import { ModelTypes } from '../../cache/dbs/index.generated.js';
import { PluginUserConfig } from './config.js';
export type JWTdataBase = {
    type: 'access' | 'refresh';
    deviceId: string;
    deviceType: 'mobile' | 'web';
    /** a date in the future */
    expirationDate: number | 'never';
};
export type JWTdata = JWTdataBase & Omit<CtxUser, '_id' | 'role'> & {
    userId: string;
    role: GD['role'] | 'public';
};
export type JWTdataWrite = Omit<JWTdata, 'expirationDate' | 'type'>;
export declare function createToken(ctx: Ctx, data: Omit<JWTdata, 'expirationDate'>, config?: PluginUserConfig): Promise<{
    token: string;
    expirationDate: Date | "never";
}>;
/** Parse token and throw errors if:
 * * wrong token
 * * expired token
 * * wrong token data format
 */
export declare function parseToken(ctx: Ctx, token: string, checkExpiredToken?: boolean, config?: PluginUserConfig): Promise<JWTdata>;
/** This function will:
 * * GENERATE TOKENS
 * * DELETE PREVIOUS TOKEN ASSOCIATED WITH THIS DEVICEID
 * * CREATE AND UPDATE USER REFRESH TOKEN AND ACCESS TOKEN LIST
 * * PUT TOKEN IN COOKIE
 */
export declare function setConnexionTokens(ctx: Ctx, deviceId: string, tokenData: JWTdataWrite, config: PluginUserConfig): Promise<{
    refreshToken: string;
    accessToken: string;
    expirationDate: Date | "never";
    csrfToken: string;
    biometricAuthToken: string;
}>;
/** Revoke a particular user token so it can't be used to login anymore. Note
that all accessTokens can still be used until peremtion date */
export declare function revokeToken(ctx: Ctx, userId: string, token: string, tokenName?: 'refreshTokens' | 'accessTokens', user?: ModelTypes['user']): Promise<null>;