import { type RequireExactlyOne } from 'type-fest';
/**
 * Generates a random, cryptographically secure CSRF token string.
 *
 * @category Internal
 */
export declare function generateCsrfToken(): string;
/**
 * Options for specifying the CSRF token header name.
 *
 * @category Auth : Client
 * @category Auth : Host
 */
export type CsrfHeaderNameOption = RequireExactlyOne<{
    /** Prefix used to generate the header name: `${prefix}-auth-vir-csrf-token`. */
    csrfHeaderPrefix: string;
    /** Overrides the entire CSRF header name. */
    csrfHeaderName: string;
}>;
/**
 * Resolves a {@link CsrfHeaderNameOption} to the actual header name string.
 *
 * @category Auth : Client
 * @category Auth : Host
 */
export declare function resolveCsrfHeaderName(options: Readonly<CsrfHeaderNameOption>): string;
/**
 * Used in client (frontend) code to retrieve the current CSRF token from the browser cookie in
 * order to send it with requests to the host (backend).
 *
 * @category Auth : Client
 */
export declare function getCurrentCsrfToken(cookieNameSuffix?: string | undefined): string | undefined;