@adonisjs/auth 10.0.0-next.3 → 10.0.0-next.5

package/build/{auth_manager-BMz_OJXq.js → auth_manager-CJvMGOzX.js}

@@ -1,4 +1,4 @@
-import { n as E_UNAUTHORIZED_ACCESS } from "./errors-BQxhZmkE.js";
+import { n as E_UNAUTHORIZED_ACCESS } from "./errors-Ns_FO2np.js";
 import { t as debug_default } from "./debug-Ckko95-M.js";
 import { RuntimeException } from "@adonisjs/core/exceptions";
 import { HttpContextFactory } from "@adonisjs/core/factories/http";

package/build/{errors-BQxhZmkE.js → errors-Ns_FO2np.js}

@@ -1,7 +1,7 @@
 import "node:module";
 import { Exception } from "@adonisjs/core/exceptions";
 var __defProp = Object.defineProperty;
-var __export = (all, symbols) => {
+var __exportAll = (all, symbols) => {
 	let target = {};
 	for (var name in all) __defProp(target, name, {
 		get: all[name],
@@ -10,7 +10,7 @@ var __export = (all, symbols) => {
 	if (symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
 	return target;
 };
-var errors_exports = /* @__PURE__ */ __export({
+var errors_exports = /* @__PURE__ */ __exportAll({
 	E_INVALID_CREDENTIALS: () => E_INVALID_CREDENTIALS,
 	E_UNAUTHORIZED_ACCESS: () => E_UNAUTHORIZED_ACCESS
 });
@@ -30,6 +30,7 @@ const E_UNAUTHORIZED_ACCESS = class extends Exception {
 				case "html":
 				case null:
 					ctx.session.flashExcept(["_csrf"]);
+					ctx.session.flash("error", message);
 					ctx.session.flashErrors({ [error.code]: message });
 					ctx.response.redirect(error.redirectTo || "/", true);
 					break;
@@ -109,6 +110,7 @@ const E_INVALID_CREDENTIALS = class extends Exception {
 						"password",
 						"password_confirmation"
 					]);
+					ctx.session.flash("error", message);
 					ctx.session.flashErrors({ [error.code]: message });
 					ctx.response.redirect("back", true);
 				} else ctx.response.status(error.status).send(message);
@@ -125,4 +127,4 @@ const E_INVALID_CREDENTIALS = class extends Exception {
 		}
 	}
 };
-export { __export as i, E_UNAUTHORIZED_ACCESS as n, errors_exports as r, E_INVALID_CREDENTIALS as t };
+export { __exportAll as i, E_UNAUTHORIZED_ACCESS as n, errors_exports as r, E_INVALID_CREDENTIALS as t };

package/build/index.js

@@ -1,7 +1,7 @@
-import { r as errors_exports } from "./errors-BQxhZmkE.js";
-import { t as symbols_exports } from "./symbols-Ct253Khf.js";
+import { r as errors_exports } from "./errors-Ns_FO2np.js";
+import { t as symbols_exports } from "./symbols-BwcLqNln.js";
 import "./debug-Ckko95-M.js";
-import { n as AuthenticatorClient, r as Authenticator, t as AuthManager } from "./auth_manager-BMz_OJXq.js";
+import { n as AuthenticatorClient, r as Authenticator, t as AuthManager } from "./auth_manager-CJvMGOzX.js";
 import { presetAuth } from "@adonisjs/presets/auth";
 import { configProvider } from "@adonisjs/core";
 async function configure(command) {

package/build/modules/access_tokens_guard/define_config.d.ts

@@ -6,6 +6,16 @@ import { AccessTokensLucidUserProvider } from './user_providers/lucid.ts';
 import type { LucidTokenable, AccessTokensUserProviderContract, AccessTokensLucidUserProviderOptions } from './types.ts';
 /**
  * Configures access tokens guard for authentication
+ *
+ * @param config - Configuration object containing the user provider
+ *
+ * @example
+ * const guard = tokensGuard({
+ *   provider: tokensUserProvider({
+ *     model: () => import('#models/user'),
+ *     tokens: 'accessTokens'
+ *   })
+ * })
  */
 export declare function tokensGuard<UserProvider extends AccessTokensUserProviderContract<unknown>>(config: {
     provider: UserProvider | ConfigProvider<UserProvider>;
@@ -13,5 +23,13 @@ export declare function tokensGuard<UserProvider extends AccessTokensUserProvide
 /**
  * Configures user provider that uses Lucid models to verify
  * access tokens and find users during authentication.
+ *
+ * @param config - Configuration options for the Lucid user provider
+ *
+ * @example
+ * const userProvider = tokensUserProvider({
+ *   model: () => import('#models/user'),
+ *   tokens: 'accessTokens'
+ * })
  */
 export declare function tokensUserProvider<TokenableProperty extends string, Model extends LucidTokenable<TokenableProperty>>(config: AccessTokensLucidUserProviderOptions<TokenableProperty, Model>): AccessTokensLucidUserProvider<TokenableProperty, Model>;

package/build/modules/access_tokens_guard/main.js

@@ -1,5 +1,5 @@
-import { n as E_UNAUTHORIZED_ACCESS } from "../../errors-BQxhZmkE.js";
-import "../../symbols-Ct253Khf.js";
+import { n as E_UNAUTHORIZED_ACCESS } from "../../errors-Ns_FO2np.js";
+import "../../symbols-BwcLqNln.js";
 import { RuntimeException } from "@adonisjs/core/exceptions";
 import { inspect } from "node:util";
 import { createHash } from "node:crypto";

package/build/modules/access_tokens_guard/types.d.ts

@@ -102,12 +102,16 @@ export type AccessTokenDbColumns = {
     last_used_at: null | Date;
 };
 /**
- * Access token providers are used verify an access token
- * during authentication
+ * Access token providers are used to verify an access token
+ * during authentication and manage token lifecycle
  */
 export interface AccessTokensProviderContract<Tokenable extends LucidModel> {
     /**
      * Create a token for a given user
+     *
+     * @param user - The user instance to create a token for
+     * @param abilities - Optional array of abilities the token should have
+     * @param options - Optional token configuration including name and expiration
      */
     create(user: InstanceType<Tokenable>, abilities?: string[], options?: {
         name?: string;
@@ -116,10 +120,14 @@ export interface AccessTokensProviderContract<Tokenable extends LucidModel> {
     /**
      * Verifies a publicly shared access token and returns an
      * access token for it.
+     *
+     * @param tokenValue - The token value to verify
      */
     verify(tokenValue: Secret<string>): Promise<AccessToken | null>;
     /**
      * Invalidates a token identified by its publicly shared token
+     *
+     * @param tokenValue - The token value to invalidate
      */
     invalidate(tokenValue: Secret<string>): Promise<boolean>;
 }
@@ -146,11 +154,17 @@ export type AccessTokensLucidUserProviderOptions<TokenableProperty extends strin
  * and the guard.
  *
  * The guard is user provider agnostic and therefore it
- * needs a adapter to known some basic info about the
+ * needs an adapter to know some basic info about the
  * user.
  */
 export type AccessTokensGuardUser<RealUser> = {
+    /**
+     * Get the unique identifier for the user
+     */
     getId(): string | number | BigInt;
+    /**
+     * Get the original user object from the provider
+     */
     getOriginal(): RealUser;
 };
 /**
@@ -162,10 +176,16 @@ export interface AccessTokensUserProviderContract<RealUser> {
     /**
      * Create a user object that acts as an adapter between
      * the guard and real user value.
+     *
+     * @param user - The real user object from the provider
      */
     createUserForGuard(user: RealUser): Promise<AccessTokensGuardUser<RealUser>>;
     /**
      * Create a token for a given user
+     *
+     * @param user - The user to create a token for
+     * @param abilities - Optional array of abilities the token should have
+     * @param options - Optional token configuration including name and expiration
      */
     createToken(user: RealUser, abilities?: string[], options?: {
         name?: string;
@@ -173,14 +193,20 @@ export interface AccessTokensUserProviderContract<RealUser> {
     }): Promise<AccessToken>;
     /**
      * Invalidates a token identified by its publicly shared token.
+     *
+     * @param tokenValue - The token value to invalidate
      */
     invalidateToken(tokenValue: Secret<string>): Promise<boolean>;
     /**
      * Find a user by the user id.
+     *
+     * @param identifier - The unique identifier of the user
      */
     findById(identifier: string | number | BigInt): Promise<AccessTokensGuardUser<RealUser> | null>;
     /**
      * Verify a token by its publicly shared value.
+     *
+     * @param tokenValue - The token value to verify
      */
     verifyToken(tokenValue: Secret<string>): Promise<AccessToken | null>;
 }

package/build/modules/basic_auth_guard/define_config.d.ts

@@ -5,13 +5,29 @@ import type { GuardConfigProvider } from '../../src/types.ts';
 import { BasicAuthLucidUserProvider } from './user_providers/lucid.ts';
 import type { LucidAuthenticatable, BasicAuthUserProviderContract, BasicAuthLucidUserProviderOptions } from './types.ts';
 /**
- * Configures basic auth guard for authentication
+ * Configures basic auth guard for authentication using HTTP Basic Authentication
+ *
+ * @param config - Configuration object containing the user provider
+ *
+ * @example
+ * const guard = basicAuthGuard({
+ *   provider: basicAuthUserProvider({
+ *     model: () => import('#models/user')
+ *   })
+ * })
  */
 export declare function basicAuthGuard<UserProvider extends BasicAuthUserProviderContract<unknown>>(config: {
     provider: UserProvider | ConfigProvider<UserProvider>;
 }): GuardConfigProvider<(ctx: HttpContext) => BasicAuthGuard<UserProvider>>;
 /**
  * Configures user provider that uses Lucid models to authenticate
- * users using basic auth
+ * users using basic auth credentials
+ *
+ * @param config - Configuration options for the Lucid user provider
+ *
+ * @example
+ * const userProvider = basicAuthUserProvider({
+ *   model: () => import('#models/user')
+ * })
  */
 export declare function basicAuthUserProvider<Model extends LucidAuthenticatable>(config: BasicAuthLucidUserProviderOptions<Model>): BasicAuthLucidUserProvider<Model>;

package/build/modules/basic_auth_guard/guard.d.ts

@@ -51,17 +51,47 @@ export declare class BasicAuthGuard<UserProvider extends BasicAuthUserProviderCo
      * the request is not authenticated.
      */
     user?: UserProvider[typeof PROVIDER_REAL_USER];
+    /**
+     * Creates a new BasicAuthGuard instance
+     *
+     * @param name - Unique name for the guard instance
+     * @param ctx - HTTP context for the current request
+     * @param emitter - Event emitter for guard events
+     * @param userProvider - User provider for credential verification
+     *
+     * @example
+     * const guard = new BasicAuthGuard(
+     *   'basic',
+     *   ctx,
+     *   emitter,
+     *   new BasicAuthLucidUserProvider()
+     * )
+     */
     constructor(name: string, ctx: HttpContext, emitter: EmitterLike<BasicAuthGuardEvents<UserProvider[typeof PROVIDER_REAL_USER]>>, userProvider: UserProvider);
     /**
      * Returns an instance of the authenticated user. Or throws
      * an exception if the request is not authenticated.
+     *
+     * @throws {E_UNAUTHORIZED_ACCESS} When user is not authenticated
+     *
+     * @example
+     * const user = guard.getUserOrFail()
+     * console.log('User:', user.email)
      */
     getUserOrFail(): UserProvider[typeof PROVIDER_REAL_USER];
     /**
      * Authenticates the incoming HTTP request by looking for BasicAuth
      * credentials inside the request authorization header.
      *
-     * Returns the authenticated user or throws an exception.
+     * @throws {E_UNAUTHORIZED_ACCESS} When authentication fails
+     *
+     * @example
+     * try {
+     *   const user = await guard.authenticate()
+     *   console.log('Authenticated as:', user.email)
+     * } catch (error) {
+     *   console.log('Authentication failed')
+     * }
      */
     authenticate(): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
     /**
@@ -69,11 +99,24 @@ export declare class BasicAuthGuard<UserProvider extends BasicAuthUserProviderCo
      *
      * The method returns a boolean indicating if the authentication
      * succeeded or failed.
+     *
+     * @example
+     * const isAuthenticated = await guard.check()
+     * if (isAuthenticated) {
+     *   console.log('User is authenticated:', guard.user.email)
+     * }
      */
     check(): Promise<boolean>;
     /**
-     * Does not support authenticating as client. Instead use "basicAuth"
-     * helper on Japa APIClient
+     * Returns the Authorization header clients can use to authenticate
+     * the request using basic auth.
+     *
+     * @param uid - The username or user identifier
+     * @param password - The user's password
+     *
+     * @example
+     * const clientAuth = await guard.authenticateAsClient('user@example.com', 'secret')
+     * // Use clientAuth.headers.authorization in API tests
      */
     authenticateAsClient(uid: string, password: string): Promise<AuthClientResponse>;
 }

package/build/modules/basic_auth_guard/main.js

@@ -1,5 +1,5 @@
-import { n as E_UNAUTHORIZED_ACCESS } from "../../errors-BQxhZmkE.js";
-import "../../symbols-Ct253Khf.js";
+import { n as E_UNAUTHORIZED_ACCESS } from "../../errors-Ns_FO2np.js";
+import "../../symbols-BwcLqNln.js";
 import { RuntimeException } from "@adonisjs/core/exceptions";
 import { base64 } from "@adonisjs/core/helpers";
 import auth from "basic-auth";

package/build/modules/basic_auth_guard/types.d.ts

@@ -10,6 +10,9 @@ export type LucidAuthenticatable = LucidModel & {
     /**
      * Verify credentials method should return the user instance
      * or throw an exception
+     *
+     * @param uid - The username or user identifier
+     * @param password - The password to verify
      */
     verifyCredentials(uid: string, password: string): Promise<InstanceType<LucidAuthenticatable>>;
 };
@@ -31,11 +34,17 @@ export type BasicAuthLucidUserProviderOptions<Model extends LucidAuthenticatable
  * and the guard.
  *
  * The guard is user provider agnostic and therefore it
- * needs a adapter to known some basic info about the
+ * needs an adapter to know some basic info about the
  * user.
  */
 export type BasicAuthGuardUser<RealUser> = {
+    /**
+     * Get the unique identifier for the user
+     */
     getId(): string | number | BigInt;
+    /**
+     * Get the original user object from the provider
+     */
     getOriginal(): RealUser;
 };
 /**
@@ -47,11 +56,16 @@ export interface BasicAuthUserProviderContract<RealUser> {
     /**
      * Create a user object that acts as an adapter between
      * the guard and real user value.
+     *
+     * @param user - The real user object from the provider
      */
     createUserForGuard(user: RealUser): Promise<BasicAuthGuardUser<RealUser>>;
     /**
      * Verify user credentials and must return an instance of the
      * user back or null when the credentials are invalid
+     *
+     * @param uid - The username or user identifier
+     * @param password - The password to verify
      */
     verifyCredentials(uid: string, password: string): Promise<BasicAuthGuardUser<RealUser> | null>;
 }

package/build/modules/basic_auth_guard/user_providers/lucid.d.ts

@@ -39,14 +39,33 @@ export declare class BasicAuthLucidUserProvider<UserModel extends LucidAuthentic
     /**
      * Imports the model from the provider, returns and caches it
      * for further operations.
+     *
+     * @example
+     * const UserModel = await provider.getModel()
+     * const user = await UserModel.find(1)
      */
     protected getModel(): Promise<UserModel>;
     /**
      * Creates an adapter user for the guard
+     *
+     * @param user - The user model instance
+     *
+     * @example
+     * const guardUser = await provider.createUserForGuard(user)
+     * console.log('User ID:', guardUser.getId())
      */
     createUserForGuard(user: InstanceType<UserModel>): Promise<BasicAuthGuardUser<InstanceType<UserModel>>>;
     /**
      * Verifies credentials using the underlying model
+     *
+     * @param uid - The username or user identifier
+     * @param password - The password to verify
+     *
+     * @example
+     * const guardUser = await provider.verifyCredentials('user@example.com', 'secret')
+     * if (guardUser) {
+     *   console.log('Valid credentials')
+     * }
      */
     verifyCredentials(uid: string, password: string): Promise<BasicAuthGuardUser<InstanceType<UserModel>> | null>;
 }

package/build/modules/session_guard/define_config.d.ts

@@ -5,7 +5,17 @@ import type { GuardConfigProvider } from '../../src/types.ts';
 import { SessionLucidUserProvider } from './user_providers/lucid.ts';
 import type { SessionGuardOptions, LucidAuthenticatable, SessionUserProviderContract, SessionLucidUserProviderOptions, SessionWithTokensUserProviderContract } from './types.ts';
 /**
- * Configures session tokens guard for authentication
+ * Configures session guard for authentication using HTTP sessions
+ *
+ * @param config - Configuration object containing the user provider and session options
+ *
+ * @example
+ * const guard = sessionGuard({
+ *   useRememberMeTokens: false,
+ *   provider: sessionUserProvider({
+ *     model: () => import('#models/user')
+ *   })
+ * })
  */
 export declare function sessionGuard<UseRememberTokens extends boolean, UserProvider extends UseRememberTokens extends true ? SessionWithTokensUserProviderContract<unknown> : SessionUserProviderContract<unknown>>(config: {
     provider: UserProvider | ConfigProvider<UserProvider>;
@@ -13,5 +23,12 @@ export declare function sessionGuard<UseRememberTokens extends boolean, UserProv
 /**
  * Configures user provider that uses Lucid models to authenticate
  * users using sessions
+ *
+ * @param config - Configuration options for the Lucid user provider
+ *
+ * @example
+ * const userProvider = sessionUserProvider({
+ *   model: () => import('#models/user')
+ * })
  */
 export declare function sessionUserProvider<Model extends LucidAuthenticatable>(config: SessionLucidUserProviderOptions<Model>): SessionLucidUserProvider<Model>;

package/build/modules/session_guard/guard.d.ts

@@ -106,32 +106,71 @@ export declare class SessionGuard<UseRememberTokens extends boolean, UserProvide
     /**
      * Returns an instance of the authenticated user. Or throws
      * an exception if the request is not authenticated.
+     *
+     * @throws {E_UNAUTHORIZED_ACCESS} When user is not authenticated
+     *
+     * @example
+     * const user = guard.getUserOrFail()
+     * console.log('User:', user.email)
      */
     getUserOrFail(): UserProvider[typeof PROVIDER_REAL_USER];
     /**
      * Login user using sessions. Optionally, you can also create
      * a remember me token to automatically login user when their
      * session expires.
+     *
+     * @param user - The user to login
+     * @param remember - Whether to create a remember me token
+     *
+     * @example
+     * await guard.login(user, true)
+     * console.log('User logged in with remember me token')
      */
     login(user: UserProvider[typeof PROVIDER_REAL_USER], remember?: boolean): Promise<void>;
     /**
      * Logout a user by removing its state from the session
      * store and delete the remember me cookie (if any).
+     *
+     * @example
+     * await guard.logout()
+     * console.log('User logged out successfully')
      */
     logout(): Promise<void>;
     /**
-     * Authenticate the current HTTP request by verifying the bearer
-     * token or fails with an exception
+     * Authenticate the current HTTP request by verifying the session
+     * or remember me token and fails with an exception if authentication fails
+     *
+     * @throws {E_UNAUTHORIZED_ACCESS} When authentication fails
+     *
+     * @example
+     * try {
+     *   const user = await guard.authenticate()
+     *   console.log('Authenticated as:', user.email)
+     * } catch (error) {
+     *   console.log('Authentication failed')
+     * }
      */
     authenticate(): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
     /**
      * Silently check if the user is authenticated or not, without
      * throwing any exceptions
+     *
+     * @example
+     * const isAuthenticated = await guard.check()
+     * if (isAuthenticated) {
+     *   console.log('User is authenticated:', guard.user.email)
+     * }
      */
     check(): Promise<boolean>;
     /**
      * Returns the session info for the clients to send during
      * an HTTP request to mark the user as logged-in.
+     *
+     * @param user - The user to authenticate as
+     *
+     * @example
+     * const clientAuth = await guard.authenticateAsClient(user)
+     * // Use clientAuth.session in API tests
      */
     authenticateAsClient(user: UserProvider[typeof PROVIDER_REAL_USER]): Promise<AuthClientResponse>;
 }

package/build/modules/session_guard/main.js

@@ -1,5 +1,5 @@
-import { n as E_UNAUTHORIZED_ACCESS } from "../../errors-BQxhZmkE.js";
-import "../../symbols-Ct253Khf.js";
+import { n as E_UNAUTHORIZED_ACCESS } from "../../errors-Ns_FO2np.js";
+import "../../symbols-BwcLqNln.js";
 import { RuntimeException } from "@adonisjs/core/exceptions";
 import { inspect } from "node:util";
 import { createHash } from "node:crypto";

package/build/modules/session_guard/types.d.ts

@@ -30,27 +30,39 @@ export type DbRememberMeTokensProviderOptions<TokenableModel extends LucidModel>
     tokenSecretLength?: number;
 };
 /**
- * Remember me token providers are used verify a remember me
+ * Remember me token providers are used to verify a remember me
  * token during authentication
  */
 export interface RememberMeTokensProviderContract<Tokenable extends LucidModel> {
     /**
      * Create a token for a given user
+     *
+     * @param user - The user instance to create a token for
+     * @param expiresIn - Token expiration time
      */
     create(user: InstanceType<Tokenable>, expiresIn: string | number): Promise<RememberMeToken>;
     /**
      * Verifies the remember me token shared as cookie and returns an
      * instance of remember me token
+     *
+     * @param tokenValue - The token value to verify
      */
     verify(tokenValue: Secret<string>): Promise<RememberMeToken | null>;
     /**
      * Delete token for a user by the token identifier.
+     *
+     * @param user - The user that owns the token
+     * @param identifier - The token identifier to delete
      */
     delete(user: InstanceType<Tokenable>, identifier: string | number | BigInt): Promise<number>;
     /**
      * Recycle an existing token by its id. Recycling tokens helps
      * detect compromised tokens.
      * https://web.archive.org/web/20130214051957/http://jaspan.com/improved_persistent_login_cookie_best_practice
+     *
+     * @param user - The user that owns the token
+     * @param identifier - The token identifier to recycle
+     * @param expiresIn - New expiration time
      */
     recycle(user: InstanceType<Tokenable>, identifier: string | number | BigInt, expiresIn: string | number): Promise<RememberMeToken>;
 }
@@ -111,11 +123,17 @@ export type RememberMeTokenDbColumns = {
  * and the guard.
  *
  * The guard is user provider agnostic and therefore it
- * needs a adapter to known some basic info about the
+ * needs an adapter to know some basic info about the
  * user.
  */
 export type SessionGuardUser<RealUser> = {
+    /**
+     * Get the unique identifier for the user
+     */
     getId(): string | number | BigInt;
+    /**
+     * Get the original user object from the provider
+     */
     getOriginal(): RealUser;
 };
 /**
@@ -127,10 +145,14 @@ export interface SessionUserProviderContract<RealUser> {
     /**
      * Create a user object that acts as an adapter between
      * the guard and real user value.
+     *
+     * @param user - The real user object from the provider
      */
     createUserForGuard(user: RealUser): Promise<SessionGuardUser<RealUser>>;
     /**
      * Find a user by their id.
+     *
+     * @param identifier - The unique identifier of the user
      */
     findById(identifier: string | number | BigInt): Promise<SessionGuardUser<RealUser> | null>;
 }
@@ -141,21 +163,33 @@ export interface SessionWithTokensUserProviderContract<RealUser> extends Session
     /**
      * Create a token for a given user. Must be implemented when
      * "supportsRememberMeTokens" flag is true
+     *
+     * @param user - The user to create a token for
+     * @param expiresIn - Token expiration time
      */
     createRememberToken(user: RealUser, expiresIn: string | number): Promise<RememberMeToken>;
     /**
      * Verify a token by its publicly shared value. Must be implemented when
      * "supportsRememberMeTokens" flag is true
+     *
+     * @param tokenValue - The token value to verify
      */
     verifyRememberToken(tokenValue: Secret<string>): Promise<RememberMeToken | null>;
     /**
      * Recycle a token for a user by the token identifier. Must be
      * implemented when "supportsRememberMeTokens" flag is true
+     *
+     * @param user - The user that owns the token
+     * @param tokenIdentifier - The token identifier to recycle
+     * @param expiresIn - New expiration time
      */
     recycleRememberToken(user: RealUser, tokenIdentifier: string | number | BigInt, expiresIn: string | number): Promise<RememberMeToken>;
     /**
      * Delete a token for a user by the token identifier. Must be
      * implemented when "supportsRememberMeTokens" flag is true
+     *
+     * @param user - The user that owns the token
+     * @param tokenIdentifier - The token identifier to delete
      */
     deleteRemeberToken(user: RealUser, tokenIdentifier: string | number | BigInt): Promise<number>;
 }

package/build/providers/auth_provider.js

@@ -1,6 +1,6 @@
-import "../errors-BQxhZmkE.js";
+import "../errors-Ns_FO2np.js";
 import "../debug-Ckko95-M.js";
-import { t as AuthManager } from "../auth_manager-BMz_OJXq.js";
+import { t as AuthManager } from "../auth_manager-CJvMGOzX.js";
 import { RuntimeException } from "@adonisjs/core/exceptions";
 import { configProvider } from "@adonisjs/core";
 var AuthProvider = class {

package/build/src/auth_manager.d.ts

@@ -12,7 +12,11 @@ export declare class AuthManager<KnownGuards extends Record<string, GuardFactory
         guards: KnownGuards;
     };
     /**
-     * Name of the default guard
+     * Name of the default guard configured in the auth configuration
+     *
+     * @example
+     * const manager = new AuthManager({ default: 'web', guards: {} })
+     * console.log(manager.defaultGuard) // 'web'
      */
     get defaultGuard(): keyof KnownGuards;
     /**

package/build/src/authenticator.d.ts

@@ -7,24 +7,41 @@ import type { GuardFactory } from './types.ts';
 export declare class Authenticator<KnownGuards extends Record<string, GuardFactory>> {
     #private;
     /**
-     * Name of the default guard
+     * Name of the default guard configured in the auth configuration
+     *
+     * @example
+     * const defaultGuard = auth.defaultGuard
+     * console.log(defaultGuard) // 'web'
      */
     get defaultGuard(): keyof KnownGuards;
     /**
      * Reference to the guard using which the current
-     * request has been authenticated.
+     * request has been authenticated. Returns undefined if
+     * authentication has not been attempted or failed.
+     *
+     * @example
+     * await auth.authenticate()
+     * console.log(auth.authenticatedViaGuard) // 'web'
      */
     get authenticatedViaGuard(): keyof KnownGuards | undefined;
     /**
      * A boolean to know if the current request has been authenticated. The
      * property returns false when "authenticate" or "authenticateUsing"
      * methods are not used.
+     *
+     * @example
+     * await auth.authenticate()
+     * console.log(auth.isAuthenticated) // true
      */
     get isAuthenticated(): boolean;
     /**
      * Reference to the currently authenticated user. The property returns
      * undefined when "authenticate" or "authenticateUsing" methods are
      * not used.
+     *
+     * @example
+     * await auth.authenticate()
+     * console.log(auth.user?.email)
      */
     get user(): {
         [K in keyof KnownGuards]: ReturnType<KnownGuards[K]>['user'];
@@ -34,6 +51,10 @@ export declare class Authenticator<KnownGuards extends Record<string, GuardFacto
      * the current request. The property returns false when the
      * "authenticate" or "authenticateUsing" methods are not
      * used.
+     *
+     * @example
+     * await auth.check()
+     * console.log(auth.authenticationAttempted) // true
      */
     get authenticationAttempted(): boolean;
     /**

package/build/src/authenticator_client.d.ts

@@ -8,7 +8,11 @@ import type { GuardFactory } from './types.ts';
 export declare class AuthenticatorClient<KnownGuards extends Record<string, GuardFactory>> {
     #private;
     /**
-     * Name of the default guard
+     * Name of the default guard configured in the auth configuration
+     *
+     * @example
+     * const client = new AuthenticatorClient({ default: 'web', guards: {} })
+     * console.log(client.defaultGuard) // 'web'
      */
     get defaultGuard(): keyof KnownGuards;
     /**

package/build/src/debug.d.ts

@@ -1,2 +1,9 @@
+/**
+ * Debug logger instance for the AdonisJS auth package.
+ * Set NODE_DEBUG=adonisjs:auth environment variable to enable debug logging.
+ *
+ * @example
+ * debug('authenticating user %s', user.email)
+ */
 declare const _default: import("node:util").DebugLogger;
 export default _default;

package/build/src/errors.d.ts

@@ -68,7 +68,13 @@ export declare const E_UNAUTHORIZED_ACCESS: {
         stack?: string;
         cause?: unknown;
     };
+    /**
+     * HTTP status code for unauthorized access
+     */
     status: number;
+    /**
+     * Error code identifier
+     */
     code: string;
     help?: string;
     message?: string;
@@ -126,7 +132,13 @@ export declare const E_INVALID_CREDENTIALS: {
         stack?: string;
         cause?: unknown;
     };
+    /**
+     * HTTP status code for invalid credentials
+     */
     status: number;
+    /**
+     * Error code identifier
+     */
     code: string;
     help?: string;
     message?: string;

package/build/src/mixins/lucid.d.ts

@@ -3,6 +3,7 @@ import { type BaseModel } from '@adonisjs/lucid/orm';
 import type { NormalizeConstructor } from '@adonisjs/core/types/helpers';
 type UserWithUserFinderRow = {
     verifyPassword(plainPassword: string): Promise<boolean>;
+    validatePassword(plainPassword: string, passwordFieldName?: string): Promise<void>;
 };
 type UserWithUserFinderClass<Model extends NormalizeConstructor<typeof BaseModel> = NormalizeConstructor<typeof BaseModel>> = Model & {
     hashPassword<T extends UserWithUserFinderClass>(this: T, user: InstanceType<T>): Promise<void>;

package/build/src/mixins/lucid.js

@@ -1,4 +1,4 @@
-import { t as E_INVALID_CREDENTIALS } from "../../errors-BQxhZmkE.js";
+import { t as E_INVALID_CREDENTIALS } from "../../errors-Ns_FO2np.js";
 import { RuntimeException } from "@adonisjs/core/exceptions";
 import { beforeSave } from "@adonisjs/lucid/orm";
 function __decorate(decorators, target, key, desc) {
@@ -39,6 +39,19 @@ function withAuthFinder(hash, options) {
 				if (!passwordHash) throw new RuntimeException(`Cannot verify password. The value for "${normalizedOptions.passwordColumnName}" column is undefined or null`);
 				return hashFactory().verify(passwordHash, plainPassword);
 			}
+			async validatePassword(plainPassword, passwordFieldName) {
+				if (!await this.verifyPassword(plainPassword)) {
+					const error = /* @__PURE__ */ new Error("Validation Error");
+					Object.defineProperty(error, "code", { value: "E_VALIDATION_ERROR" });
+					Object.defineProperty(error, "status", { value: 422 });
+					Object.defineProperty(error, "messages", { value: [{
+						field: passwordFieldName ?? "currentPassword",
+						message: "The current password is incorrect",
+						rule: "current_password"
+					}] });
+					throw error;
+				}
+			}
 		}
 		__decorate([beforeSave()], UserWithUserFinder, "hashPassword", null);
 		return UserWithUserFinder;

package/build/{symbols-Ct253Khf.js → symbols-BwcLqNln.js}

@@ -1,5 +1,5 @@
-import { i as __export } from "./errors-BQxhZmkE.js";
-var symbols_exports = /* @__PURE__ */ __export({
+import { i as __exportAll } from "./errors-Ns_FO2np.js";
+var symbols_exports = /* @__PURE__ */ __exportAll({
 	GUARD_KNOWN_EVENTS: () => GUARD_KNOWN_EVENTS,
 	PROVIDER_REAL_USER: () => PROVIDER_REAL_USER
 });

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@adonisjs/auth",
   "description": "Official authentication provider for Adonis framework",
-  "version": "10.0.0-next.3",
+  "version": "10.0.0-next.5",
   "engines": {
     "node": ">=24.0.0"
   },
@@ -51,29 +51,30 @@
     "quick:test": "cross-env NODE_DEBUG=\"adonisjs:auth:*\" node --enable-source-maps --import=@poppinss/ts-exec ./bin/test.js"
   },
   "devDependencies": {
-    "@adonisjs/assembler": "^8.0.0-next.26",
-    "@adonisjs/core": "^7.0.0-next.16",
-    "@adonisjs/eslint-config": "^3.0.0-next.5",
+    "@adonisjs/assembler": "^8.0.0-next.30",
+    "@adonisjs/core": "^7.0.0-next.25",
+    "@adonisjs/eslint-config": "^3.0.0-next.9",
     "@adonisjs/i18n": "^3.0.0-next.2",
-    "@adonisjs/lucid": "^22.0.0-next.1",
+    "@adonisjs/lucid": "^22.0.0-next.7",
     "@adonisjs/prettier-config": "^1.4.5",
-    "@adonisjs/session": "^8.0.0-next.1",
+    "@adonisjs/session": "^8.0.0-next.2",
     "@adonisjs/tsconfig": "^2.0.0-next.3",
-    "@japa/api-client": "^3.1.1",
+    "@japa/api-client": "^3.2.1",
     "@japa/assert": "^4.2.0",
-    "@japa/browser-client": "^2.2.0",
+    "@japa/browser-client": "^2.3.0",
     "@japa/expect-type": "^2.0.4",
     "@japa/file-system": "^3.0.0",
     "@japa/plugin-adonisjs": "^5.1.0-next.0",
-    "@japa/runner": "^5.0.0",
+    "@japa/runner": "^5.3.0",
     "@japa/snapshot": "^2.0.10",
-    "@poppinss/ts-exec": "^1.4.1",
+    "@poppinss/ts-exec": "^1.4.2",
     "@release-it/conventional-changelog": "^10.0.4",
     "@types/basic-auth": "^1.1.8",
     "@types/luxon": "^3.7.1",
-    "@types/node": "^25.0.3",
+    "@types/node": "^25.0.10",
     "@types/set-cookie-parser": "^2.4.10",
     "@types/sinon": "^21.0.0",
+    "better-sqlite3": "^12.6.2",
     "c8": "^10.1.3",
     "convert-hrtime": "^5.0.0",
     "copyfiles": "^2.4.1",
@@ -82,22 +83,21 @@
     "dotenv": "^17.2.3",
     "eslint": "^9.39.2",
     "luxon": "^3.7.2",
-    "mysql2": "^3.16.0",
+    "mysql2": "^3.16.1",
     "nock": "^14.0.10",
-    "pg": "^8.16.3",
+    "pg": "^8.17.2",
     "playwright": "^1.57.0",
-    "prettier": "^3.7.4",
-    "release-it": "^19.1.0",
-    "set-cookie-parser": "^2.7.2",
-    "sinon": "^21.0.0",
-    "sqlite3": "^5.1.7",
-    "tedious": "^19.1.3",
+    "prettier": "^3.8.1",
+    "release-it": "^19.2.4",
+    "set-cookie-parser": "^3.0.1",
+    "sinon": "^21.0.1",
+    "tedious": "^19.2.0",
     "timekeeper": "^2.3.1",
-    "tsdown": "^0.18.1",
+    "tsdown": "^0.19.0",
     "typescript": "^5.9.3"
   },
   "dependencies": {
-    "@adonisjs/presets": "^3.0.0-next.0",
+    "@adonisjs/presets": "^3.0.0-next.1",
     "basic-auth": "^2.0.1"
   },
   "peerDependencies": {