@adonisjs/auth 8.2.3 → 9.0.0-1

package/build/src/Clients/Oat/index.js

@@ -1,123 +0,0 @@
-"use strict";
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OATClient = void 0;
-const luxon_1 = require("luxon");
-const crypto_1 = require("crypto");
-const utils_1 = require("@poppinss/utils");
-const helpers_1 = require("@poppinss/utils/build/helpers");
-const ProviderToken_1 = require("../../Tokens/ProviderToken");
-/**
- * OAT client to login a user during tests using the
- * opaque tokens guard
- */
-class OATClient {
-    constructor(name, config, provider, tokenProvider) {
-        this.name = name;
-        this.config = config;
-        this.provider = provider;
-        this.tokenProvider = tokenProvider;
-        /**
-         * Length of the raw token. The hash length will vary
-         */
-        this.tokenLength = 60;
-        /**
-         * Token type for the persistance store
-         */
-        this.tokenType = this.config.tokenProvider.type || 'opaque_token';
-    }
-    /**
-     * Returns the provider user instance from the regular user details. Raises
-     * exception when id is missing
-     */
-    async getUserForLogin(user, identifierKey) {
-        const providerUser = await this.provider.getUserFor(user);
-        /**
-         * Ensure id exists on the user
-         */
-        const id = providerUser.getId();
-        if (!id) {
-            throw new utils_1.Exception(`Cannot login user. Value of "${identifierKey}" is not defined`);
-        }
-        return providerUser;
-    }
-    /**
-     * Converts value to a sha256 hash
-     */
-    generateHash(token) {
-        return (0, crypto_1.createHash)('sha256').update(token).digest('hex');
-    }
-    /**
-     * Converts expiry duration to an absolute date/time value
-     */
-    getExpiresAtDate(expiresIn) {
-        if (!expiresIn) {
-            return;
-        }
-        const milliseconds = typeof expiresIn === 'string' ? helpers_1.string.toMs(expiresIn) : expiresIn;
-        return luxon_1.DateTime.local().plus({ milliseconds });
-    }
-    /**
-     * Generates a new token + hash for the persistance
-     */
-    generateTokenForPersistance(expiresIn) {
-        const token = helpers_1.string.generateRandom(this.tokenLength);
-        return {
-            token,
-            hash: this.generateHash(token),
-            expiresAt: this.getExpiresAtDate(expiresIn),
-        };
-    }
-    /**
-     * Returns the request data to mark user as logged in
-     */
-    async login(user, options) {
-        /**
-         * Normalize options with defaults
-         */
-        const { expiresIn, name, ...meta } = Object.assign({
-            name: 'Opaque Access Token',
-        }, options);
-        /**
-         * Since the login method is not exposed to the end user, we cannot expect
-         * them to instantiate and pass an instance of provider user, so we
-         * create one manually.
-         */
-        const providerUser = await this.getUserForLogin(user, this.config.provider.identifierKey);
-        /**
-         * "getUserForLogin" raises exception when id is missing, so we can
-         * safely assume it is defined
-         */
-        const id = providerUser.getId();
-        const token = this.generateTokenForPersistance(expiresIn);
-        /**
-         * Persist token to the database. Make sure that we are always
-         * passing the hash to the storage driver
-         */
-        const providerToken = new ProviderToken_1.ProviderToken(name, token.hash, id, this.tokenType);
-        providerToken.expiresAt = token.expiresAt;
-        providerToken.meta = meta;
-        this.tokenId = await this.tokenProvider.write(providerToken);
-        return {
-            headers: {
-                Authorization: `Bearer ${helpers_1.base64.urlEncode(this.tokenId)}.${token.token}`,
-            },
-        };
-    }
-    /**
-     * Logout user
-     */
-    async logout() {
-        if (this.tokenId) {
-            await this.tokenProvider.destroy(this.tokenId, this.tokenType);
-        }
-    }
-}
-exports.OATClient = OATClient;

package/build/src/Clients/Session/index.d.ts

@@ -1,34 +0,0 @@
-import { SessionGuardConfig, GuardClientContract, UserProviderContract, ProviderUserContract } from '@ioc:Adonis/Addons/Auth';
-/**
- * Session client to login a user during tests using the
- * sessions guard
- */
-export declare class SessionClient implements GuardClientContract<any> {
-    name: string;
-    private config;
-    private provider;
-    constructor(name: string, config: SessionGuardConfig<any>, provider: UserProviderContract<any>);
-    /**
-     * The name of the session key name
-     */
-    get sessionKeyName(): string;
-    /**
-     * Returns the provider user instance from the regular user details. Raises
-     * exception when id is missing
-     */
-    protected getUserForLogin(user: any, identifierKey: string): Promise<ProviderUserContract<any>>;
-    /**
-     * Returns the request data to mark user as logged in
-     */
-    login(user: any): Promise<{
-        session: {
-            [x: string]: string | number;
-        };
-    }>;
-    /**
-     * No need to logout when using session client.
-     * Session data is persisted within memory and will
-     * be cleared after each test
-     */
-    logout(): Promise<void>;
-}

package/build/src/Clients/Session/index.js

@@ -1,72 +0,0 @@
-"use strict";
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SessionClient = void 0;
-const utils_1 = require("@poppinss/utils");
-/**
- * Session client to login a user during tests using the
- * sessions guard
- */
-class SessionClient {
-    constructor(name, config, provider) {
-        this.name = name;
-        this.config = config;
-        this.provider = provider;
-    }
-    /**
-     * The name of the session key name
-     */
-    get sessionKeyName() {
-        return `auth_${this.name}`;
-    }
-    /**
-     * Returns the provider user instance from the regular user details. Raises
-     * exception when id is missing
-     */
-    async getUserForLogin(user, identifierKey) {
-        const providerUser = await this.provider.getUserFor(user);
-        /**
-         * Ensure id exists on the user
-         */
-        const id = providerUser.getId();
-        if (!id) {
-            throw new utils_1.Exception(`Cannot login user. Value of "${identifierKey}" is not defined`);
-        }
-        return providerUser;
-    }
-    /**
-     * Returns the request data to mark user as logged in
-     */
-    async login(user) {
-        /**
-         * Since the login method is exposed to the end user, we cannot expect
-         * them to instantiate and return an instance of authenticatable, so
-         * we create one manually.
-         */
-        const providerUser = await this.getUserForLogin(user, this.config.provider.identifierKey);
-        /**
-         * getUserForLogin raises exception when id is missing, so we can
-         * safely assume it is defined
-         */
-        const id = providerUser.getId();
-        return {
-            session: {
-                [this.sessionKeyName]: id,
-            },
-        };
-    }
-    /**
-     * No need to logout when using session client.
-     * Session data is persisted within memory and will
-     * be cleared after each test
-     */
-    async logout() { }
-}
-exports.SessionClient = SessionClient;

package/build/src/Exceptions/AuthenticationException.d.ts

@@ -1,47 +0,0 @@
-import { Exception } from '@poppinss/utils';
-import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
-/**
- * Exception raised when unable to authenticate user session
- */
-export declare class AuthenticationException extends Exception {
-    guard: string;
-    redirectTo: string;
-    responseText: string;
-    /**
-     * Raise exception with message and redirect url
-     */
-    constructor(message: string, code: string, guard?: string, redirectTo?: string);
-    /**
-     * Prompts user to enter credentials
-     */
-    protected respondWithBasicAuthPrompt(ctx: HttpContextContract, realm?: string): void;
-    /**
-     * Send response as an array of errors
-     */
-    protected respondWithJson(ctx: HttpContextContract): void;
-    /**
-     * Flash error message and redirect the user back
-     */
-    protected respondWithRedirect(ctx: HttpContextContract): void;
-    /**
-     * Send response as an array of errors formatted as per JSONAPI spec
-     */
-    protected respondWithJsonAPI(ctx: HttpContextContract): void;
-    /**
-     * Missing session or unable to lookup user from session
-     */
-    static invalidSession(guard: string): AuthenticationException;
-    /**
-     * Missing/Invalid token or unable to lookup user from the token
-     */
-    static invalidToken(guard: string): AuthenticationException;
-    /**
-     * Missing or invalid basic auth credentials
-     */
-    static invalidBasicCredentials(guard: string): AuthenticationException;
-    /**
-     * Self handle exception and attempt to make the best response based
-     * upon the type of request
-     */
-    handle(_: AuthenticationException, ctx: HttpContextContract): Promise<void>;
-}

package/build/src/Exceptions/AuthenticationException.js

@@ -1,142 +0,0 @@
-"use strict";
-/*
- * @adonisjs/auth
- *
- * (c) Harminder Virk <virk@adonisjs.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthenticationException = void 0;
-const utils_1 = require("@poppinss/utils");
-/**
- * Exception raised when unable to authenticate user session
- */
-class AuthenticationException extends utils_1.Exception {
-    /**
-     * Raise exception with message and redirect url
-     */
-    constructor(message, code, guard, redirectTo) {
-        super(message, 401, code);
-        this.redirectTo = '/login';
-        this.responseText = this.message;
-        if (redirectTo) {
-            this.redirectTo = redirectTo;
-        }
-        if (guard) {
-            this.guard = guard;
-        }
-    }
-    /**
-     * Prompts user to enter credentials
-     */
-    respondWithBasicAuthPrompt(ctx, realm) {
-        realm = realm || 'Authenticate';
-        ctx.response
-            .status(this.status)
-            .header('WWW-Authenticate', `Basic realm="${realm}", charset="UTF-8"`)
-            .send(this.responseText);
-    }
-    /**
-     * Send response as an array of errors
-     */
-    respondWithJson(ctx) {
-        ctx.response.status(this.status).send({
-            errors: [
-                {
-                    message: this.responseText,
-                },
-            ],
-        });
-    }
-    /**
-     * Flash error message and redirect the user back
-     */
-    respondWithRedirect(ctx) {
-        if (!ctx.session) {
-            return ctx.response.status(this.status).send(this.responseText);
-        }
-        ctx.session.flashExcept(['_csrf']);
-        ctx.session.flash('auth', { error: this.responseText });
-        ctx.response.redirect(this.redirectTo, true);
-    }
-    /**
-     * Send response as an array of errors formatted as per JSONAPI spec
-     */
-    respondWithJsonAPI(ctx) {
-        ctx.response.status(this.status).send({
-            errors: [
-                {
-                    code: this.code,
-                    title: this.responseText,
-                    source: null,
-                },
-            ],
-        });
-    }
-    /**
-     * Missing session or unable to lookup user from session
-     */
-    static invalidSession(guard) {
-        return new this('Invalid session', 'E_INVALID_AUTH_SESSION', guard);
-    }
-    /**
-     * Missing/Invalid token or unable to lookup user from the token
-     */
-    static invalidToken(guard) {
-        return new this('Invalid API token', 'E_INVALID_API_TOKEN', guard);
-    }
-    /**
-     * Missing or invalid basic auth credentials
-     */
-    static invalidBasicCredentials(guard) {
-        return new this('Invalid basic auth credentials', 'E_INVALID_BASIC_CREDENTIALS', guard);
-    }
-    /**
-     * Self handle exception and attempt to make the best response based
-     * upon the type of request
-     */
-    async handle(_, ctx) {
-        /**
-         * We need access to the guard config and driver to make appropriate response
-         */
-        const config = this.guard ? ctx.auth.use(this.guard).config : null;
-        /**
-         * Use translation when using i18n
-         */
-        if ('i18n' in ctx) {
-            this.responseText = ctx.i18n.formatMessage(`auth.${this.code}`, {}, this.message);
-        }
-        /**
-         * Show username, password prompt when using basic auth driver
-         */
-        if (config && config.driver === 'basic') {
-            this.respondWithBasicAuthPrompt(ctx, config.realm);
-            return;
-        }
-        /**
-         * Respond with json for ajax requests
-         */
-        if (ctx.request.ajax()) {
-            this.respondWithJson(ctx);
-            return;
-        }
-        /**
-         * Uses content negotiation to make the response
-         */
-        switch (ctx.request.accepts(['html', 'application/vnd.api+json', 'json'])) {
-            case 'html':
-            case null:
-                this.respondWithRedirect(ctx);
-                break;
-            case 'json':
-                this.respondWithJson(ctx);
-                break;
-            case 'application/vnd.api+json':
-                this.respondWithJsonAPI(ctx);
-                break;
-        }
-    }
-}
-exports.AuthenticationException = AuthenticationException;

package/build/src/Exceptions/InvalidCredentialsException.d.ts

@@ -1,34 +0,0 @@
-import { Exception } from '@poppinss/utils';
-import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
-/**
- * Exception raised when unable to verify user credentials
- */
-export declare class InvalidCredentialsException extends Exception {
-    guard: string;
-    responseText: string;
-    /**
-     * Unable to find user
-     */
-    static invalidUid(guard: string): InvalidCredentialsException;
-    /**
-     * Invalid user password
-     */
-    static invalidPassword(guard: string): InvalidCredentialsException;
-    /**
-     * Send response as an array of errors
-     */
-    protected respondWithJson(ctx: HttpContextContract): void;
-    /**
-     * Flash error message and redirect the user back
-     */
-    protected respondWithRedirect(ctx: HttpContextContract): void;
-    /**
-     * Send response as an array of errors formatted as per JSONAPI spec
-     */
-    protected respondWithJsonAPI(ctx: HttpContextContract): void;
-    /**
-     * Self handle exception and attempt to make the best response based
-     * upon the type of request
-     */
-    handle(_: InvalidCredentialsException, ctx: HttpContextContract): Promise<void>;
-}

package/build/src/Exceptions/InvalidCredentialsException.js

@@ -1,112 +0,0 @@
-"use strict";
-/*
- * @adonisjs/auth
- *
- * (c) Harminder Virk <virk@adonisjs.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.InvalidCredentialsException = void 0;
-const utils_1 = require("@poppinss/utils");
-/**
- * Exception raised when unable to verify user credentials
- */
-class InvalidCredentialsException extends utils_1.Exception {
-    constructor() {
-        super(...arguments);
-        this.responseText = this.message;
-    }
-    /**
-     * Unable to find user
-     */
-    static invalidUid(guard) {
-        const error = new this('User not found', 400, 'E_INVALID_AUTH_UID');
-        error.guard = guard;
-        return error;
-    }
-    /**
-     * Invalid user password
-     */
-    static invalidPassword(guard) {
-        const error = new this('Password mis-match', 400, 'E_INVALID_AUTH_PASSWORD');
-        error.guard = guard;
-        return error;
-    }
-    /**
-     * Send response as an array of errors
-     */
-    respondWithJson(ctx) {
-        ctx.response.status(this.status).send({
-            errors: [
-                {
-                    message: this.responseText,
-                },
-            ],
-        });
-    }
-    /**
-     * Flash error message and redirect the user back
-     */
-    respondWithRedirect(ctx) {
-        if (!ctx.session) {
-            return ctx.response.status(this.status).send(this.responseText);
-        }
-        ctx.session.flashExcept(['_csrf']);
-        ctx.session.flash('auth', {
-            error: this.responseText,
-            /**
-             * Will be removed in the future
-             */
-            errors: {
-                uid: this.code === 'E_INVALID_AUTH_UID' ? ['Invalid login id'] : null,
-                password: this.code === 'E_INVALID_AUTH_PASSWORD' ? ['Invalid password'] : null,
-            },
-        });
-        ctx.response.redirect('back', true);
-    }
-    /**
-     * Send response as an array of errors formatted as per JSONAPI spec
-     */
-    respondWithJsonAPI(ctx) {
-        ctx.response.status(this.status).send({
-            errors: [
-                {
-                    code: this.code,
-                    title: this.responseText,
-                    source: null,
-                },
-            ],
-        });
-    }
-    /**
-     * Self handle exception and attempt to make the best response based
-     * upon the type of request
-     */
-    async handle(_, ctx) {
-        /**
-         * Use translation when using i18n
-         */
-        if ('i18n' in ctx) {
-            this.responseText = ctx.i18n.formatMessage(`auth.${this.code}`, {}, this.message);
-        }
-        if (ctx.request.ajax()) {
-            this.respondWithJson(ctx);
-            return;
-        }
-        switch (ctx.request.accepts(['html', 'application/vnd.api+json', 'json'])) {
-            case 'html':
-            case null:
-                this.respondWithRedirect(ctx);
-                break;
-            case 'json':
-                this.respondWithJson(ctx);
-                break;
-            case 'application/vnd.api+json':
-                this.respondWithJsonAPI(ctx);
-                break;
-        }
-    }
-}
-exports.InvalidCredentialsException = InvalidCredentialsException;

package/build/src/Guards/Base/index.d.ts

@@ -1,75 +0,0 @@
-import { UserProviderContract, ProviderUserContract, GuardsList } from '@ioc:Adonis/Addons/Auth';
-/**
- * Base guard with shared abilities
- */
-export declare abstract class BaseGuard<Guard extends keyof GuardsList> {
-    name: Guard;
-    config: GuardsList[Guard]['config'];
-    provider: UserProviderContract<any>;
-    constructor(name: Guard, config: GuardsList[Guard]['config'], provider: UserProviderContract<any>);
-    /**
-     * Reference to the name of the guard driver
-     */
-    get driver(): "basic" | "session" | "oat";
-    /**
-     * Whether or not the authentication has been attempted
-     * for the current request
-     */
-    authenticationAttempted: boolean;
-    /**
-     * Find if the user has been logged out in the current request
-     */
-    isLoggedOut: boolean;
-    /**
-     * A boolean to know if user is retrieved by authenticating
-     * the current request or not
-     */
-    isAuthenticated: boolean;
-    /**
-     * A boolean to know if user is loggedin via remember me token
-     * or not.
-     */
-    viaRemember: boolean;
-    /**
-     * Logged in or authenticated user
-     */
-    user?: any;
-    /**
-     * Accessor to know if user is logged in
-     */
-    get isLoggedIn(): boolean;
-    /**
-     * Accessor to know if user is a guest. It is always opposite
-     * of [[isLoggedIn]]
-     */
-    get isGuest(): boolean;
-    /**
-     * Lookup user using UID
-     */
-    private lookupUsingUid;
-    /**
-     * Verify user password
-     */
-    private verifyPassword;
-    /**
-     * Finds user by their id and returns the provider user instance
-     */
-    protected findById(id: string | number): Promise<ProviderUserContract<any>>;
-    /**
-     * Returns the provider user instance from the regular user details. Raises
-     * exception when id is missing
-     */
-    protected getUserForLogin(user: any, identifierKey: string): Promise<ProviderUserContract<any>>;
-    /**
-     * Marks user as logged-in
-     */
-    protected markUserAsLoggedIn(user: any, authenticated?: boolean, viaRemember?: boolean): void;
-    /**
-     * Marks the user as logged out
-     */
-    protected markUserAsLoggedOut(): void;
-    /**
-     * Verifies user credentials
-     */
-    verifyCredentials(uid: string, password: string): Promise<any>;
-}