/** * Authentication Middleware * Provides flexible authentication support for server adapters */ import type { ApiKeyAuthOptions, AuthResult, AuthenticatedUser, BearerAuthOptions, MiddlewareDefinition, ServerServerAuthConfig, TokenValidator } from "../../types/index.js"; /** * Check if request is from development playground. * Detects playground requests via special headers for development mode. * * @param headers - Request headers to check * @returns True if request is from dev playground * * @example * ```typescript * if (isDevPlayground(ctx.headers)) { * // Skip authentication for playground * } * ``` */ export declare function isDevPlayground(headers: Record): boolean; /** * Default dev user for playground requests */ export declare const DEV_PLAYGROUND_USER: AuthResult; /** * Authentication result */ /** * Create authentication middleware * * @example * ```typescript * const authMiddleware = createAuthMiddleware({ * type: "bearer", * validate: async (token) => { * const user = await verifyJWT(token); * return user ? { id: user.id, email: user.email } : null; * }, * skipPaths: ["/api/health", "/api/ready"], * }); * * server.registerMiddleware(authMiddleware); * ``` */ export declare function createAuthMiddleware(config: ServerServerAuthConfig): MiddlewareDefinition; /** * Role-based access control middleware * Use after authentication middleware * * @example * ```typescript * const adminOnly = createRoleMiddleware({ * requiredRoles: ["admin"], * errorMessage: "Admin access required", * }); * ``` */ export declare function createRoleMiddleware(config: { requiredRoles: string[]; requireAll?: boolean; errorMessage?: string; }): MiddlewareDefinition; /** * In-memory API key store for managing API keys * * @example * ```typescript * const store = new ApiKeyStore(); * * // Add an API key * store.addKey("my-api-key", { id: "user_1", email: "user@example.com" }); * * // Validate a key * const user = store.validate("my-api-key"); * if (user) { * console.log("Valid key for user:", user.id); * } * * // Remove a key * store.removeKey("my-api-key"); * * // Clear all keys * store.clear(); * ``` */ export declare class ApiKeyStore { private keys; /** * Add an API key with associated user */ addKey(apiKey: string, user: AuthenticatedUser): void; /** * Validate an API key * @returns The user associated with the key, or null if invalid */ validate(apiKey: string): AuthenticatedUser | null; /** * Remove an API key */ removeKey(apiKey: string): boolean; /** * Clear all API keys */ clear(): void; /** * Get the number of stored keys */ get size(): number; } /** * Options for bearer auth middleware */ /** * Create bearer token authentication middleware * * @example * ```typescript * const authMiddleware = createBearerAuthMiddleware( * async (token) => { * const user = await verifyJWT(token); * return user ? { id: user.id, roles: user.roles } : null; * }, * { required: true } * ); * ``` */ export declare function createBearerAuthMiddleware(validate: TokenValidator, options?: BearerAuthOptions): MiddlewareDefinition; /** * Options for API key auth middleware */ /** * Create API key authentication middleware * * @example * ```typescript * const store = new ApiKeyStore(); * store.addKey("my-key", { id: "user_1" }); * * const authMiddleware = createApiKeyAuthMiddleware(store); * ``` */ export declare function createApiKeyAuthMiddleware(store: ApiKeyStore, options?: ApiKeyAuthOptions): MiddlewareDefinition; /** * Create role-based authorization middleware (simple version) * * @example * ```typescript * const adminMiddleware = createRoleAuthMiddleware(["admin"]); * const editorMiddleware = createRoleAuthMiddleware(["admin", "editor"]); * ``` */ export declare function createRoleAuthMiddleware(requiredRoles: string[], options?: { requireAll?: boolean; }): MiddlewareDefinition; /** * Create permission-based authorization middleware * * @example * ```typescript * const canEditMiddleware = createPermissionAuthMiddleware(["posts:edit"]); * const canManageMiddleware = createPermissionAuthMiddleware(["users:read", "users:write"]); * ``` */ export declare function createPermissionAuthMiddleware(requiredPermissions: string[], options?: { requireAll?: boolean; }): MiddlewareDefinition;