/** * Session Cookie Utilities * * httpOnly cookie management for secure token storage. * Tokens travel in cookies, not headers - the infrastructure disappears. * * @packageDocumentation */ /** Cookie configuration aligned with token TTLs from identity-worker */ export declare const COOKIE_CONFIG: { /** Access token expires in 15 minutes */ readonly ACCESS_TOKEN_MAX_AGE: number; /** Refresh token expires in 7 days */ readonly REFRESH_TOKEN_MAX_AGE: number; /** Cookie names */ readonly NAMES: { readonly ACCESS_TOKEN: "cs_access_token"; readonly REFRESH_TOKEN: "cs_refresh_token"; }; /** Cookie path - available across the entire domain */ readonly PATH: "/"; /** SameSite policy */ readonly SAME_SITE: "lax"; }; export interface CookieOptions { maxAge: number; httpOnly: boolean; secure: boolean; sameSite: 'strict' | 'lax' | 'none'; path: string; domain?: string; } export interface SessionCookies { accessToken: string | undefined; refreshToken: string | undefined; } export interface SetCookieParams { accessToken?: string; refreshToken?: string; /** Override domain for cross-subdomain cookies */ domain?: string; } /** * Generate cookie options for access token */ export declare function getAccessTokenCookieOptions(isProduction: boolean, domain?: string): CookieOptions; /** * Generate cookie options for refresh token */ export declare function getRefreshTokenCookieOptions(isProduction: boolean, domain?: string): CookieOptions; /** * Generate cookie options for clearing (immediate expiry) */ export declare function getClearCookieOptions(isProduction: boolean, domain?: string): CookieOptions; /** * Set session cookies using SvelteKit's cookies API * * @example * ```typescript * // In +page.server.ts after login * import { setSessionCookies } from '@create-something/components/auth'; * * export const actions = { * login: async ({ cookies, request }) => { * const response = await loginUser(formData); * setSessionCookies(cookies, { * accessToken: response.access_token, * refreshToken: response.refresh_token, * }); * } * }; * ``` */ export declare function setSessionCookies(cookies: { set: (name: string, value: string, options: any) => void; }, params: SetCookieParams, isProduction?: boolean): void; /** * Get session cookies using SvelteKit's cookies API * * @example * ```typescript * // In +layout.server.ts * import { getSessionCookies } from '@create-something/components/auth'; * * export const load = async ({ cookies }) => { * const session = getSessionCookies(cookies); * if (session.accessToken) { * const user = await validateToken(session.accessToken); * return { user }; * } * return { user: null }; * }; * ``` */ export declare function getSessionCookies(cookies: { get: (name: string) => string | undefined; }): SessionCookies; /** * Clear session cookies (logout) * * @example * ```typescript * // In +page.server.ts logout action * import { clearSessionCookies } from '@create-something/components/auth'; * * export const actions = { * logout: async ({ cookies }) => { * clearSessionCookies(cookies); * throw redirect(303, '/'); * } * }; * ``` */ export declare function clearSessionCookies(cookies: { set: (name: string, value: string, options: any) => void; delete: (name: string, options?: any) => void; }, isProduction?: boolean, domain?: string): void; /** * Extract access token from a Request object's Cookie header * Useful in API routes and middleware */ export declare function getAccessTokenFromRequest(request: Request): string | null; /** * Extract refresh token from a Request object's Cookie header */ export declare function getRefreshTokenFromRequest(request: Request): string | null; /** * Parse a Cookie header into key-value pairs */ export declare function parseCookieHeader(header: string): Record; /** * Generate Set-Cookie header value for access token * Useful for Cloudflare Workers and raw Response construction */ export declare function createAccessTokenCookie(token: string, isProduction?: boolean, domain?: string): string; /** * Generate Set-Cookie header value for refresh token */ export declare function createRefreshTokenCookie(token: string, isProduction?: boolean, domain?: string): string; /** * Generate Set-Cookie headers to clear both tokens */ export declare function createClearCookieHeaders(isProduction?: boolean, domain?: string): string[];