@acontplus/ng-auth 1.1.2 → 1.1.4

package/index.d.ts

@@ -1,15 +1,126 @@
-import { ITokenProvider, BaseUseCase } from '@acontplus/ng-infrastructure';
+import { BaseUseCase, ITokenProvider } from '@acontplus/ng-infrastructure';
 export { ITokenProvider, TOKEN_PROVIDER } from '@acontplus/ng-infrastructure';
-import { CanActivateFn } from '@angular/router';
-import * as i0 from '@angular/core';
-import { OnDestroy, OnInit, TemplateRef, Provider } from '@angular/core';
-import { AuthTokens, UserData } from '@acontplus/core';
-import { HttpInterceptorFn } from '@angular/common/http';
 import { Observable } from 'rxjs';
+import { AuthTokens, UserData } from '@acontplus/core';
+import * as i0 from '@angular/core';
+import { Provider, OnDestroy, OnInit, TemplateRef } from '@angular/core';
+import { CanActivateFn } from '@angular/router';
+import { HttpInterceptorFn, HttpContextToken } from '@angular/common/http';
 import { AbstractControl, FormGroup } from '@angular/forms';
 
+interface LoginRequest {
+    email: string;
+    password: string;
+    rememberMe?: boolean;
+}
+interface RegisterRequest {
+    email: string;
+    displayName: string;
+    password: string;
+}
+interface RefreshTokenRequest {
+    email: string;
+    refreshToken: string;
+}
+
+declare class LoginUseCase extends BaseUseCase<LoginRequest, AuthTokens> {
+    private readonly authRepository;
+    private readonly authStore;
+    private readonly router;
+    private readonly urlRedirectService;
+    execute(request: LoginRequest): Observable<AuthTokens>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<LoginUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<LoginUseCase>;
+}
+
+declare class RegisterUseCase extends BaseUseCase<RegisterRequest, AuthTokens> {
+    private readonly authRepository;
+    private readonly authStore;
+    private readonly router;
+    execute(request: RegisterRequest): Observable<AuthTokens>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<RegisterUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<RegisterUseCase>;
+}
+
+declare class RefreshTokenUseCase extends BaseUseCase<void, AuthTokens> {
+    private readonly authRepository;
+    private readonly tokenRepository;
+    private readonly authStore;
+    execute(): Observable<AuthTokens>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<RefreshTokenUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<RefreshTokenUseCase>;
+}
+
+declare class LogoutUseCase extends BaseUseCase<void, void> {
+    private readonly authRepository;
+    private readonly tokenRepository;
+    private readonly authStore;
+    execute(): Observable<void>;
+    private cleanup;
+    static ɵfac: i0.ɵɵFactoryDeclaration<LogoutUseCase, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<LogoutUseCase>;
+}
+
+declare abstract class AuthRepository {
+    abstract login(request: LoginRequest): Observable<AuthTokens>;
+    abstract register(request: RegisterRequest): Observable<AuthTokens>;
+    abstract refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
+    abstract logout(email: string, refreshToken: string): Observable<void>;
+}
+
+declare class AuthHttpRepository extends AuthRepository {
+    private readonly http;
+    private readonly URL;
+    login(request: LoginRequest): Observable<AuthTokens>;
+    register(request: RegisterRequest): Observable<AuthTokens>;
+    refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
+    logout(email: string, refreshToken: string): Observable<void>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthHttpRepository, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthHttpRepository>;
+}
+
 declare const authGuard: CanActivateFn;
 
+/**
+ * Interceptor that handles authentication errors and manages URL redirection
+ * Captures the current URL when a 401 error occurs and redirects to login
+ */
+declare const authRedirectInterceptor: HttpInterceptorFn;
+
+declare const SKIP_CSRF: HttpContextToken<boolean>;
+/**
+ * HTTP interceptor that automatically adds CSRF tokens to state-changing requests
+ * Only applies to requests to the same origin to avoid leaking tokens to external APIs
+ */
+declare const csrfInterceptor: HttpInterceptorFn;
+
+declare const authProviders: Provider[];
+
+declare class TokenRepository implements ITokenProvider {
+    private environment;
+    private platformId;
+    saveTokens(tokens: AuthTokens, rememberMe?: boolean): void;
+    getToken(): string | null;
+    getRefreshToken(): string | null;
+    setToken(token: string, rememberMe?: boolean): void;
+    setRefreshToken(refreshToken: string, rememberMe?: boolean): void;
+    clearTokens(): void;
+    isAuthenticated(): boolean;
+    needsRefresh(): boolean;
+    getTokenPayload(): unknown;
+    /**
+     * Determines if tokens are stored persistently (localStorage) vs session (sessionStorage)
+     */
+    isRememberMeEnabled(): boolean;
+    getUserData(): UserData | null;
+    /**
+     * Extract array field from decoded token, trying multiple possible field names
+     */
+    private extractArrayField;
+    static ɵfac: i0.ɵɵFactoryDeclaration<TokenRepository, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<TokenRepository>;
+}
+
 /**
  * Service to manage URL redirection after authentication
  * Stores the intended URL when session is lost and redirects to it after successful login
@@ -65,110 +176,24 @@ declare class UrlRedirectService {
     static ɵprov: i0.ɵɵInjectableDeclaration<UrlRedirectService>;
 }
 
-declare class TokenRepository implements ITokenProvider {
-    private environment;
-    private platformId;
-    saveTokens(tokens: AuthTokens, rememberMe?: boolean): void;
-    getToken(): string | null;
-    getRefreshToken(): string | null;
-    setToken(token: string, rememberMe?: boolean): void;
-    setRefreshToken(refreshToken: string, rememberMe?: boolean): void;
-    clearTokens(): void;
-    isAuthenticated(): boolean;
-    needsRefresh(): boolean;
-    getTokenPayload(): unknown;
+declare class CsrfService {
+    private http;
+    private csrfToken;
     /**
-     * Determines if tokens are stored persistently (localStorage) vs session (sessionStorage)
+     * Get CSRF token, fetching it if not available
      */
-    isRememberMeEnabled(): boolean;
-    static ɵfac: i0.ɵɵFactoryDeclaration<TokenRepository, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<TokenRepository>;
-}
-
-/**
- * Interceptor that handles authentication errors and manages URL redirection
- * Captures the current URL when a 401 error occurs and redirects to login
- */
-declare const authRedirectInterceptor: HttpInterceptorFn;
-
-interface LoginRequest {
-    email: string;
-    password: string;
-    rememberMe?: boolean;
-}
-interface RegisterRequest {
-    email: string;
-    displayName: string;
-    password: string;
-}
-interface RefreshTokenRequest {
-    email: string;
-    refreshToken: string;
-}
-
-declare abstract class AuthRepository {
-    abstract login(request: LoginRequest): Observable<AuthTokens>;
-    abstract register(request: RegisterRequest): Observable<AuthTokens>;
-    abstract refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
-    abstract logout(email: string, refreshToken: string): Observable<void>;
-}
-
-declare class AuthHttpRepository extends AuthRepository {
-    private readonly http;
-    private readonly csrfService;
-    private readonly URL;
-    login(request: LoginRequest): Observable<AuthTokens>;
-    register(request: RegisterRequest): Observable<AuthTokens>;
-    refreshToken(request: RefreshTokenRequest): Observable<AuthTokens>;
-    logout(email: string, refreshToken: string): Observable<void>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<AuthHttpRepository, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<AuthHttpRepository>;
-}
-
-declare class LoginUseCase extends BaseUseCase<LoginRequest, AuthTokens> {
-    private readonly authRepository;
-    private readonly authStore;
-    private readonly router;
-    private readonly urlRedirectService;
-    execute(request: LoginRequest): Observable<AuthTokens>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<LoginUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<LoginUseCase>;
-}
-
-declare class RegisterUseCase extends BaseUseCase<RegisterRequest, AuthTokens> {
-    private readonly authRepository;
-    private readonly authStore;
-    private readonly router;
-    execute(request: RegisterRequest): Observable<AuthTokens>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<RegisterUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<RegisterUseCase>;
-}
-
-declare class RefreshTokenUseCase extends BaseUseCase<void, AuthTokens> {
-    private readonly authRepository;
-    private readonly userRepository;
-    private readonly tokenRepository;
-    private readonly authStore;
-    execute(): Observable<AuthTokens>;
-    static ɵfac: i0.ɵɵFactoryDeclaration<RefreshTokenUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<RefreshTokenUseCase>;
-}
-
-declare class LogoutUseCase extends BaseUseCase<void, void> {
-    private readonly authRepository;
-    private readonly userRepository;
-    private readonly tokenRepository;
-    private readonly authStore;
-    execute(): Observable<void>;
-    private cleanup;
-    static ɵfac: i0.ɵɵFactoryDeclaration<LogoutUseCase, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<LogoutUseCase>;
+    getCsrfToken(): Promise<string>;
+    /**
+     * Clear stored CSRF token (useful on logout)
+     */
+    clearCsrfToken(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<CsrfService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<CsrfService>;
 }
 
 declare class AuthStore implements OnDestroy {
     private readonly authRepository;
     private readonly tokenRepository;
-    private readonly userRepository;
     private readonly router;
     private readonly ngZone;
     private readonly _isAuthenticated;
@@ -253,7 +278,5 @@ declare class LoginComponent implements OnInit {
     static ɵcmp: i0.ɵɵComponentDeclaration<LoginComponent, "acp-login", never, { "title": { "alias": "title"; "required": false; "isSignal": true; }; "showRegisterButton": { "alias": "showRegisterButton"; "required": false; "isSignal": true; }; "showRememberMe": { "alias": "showRememberMe"; "required": false; "isSignal": true; }; "additionalSigninControls": { "alias": "additionalSigninControls"; "required": false; "isSignal": true; }; "additionalSignupControls": { "alias": "additionalSignupControls"; "required": false; "isSignal": true; }; "additionalSigninFields": { "alias": "additionalSigninFields"; "required": false; "isSignal": true; }; "additionalSignupFields": { "alias": "additionalSignupFields"; "required": false; "isSignal": true; }; "footerContent": { "alias": "footerContent"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
 }
 
-declare const authProviders: Provider[];
-
-export { AuthHttpRepository, AuthRepository, AuthStore, LoginComponent, LoginUseCase, LogoutUseCase, RefreshTokenUseCase, RegisterUseCase, TokenRepository, UrlRedirectService, authGuard, authProviders, authRedirectInterceptor };
+export { AuthHttpRepository, AuthRepository, AuthStore, CsrfService, LoginComponent, LoginUseCase, LogoutUseCase, RefreshTokenUseCase, RegisterUseCase, SKIP_CSRF, TokenRepository, UrlRedirectService, authGuard, authProviders, authRedirectInterceptor, csrfInterceptor };
 export type { LoginRequest, RefreshTokenRequest, RegisterRequest };

package/package.json

@@ -1,16 +1,16 @@
 {
   "name": "@acontplus/ng-auth",
-  "version": "1.1.2",
+  "version": "1.1.4",
   "description": "Acontplus Angular Authentication Module",
   "dependencies": {
-    "@acontplus/ng-infrastructure": "^1.0.4",
-    "@acontplus/ng-config": "^1.0.3",
+    "@acontplus/ng-infrastructure": "^1.0.5",
+    "@acontplus/ng-config": "^1.0.4",
     "jwt-decode": "^4.0.0",
     "rxjs": "^7.8.1",
     "tslib": "^2.3.0"
   },
   "peerDependencies": {
-    "@acontplus/core": "^1.0.13",
+    "@acontplus/core": "^1.0.15",
     "@angular/common": "^20.3.2",
     "@angular/core": "^20.3.2",
     "@angular/router": "^20.3.2",