@adonisjs/auth 8.2.3 → 9.0.0-0

package/build/src/Guards/Base/index.js

@@ -1,138 +0,0 @@
-"use strict";
-/*
- * @adonisjs/auth
- *
- * (c) Harminder Virk <virk@adonisjs.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.BaseGuard = void 0;
-const utils_1 = require("@poppinss/utils");
-const InvalidCredentialsException_1 = require("../../Exceptions/InvalidCredentialsException");
-/**
- * Base guard with shared abilities
- */
-class BaseGuard {
-    constructor(name, config, provider) {
-        this.name = name;
-        this.config = config;
-        this.provider = provider;
-        /**
-         * Whether or not the authentication has been attempted
-         * for the current request
-         */
-        this.authenticationAttempted = false;
-        /**
-         * Find if the user has been logged out in the current request
-         */
-        this.isLoggedOut = false;
-        /**
-         * A boolean to know if user is retrieved by authenticating
-         * the current request or not
-         */
-        this.isAuthenticated = false;
-        /**
-         * A boolean to know if user is loggedin via remember me token
-         * or not.
-         */
-        this.viaRemember = false;
-    }
-    /**
-     * Reference to the name of the guard driver
-     */
-    get driver() {
-        return this.config.driver;
-    }
-    /**
-     * Accessor to know if user is logged in
-     */
-    get isLoggedIn() {
-        return !!this.user;
-    }
-    /**
-     * Accessor to know if user is a guest. It is always opposite
-     * of [[isLoggedIn]]
-     */
-    get isGuest() {
-        return !this.isLoggedIn;
-    }
-    /**
-     * Lookup user using UID
-     */
-    async lookupUsingUid(uid) {
-        const providerUser = await this.provider.findByUid(uid);
-        if (!providerUser.user) {
-            throw InvalidCredentialsException_1.InvalidCredentialsException.invalidUid(this.name);
-        }
-        return providerUser;
-    }
-    /**
-     * Verify user password
-     */
-    async verifyPassword(providerUser, password) {
-        /**
-         * Verify password or raise exception
-         */
-        const verified = await providerUser.verifyPassword(password);
-        if (!verified) {
-            throw InvalidCredentialsException_1.InvalidCredentialsException.invalidPassword(this.name);
-        }
-    }
-    /**
-     * Finds user by their id and returns the provider user instance
-     */
-    async findById(id) {
-        const providerUser = await this.provider.findById(id);
-        if (!providerUser.user) {
-            throw InvalidCredentialsException_1.InvalidCredentialsException.invalidUid(this.name);
-        }
-        return providerUser;
-    }
-    /**
-     * Returns the provider user instance from the regular user details. Raises
-     * exception when id is missing
-     */
-    async getUserForLogin(user, identifierKey) {
-        const providerUser = await this.provider.getUserFor(user);
-        /**
-         * Ensure id exists on the user
-         */
-        const id = providerUser.getId();
-        if (!id) {
-            throw new utils_1.Exception(`Cannot login user. Value of "${identifierKey}" is not defined`);
-        }
-        return providerUser;
-    }
-    /**
-     * Marks user as logged-in
-     */
-    markUserAsLoggedIn(user, authenticated, viaRemember) {
-        this.user = user;
-        this.isLoggedOut = false;
-        authenticated && (this.isAuthenticated = true);
-        viaRemember && (this.viaRemember = true);
-    }
-    /**
-     * Marks the user as logged out
-     */
-    markUserAsLoggedOut() {
-        this.isLoggedOut = true;
-        this.isAuthenticated = false;
-        this.viaRemember = false;
-        this.user = null;
-    }
-    /**
-     * Verifies user credentials
-     */
-    async verifyCredentials(uid, password) {
-        if (!uid || !password) {
-            throw InvalidCredentialsException_1.InvalidCredentialsException.invalidUid(this.name);
-        }
-        const providerUser = await this.lookupUsingUid(uid);
-        await this.verifyPassword(providerUser, password);
-        return providerUser.user;
-    }
-}
-exports.BaseGuard = BaseGuard;

package/build/src/Guards/BasicAuth/index.d.ts

@@ -1,67 +0,0 @@
-/// <reference types="@adonisjs/events/build/adonis-typings" />
-import { EmitterContract } from '@ioc:Adonis/Core/Event';
-import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
-import { UserProviderContract, BasicAuthGuardConfig, BasicAuthGuardContract } from '@ioc:Adonis/Addons/Auth';
-import { BaseGuard } from '../Base';
-/**
- * Basic auth guard enables user login using basic auth headers.
- */
-export declare class BasicAuthGuard extends BaseGuard<any> implements BasicAuthGuardContract<any, any> {
-    private emitter;
-    private ctx;
-    constructor(name: string, config: BasicAuthGuardConfig<any>, emitter: EmitterContract, provider: UserProviderContract<any>, ctx: HttpContextContract);
-    /**
-     * Returns data packet for the authenticate event. Arguments are
-     *
-     * - The mapping identifier
-     * - Logged in user
-     * - HTTP context
-     */
-    private getAuthenticateEventData;
-    /**
-     * Returns user credentials by parsing the HTTP "Authorization" header
-     */
-    private getCredentials;
-    /**
-     * Returns user for the uid and password.
-     */
-    private getUser;
-    /**
-     * Implemented method to raise exception when someone calls this method
-     * without selecting the guard explicitly
-     */
-    attempt(): Promise<any>;
-    /**
-     * Implemented method to raise exception when someone calls this method
-     * without selecting the guard explicitly
-     */
-    loginViaId(): Promise<void>;
-    /**
-     * Implemented method to raise exception when someone calls this method
-     * without selecting the guard explicitly
-     */
-    login(): Promise<void>;
-    /**
-     * Authenticates the current HTTP request by checking for the HTTP
-     * "Authorization" header
-     */
-    authenticate(): Promise<any>;
-    /**
-     * Same as [[authenticate]] but returns a boolean over raising exceptions
-     */
-    check(): Promise<boolean>;
-    /**
-     * Logout by clearing session and cookies
-     */
-    logout(): Promise<void>;
-    /**
-     * Serialize toJSON for JSON.stringify
-     */
-    toJSON(): {
-        isLoggedIn: boolean;
-        isGuest: boolean;
-        authenticationAttempted: boolean;
-        isAuthenticated: boolean;
-        user: any;
-    };
-}

package/build/src/Guards/BasicAuth/index.js

@@ -1,181 +0,0 @@
-"use strict";
-/*
- * @adonisjs/auth
- *
- * (c) Harminder Virk <virk@adonisjs.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.BasicAuthGuard = void 0;
-const utils_1 = require("@poppinss/utils");
-const helpers_1 = require("@poppinss/utils/build/helpers");
-const Base_1 = require("../Base");
-const AuthenticationException_1 = require("../../Exceptions/AuthenticationException");
-/**
- * RegExp for basic auth credentials.
- * Copy/pasted from https://github.com/jshttp/basic-auth/blob/master/index.js
- *
- * credentials = auth-scheme 1*SP token68
- * auth-scheme = "Basic" ; case insensitive
- * token68     = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" ) *"="
- */
-const CREDENTIALS_REGEXP = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9._~+/-]+=*) *$/;
-/**
- * RegExp for basic auth user/pass
- * Copy/pasted from https://github.com/jshttp/basic-auth/blob/master/index.js
- *
- * user-pass   = userid ":" password
- * userid      = *<TEXT excluding ":">
- * password    = *TEXT
- */
-const USER_PASS_REGEXP = /^([^:]*):(.*)$/;
-/**
- * Basic auth guard enables user login using basic auth headers.
- */
-class BasicAuthGuard extends Base_1.BaseGuard {
-    constructor(name, config, emitter, provider, ctx) {
-        super(name, config, provider);
-        this.emitter = emitter;
-        this.ctx = ctx;
-    }
-    /**
-     * Returns data packet for the authenticate event. Arguments are
-     *
-     * - The mapping identifier
-     * - Logged in user
-     * - HTTP context
-     */
-    getAuthenticateEventData(user) {
-        return {
-            name: this.name,
-            ctx: this.ctx,
-            user,
-        };
-    }
-    /**
-     * Returns user credentials by parsing the HTTP "Authorization" header
-     */
-    getCredentials() {
-        /**
-         * Ensure the "Authorization" header value exists
-         */
-        const credentials = this.ctx.request.header('Authorization');
-        if (!credentials) {
-            throw AuthenticationException_1.AuthenticationException.invalidBasicCredentials(this.name);
-        }
-        /**
-         * Ensure credentials are in correct format
-         */
-        const match = CREDENTIALS_REGEXP.exec(credentials);
-        if (!match) {
-            throw AuthenticationException_1.AuthenticationException.invalidBasicCredentials(this.name);
-        }
-        /**
-         * Ensure credentials are base64 encoded
-         */
-        const decoded = helpers_1.base64.decode(match[1], 'utf-8', true);
-        if (!decoded) {
-            throw AuthenticationException_1.AuthenticationException.invalidBasicCredentials(this.name);
-        }
-        /**
-         * Ensure decoded credentials are in correct format
-         */
-        const user = USER_PASS_REGEXP.exec(decoded);
-        if (!user) {
-            throw AuthenticationException_1.AuthenticationException.invalidBasicCredentials(this.name);
-        }
-        return { uid: user[1], password: user[2] };
-    }
-    /**
-     * Returns user for the uid and password.
-     */
-    async getUser(uid, password) {
-        try {
-            return await this.verifyCredentials(uid, password);
-        }
-        catch {
-            throw AuthenticationException_1.AuthenticationException.invalidBasicCredentials(this.name);
-        }
-    }
-    /**
-     * Implemented method to raise exception when someone calls this method
-     * without selecting the guard explicitly
-     */
-    async attempt() {
-        return this.login();
-    }
-    /**
-     * Implemented method to raise exception when someone calls this method
-     * without selecting the guard explicitly
-     */
-    async loginViaId() {
-        return this.login();
-    }
-    /**
-     * Implemented method to raise exception when someone calls this method
-     * without selecting the guard explicitly
-     */
-    async login() {
-        throw new utils_1.Exception('There is no concept of login in basic auth', 500);
-    }
-    /**
-     * Authenticates the current HTTP request by checking for the HTTP
-     * "Authorization" header
-     */
-    async authenticate() {
-        if (this.authenticationAttempted) {
-            return this.user;
-        }
-        this.authenticationAttempted = true;
-        /**
-         * Parse HTTP "Authorization" header to get credentials
-         */
-        const credentials = this.getCredentials();
-        /**
-         * Pull user from credentials
-         */
-        const user = await this.getUser(credentials.uid, credentials.password);
-        /**
-         * Mark user a logged in
-         */
-        this.markUserAsLoggedIn(user, true);
-        /**
-         * Emit event
-         */
-        this.emitter.emit('adonis:basic:authenticate', this.getAuthenticateEventData(user));
-        return this.user;
-    }
-    /**
-     * Same as [[authenticate]] but returns a boolean over raising exceptions
-     */
-    async check() {
-        try {
-            await this.authenticate();
-        }
-        catch (error) {
-            this.ctx.logger.trace(error, 'Authentication failure');
-        }
-        return this.isAuthenticated;
-    }
-    /**
-     * Logout by clearing session and cookies
-     */
-    async logout() {
-        throw new utils_1.Exception('There is no concept of logout in basic auth', 500);
-    }
-    /**
-     * Serialize toJSON for JSON.stringify
-     */
-    toJSON() {
-        return {
-            isLoggedIn: this.isLoggedIn,
-            isGuest: this.isGuest,
-            authenticationAttempted: this.authenticationAttempted,
-            isAuthenticated: this.isAuthenticated,
-            user: this.user,
-        };
-    }
-}
-exports.BasicAuthGuard = BasicAuthGuard;

package/build/src/Guards/Oat/index.d.ts

@@ -1,149 +0,0 @@
-/// <reference types="@adonisjs/events/build/adonis-typings" />
-import { EmitterContract } from '@ioc:Adonis/Core/Event';
-import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
-import { OATGuardConfig, OATLoginOptions, OATGuardContract, UserProviderContract, ProviderTokenContract, TokenProviderContract } from '@ioc:Adonis/Addons/Auth';
-import { BaseGuard } from '../Base';
-/**
- * Exposes the API to generate and authenticate HTTP request using
- * opaque tokens
- */
-export declare class OATGuard extends BaseGuard<any> implements OATGuardContract<any, any> {
-    config: OATGuardConfig<any>;
-    private emitter;
-    private ctx;
-    tokenProvider: TokenProviderContract;
-    constructor(name: string, config: OATGuardConfig<any>, emitter: EmitterContract, provider: UserProviderContract<any>, ctx: HttpContextContract, tokenProvider: TokenProviderContract);
-    /**
-     * Reference to the parsed token
-     */
-    private parsedToken?;
-    /**
-     * Length of the raw token. The hash length will vary
-     */
-    private tokenLength;
-    /**
-     * Token type for the persistance store
-     */
-    private tokenType;
-    /**
-     * Whether or not the authentication has been attempted
-     * for the current request
-     */
-    authenticationAttempted: boolean;
-    /**
-     * Find if the user has been logged out in the current request
-     */
-    isLoggedOut: boolean;
-    /**
-     * A boolean to know if user is retrieved by authenticating
-     * the current request or not
-     */
-    isAuthenticated: boolean;
-    /**
-     * Logged in or authenticated user
-     */
-    user?: any;
-    /**
-     * Token fetched as part of the authenticate or the login
-     * call
-     */
-    token?: ProviderTokenContract;
-    /**
-     * Accessor to know if user is logged in
-     */
-    get isLoggedIn(): boolean;
-    /**
-     * Accessor to know if user is a guest. It is always opposite
-     * of [[isLoggedIn]]
-     */
-    get isGuest(): boolean;
-    /**
-     * Converts value to a sha256 hash
-     */
-    private generateHash;
-    /**
-     * Converts expiry duration to an absolute date/time value
-     */
-    private getExpiresAtDate;
-    /**
-     * Generates a new token + hash for the persistance
-     */
-    private generateTokenForPersistance;
-    /**
-     * Returns data packet for the login event. Arguments are
-     *
-     * - The mapping identifier
-     * - Logged in user
-     * - HTTP context
-     * - API token
-     */
-    private getLoginEventData;
-    /**
-     * Returns data packet for the authenticate event. Arguments are
-     *
-     * - The mapping identifier
-     * - Logged in user
-     * - HTTP context
-     * - A boolean to tell if logged in viaRemember or not
-     */
-    private getAuthenticateEventData;
-    /**
-     * Parses the token received in the request. The method also performs
-     * some initial level of sanity checks.
-     */
-    private parsePublicToken;
-    /**
-     * Returns the bearer token
-     */
-    private getBearerToken;
-    /**
-     * Returns the token by reading it from the token provider
-     */
-    private getProviderToken;
-    /**
-     * Returns user from the user session id
-     */
-    private getUserById;
-    /**
-     * Verify user credentials and perform login
-     */
-    attempt(uid: string, password: string, options?: OATLoginOptions): Promise<any>;
-    /**
-     * Login user using their id
-     */
-    loginViaId(id: string | number, options?: OATLoginOptions): Promise<any>;
-    /**
-     * Generate token for a user. It is merely an alias for `login`
-     */
-    generate(user: any, options?: OATLoginOptions): Promise<any>;
-    /**
-     * Login a user
-     */
-    login(user: any, options?: OATLoginOptions): Promise<any>;
-    /**
-     * Authenticates the current HTTP request by checking for the bearer token
-     */
-    authenticate(): Promise<any>;
-    /**
-     * Same as [[authenticate]] but returns a boolean over raising exceptions
-     */
-    check(): Promise<boolean>;
-    /**
-     * Alias for the logout method
-     */
-    revoke(): Promise<void>;
-    /**
-     * Logout by removing the token from the storage
-     */
-    logout(): Promise<void>;
-    /**
-     * Serialize toJSON for JSON.stringify
-     */
-    toJSON(): {
-        isLoggedIn: boolean;
-        isGuest: boolean;
-        authenticationAttempted: boolean;
-        isAuthenticated: boolean;
-        user: any;
-    };
-}