@adonisjs/auth 8.2.3 → 9.0.0-1

package/build/src/core/user_providers/database.d.ts

@@ -0,0 +1,78 @@
+import type { Hash } from '@adonisjs/core/hash';
+import type { Database } from '@adonisjs/lucid/database';
+import { GuardUser } from '../guard_user.js';
+import { PROVIDER_REAL_USER } from '../../auth/symbols.js';
+import type { DatabaseUserProviderOptions, UserProviderContract } from '../types.js';
+/**
+ * Database user represents a guard user used by authentication guards
+ * to perform authentication.
+ */
+declare class DatabaseUser<RealUser extends Record<string, any>> extends GuardUser<RealUser> {
+    #private;
+    constructor(realUser: RealUser, hasher: Hash, options: {
+        id: string;
+        passwordColumnName: string;
+    });
+    /**
+     * @inheritdoc
+     */
+    getId(): string | number;
+    /**
+     * @inheritdoc
+     */
+    verifyPassword(plainTextPassword: string): Promise<boolean>;
+}
+/**
+ * Database user provider is used to lookup user for authentication
+ * using the Database query builder.
+ */
+export declare abstract class BaseDatabaseUserProvider<RealUser extends Record<string, any>> implements UserProviderContract<RealUser> {
+    /**
+     * Reference to the database query builder needed to
+     * query the database for users
+     */
+    protected db: Database;
+    /**
+     * Hasher is used to verify plain text passwords
+     */
+    protected hasher: Hash;
+    /**
+     * Options accepted
+     */
+    protected options: DatabaseUserProviderOptions<RealUser>;
+    [PROVIDER_REAL_USER]: RealUser;
+    constructor(
+    /**
+     * Reference to the database query builder needed to
+     * query the database for users
+     */
+    db: Database, 
+    /**
+     * Hasher is used to verify plain text passwords
+     */
+    hasher: Hash, 
+    /**
+     * Options accepted
+     */
+    options: DatabaseUserProviderOptions<RealUser>);
+    /**
+     * Returns an instance of the query builder
+     */
+    protected getQueryBuilder(): import("@adonisjs/lucid/types/querybuilder").DatabaseQueryBuilderContract<any>;
+    /**
+     * Returns an instance of the "DatabaseUser" that guards
+     * can use for authentication
+     */
+    createUserForGuard(user: RealUser): Promise<DatabaseUser<RealUser>>;
+    /**
+     * Finds a user by id by query the configured database
+     * table
+     */
+    findById(value: string | number): Promise<DatabaseUser<RealUser> | null>;
+    /**
+     * Finds a user using one of the pre-configured unique
+     * ids, via the configured model.
+     */
+    findByUid(value: string | number): Promise<DatabaseUser<RealUser> | null>;
+}
+export {};

package/build/src/core/user_providers/database.js

@@ -0,0 +1,117 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { RuntimeException } from '@poppinss/utils';
+import debug from '../../auth/debug.js';
+import { GuardUser } from '../guard_user.js';
+import { PROVIDER_REAL_USER } from '../../auth/symbols.js';
+/**
+ * Database user represents a guard user used by authentication guards
+ * to perform authentication.
+ */
+class DatabaseUser extends GuardUser {
+    #options;
+    #hasher;
+    constructor(realUser, hasher, options) {
+        super(realUser);
+        this.#hasher = hasher;
+        this.#options = options;
+    }
+    /**
+     * @inheritdoc
+     */
+    getId() {
+        const id = this.realUser[this.#options.id];
+        if (!id) {
+            throw new RuntimeException(`Invalid user object. The value of column "${this.#options.id}" is undefined or null`);
+        }
+        return id;
+    }
+    /**
+     * @inheritdoc
+     */
+    async verifyPassword(plainTextPassword) {
+        const password = this.realUser[this.#options.passwordColumnName];
+        if (!password) {
+            throw new RuntimeException(`Cannot verify password during login. The value of column "${this.#options.passwordColumnName}" is undefined or null`);
+        }
+        return this.#hasher.verify(password, plainTextPassword);
+    }
+}
+/**
+ * Database user provider is used to lookup user for authentication
+ * using the Database query builder.
+ */
+export class BaseDatabaseUserProvider {
+    db;
+    hasher;
+    options;
+    constructor(
+    /**
+     * Reference to the database query builder needed to
+     * query the database for users
+     */
+    db, 
+    /**
+     * Hasher is used to verify plain text passwords
+     */
+    hasher, 
+    /**
+     * Options accepted
+     */
+    options) {
+        this.db = db;
+        this.hasher = hasher;
+        this.options = options;
+        debug('db_user_provider: options %O', options);
+    }
+    /**
+     * Returns an instance of the query builder
+     */
+    getQueryBuilder() {
+        return this.db.connection(this.options.connection).query();
+    }
+    /**
+     * Returns an instance of the "DatabaseUser" that guards
+     * can use for authentication
+     */
+    async createUserForGuard(user) {
+        if (!user || typeof user !== 'object') {
+            throw new RuntimeException(`Invalid user object. It must be a database row object from the "${this.options.table}" table`);
+        }
+        debug('db_user_provider: converting user object to guard user %O', user);
+        return new DatabaseUser(user, this.hasher, this.options);
+    }
+    /**
+     * Finds a user by id by query the configured database
+     * table
+     */
+    async findById(value) {
+        const query = this.getQueryBuilder().from(this.options.table);
+        debug('db_user_provider: finding user by id %s', value);
+        const user = await query.where(this.options.id, value).limit(1).first();
+        if (!user) {
+            return null;
+        }
+        return this.createUserForGuard(user);
+    }
+    /**
+     * Finds a user using one of the pre-configured unique
+     * ids, via the configured model.
+     */
+    async findByUid(value) {
+        const query = this.getQueryBuilder().from(this.options.table);
+        this.options.uids.forEach((uid) => query.orWhere(uid, value));
+        debug('db_user_provider: finding user by uids, uids: %O, value: %s', this.options.uids, value);
+        const user = await query.limit(1).first();
+        if (!user) {
+            return null;
+        }
+        return this.createUserForGuard(user);
+    }
+}

package/build/src/core/user_providers/lucid.d.ts

@@ -0,0 +1,61 @@
+import { GuardUser } from '../guard_user.js';
+import { PROVIDER_REAL_USER } from '../../auth/symbols.js';
+import type { UserProviderContract, LucidAuthenticatable, LucidUserProviderOptions } from '../types.js';
+/**
+ * Lucid user represents a guard user, used by authentication guards
+ * to perform authentication.
+ */
+declare class LucidUser<RealUser extends InstanceType<LucidAuthenticatable>> extends GuardUser<RealUser> {
+    /**
+     * @inheritdoc
+     */
+    getId(): string | number;
+    /**
+     * @inheritdoc
+     */
+    verifyPassword(plainTextPassword: string): Promise<boolean>;
+}
+/**
+ * Lucid user provider is used to lookup user for authentication
+ * using a Lucid model.
+ */
+export declare abstract class BaseLucidUserProvider<UserModel extends LucidAuthenticatable> implements UserProviderContract<InstanceType<UserModel>> {
+    /**
+     * Lucid provider options
+     */
+    protected options: LucidUserProviderOptions<UserModel>;
+    [PROVIDER_REAL_USER]: InstanceType<UserModel>;
+    /**
+     * Reference to the lazily imported model
+     */
+    protected model?: UserModel;
+    constructor(
+    /**
+     * Lucid provider options
+     */
+    options: LucidUserProviderOptions<UserModel>);
+    /**
+     * Imports the model from the provider, returns and caches it
+     * for further operations.
+     */
+    protected getModel(): Promise<UserModel>;
+    /**
+     * Returns an instance of the query builder
+     */
+    protected getQueryBuilder(model: UserModel): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<UserModel, InstanceType<UserModel>>;
+    /**
+     * Returns an instance of the "LucidUser" that guards
+     * can use for authentication
+     */
+    createUserForGuard(user: InstanceType<UserModel>): Promise<LucidUser<InstanceType<UserModel>>>;
+    /**
+     * Finds a user by id using the configured model.
+     */
+    findById(value: string | number): Promise<LucidUser<InstanceType<UserModel>> | null>;
+    /**
+     * Finds a user using one of the pre-configured unique
+     * ids, via the configured model.
+     */
+    findByUid(value: string | number): Promise<LucidUser<InstanceType<UserModel>> | null>;
+}
+export {};

package/build/src/core/user_providers/lucid.js

@@ -0,0 +1,122 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { RuntimeException } from '@poppinss/utils';
+import debug from '../../auth/debug.js';
+import { GuardUser } from '../guard_user.js';
+import { PROVIDER_REAL_USER } from '../../auth/symbols.js';
+/**
+ * Lucid user represents a guard user, used by authentication guards
+ * to perform authentication.
+ */
+class LucidUser extends GuardUser {
+    /**
+     * @inheritdoc
+     */
+    getId() {
+        const id = this.realUser.$primaryKeyValue;
+        /**
+         * Ensure id exists
+         */
+        if (!id) {
+            const model = this.realUser.constructor;
+            const modelName = model.name;
+            const primaryKey = model.primaryKey;
+            throw new RuntimeException(`Cannot use "${modelName}" model for authentication. The value of column "${primaryKey}" is undefined or null`);
+        }
+        return id;
+    }
+    /**
+     * @inheritdoc
+     */
+    async verifyPassword(plainTextPassword) {
+        return this.realUser.verifyPasswordForAuth(plainTextPassword);
+    }
+}
+/**
+ * Lucid user provider is used to lookup user for authentication
+ * using a Lucid model.
+ */
+export class BaseLucidUserProvider {
+    options;
+    /**
+     * Reference to the lazily imported model
+     */
+    model;
+    constructor(
+    /**
+     * Lucid provider options
+     */
+    options) {
+        this.options = options;
+        debug('lucid_user_provider: options %O', options);
+    }
+    /**
+     * Imports the model from the provider, returns and caches it
+     * for further operations.
+     */
+    async getModel() {
+        if (this.model) {
+            return this.model;
+        }
+        const importedModel = await this.options.model();
+        this.model = importedModel.default;
+        debug('lucid_user_provider: using model %O', this.model);
+        return this.model;
+    }
+    /**
+     * Returns an instance of the query builder
+     */
+    getQueryBuilder(model) {
+        return model.query({
+            client: this.options.client,
+            connection: this.options.connection,
+        });
+    }
+    /**
+     * Returns an instance of the "LucidUser" that guards
+     * can use for authentication
+     */
+    async createUserForGuard(user) {
+        const model = await this.getModel();
+        if (user instanceof model === false) {
+            throw new RuntimeException(`Invalid user object. It must be an instance of the "${model.name}" model`);
+        }
+        debug('lucid_user_provider: converting user object to guard user %O', user);
+        return new LucidUser(user);
+    }
+    /**
+     * Finds a user by id using the configured model.
+     */
+    async findById(value) {
+        debug('lucid_user_provider: finding user by id %s', value);
+        const model = await this.getModel();
+        const user = await model.find(value, {
+            client: this.options.client,
+            connection: this.options.connection,
+        });
+        if (!user) {
+            return null;
+        }
+        return new LucidUser(user);
+    }
+    /**
+     * Finds a user using one of the pre-configured unique
+     * ids, via the configured model.
+     */
+    async findByUid(value) {
+        const query = this.getQueryBuilder(await this.getModel());
+        this.options.uids.forEach((uid) => query.orWhere(uid, value));
+        debug('lucid_user_provider: finding user by uids, uids: %O, value: %s', this.options.uids, value);
+        const user = await query.limit(1).first();
+        if (!user) {
+            return null;
+        }
+        return new LucidUser(user);
+    }
+}

package/build/src/guards/session/define_config.d.ts

@@ -0,0 +1,23 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { ConfigProvider } from '@adonisjs/core/types';
+import { SessionGuard } from './guard.js';
+import type { GuardConfigProvider } from '../../auth/types.js';
+import type { SessionGuardConfig, RememberMeProviderContract, SessionUserProviderContract, DatabaseRememberMeProviderOptions } from './types.js';
+/**
+ * Helper function to configure the session guard for
+ * authentication.
+ *
+ * This method returns a config builder, which internally
+ * returns a factory function to construct a guard
+ * during HTTP requests.
+ */
+export declare function sessionGuard<UserProvider extends SessionUserProviderContract<unknown>>(config: SessionGuardConfig & {
+    provider: ConfigProvider<UserProvider>;
+    tokens?: ConfigProvider<RememberMeProviderContract>;
+}): GuardConfigProvider<(ctx: HttpContext) => SessionGuard<UserProvider>>;
+/**
+ * Tokens provider helper to store remember me tokens
+ */
+export declare const tokensProvider: {
+    db: (config: DatabaseRememberMeProviderOptions) => ConfigProvider<RememberMeProviderContract>;
+};

package/build/src/guards/session/define_config.js

@@ -0,0 +1,56 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { configProvider } from '@adonisjs/core';
+import { RuntimeException } from '@poppinss/utils';
+import { SessionGuard } from './guard.js';
+/**
+ * Helper function to configure the session guard for
+ * authentication.
+ *
+ * This method returns a config builder, which internally
+ * returns a factory function to construct a guard
+ * during HTTP requests.
+ */
+export function sessionGuard(config) {
+    return {
+        async resolver(guardName, app) {
+            const provider = await configProvider.resolve(app, config.provider);
+            if (!provider) {
+                throw new RuntimeException(`Invalid user provider defined on "${guardName}" guard`);
+            }
+            const emitter = await app.container.make('emitter');
+            const tokensProvider = config.tokens
+                ? await configProvider.resolve(app, config.tokens)
+                : undefined;
+            /**
+             * Factory function needed by Authenticator to switch
+             * between guards and perform authentication
+             */
+            return (ctx) => {
+                const guard = new SessionGuard(guardName, config, ctx, provider);
+                if (tokensProvider) {
+                    guard.withRememberMeTokens(tokensProvider);
+                }
+                return guard.withEmitter(emitter);
+            };
+        },
+    };
+}
+/**
+ * Tokens provider helper to store remember me tokens
+ */
+export const tokensProvider = {
+    db(config) {
+        return configProvider.create(async (app) => {
+            const db = await app.container.make('lucid.db');
+            const { DatabaseRememberTokenProvider } = await import('./token_providers/main.js');
+            return new DatabaseRememberTokenProvider(db, config);
+        });
+    },
+};

package/build/src/guards/session/guard.d.ts

@@ -0,0 +1,112 @@
+import { Emitter } from '@adonisjs/core/events';
+import type { HttpContext } from '@adonisjs/core/http';
+import type { GuardContract } from '../../auth/types.js';
+import { GUARD_KNOWN_EVENTS, PROVIDER_REAL_USER } from '../../auth/symbols.js';
+import type { SessionGuardEvents, SessionGuardConfig, RememberMeProviderContract, SessionUserProviderContract } from './types.js';
+/**
+ * Session guard uses sessions and cookies to login and authenticate
+ * users.
+ */
+export declare class SessionGuard<UserProvider extends SessionUserProviderContract<unknown>> implements GuardContract<UserProvider[typeof PROVIDER_REAL_USER]> {
+    #private;
+    [GUARD_KNOWN_EVENTS]: SessionGuardEvents<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Driver name of the guard
+     */
+    driverName: 'session';
+    /**
+     * Whether or not the authentication has been attempted
+     * during the current request
+     */
+    authenticationAttempted: boolean;
+    /**
+     * Find if the user has been logged out during
+     * the current request
+     */
+    isLoggedOut: boolean;
+    /**
+     * A boolean to know if the current request has
+     * been authenticated
+     */
+    isAuthenticated: boolean;
+    /**
+     * A boolean to know if the current request is authenticated
+     * using the "rememember_me" token.
+     */
+    viaRemember: boolean;
+    /**
+     * Reference to an instance of the authenticated or logged-in
+     * user. The value only exists after calling one of the
+     * following methods.
+     *
+     * - login
+     * - loginViaId
+     * - attempt
+     * - authenticate
+     *
+     * You can use the "getUserOrFail" method to throw an exception if
+     * the request is not authenticated.
+     */
+    user?: UserProvider[typeof PROVIDER_REAL_USER];
+    /**
+     * The key used to store the logged-in user id inside
+     * session
+     */
+    get sessionKeyName(): string;
+    /**
+     * The key used to store the remember me token cookie
+     */
+    get rememberMeKeyName(): string;
+    constructor(name: string, config: SessionGuardConfig, ctx: HttpContext, userProvider: UserProvider);
+    /**
+     * Register the remember me tokens provider to create
+     * remember me tokens during user login.
+     *
+     * Note: This method only registers the remember me tokens provider
+     * and does not enable them. You must pass "rememberMe = true" during
+     * the "login" method call.
+     */
+    withRememberMeTokens(tokensProvider: RememberMeProviderContract): this;
+    /**
+     * Register an event emitter to listen for global events for
+     * authentication lifecycle.
+     */
+    withEmitter(emitter: Emitter<any>): this;
+    /**
+     * Returns an instance of the authenticated user. Or throws
+     * an exception if the request is not authenticated.
+     */
+    getUserOrFail(): UserProvider[typeof PROVIDER_REAL_USER];
+    /**
+     * Verifies user credentials and returns an instance of
+     * the user or throws "E_INVALID_CREDENTIALS" exception.
+     */
+    verifyCredentials(uid: string, password: string): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Attempt to login a user after verifying their
+     * credentials.
+     */
+    attempt(uid: string, password: string): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Attempt to login a user using the user id. The
+     * user will be first fetched from the db before
+     * marking them as logged-in
+     */
+    loginViaId(id: string | number): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Login a user using the user object.
+     */
+    login(user: UserProvider[typeof PROVIDER_REAL_USER], remember?: boolean): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Authenticates the HTTP request to ensure the
+     * user is logged-in
+     */
+    authenticate(): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Silently attempt to authenticate the user.
+     *
+     * The method returns a boolean indicating if the authentication
+     * succeeded or failed.
+     */
+    check(): Promise<boolean>;
+}