", ... },
+ * });
+ *
+ * plans.hasMinimum("starter", "free") // true
+ * plans.hasMinimum("free", "pro")     // false
+ * plans.defaultPlan                    // "free"
+ */
+declare function definePlans<K extends string>(metadata: Record<K, PlanMetadataEntry>): PlanSystem<K>;
+
+export { type BillingInterval, type PlanMetadataEntry, type PlanSystem, definePlans };

package/dist/core/index.js

@@ -0,0 +1,3 @@
+export { definePlans } from '../chunk-ZQ44KZRC.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/core/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/email/index.d.ts

@@ -0,0 +1,43 @@
+type EmailProvider = "resend" | "sendgrid";
+interface SendEmailOptions {
+    to: string;
+    subject: string;
+    html: string;
+    from: string;
+}
+interface SendEmailResult {
+    success: boolean;
+    error?: string;
+}
+interface EmailConfig {
+    provider: EmailProvider;
+    apiKey: string;
+}
+/**
+ * Send an email via a configured provider (Resend or SendGrid).
+ * Uses direct fetch — no SDK dependency.
+ *
+ * @example
+ * const result = await sendEmail(
+ *   { provider: "resend", apiKey: "re_xxxxx" },
+ *   {
+ *     to: "user@example.com",
+ *     from: "noreply@myapp.com",
+ *     subject: "Welcome!",
+ *     html: "<h1>Hello</h1>",
+ *   },
+ * );
+ */
+declare function sendEmail(config: EmailConfig, options: SendEmailOptions): Promise<SendEmailResult>;
+/** Escape HTML special characters to prevent XSS in email templates */
+declare function escapeHtml(text: string): string;
+/**
+ * Wrap email body content in a standard HTML email layout.
+ * Inline CSS for maximum email client compatibility.
+ *
+ * @param body - The inner HTML content
+ * @param footerText - Text shown in the footer (e.g. app name)
+ */
+declare function emailWrapper(body: string, footerText: string): string;
+
+export { type EmailConfig, type EmailProvider, type SendEmailOptions, type SendEmailResult, emailWrapper, escapeHtml, sendEmail };

package/dist/email/index.js

@@ -0,0 +1,3 @@
+export { emailWrapper, escapeHtml, sendEmail } from '../chunk-KQQGVBBH.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/email/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+export { BillingInterval, PlanMetadataEntry, PlanSystem, definePlans } from './core/index.js';
+export { CookieAdapter, CookieOptions, Session, SessionTokenOptions, clearSessionCookie, createSessionToken, encodeSecret, generateSecret, getSessionFromCookie, setSessionCookie, verifySessionToken } from './auth/index.js';
+export { AccessCheckResult, AuthorizationUrlResult, TokenResponse, WebhookHeaders, WhopPlanDetails, WhopUser, buildAuthorizationUrl, checkWhopAccess, exchangeCodeForTokens, fetchWhopPlanDetails, getEffectivePrice, getWhopUser, randomString, sha256, uncancelMembership, verifyWebhookSignature } from './whop/index.js';
+export { ConfigManager, ConfigManagerOptions, ConfigStore, createConfigManager } from './config/index.js';
+export { DbAdapter, SubscriptionDetails, SubscriptionDetailsResult, SubscriptionHelpers, SubscriptionStatus, UserRecord, createSubscriptionHelpers } from './subscriptions/index.js';
+export { EmailConfig, EmailProvider, SendEmailOptions, SendEmailResult, emailWrapper, escapeHtml, sendEmail } from './email/index.js';
+export { cn, formatDate, monthlyEquivalent } from './utils/index.js';

package/dist/index.js

@@ -0,0 +1,9 @@
+export { clearSessionCookie, createSessionToken, encodeSecret, generateSecret, getSessionFromCookie, setSessionCookie, verifySessionToken } from './chunk-GXQLG4HV.js';
+export { createConfigManager } from './chunk-PLZUFPEG.js';
+export { definePlans } from './chunk-ZQ44KZRC.js';
+export { emailWrapper, escapeHtml, sendEmail } from './chunk-KQQGVBBH.js';
+export { createSubscriptionHelpers } from './chunk-NS32METI.js';
+export { cn, formatDate, monthlyEquivalent } from './chunk-BLQ7T7NQ.js';
+export { buildAuthorizationUrl, checkWhopAccess, exchangeCodeForTokens, fetchWhopPlanDetails, getEffectivePrice, getWhopUser, randomString, sha256, uncancelMembership, verifyWebhookSignature } from './chunk-EYK3S5U2.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/subscriptions/index.d.ts

@@ -0,0 +1,76 @@
+/** Minimal user record for subscription operations */
+interface UserRecord {
+    id: string;
+    whopUserId: string;
+    email: string | null;
+    name: string | null;
+    plan: string;
+    whopMembershipId: string | null;
+    cancelAtPeriodEnd: boolean;
+    createdAt: Date;
+}
+type SubscriptionStatus = "active" | "canceling" | "free";
+interface SubscriptionDetails {
+    plan: string;
+    whopMembershipId: string | null;
+    cancelAtPeriodEnd: boolean;
+    status: SubscriptionStatus;
+}
+interface SubscriptionDetailsResult {
+    hasSubscription: boolean;
+    subscription?: SubscriptionDetails;
+    error?: string;
+}
+/** Database adapter — implement per ORM/driver */
+interface DbAdapter {
+    /** Find a user by internal ID */
+    findUserById(id: string): Promise<Pick<UserRecord, "plan" | "whopMembershipId" | "cancelAtPeriodEnd"> | null>;
+    /** Find a user by Whop user ID */
+    findUserByWhopId(whopUserId: string): Promise<Pick<UserRecord, "email" | "name"> | null>;
+    /** Get a user's creation date */
+    getUserCreatedAt(id: string): Promise<Date | null>;
+    /** Create or update a user on membership activation */
+    upsertMembership(whopUserId: string, plan: string, membershipId: string | null): Promise<void>;
+    /** Downgrade a user to the default plan */
+    deactivateMembership(whopUserId: string, defaultPlan: string): Promise<void>;
+    /** Update the cancel-at-period-end flag */
+    updateCancelAtPeriodEnd(whopUserId: string, cancelAtPeriodEnd: boolean): Promise<void>;
+    /** Reverse a pending cancellation by user ID */
+    uncancelSubscription(userId: string): Promise<void>;
+}
+interface SubscriptionHelpers {
+    getSubscriptionDetails(userId: string): Promise<SubscriptionDetailsResult>;
+    isUserSubscribed(userId: string): Promise<boolean>;
+    getUserSubscriptionStatus(userId: string): Promise<SubscriptionStatus>;
+    getUserCreatedAt(userId: string): Promise<Date | null>;
+    getUserForNotification(whopUserId: string): Promise<{
+        email: string;
+        name: string | null;
+    } | null>;
+    activateMembership(whopUserId: string, plan: string, membershipId: string | null): Promise<void>;
+    deactivateMembership(whopUserId: string): Promise<void>;
+    updateCancelAtPeriodEnd(whopUserId: string, cancelAtPeriodEnd: boolean): Promise<void>;
+    uncancelSubscription(userId: string): Promise<void>;
+}
+/**
+ * Create subscription helpers bound to a database adapter.
+ *
+ * @param db - Your database adapter implementation
+ * @param defaultPlan - The default/free plan key
+ * @param validPlanKeys - Array of all valid plan keys
+ *
+ * @example
+ * import { createSubscriptionHelpers } from 'whop-kit/subscriptions'
+ * import { prismaDbAdapter } from './adapters/prisma'
+ *
+ * const subs = createSubscriptionHelpers(
+ *   prismaDbAdapter(prisma),
+ *   plans.defaultPlan,
+ *   plans.keys,
+ * );
+ *
+ * const result = await subs.getSubscriptionDetails(userId);
+ */
+declare function createSubscriptionHelpers(db: DbAdapter, defaultPlan: string, validPlanKeys: string[]): SubscriptionHelpers;
+
+export { type DbAdapter, type SubscriptionDetails, type SubscriptionDetailsResult, type SubscriptionHelpers, type SubscriptionStatus, type UserRecord, createSubscriptionHelpers };

package/dist/subscriptions/index.js

@@ -0,0 +1,3 @@
+export { createSubscriptionHelpers } from '../chunk-NS32METI.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/subscriptions/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/utils/index.d.ts

@@ -0,0 +1,8 @@
+/** Merge class names, filtering out falsy values */
+declare function cn(...classes: (string | false | null | undefined)[]): string;
+/** Calculate the monthly-equivalent price from a yearly total */
+declare function monthlyEquivalent(yearlyTotal: number): number;
+/** Format a date for display (e.g. "Jan 1, 2026") */
+declare function formatDate(date: Date | string): string;
+
+export { cn, formatDate, monthlyEquivalent };

package/dist/utils/index.js

@@ -0,0 +1,3 @@
+export { cn, formatDate, monthlyEquivalent } from '../chunk-BLQ7T7NQ.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/whop/index.d.ts

@@ -0,0 +1,102 @@
+declare function randomString(len: number): string;
+declare function sha256(str: string): Promise<string>;
+interface AuthorizationUrlResult {
+    url: string;
+    codeVerifier: string;
+    state: string;
+    nonce: string;
+}
+/**
+ * Build the Whop OAuth authorization URL with PKCE.
+ *
+ * @param redirectUri - Your OAuth callback URL
+ * @param clientId - Whop App ID
+ */
+declare function buildAuthorizationUrl(redirectUri: string, clientId: string): Promise<AuthorizationUrlResult>;
+interface TokenResponse {
+    access_token: string;
+    refresh_token: string;
+    token_type: string;
+    expires_in: number;
+    id_token?: string;
+}
+/**
+ * Exchange an authorization code for tokens using PKCE.
+ */
+declare function exchangeCodeForTokens(code: string, codeVerifier: string, redirectUri: string, clientId: string): Promise<TokenResponse>;
+/**
+ * OIDC UserInfo response from Whop.
+ * Fields depend on the scopes granted: openid, profile, email.
+ */
+interface WhopUser {
+    /** User ID (e.g. "user_xxxxx") */
+    sub: string;
+    /** Requires "profile" scope */
+    name?: string;
+    /** Requires "profile" scope */
+    preferred_username?: string;
+    /** Requires "profile" scope */
+    picture?: string;
+    /** Requires "email" scope */
+    email?: string;
+    /** Requires "email" scope */
+    email_verified?: boolean;
+}
+/**
+ * Fetch the authenticated user's profile from Whop's OIDC userinfo endpoint.
+ */
+declare function getWhopUser(accessToken: string): Promise<WhopUser>;
+interface AccessCheckResult {
+    hasAccess: boolean;
+    accessLevel: string;
+}
+/**
+ * Check if a user has access to a specific Whop resource (product/experience).
+ * Uses the Whop API directly for authoritative, real-time access checks.
+ *
+ * @param whopUserId - The user's Whop ID
+ * @param resourceId - The product or experience ID to check
+ * @param apiKey - Your Whop API key
+ */
+declare function checkWhopAccess(whopUserId: string, resourceId: string, apiKey: string): Promise<AccessCheckResult>;
+interface WhopPlanDetails {
+    id: string;
+    initial_price: number | null;
+    renewal_price: number | null;
+    billing_period: number | null;
+    currency: string;
+    plan_type: string;
+    trial_period_days: number | null;
+}
+/**
+ * Fetch plan details from the Whop API.
+ */
+declare function fetchWhopPlanDetails(planId: string, apiKey: string): Promise<WhopPlanDetails | null>;
+/**
+ * Get the effective price from a Whop plan's details.
+ * Renewal plans use renewal_price; others use initial_price.
+ */
+declare function getEffectivePrice(details: WhopPlanDetails): number;
+/**
+ * Uncancel a membership via the Whop API.
+ *
+ * @param membershipId - The Whop membership ID
+ * @param apiKey - Your Whop API key
+ */
+declare function uncancelMembership(membershipId: string, apiKey: string): Promise<boolean>;
+interface WebhookHeaders {
+    "webhook-id"?: string | null;
+    "webhook-signature"?: string | null;
+    "webhook-timestamp"?: string | null;
+}
+/**
+ * Verify a Whop webhook signature.
+ * Whop uses the standardwebhooks format: HMAC-SHA256 of "{msg_id}.{timestamp}.{body}".
+ *
+ * @param body - The raw request body string
+ * @param headers - The webhook headers
+ * @param webhookSecret - Your webhook signing secret
+ */
+declare function verifyWebhookSignature(body: string, headers: WebhookHeaders, webhookSecret: string): Promise<boolean>;
+
+export { type AccessCheckResult, type AuthorizationUrlResult, type TokenResponse, type WebhookHeaders, type WhopPlanDetails, type WhopUser, buildAuthorizationUrl, checkWhopAccess, exchangeCodeForTokens, fetchWhopPlanDetails, getEffectivePrice, getWhopUser, randomString, sha256, uncancelMembership, verifyWebhookSignature };

package/dist/whop/index.js

@@ -0,0 +1,3 @@
+export { buildAuthorizationUrl, checkWhopAccess, exchangeCodeForTokens, fetchWhopPlanDetails, getEffectivePrice, getWhopUser, randomString, sha256, uncancelMembership, verifyWebhookSignature } from '../chunk-EYK3S5U2.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/whop/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/package.json

@@ -0,0 +1,70 @@
+{
+  "name": "whop-kit",
+  "version": "0.1.0",
+  "description": "Framework-agnostic toolkit for building apps with Whop authentication, payments, and memberships",
+  "type": "module",
+  "license": "MIT",
+  "author": "Colin McDermott",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/colinmcd/whop-kit"
+  },
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    },
+    "./core": {
+      "import": "./dist/core/index.js",
+      "types": "./dist/core/index.d.ts"
+    },
+    "./auth": {
+      "import": "./dist/auth/index.js",
+      "types": "./dist/auth/index.d.ts"
+    },
+    "./whop": {
+      "import": "./dist/whop/index.js",
+      "types": "./dist/whop/index.d.ts"
+    },
+    "./config": {
+      "import": "./dist/config/index.js",
+      "types": "./dist/config/index.d.ts"
+    },
+    "./subscriptions": {
+      "import": "./dist/subscriptions/index.js",
+      "types": "./dist/subscriptions/index.d.ts"
+    },
+    "./email": {
+      "import": "./dist/email/index.js",
+      "types": "./dist/email/index.d.ts"
+    },
+    "./utils": {
+      "import": "./dist/utils/index.js",
+      "types": "./dist/utils/index.d.ts"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit",
+    "prepublishOnly": "npm run build"
+  },
+  "devDependencies": {
+    "jose": "^6.2.2",
+    "tsup": "^8.4.0",
+    "typescript": "^5.9.3"
+  },
+  "peerDependencies": {
+    "jose": "^6.0.0"
+  },
+  "peerDependenciesMeta": {
+    "jose": {
+      "optional": false
+    }
+  }
+}