npm - @acontplus/ng-auth - Versions diffs - 1.1.1 → 1.1.3 - Mend

@acontplus/ng-auth 1.1.1 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/fesm2022/acontplus-ng-auth.mjs +389 -363
package/fesm2022/acontplus-ng-auth.mjs.map +1 -1
package/index.d.ts +122 -109
package/package.json +2 -2

package/index.d.ts CHANGED Viewed

@@ -1,21 +1,121 @@
-import { ITokenProvider, BaseUseCase } from '@acontplus/ng-infrastructure';
+import { BaseUseCase, ITokenProvider } from '@acontplus/ng-infrastructure';
 export { ITokenProvider, TOKEN_PROVIDER } from '@acontplus/ng-infrastructure';
-import { CanActivateFn } from '@angular/router';
-import * as i0 from '@angular/core';
-import { OnDestroy, OnInit, TemplateRef, Provider } from '@angular/core';
-import { AuthTokens, UserData } from '@acontplus/core';
-import { HttpInterceptorFn } from '@angular/common/http';
 import { Observable } from 'rxjs';
+import { AuthTokens, UserData } from '@acontplus/core';
+import * as i0 from '@angular/core';
+import { Provider, OnDestroy, OnInit, TemplateRef } from '@angular/core';
+import { CanActivateFn } from '@angular/router';
+import { HttpInterceptorFn, HttpContextToken } from '@angular/common/http';
 import { AbstractControl, FormGroup } from '@angular/forms';
-declare const authGuard: CanActivateFn;
+interface LoginRequest {
+    email: string;
+    password: string;
+    rememberMe?: boolean;
+}
+interface RegisterRequest {
+    email: string;
+    displayName: string;
+    password: string;
+}
+interface RefreshTokenRequest {
+    email: string;
+    refreshToken: string;
+}
-declare class AuthTokenService implements ITokenProvider {
+declare class LoginUseCase extends BaseUseCase<LoginRequest, AuthTokens> {
+    private readonly authRepository;
+    private readonly authStore;
+    private readonly router;
+    private readonly urlRedirectService;
+    execute(request: LoginRequest): Observable<AuthTokens>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<LoginUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<LoginUseCase>;
+}
+declare class RegisterUseCase extends BaseUseCase<RegisterRequest, AuthTokens> {
+    private readonly authRepository;
+    private readonly authStore;
+    private readonly router;
+    execute(request: RegisterRequest): Observable<AuthTokens>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<RegisterUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<RegisterUseCase>;
+}
+declare class RefreshTokenUseCase extends BaseUseCase<void, AuthTokens> {
+    private readonly authRepository;
+    private readonly userRepository;
+    private readonly tokenRepository;
+    private readonly authStore;
+    execute(): Observable<AuthTokens>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<RefreshTokenUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<RefreshTokenUseCase>;
+}
+declare class LogoutUseCase extends BaseUseCase<void, void> {
+    private readonly authRepository;
+    private readonly userRepository;
     private readonly tokenRepository;
+    private readonly authStore;
+    execute(): Observable<void>;
+    private cleanup;
+    static ɵfac: i0.ɵɵFactoryDeclaration<LogoutUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<LogoutUseCase>;
+}
+declare abstract class AuthRepository {
+    abstract login(request: LoginRequest): Observable<AuthTokens>;
+    abstract register(request: RegisterRequest): Observable<AuthTokens>;
+    abstract refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
+    abstract logout(email: string, refreshToken: string): Observable<void>;
+}
+declare class AuthHttpRepository extends AuthRepository {
+    private readonly http;
+    private readonly URL;
+    login(request: LoginRequest): Observable<AuthTokens>;
+    register(request: RegisterRequest): Observable<AuthTokens>;
+    refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
+    logout(email: string, refreshToken: string): Observable<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthHttpRepository, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthHttpRepository>;
+}
+declare const authGuard: CanActivateFn;
+/**
+ * Interceptor that handles authentication errors and manages URL redirection
+ * Captures the current URL when a 401 error occurs and redirects to login
+ */
+declare const authRedirectInterceptor: HttpInterceptorFn;
+declare const SKIP_CSRF: HttpContextToken<boolean>;
+/**
+ * HTTP interceptor that automatically adds CSRF tokens to state-changing requests
+ * Only applies to requests to the same origin to avoid leaking tokens to external APIs
+ */
+declare const csrfInterceptor: HttpInterceptorFn;
+declare const authProviders: Provider[];
+declare class TokenRepository implements ITokenProvider {
+    private environment;
+    private platformId;
+    saveTokens(tokens: AuthTokens, rememberMe?: boolean): void;
     getToken(): string | null;
+    getRefreshToken(): string | null;
+    setToken(token: string, rememberMe?: boolean): void;
+    setRefreshToken(refreshToken: string, rememberMe?: boolean): void;
+    clearTokens(): void;
     isAuthenticated(): boolean;
-    static ɵfac: i0.ɵɵFactoryDeclaration<AuthTokenService, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<AuthTokenService>;
+    needsRefresh(): boolean;
+    getTokenPayload(): unknown;
+    /**
+     * Determines if tokens are stored persistently (localStorage) vs session (sessionStorage)
+     */
+    isRememberMeEnabled(): boolean;
+    static ɵfac: i0.ɵɵFactoryDeclaration<TokenRepository, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<TokenRepository>;
 }
 /**
@@ -73,104 +173,19 @@ declare class UrlRedirectService {
     static ɵprov: i0.ɵɵInjectableDeclaration<UrlRedirectService>;
 }
-declare class TokenRepository {
-    private environment;
-    private platformId;
-    saveTokens(tokens: AuthTokens, rememberMe?: boolean): void;
-    getAccessToken(): string | null;
-    getRefreshToken(): string | null;
-    setToken(token: string, rememberMe?: boolean): void;
-    setRefreshToken(refreshToken: string, rememberMe?: boolean): void;
-    clearTokens(): void;
-    isAuthenticated(): boolean;
-    needsRefresh(): boolean;
-    getTokenPayload(): unknown;
+declare class CsrfService {
+    private http;
+    private csrfToken;
     /**
-     * Determines if tokens are stored persistently (localStorage) vs session (sessionStorage)
+     * Get CSRF token, fetching it if not available
      */
-    isRememberMeEnabled(): boolean;
-    static ɵfac: i0.ɵɵFactoryDeclaration<TokenRepository, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<TokenRepository>;
-}
-/**
- * Interceptor that handles authentication errors and manages URL redirection
- * Captures the current URL when a 401 error occurs and redirects to login
- */
-declare const authRedirectInterceptor: HttpInterceptorFn;
-interface LoginRequest {
-    email: string;
-    password: string;
-    rememberMe?: boolean;
-}
-interface RegisterRequest {
-    email: string;
-    displayName: string;
-    password: string;
-}
-interface RefreshTokenRequest {
-    email: string;
-    refreshToken: string;
-}
-declare abstract class AuthRepository {
-    abstract login(request: LoginRequest): Observable<AuthTokens>;
-    abstract register(request: RegisterRequest): Observable<AuthTokens>;
-    abstract refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
-    abstract logout(email: string, refreshToken: string): Observable<void>;
-}
-declare class AuthHttpRepository extends AuthRepository {
-    private readonly http;
-    private readonly csrfService;
-    private readonly URL;
-    login(request: LoginRequest): Observable<AuthTokens>;
-    register(request: RegisterRequest): Observable<AuthTokens>;
-    refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
-    logout(email: string, refreshToken: string): Observable<void>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<AuthHttpRepository, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<AuthHttpRepository>;
-}
-declare class LoginUseCase extends BaseUseCase<LoginRequest, AuthTokens> {
-    private readonly authRepository;
-    private readonly authStore;
-    private readonly router;
-    private readonly urlRedirectService;
-    execute(request: LoginRequest): Observable<AuthTokens>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<LoginUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<LoginUseCase>;
-}
-declare class RegisterUseCase extends BaseUseCase<RegisterRequest, AuthTokens> {
-    private readonly authRepository;
-    private readonly authStore;
-    private readonly router;
-    execute(request: RegisterRequest): Observable<AuthTokens>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<RegisterUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<RegisterUseCase>;
-}
-declare class RefreshTokenUseCase extends BaseUseCase<void, AuthTokens> {
-    private readonly authRepository;
-    private readonly userRepository;
-    private readonly tokenRepository;
-    private readonly authStore;
-    execute(): Observable<AuthTokens>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<RefreshTokenUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<RefreshTokenUseCase>;
-}
-declare class LogoutUseCase extends BaseUseCase<void, void> {
-    private readonly authRepository;
-    private readonly userRepository;
-    private readonly tokenRepository;
-    private readonly authStore;
-    execute(): Observable<void>;
-    private cleanup;
-    static ɵfac: i0.ɵɵFactoryDeclaration<LogoutUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<LogoutUseCase>;
+    getCsrfToken(): Promise<string>;
+    /**
+     * Clear stored CSRF token (useful on logout)
+     */
+    clearCsrfToken(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<CsrfService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<CsrfService>;
 }
 declare class AuthStore implements OnDestroy {
@@ -261,7 +276,5 @@ declare class LoginComponent implements OnInit {
     static ɵcmp: i0.ɵɵComponentDeclaration<LoginComponent, "acp-login", never, { "title": { "alias": "title"; "required": false; "isSignal": true; }; "showRegisterButton": { "alias": "showRegisterButton"; "required": false; "isSignal": true; }; "showRememberMe": { "alias": "showRememberMe"; "required": false; "isSignal": true; }; "additionalSigninControls": { "alias": "additionalSigninControls"; "required": false; "isSignal": true; }; "additionalSignupControls": { "alias": "additionalSignupControls"; "required": false; "isSignal": true; }; "additionalSigninFields": { "alias": "additionalSigninFields"; "required": false; "isSignal": true; }; "additionalSignupFields": { "alias": "additionalSignupFields"; "required": false; "isSignal": true; }; "footerContent": { "alias": "footerContent"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
 }
-declare const authProviders: Provider[];
-export { AuthHttpRepository, AuthRepository, AuthStore, AuthTokenService, LoginComponent, LoginUseCase, LogoutUseCase, RefreshTokenUseCase, RegisterUseCase, TokenRepository, UrlRedirectService, authGuard, authProviders, authRedirectInterceptor };
+export { AuthHttpRepository, AuthRepository, AuthStore, CsrfService, LoginComponent, LoginUseCase, LogoutUseCase, RefreshTokenUseCase, RegisterUseCase, SKIP_CSRF, TokenRepository, UrlRedirectService, authGuard, authProviders, authRedirectInterceptor, csrfInterceptor };
 export type { LoginRequest, RefreshTokenRequest, RegisterRequest };

package/package.json CHANGED Viewed

@@ -1,9 +1,9 @@
 {
   "name": "@acontplus/ng-auth",
-  "version": "1.1.1",
+  "version": "1.1.3",
   "description": "Acontplus Angular Authentication Module",
   "dependencies": {
-    "@acontplus/ng-infrastructure": "^1.0.3",
+    "@acontplus/ng-infrastructure": "^1.0.4",
     "@acontplus/ng-config": "^1.0.3",
     "jwt-decode": "^4.0.0",
     "rxjs": "^7.8.1",