import { type CreateJwtParams, type ParsedJwt, type ParseJwtParams } from './jwt.js'; /** * Shape definition and source of truth for {@link JwtUserData}. * * @category Internal */ export declare const userJwtDataShape: import("object-shape-tester").Shape<{ /** The id from your database of the user you're authenticating. */ userId: import("object-shape-tester").Shape>; /** * CSRF token. This can be any cryptographically secure randomized string. * * Consider using {@link generateCsrfToken} to generate this. */ csrfToken: string; /** * Unix timestamp (in milliseconds) when the session was originally started. This is used to * enforce the max session duration. If not present, the session is considered to have started * when the JWT was issued. */ sessionStartedAt: import("object-shape-tester").Shape>>; }>; /** * Data required for user JWTs. * * @category Internal */ export type JwtUserData = typeof userJwtDataShape.runtimeType; /** * Creates a new signed and encrypted {@link JwtUserData} when a client (frontend) successfully * authenticates with the host (backend). This is used by host (backend) code to establish a new * user session. The output of this function should be sent to the client (frontend) for storage. * * @category Internal */ export declare function createUserJwt(data: Readonly, params: Readonly): Promise; /** * Parses a {@link JwtUserData} generated from {@link createUserJwt}. This should be used on the host * (backend) to a client (frontend) request. Do not use this function in client (frontend) code: it * requires JWT signing keys which should not be shared with any client (frontend). * * @category Internal */ export declare function parseUserJwt(encryptedJwt: string, params: Readonly): Promise | undefined>;