@absolutejs/auth 0.27.0-beta.0 → 0.27.0-beta.10

package/dist/credentials/config.d.ts

@@ -19,6 +19,7 @@ export type CredentialEmailMessage = {
     type: CredentialEmailType;
 };
 export type CredentialsConfig<UserType> = {
+    checkBreachesOnLogin?: boolean;
     credentialStore: CredentialStore;
     getUserByEmail: (email: string) => Promise<UserType | null | undefined> | UserType | null | undefined;
     isMfaRequired?: (user: UserType) => boolean | Promise<boolean>;

package/dist/credentials/emailValidation.d.ts

@@ -0,0 +1,9 @@
+export type EmailValidationResult = {
+    ok: boolean;
+    reason?: 'disposable' | 'invalid_format' | 'no_mx';
+};
+export declare const isDisposableEmail: (email: string, extraDomains?: Iterable<string>) => boolean;
+export declare const validateEmailDeliverability: (email: string, options?: {
+    checkMx?: boolean;
+    disposableDomains?: Iterable<string>;
+}) => Promise<EmailValidationResult>;

package/dist/credentials/login.d.ts

@@ -1,6 +1,6 @@
 import { Elysia } from 'elysia';
 import { type CredentialRouteProps } from './config';
-export declare const credentialsLogin: <UserType>({ authSessionStore, credentialStore, getUserByEmail, isMfaRequired, lockoutGuard, loginRoute, onCredentialsLoginError, onCredentialsLoginSuccess, requireEmailVerification, sessionDurationMs }: CredentialRouteProps<UserType>) => Elysia<"", {
+export declare const credentialsLogin: <UserType>({ authSessionStore, checkBreachesOnLogin, credentialStore, getUserByEmail, isMfaRequired, lockoutGuard, loginRoute, onCredentialsLoginError, onCredentialsLoginSuccess, requireEmailVerification, sessionDurationMs }: CredentialRouteProps<UserType>) => Elysia<"", {
     decorator: {};
     store: {
         session: import("..").SessionRecord<UserType>;
@@ -32,6 +32,7 @@ export declare const credentialsLogin: <UserType>({ authSessionStore, credential
                 200: {
                     readonly status: "mfa_required";
                 } | {
+                    readonly passwordCompromised: boolean;
                     readonly status: "authenticated";
                 };
                 401: "Invalid email or password";

package/dist/credentials/passwordPolicy.d.ts

@@ -12,3 +12,4 @@ export type PasswordPolicyResult = {
     violations: PasswordPolicyViolation[];
 };
 export declare const evaluatePassword: (password: string, policy?: PasswordPolicy) => Promise<PasswordPolicyResult>;
+export declare const isPasswordCompromised: (password: string) => Promise<boolean>;

package/dist/credentials/routes.d.ts

@@ -100,6 +100,7 @@ export declare const credentialRoutes: <UserType>(config: CredentialRouteProps<U
                 200: {
                     readonly status: "mfa_required";
                 } | {
+                    readonly passwordCompromised: boolean;
                     readonly status: "authenticated";
                 };
                 401: "Invalid email or password";

package/dist/fga/config.d.ts

@@ -0,0 +1,53 @@
+import type { FgaSchema, Warrant, WarrantStore } from './types';
+export type FgaCache = {
+    clear: () => void;
+    get: (key: string) => boolean | undefined;
+    set: (key: string, value: boolean) => void;
+};
+export type FgaConfig = {
+    cache?: FgaCache;
+    maxDepth?: number;
+    schema: FgaSchema;
+    warrantStore: WarrantStore;
+};
+export type CheckQuery = {
+    relation: string;
+    resourceId: string;
+    resourceType: string;
+    subjectId: string;
+    subjectType: string;
+};
+export type Subject = {
+    subjectId: string;
+    subjectType: string;
+};
+export type ObjectQuery = {
+    relation: string;
+    resourceType: string;
+    subjectId: string;
+    subjectType: string;
+};
+export declare const check: (config: FgaConfig, query: CheckQuery) => Promise<boolean>;
+export declare const createInMemoryCheckCache: ({ maxEntries, ttlMs }?: {
+    maxEntries?: number;
+    ttlMs?: number;
+}) => FgaCache;
+export declare const createFgaEngine: (config: FgaConfig) => {
+    check: (query: CheckQuery) => Promise<boolean>;
+    deleteWarrant: (warrant: Warrant) => Promise<void>;
+    listObjects: (query: ObjectQuery) => Promise<string[]>;
+    listSubjects: (query: {
+        relation: string;
+        resourceId: string;
+        resourceType: string;
+    }) => Promise<Subject[]>;
+    writeWarrant: (warrant: Warrant) => Promise<void>;
+};
+export declare const deleteWarrant: (config: FgaConfig, warrant: Warrant) => Promise<void>;
+export declare const listObjects: (config: FgaConfig, query: ObjectQuery) => Promise<string[]>;
+export declare const listSubjects: (config: FgaConfig, query: {
+    relation: string;
+    resourceId: string;
+    resourceType: string;
+}) => Promise<Subject[]>;
+export declare const writeWarrant: (config: FgaConfig, warrant: Warrant) => Promise<void>;

package/dist/fga/inMemoryStores.d.ts

@@ -0,0 +1,3 @@
+import type { Warrant, WarrantStore } from './types';
+export declare const createInMemoryWarrantStore: () => WarrantStore;
+export declare const warrantKey: (warrant: Warrant) => string;

package/dist/fga/postgresStores.d.ts

@@ -0,0 +1,144 @@
+import { type AnyPgDatabase } from '../stores/postgres';
+import type { WarrantStore } from './types';
+export declare const warrantsTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
+    name: "auth_fga_warrants";
+    schema: undefined;
+    columns: {
+        id: import("drizzle-orm/pg-core").PgColumn<{
+            name: "id";
+            tableName: "auth_fga_warrants";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: true;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+        relation: import("drizzle-orm/pg-core").PgColumn<{
+            name: "relation";
+            tableName: "auth_fga_warrants";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+        resource_id: import("drizzle-orm/pg-core").PgColumn<{
+            name: "resource_id";
+            tableName: "auth_fga_warrants";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+        resource_type: import("drizzle-orm/pg-core").PgColumn<{
+            name: "resource_type";
+            tableName: "auth_fga_warrants";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+        subject_id: import("drizzle-orm/pg-core").PgColumn<{
+            name: "subject_id";
+            tableName: "auth_fga_warrants";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+        subject_relation: import("drizzle-orm/pg-core").PgColumn<{
+            name: "subject_relation";
+            tableName: "auth_fga_warrants";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: false;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+        subject_type: import("drizzle-orm/pg-core").PgColumn<{
+            name: "subject_type";
+            tableName: "auth_fga_warrants";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+    };
+    dialect: "pg";
+}>;
+export declare const createNeonWarrantStore: (databaseUrl: string) => WarrantStore;
+export declare const createPostgresWarrantStore: (db: AnyPgDatabase) => WarrantStore;

package/dist/fga/schema.d.ts

@@ -0,0 +1,2 @@
+import type { FgaSchema } from './types';
+export declare const parseSchema: (dsl: string) => FgaSchema;

package/dist/fga/types.d.ts

@@ -0,0 +1,28 @@
+export type Warrant = {
+    relation: string;
+    resourceId: string;
+    resourceType: string;
+    subjectId: string;
+    subjectRelation?: string;
+    subjectType: string;
+};
+export type WarrantStore = {
+    deleteWarrant: (warrant: Warrant) => Promise<void>;
+    listForResource: (resourceType: string, resourceId: string, relation: string) => Promise<Warrant[]>;
+    listResourceIds: (resourceType: string) => Promise<string[]>;
+    saveWarrant: (warrant: Warrant) => Promise<void>;
+};
+export type RelationRule = {
+    kind: 'computedUserset';
+    relation: string;
+} | {
+    kind: 'self';
+} | {
+    kind: 'tupleToUserset';
+    relation: string;
+    viaRelation: string;
+} | {
+    kind: 'union';
+    rules: RelationRule[];
+};
+export type FgaSchema = Record<string, Record<string, RelationRule>>;