CSRF-X Auth Library - v1.0.3
    Preparing search index...

    Class EnvConfig

    Validated and normalized configuration for authentication clients.

    This class takes raw options (or environment variables) and ensures that:

    • The base URL is a valid HTTP/HTTPS URL, with trailing slashes stripped.
    • Paths are sanitized (leading slashes removed) and do not contain illegal characters.
    • Email addresses are syntactically valid.
    • Empty or malformed inputs throw descriptive errors.
    // Direct construction
    const config = new EnvConfig({
    baseUrl: 'https://example.com',
    loginPath: 'signin',
    email: 'user@example.com',
    password: 'secret'
    });

    console.log(config.fullLoginUrl); // "https://example.com/signin"
    // Load from environment variables
    const configFromEnv = EnvConfig.fromEnv();
    if (configFromEnv.hasValidCredentials()) {
    await login(configFromEnv);
    }
    // Override environment with explicit options
    const overridden = EnvConfig.fromEnv({ email: 'test@example.org' });

    @public

    0.1.1

    Index

    Accessors

    • get fullLoginUrl(): string

      Returns the fully constructed login URL.

      Returns string

      The complete login endpoint URL (baseUrl + loginPath).

      // baseUrl = "https://example.com", loginPath = "login"
      config.fullLoginUrl === "https://example.com/login"
    • get fullLogoutUrl(): string

      Returns the fully constructed logout URL.

      Returns string

      The complete logout endpoint URL (baseUrl + logoutPath).

      // baseUrl = "https://example.com", logoutPath = "logout"
      config.fullLogoutUrl === "https://example.com/logout"

    Constructors

    • Creates a new EnvConfig instance after validating and normalizing all inputs.

      Parameters

      Returns EnvConfig

      If baseUrl is missing, empty, or not a valid HTTP/HTTPS URL.

      If loginPath or logoutPath is an empty string or contains ? or #.

      If email is provided but is not a valid email address.

      If password is provided as an empty string.

      • Trailing slashes are stripped from baseUrl.
      • Leading slashes are stripped from loginPath and logoutPath.
      • Empty email or password strings are stored as empty strings (no validation).
      const config = new EnvConfig({
      baseUrl: 'https://example.com',
      loginPath: 'api/login',
      email: 'admin@example.com',
      password: 'secure123'
      });

    Methods

    • Creates an EnvConfig instance from environment variables (.env or process/Bun.env),
      with optional overrides.

      This static method calls loadEnv to read the environment, then applies
      any overrides provided. It is the recommended way to instantiate configuration
      in a production application.

      Parameters

      • Optionaloverrides: Partial<EnvConfigOptions>

        Partial options that take precedence over environment variables.

      Returns EnvConfig

      A fully validated EnvConfig instance.

      If BASE_URL is not set in environment and not overridden.

      // Uses BASE_URL, LOGIN_PATH, USER_EMAIL, USER_PASSWORD from .env
      const config = EnvConfig.fromEnv();
      // Override email and password while keeping baseUrl from env
      const config = EnvConfig.fromEnv({
      email: 'temp@example.com',
      password: 'temp123'
      });

      @public

      0.1.1

    • Checks whether the stored credentials are likely usable.

      Returns boolean

      true if both email and password are non‑empty strings and
      the email contains an @ symbol (basic validity), otherwise false.

      This is a lightweight sanity check; it does not attempt to verify the
      credentials against the server.

      if (!config.hasValidCredentials()) {
      console.warn('Credentials missing or invalid');
      }

    Properties

    baseUrl: string

    Normalized base URL (no trailing slash).

    "https://api.example.com"
    
    loginPath: string

    Sanitized login path (no leading slash).

    "login"
    
    "login"
    
    logoutPath: string

    Sanitized logout path (no leading slash).

    "logout"
    
    "logout"
    
    email: string

    User email address. May be empty string if not provided.

    If the email was provided in the constructor options, it is validated against a basic email pattern.
    An empty string indicates that no email was supplied (or an empty string was explicitly given, which is treated as omitted).

    password: string

    User password. May be empty string if not provided.

    An empty string indicates that no password was supplied. If a password is provided, it cannot be an empty string.
    No other validation is performed.