@adonisjs/auth 8.2.2 → 9.0.0-0

package/LICENSE.md

@@ -1,6 +1,6 @@
 # The MIT License
 
-Copyright 2021 Harminder Virk, contributors
+Copyright (c) 2023 Harminder Virk
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 

package/README.md

@@ -1,53 +1,32 @@
-<div align="center">
-  <img src="https://res.cloudinary.com/adonisjs/image/upload/q_100/v1558612869/adonis-readme_zscycu.jpg" width="600px">
-</div>
+# @adonisjs/auth
 
 <br />
 
-<div align="center">
-  <h3>Adonis Auth</h3>
-  <p>The official user authentication package for AdonisJS. Ships with <strong>sessions</strong>, <strong>api tokens</strong> and <strong>basic auth</strong> guards. </p>
-</div>
+[![gh-workflow-image]][gh-workflow-url] [![npm-image]][npm-url] ![][typescript-image] [![license-image]][license-url]
 
-<br />
-
-<div align="center">
+## Introduction
 
-[![gh-workflow-image]][gh-workflow-url] [![typescript-image]][typescript-url] [![npm-image]][npm-url] [![license-image]][license-url] [![synk-image]][synk-url]
+## Official Documentation
+The documentation is available on the [AdonisJS website](https://docs.adonisjs.com/guides/auth/introduction)
 
-</div>
+## Contributing
+One of the primary goals of AdonisJS is to have a vibrant community of users and contributors who believes in the principles of the framework.
 
-<div align="center">
-  <h3>
-    <a href="https://preview.adonisjs.com">
-      Website
-    </a>
-    <span> | </span>
-    <a href="https://preview.adonisjs.com/guides/auth/introduction">
-      Guides
-    </a>
-    <span> | </span>
-    <a href="CONTRIBUTING.md">
-      Contributing
-    </a>
-  </h3>
-</div>
+We encourage you to read the [contribution guide](https://github.com/adonisjs/.github/blob/main/docs/CONTRIBUTING.md) before contributing to the framework.
 
-<div align="center">
-  <sub>Built with ❤︎ by <a href="https://twitter.com/AmanVirk1">Harminder Virk</a>
-</div>
+## Code of Conduct
+In order to ensure that the AdonisJS community is welcoming to all, please review and abide by the [Code of Conduct](https://github.com/adonisjs/.github/blob/main/docs/CODE_OF_CONDUCT.md).
 
-[gh-workflow-image]: https://img.shields.io/github/workflow/status/adonisjs/auth/test?style=for-the-badge
-[gh-workflow-url]: https://github.com/adonisjs/auth/actions/workflows/test.yml "Github action"
+## License
+AdonisJS auth is open-sourced software licensed under the [MIT license](LICENSE.md).
 
-[typescript-image]: https://img.shields.io/badge/Typescript-294E80.svg?style=for-the-badge&logo=typescript
-[typescript-url]:  "typescript"
+[gh-workflow-image]: https://img.shields.io/github/actions/workflow/status/adonisjs/auth/checks.yml?style=for-the-badge
+[gh-workflow-url]: https://github.com/adonisjs/auth/actions/workflows/checks.yml "Github action"
 
-[npm-image]: https://img.shields.io/npm/v/@adonisjs/auth/alpha.svg?style=for-the-badge&logo=npm
-[npm-url]: https://www.npmjs.com/package/@adonisjs/auth/v/alpha "npm"
+[npm-image]: https://img.shields.io/npm/v/@adonisjs/auth/latest.svg?style=for-the-badge&logo=npm
+[npm-url]: https://www.npmjs.com/package/@adonisjs/auth/v/latest "npm"
 
-[license-image]: https://img.shields.io/npm/l/@adonisjs/auth?color=blueviolet&style=for-the-badge
-[license-url]: LICENSE.md "license"
+[typescript-image]: https://img.shields.io/badge/Typescript-294E80.svg?style=for-the-badge&logo=typescript
 
-[synk-image]: https://img.shields.io/snyk/vulnerabilities/github/adonisjs/auth?label=Synk%20Vulnerabilities&style=for-the-badge
-[synk-url]: https://snyk.io/test/github/adonisjs/auth?targetFile=package.json "synk"
+[license-url]: LICENSE.md
+[license-image]: https://img.shields.io/github/license/adonisjs/auth?style=for-the-badge

package/build/configure.d.ts

@@ -0,0 +1,5 @@
+import type Configure from '@adonisjs/core/commands/configure';
+/**
+ * Configures the auth package
+ */
+export declare function configure(command: Configure): Promise<void>;

package/build/configure.js

@@ -0,0 +1,41 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+/**
+ * Configures the user provider to use for finding
+ * users
+ */
+async function configureProvider(command) {
+    const provider = await command.prompt.choice('Select the user provider you want to use', [
+        {
+            name: 'lucid',
+            message: 'Lucid models',
+        },
+        {
+            name: 'db',
+            message: 'Database query builder',
+        },
+    ]);
+    /**
+     * Publish config file
+     */
+    await command.publishStub('config.stub', { provider });
+}
+/**
+ * Configures the auth package
+ */
+export async function configure(command) {
+    await configureProvider(command);
+    const codemods = await command.createCodemods();
+    /**
+     * Register provider
+     */
+    await codemods.updateRcFile((rcFile) => {
+        rcFile.addProvider('@adonisjs/auth/auth_provider');
+    });
+}

package/build/factories/database_token_factory.d.ts

@@ -0,0 +1,36 @@
+import { Database } from '@adonisjs/lucid/database';
+import { Token } from '../src/core/token.js';
+import { DatabaseTokenProvider } from '../src/core/token_providers/database.js';
+/**
+ * Representation of token used for testing
+ */
+export declare class TestToken extends Token {
+    type: string;
+    userId: string | number;
+    static create(userId: number | string, expiry: string | number, size?: number): TestToken;
+}
+/**
+ * Test implementation of the database token provider
+ */
+export declare class TestDatabaseTokenProvider extends DatabaseTokenProvider<TestToken> {
+    protected prepareToken(dbRow: {
+        series: string;
+        user_id: string | number;
+        type: string;
+        token: string;
+        created_at: Date;
+        expires_at: Date | null;
+    }): TestToken;
+    protected parseToken(token: TestToken): {
+        series: string;
+        user_id: string | number;
+        type: string;
+        token: string;
+        created_at: Date;
+        updated_at: Date;
+        expires_at: Date | null;
+    };
+}
+export declare class DatabaseTokenProviderFactory {
+    create(db: Database): TestDatabaseTokenProvider;
+}

package/build/factories/database_token_factory.js

@@ -0,0 +1,54 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { Token } from '../src/core/token.js';
+import { DatabaseTokenProvider } from '../src/core/token_providers/database.js';
+/**
+ * Representation of token used for testing
+ */
+export class TestToken extends Token {
+    type = 'test_token';
+    static create(userId, expiry, size) {
+        const { series, value, hash } = this.seed(size);
+        const token = new TestToken(series, value, hash);
+        token.setExpiry(expiry);
+        token.userId = userId;
+        return token;
+    }
+}
+/**
+ * Test implementation of the database token provider
+ */
+export class TestDatabaseTokenProvider extends DatabaseTokenProvider {
+    prepareToken(dbRow) {
+        const token = new TestToken(dbRow.series, undefined, dbRow.token);
+        token.createdAt = dbRow.created_at;
+        if (dbRow.expires_at) {
+            token.expiresAt = dbRow.expires_at;
+        }
+        return token;
+    }
+    parseToken(token) {
+        return {
+            series: token.series,
+            user_id: token.userId,
+            type: token.type,
+            token: token.hash,
+            created_at: token.createdAt,
+            updated_at: token.createdAt,
+            expires_at: token.expiresAt || null,
+        };
+    }
+}
+export class DatabaseTokenProviderFactory {
+    create(db) {
+        return new TestDatabaseTokenProvider(db, {
+            table: 'remember_me_tokens',
+        });
+    }
+}

package/build/factories/database_user_provider.d.ts

@@ -0,0 +1,14 @@
+import type { Database } from '@adonisjs/lucid/database';
+import { BaseDatabaseUserProvider } from '../src/core/user_providers/database.js';
+export declare class TestDatabaseUserProvider<RealUser extends Record<string, any>> extends BaseDatabaseUserProvider<RealUser> {
+}
+/**
+ * Creates an instance of the DatabaseUserProvider with sane
+ * defaults for testing
+ */
+export declare class DatabaseUserProviderFactory {
+    create(db: Database): TestDatabaseUserProvider<{
+        email: any;
+        username: any;
+    }>;
+}

package/build/factories/database_user_provider.js

@@ -0,0 +1,27 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { Hash } from '@adonisjs/core/hash';
+import { Scrypt } from '@adonisjs/core/hash/drivers/scrypt';
+import { BaseDatabaseUserProvider } from '../src/core/user_providers/database.js';
+export class TestDatabaseUserProvider extends BaseDatabaseUserProvider {
+}
+/**
+ * Creates an instance of the DatabaseUserProvider with sane
+ * defaults for testing
+ */
+export class DatabaseUserProviderFactory {
+    create(db) {
+        return new TestDatabaseUserProvider(db, new Hash(new Scrypt({})), {
+            id: 'id',
+            table: 'users',
+            passwordColumnName: 'password',
+            uids: ['email', 'username'],
+        });
+    }
+}

package/build/factories/lucid_user_provider.d.ts

@@ -0,0 +1,28 @@
+import { BaseModel } from '@adonisjs/lucid/orm';
+import { PROVIDER_REAL_USER } from '../src/auth/symbols.js';
+import { BaseLucidUserProvider } from '../src/core/user_providers/lucid.js';
+import type { LucidAuthenticatable, LucidUserProviderOptions } from '../src/core/types.js';
+export declare class FactoryUser extends BaseModel {
+    static table: string;
+    static createWithDefaults(attributes?: {
+        email?: string;
+        password?: string | null;
+        username?: string;
+    }): Promise<FactoryUser>;
+    id: number;
+    username: string;
+    email: string;
+    password: string | null;
+    verifyPasswordForAuth(plainTextPassword: string): Promise<boolean>;
+}
+export declare class TestLucidUserProvider<UserModel extends LucidAuthenticatable> extends BaseLucidUserProvider<UserModel> {
+    [PROVIDER_REAL_USER]: InstanceType<UserModel>;
+}
+/**
+ * Creates an instance of the LucidUserProvider with sane
+ * defaults for testing
+ */
+export declare class LucidUserProviderFactory {
+    createForModel<Model extends LucidAuthenticatable>(options: LucidUserProviderOptions<Model>): TestLucidUserProvider<Model>;
+    create(): TestLucidUserProvider<typeof FactoryUser>;
+}

package/build/factories/lucid_user_provider.js

@@ -0,0 +1,68 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+import { Hash } from '@adonisjs/core/hash';
+import { BaseModel, column } from '@adonisjs/lucid/orm';
+import { Scrypt } from '@adonisjs/core/hash/drivers/scrypt';
+import { PROVIDER_REAL_USER } from '../src/auth/symbols.js';
+import { BaseLucidUserProvider } from '../src/core/user_providers/lucid.js';
+export class FactoryUser extends BaseModel {
+    static table = 'users';
+    static createWithDefaults(attributes) {
+        return this.create({
+            email: 'foo@bar.com',
+            username: 'foo',
+            password: 'secret',
+            ...attributes,
+        });
+    }
+    async verifyPasswordForAuth(plainTextPassword) {
+        return new Hash(new Scrypt({})).verify(this.password, plainTextPassword);
+    }
+}
+__decorate([
+    column()
+], FactoryUser.prototype, "id", void 0);
+__decorate([
+    column()
+], FactoryUser.prototype, "username", void 0);
+__decorate([
+    column()
+], FactoryUser.prototype, "email", void 0);
+__decorate([
+    column()
+], FactoryUser.prototype, "password", void 0);
+export class TestLucidUserProvider extends BaseLucidUserProvider {
+}
+/**
+ * Creates an instance of the LucidUserProvider with sane
+ * defaults for testing
+ */
+export class LucidUserProviderFactory {
+    createForModel(options) {
+        return new TestLucidUserProvider({
+            ...options,
+        });
+    }
+    create() {
+        return this.createForModel({
+            model: async () => {
+                return {
+                    default: FactoryUser,
+                };
+            },
+            uids: ['email', 'username'],
+        });
+    }
+}

package/build/factories/main.d.ts

@@ -0,0 +1,4 @@
+export { SessionGuardFactory } from './session_guard_factory.js';
+export { DatabaseUserProviderFactory, TestDatabaseUserProvider } from './database_user_provider.js';
+export { FactoryUser, LucidUserProviderFactory, TestLucidUserProvider, } from './lucid_user_provider.js';
+export { TestToken, TestDatabaseTokenProvider, DatabaseTokenProviderFactory, } from './database_token_factory.js';

package/build/factories/main.js

@@ -0,0 +1,12 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+export { SessionGuardFactory } from './session_guard_factory.js';
+export { DatabaseUserProviderFactory, TestDatabaseUserProvider } from './database_user_provider.js';
+export { FactoryUser, LucidUserProviderFactory, TestLucidUserProvider, } from './lucid_user_provider.js';
+export { TestToken, TestDatabaseTokenProvider, DatabaseTokenProviderFactory, } from './database_token_factory.js';

package/build/factories/session_guard_factory.d.ts

@@ -0,0 +1,13 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import { SessionGuard } from '../src/guards/session/guard.js';
+import type { SessionGuardConfig, SessionUserProviderContract } from '../src/guards/session/types.js';
+import { FactoryUser, TestLucidUserProvider } from './lucid_user_provider.js';
+/**
+ * Exposes the API to create a session guard for testing. Under
+ * the hood configures Lucid models for looking up users
+ */
+export declare class SessionGuardFactory {
+    #private;
+    merge(config: SessionGuardConfig): this;
+    create<UserProvider extends SessionUserProviderContract<unknown> = TestLucidUserProvider<typeof FactoryUser>>(ctx: HttpContext, provider?: UserProvider): SessionGuard<TestLucidUserProvider<typeof FactoryUser> | UserProvider>;
+}

package/build/factories/session_guard_factory.js

@@ -0,0 +1,24 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { SessionGuard } from '../src/guards/session/guard.js';
+import { LucidUserProviderFactory, } from './lucid_user_provider.js';
+/**
+ * Exposes the API to create a session guard for testing. Under
+ * the hood configures Lucid models for looking up users
+ */
+export class SessionGuardFactory {
+    #config = { rememberMeTokenAge: '5y' };
+    merge(config) {
+        this.#config = config;
+        return this;
+    }
+    create(ctx, provider) {
+        return new SessionGuard('web', this.#config, ctx, provider || new LucidUserProviderFactory().create());
+    }
+}

package/build/index.d.ts

@@ -0,0 +1,7 @@
+export { configure } from './configure.js';
+export { stubsRoot } from './stubs/main.js';
+export * as errors from './src/auth/errors.js';
+export * as symbols from './src/auth/symbols.js';
+export { AuthManager } from './src/auth/auth_manager.js';
+export { Authenticator } from './src/auth/authenticator.js';
+export { defineConfig, providers } from './src/auth/define_config.js';

package/build/index.js

@@ -0,0 +1,15 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+export { configure } from './configure.js';
+export { stubsRoot } from './stubs/main.js';
+export * as errors from './src/auth/errors.js';
+export * as symbols from './src/auth/symbols.js';
+export { AuthManager } from './src/auth/auth_manager.js';
+export { Authenticator } from './src/auth/authenticator.js';
+export { defineConfig, providers } from './src/auth/define_config.js';

package/build/providers/auth_provider.d.ts

@@ -0,0 +1,12 @@
+import type { ApplicationService } from '@adonisjs/core/types';
+import type { AuthService } from '../src/auth/types.js';
+declare module '@adonisjs/core/types' {
+    interface ContainerBindings {
+        'auth.manager': AuthService;
+    }
+}
+export default class AuthProvider {
+    protected app: ApplicationService;
+    constructor(app: ApplicationService);
+    register(): void;
+}

package/build/providers/auth_provider.js

@@ -0,0 +1,27 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { configProvider } from '@adonisjs/core';
+import { RuntimeException } from '@poppinss/utils';
+import { AuthManager } from '../src/auth/auth_manager.js';
+export default class AuthProvider {
+    app;
+    constructor(app) {
+        this.app = app;
+    }
+    register() {
+        this.app.container.singleton('auth.manager', async () => {
+            const authConfigProvider = this.app.config.get('auth');
+            const config = await configProvider.resolve(this.app, authConfigProvider);
+            if (!config) {
+                throw new RuntimeException('Invalid config exported from "config/auth.ts" file. Make sure to use the defineConfig method');
+            }
+            return new AuthManager(config);
+        });
+    }
+}

package/build/services/auth.d.ts

@@ -0,0 +1,3 @@
+import { AuthService } from '../src/auth/types.js';
+declare let auth: AuthService;
+export { auth as default };

package/build/services/auth.js

@@ -0,0 +1,17 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import app from '@adonisjs/core/services/app';
+let auth;
+/**
+ * Returns a singleton instance of the Auth manager class
+ */
+await app.booted(async () => {
+    auth = await app.container.make('auth.manager');
+});
+export { auth as default };

package/build/src/auth/auth_manager.d.ts

@@ -0,0 +1,18 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { GuardFactory } from './types.js';
+import { Authenticator } from './authenticator.js';
+/**
+ * Auth manager exposes the API to register and manage authentication
+ * guards from the config
+ */
+export declare class AuthManager<KnownGuards extends Record<string, GuardFactory>> {
+    #private;
+    constructor(config: {
+        default: keyof KnownGuards;
+        guards: KnownGuards;
+    });
+    /**
+     * Create an authenticator for a given HTTP request
+     */
+    createAuthenticator(ctx: HttpContext): Authenticator<KnownGuards>;
+}

package/build/src/auth/auth_manager.js

@@ -0,0 +1,28 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { Authenticator } from './authenticator.js';
+/**
+ * Auth manager exposes the API to register and manage authentication
+ * guards from the config
+ */
+export class AuthManager {
+    /**
+     * Registered guards
+     */
+    #config;
+    constructor(config) {
+        this.#config = config;
+    }
+    /**
+     * Create an authenticator for a given HTTP request
+     */
+    createAuthenticator(ctx) {
+        return new Authenticator(ctx, this.#config);
+    }
+}

package/build/src/auth/authenticator.d.ts

@@ -0,0 +1,18 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { GuardFactory } from './types.js';
+/**
+ * Authenticator is an HTTP request specific implementation for using
+ * guards to login users and authenticate requests.
+ */
+export declare class Authenticator<KnownGuards extends Record<string, GuardFactory>> {
+    #private;
+    constructor(ctx: HttpContext, config: {
+        default: keyof KnownGuards;
+        guards: KnownGuards;
+    });
+    /**
+     * Returns an instance of a known guard. Guards instances are
+     * cached during the lifecycle of an HTTP request.
+     */
+    use<Guard extends keyof KnownGuards>(guard?: Guard): ReturnType<KnownGuards[Guard]>;
+}

package/build/src/auth/authenticator.js

@@ -0,0 +1,55 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import debug from './debug.js';
+/**
+ * Authenticator is an HTTP request specific implementation for using
+ * guards to login users and authenticate requests.
+ */
+export class Authenticator {
+    /**
+     * Reference to HTTP context
+     */
+    #ctx;
+    /**
+     * Registered guards
+     */
+    #config;
+    /**
+     * Cache of guards created during the HTTP request
+     */
+    #guardsCache = {};
+    constructor(ctx, config) {
+        this.#ctx = ctx;
+        this.#config = config;
+        debug('creating authenticator. config %O', this.#config);
+    }
+    /**
+     * Returns an instance of a known guard. Guards instances are
+     * cached during the lifecycle of an HTTP request.
+     */
+    use(guard) {
+        const guardToUse = guard || this.#config.default;
+        /**
+         * Use cached copy if exists
+         */
+        const cachedGuard = this.#guardsCache[guardToUse];
+        if (cachedGuard) {
+            debug('using guard from cache. name: "%s"', guardToUse);
+            return cachedGuard;
+        }
+        const guardFactory = this.#config.guards[guardToUse];
+        /**
+         * Construct guard and cache it
+         */
+        debug('creating guard. name: "%s"', guardToUse);
+        const guardInstance = guardFactory(this.#ctx);
+        this.#guardsCache[guardToUse] = guardInstance;
+        return guardInstance;
+    }
+}

package/build/src/auth/debug.d.ts

@@ -0,0 +1,3 @@
+/// <reference types="node" resolution-mode="require"/>
+declare const _default: import("util").DebugLogger;
+export default _default;

package/build/{adonis-typings/container.js → src/auth/debug.js}

@@ -1,8 +1,10 @@
 /*
  * @adonisjs/auth
  *
- * (c) Harminder Virk <virk@adonisjs.com>
+ * (c) AdonisJS
  *
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
+import { debuglog } from 'node:util';
+export default debuglog('adonisjs:auth');