@1auth/account 0.0.0-alpha.31 → 0.0.0-alpha.33

package/README.md

@@ -0,0 +1,50 @@
+# @1auth/account
+
+
+
+
+## Getting started
+
+**auth.js**
+```javascript
+
+import * as notify from "@1auth/notify-console";
+import * as store from "@1auth/store-memory";
+import crypto from "@1auth/crypto";
+import account from "@1auth/account";
+
+export {
+  exists as accountExists,
+  create as accountCreate,
+  lookup as accountLookup,
+  update as accountUpdate,
+  remove as accountRemove
+} from '@1auth/account'
+
+// Initialize
+crypto({ symetricEncryptionKey: '_32B_APPLICATION_ENCRYPTION_KEY_' });
+account({ store, notify });
+```
+
+```javascript
+import {accountUsernameCreate} from './auth.js'
+const sub = await accountCreate()
+```
+
+## Options
+
+- `notify` [Required]: Notify module
+- `store` [Required]: Store module
+- `encryptedFields`: Fields that should be encrypted. Defaults to `["privateKey"]`
+- `table`: database table name. Defaults to `accounts`
+
+## Database table
+
+- `id`
+- `sub`
+- `encryptionKey`
+- `publicKey`
+- `privateKey`
+- `create`
+- `update`
+- Any additional columns

package/index.js

@@ -1,26 +1,37 @@
 import {
+  entropyToCharacterLength,
+  charactersAlphaNumeric,
+  randomAlphaNumeric,
   randomId,
-  subject as randomSubject,
   makeSymetricKey,
   makeAsymmetricKeys,
-  encryptFields,
-  decryptFields
+  symetricEncryptFields,
+  symetricDecryptFields
 } from '@1auth/crypto'
 
-const options = {
+const id = 'authn'
+const randomSubject = {
+  type: 'id',
+  minLength: entropyToCharacterLength(64, charactersAlphaNumeric.length),
+  create: async (prefix) =>
+    (prefix ? prefix + '_' : '') + randomAlphaNumeric(randomSubject.minLength)
+}
+
+const defaults = {
+  id,
   store: undefined,
   notify: undefined,
   table: 'accounts',
   idGenerate: true,
-  idPrefix: 'account',
+  idPrefix: 'user',
   subPrefix: 'sub',
-  randomId: undefined,
-  randomSubject: undefined,
-  encryptedKeys: []
+  randomId,
+  randomSubject,
+  encryptedFields: ['privateKey'] // TODO has encryption build-in
 }
-
+const options = {}
 export default (params) => {
-  Object.assign(options, { randomId, randomSubject }, params)
+  Object.assign(options, defaults, params)
 }
 export const getOptions = () => options
 
@@ -29,30 +40,36 @@ export const exists = async (sub) => {
 }
 
 export const lookup = async (sub) => {
-  const item = options.store.select(options.table, { sub })
-  decryptFields(item, item.encryptionKey, sub, options.encryptedKeys)
+  let item = await options.store.select(options.table, { sub })
+  if (!item) return
+  const { encryptionKey: encryptedKey } = item
   delete item.encryptionKey
   delete item.privateKey
+  item = symetricDecryptFields(
+    item,
+    { encryptedKey, sub },
+    options.encryptedFields
+  )
   return item
 }
 
 export const create = async (values = {}) => {
   const sub = await options.randomSubject.create(options.subPrefix)
+  const asymmetricKeys = await makeAsymmetricKeys()
 
   const { encryptionKey, encryptedKey } = makeSymetricKey(sub)
-  const { publicKey, privateKey } = await makeAsymmetricKeys(encryptionKey)
-
-  // TODO optimize: don't decrypt encryptionKey
-  encryptFields(values, encryptedKey, sub, options.encryptedKeys)
+  const encryptedValues = symetricEncryptFields(
+    { ...values, ...asymmetricKeys },
+    { encryptionKey, sub },
+    options.encryptedFields
+  )
 
   const now = nowInSeconds()
   const params = {
     create: now, // allow use for migration import
-    ...values,
+    ...encryptedValues,
     sub,
     encryptionKey: encryptedKey,
-    publicKey,
-    privateKey,
     update: now
   }
   if (options.idGenerate) {
@@ -66,11 +83,19 @@ export const create = async (values = {}) => {
 
 // for in the clear user metadata
 export const update = async (sub, values = {}) => {
-  const { encryptionKey } = await options.store.select(options.table, {
-    sub
-  })
+  const { encryptionKey: encryptedKey } = await options.store.select(
+    options.table,
+    {
+      sub
+    },
+    ['encryptionKey']
+  )
 
-  encryptFields(values, encryptionKey, sub, options.encryptedKeys)
+  values = symetricEncryptFields(
+    values,
+    { encryptedKey, sub },
+    options.encryptedFields
+  )
 
   await options.store.update(
     options.table,
@@ -80,8 +105,8 @@ export const update = async (sub, values = {}) => {
 }
 
 export const remove = async (sub) => {
-  await options.store.remove(options.table, { sub }) // Should trigger removal of credentials and messengers
-  await options.notify.trigger('account-remove', sub)
+  // Should trigger removal of credentials and messengers
+  await options.store.remove(options.table, { sub })
 }
 
 /* export const expire = async (sub) => {

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@1auth/account",
-  "version": "0.0.0-alpha.31",
+  "version": "0.0.0-alpha.33",
   "description": "",
   "type": "module",
   "engines": {
-    "node": ">=16"
+    "node": ">=20"
   },
   "engineStrict": true,
   "publishConfig": {
@@ -27,7 +27,7 @@
   ],
   "scripts": {
     "test": "npm run test:unit",
-    "test:unit": "ava"
+    "test:unit": "node --test"
   },
   "license": "MIT",
   "funding": {
@@ -48,8 +48,8 @@
     "url": "https://github.com/willfarrell/1auth/issues"
   },
   "homepage": "https://github.com/willfarrell/1auth",
-  "gitHead": "246b0b521e6d136d8f37ee7d9781ffc8ccc987bd",
+  "gitHead": "14b8c5bd83728c460fdcc4c3af5ae5c3c2bb9007",
   "dependencies": {
-    "@1auth/crypto": "0.0.0-alpha.31"
+    "@1auth/crypto": "0.0.0-alpha.33"
   }
 }