import { AuthToken, TokenStore } from "../../types"; /** * Configuration options for the `BrowserStore`. */ export type BrowserStoreOptions = { clientId: string; /** * Whether to use secure cookies (HTTPS only). * Defaults to false. Set to true in production (HTTPS). */ secure?: boolean; /** * SameSite cookie attribute for CSRF protection. * Defaults to 'Lax' for balance of security and usability. * Use 'Strict' for maximum security, 'None' for cross-site usage (requires secure=true). */ sameSite?: "Strict" | "Lax" | "None"; /** * Cookie path. * Defaults to '/' to make delete behavior consistent with set behavior. */ path?: string; /** * Cookie domain, if needed for subdomain sharing. */ domain?: string; }; /** * `BrowserStore` is an implementation of the `TokenStore` interface for storing authentication tokens in browser cookies. * * **Note:** This store shares the same cookie key as `ExpressStore` (using the `st` namespace). * The `ExpressStore` must NOT use `httpOnly: true` when both stores are used together, * as that would prevent this store from reading or writing the shared cookie. */ declare class BrowserStore implements TokenStore { expiration: number; private namespace; private readonly key; private readonly cookieOptions; /** * Initializes the `BrowserStore` with client-specific options. * @param options - Configuration options for the store. */ constructor({ clientId, secure, sameSite, path, domain, }: BrowserStoreOptions); /** * Retrieves the authentication token from browser cookies. * @returns The `AuthToken` or null if no token exists or parsing fails. */ getToken(): AuthToken | null; /** * Stores the authentication token in a browser cookie. * @param token - The authentication token to store. */ setToken(token: AuthToken): void; /** * Removes the authentication token from browser cookies. */ removeToken(): void; } export default BrowserStore;