@adonisjs/auth 9.0.0-1 → 9.0.0-10

package/build/configure.js

@@ -6,50 +6,15 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-/**
- * Configures the user provider to use for finding
- * users
- */
-async function configureProvider(command) {
-    const provider = await command.prompt.choice('Select the user provider you want to use', [
-        {
-            name: 'lucid',
-            message: 'Lucid models',
-        },
-        {
-            name: 'db',
-            message: 'Database query builder',
-        },
-    ]);
-    /**
-     * Publish config file
-     */
-    await command.publishStub('config.stub', { provider });
-}
+import { presetAuth } from '@adonisjs/presets/auth';
 /**
  * Configures the auth package
  */
 export async function configure(command) {
-    await configureProvider(command);
     const codemods = await command.createCodemods();
-    /**
-     * Register provider
-     */
-    await codemods.updateRcFile((rcFile) => {
-        rcFile.addProvider('@adonisjs/auth/auth_provider');
+    // let guard: string | undefined = command.parsedFlags.guard
+    await presetAuth(codemods, command.app, {
+        guard: 'session',
+        userProvider: 'lucid',
     });
-    /**
-     * Register middleware
-     */
-    await codemods.registerMiddleware('router', [
-        {
-            path: '@adonisjs/auth/initialize_auth_middleware',
-        },
-    ]);
-    await codemods.registerMiddleware('named', [
-        {
-            name: 'auth',
-            path: '@adonisjs/auth/auth_middleware',
-        },
-    ]);
 }

package/build/factories/basic_auth_guard_factory.d.ts

@@ -0,0 +1,12 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import { FactoryUser, TestLucidUserProvider } from './lucid_user_provider.js';
+import { BasicAuthGuard } from '../src/guards/basic_auth/guard.js';
+import type { UserProviderContract } from '../src/core/types.js';
+/**
+ * Exposes the API to create a basic auth guard for testing. Under
+ * the hood configures Lucid models for looking up users
+ */
+export declare class BasicAuthGuardFactory {
+    merge(): this;
+    create<UserProvider extends UserProviderContract<unknown> = TestLucidUserProvider<typeof FactoryUser>>(ctx: HttpContext, provider?: UserProvider): BasicAuthGuard<TestLucidUserProvider<typeof FactoryUser> | UserProvider>;
+}

package/build/factories/basic_auth_guard_factory.js

@@ -0,0 +1,22 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { LucidUserProviderFactory, } from './lucid_user_provider.js';
+import { BasicAuthGuard } from '../src/guards/basic_auth/guard.js';
+/**
+ * Exposes the API to create a basic auth guard for testing. Under
+ * the hood configures Lucid models for looking up users
+ */
+export class BasicAuthGuardFactory {
+    merge() {
+        return this;
+    }
+    create(ctx, provider) {
+        return new BasicAuthGuard('basic', ctx, provider || new LucidUserProviderFactory().create());
+    }
+}

package/build/index.d.ts

@@ -1,7 +1,6 @@
 export { configure } from './configure.js';
-export { stubsRoot } from './stubs/main.js';
-export * as errors from './src/auth/errors.js';
 export * as symbols from './src/auth/symbols.js';
 export { AuthManager } from './src/auth/auth_manager.js';
 export { Authenticator } from './src/auth/authenticator.js';
 export { defineConfig, providers } from './src/auth/define_config.js';
+export { AuthenticationException, InvalidCredentialsException } from './src/auth/errors.js';

package/build/index.js

@@ -7,9 +7,8 @@
  * file that was distributed with this source code.
  */
 export { configure } from './configure.js';
-export { stubsRoot } from './stubs/main.js';
-export * as errors from './src/auth/errors.js';
 export * as symbols from './src/auth/symbols.js';
 export { AuthManager } from './src/auth/auth_manager.js';
 export { Authenticator } from './src/auth/authenticator.js';
 export { defineConfig, providers } from './src/auth/define_config.js';
+export { AuthenticationException, InvalidCredentialsException } from './src/auth/errors.js';

package/build/src/auth/auth_manager.d.ts

@@ -1,6 +1,7 @@
 import type { HttpContext } from '@adonisjs/core/http';
 import type { GuardFactory } from './types.js';
 import { Authenticator } from './authenticator.js';
+import { AuthenticatorClient } from './authenticator_client.js';
 /**
  * Auth manager exposes the API to register and manage authentication
  * guards from the config
@@ -19,4 +20,8 @@ export declare class AuthManager<KnownGuards extends Record<string, GuardFactory
      * Create an authenticator for a given HTTP request
      */
     createAuthenticator(ctx: HttpContext): Authenticator<KnownGuards>;
+    /**
+     * Creates an instance of the authenticator client
+     */
+    createAuthenticatorClient(): AuthenticatorClient<KnownGuards>;
 }

package/build/src/auth/auth_manager.js

@@ -7,6 +7,7 @@
  * file that was distributed with this source code.
  */
 import { Authenticator } from './authenticator.js';
+import { AuthenticatorClient } from './authenticator_client.js';
 /**
  * Auth manager exposes the API to register and manage authentication
  * guards from the config
@@ -31,4 +32,10 @@ export class AuthManager {
     createAuthenticator(ctx) {
         return new Authenticator(ctx, this.#config);
     }
+    /**
+     * Creates an instance of the authenticator client
+     */
+    createAuthenticatorClient() {
+        return new AuthenticatorClient(this.#config);
+    }
 }

package/build/src/auth/authenticator.d.ts

@@ -35,6 +35,13 @@ export declare class Authenticator<KnownGuards extends Record<string, GuardFacto
         default: keyof KnownGuards;
         guards: KnownGuards;
     });
+    /**
+     * Returns an instance of the logged-in user or throws an
+     * exception
+     */
+    getUserOrFail(): {
+        [K in keyof KnownGuards]: ReturnType<ReturnType<KnownGuards[K]>['getUserOrFail']>;
+    }[keyof KnownGuards];
     /**
      * Returns an instance of a known guard. Guards instances are
      * cached during the lifecycle of an HTTP request.
@@ -51,6 +58,6 @@ export declare class Authenticator<KnownGuards extends Record<string, GuardFacto
      * Otherwise, "AuthenticationException" will be raised.
      */
     authenticateUsing(guards?: (keyof KnownGuards)[], options?: {
-        redirectTo?: string;
+        loginRoute?: string;
     }): Promise<boolean>;
 }

package/build/src/auth/authenticator.js

@@ -68,6 +68,13 @@ export class Authenticator {
         this.#config = config;
         debug('creating authenticator. config %O', this.#config);
     }
+    /**
+     * Returns an instance of the logged-in user or throws an
+     * exception
+     */
+    getUserOrFail() {
+        return this.use(this.#authenticatedViaGuard || this.defaultGuard).getUserOrFail();
+    }
     /**
      * Returns an instance of a known guard. Guards instances are
      * cached during the lifecycle of an HTTP request.
@@ -116,7 +123,7 @@ export class Authenticator {
         throw new AuthenticationException('Unauthorized access', {
             code: 'E_UNAUTHORIZED_ACCESS',
             guardDriverName: lastUsedGuardDriver,
-            redirectTo: options?.redirectTo,
+            redirectTo: options?.loginRoute,
         });
     }
 }

package/build/src/auth/authenticator_client.d.ts

@@ -0,0 +1,23 @@
+import type { GuardFactory } from './types.js';
+/**
+ * Authenticator client is used to create guard instances for
+ * testing. It passes a fake HTTPContext to the guards, so
+ * make sure to not call server side APIs that might be
+ * relying on a real HTTPContext instance
+ */
+export declare class AuthenticatorClient<KnownGuards extends Record<string, GuardFactory>> {
+    #private;
+    /**
+     * Name of the default guard
+     */
+    get defaultGuard(): keyof KnownGuards;
+    constructor(config: {
+        default: keyof KnownGuards;
+        guards: KnownGuards;
+    });
+    /**
+     * Returns an instance of a known guard. Guards instances are
+     * cached during the lifecycle of an HTTP request.
+     */
+    use<Guard extends keyof KnownGuards>(guard?: Guard): ReturnType<KnownGuards[Guard]>;
+}

package/build/src/auth/authenticator_client.js

@@ -0,0 +1,59 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import debug from './debug.js';
+import { HttpContextFactory } from '@adonisjs/core/factories/http';
+/**
+ * Authenticator client is used to create guard instances for
+ * testing. It passes a fake HTTPContext to the guards, so
+ * make sure to not call server side APIs that might be
+ * relying on a real HTTPContext instance
+ */
+export class AuthenticatorClient {
+    /**
+     * Registered guards
+     */
+    #config;
+    /**
+     * Cache of guards
+     */
+    #guardsCache = {};
+    /**
+     * Name of the default guard
+     */
+    get defaultGuard() {
+        return this.#config.default;
+    }
+    constructor(config) {
+        this.#config = config;
+        debug('creating authenticator client. config %O', this.#config);
+    }
+    /**
+     * Returns an instance of a known guard. Guards instances are
+     * cached during the lifecycle of an HTTP request.
+     */
+    use(guard) {
+        const guardToUse = guard || this.#config.default;
+        /**
+         * Use cached copy if exists
+         */
+        const cachedGuard = this.#guardsCache[guardToUse];
+        if (cachedGuard) {
+            debug('using guard from cache. name: "%s"', guardToUse);
+            return cachedGuard;
+        }
+        const guardFactory = this.#config.guards[guardToUse];
+        /**
+         * Construct guard and cache it
+         */
+        debug('creating guard. name: "%s"', guardToUse);
+        const guardInstance = guardFactory(new HttpContextFactory().create());
+        this.#guardsCache[guardToUse] = guardInstance;
+        return guardInstance;
+    }
+}

package/build/src/auth/errors.d.ts

@@ -5,11 +5,18 @@ import { HttpContext } from '@adonisjs/core/http';
  * made to authenticate an HTTP request
  */
 export declare class AuthenticationException extends Exception {
+    static status?: number | undefined;
+    static code?: string | undefined;
     /**
      * Raises authentication exception when session guard
      * is unable to authenticate the request
      */
     static E_INVALID_AUTH_SESSION(): AuthenticationException;
+    /**
+     * Raises authentication exception when session guard
+     * is unable to authenticate the request
+     */
+    static E_INVALID_BASIC_AUTH_CREDENTIALS(): AuthenticationException;
     guardDriverName: string;
     redirectTo?: string;
     identifier: string;
@@ -49,6 +56,7 @@ export declare class AuthenticationException extends Exception {
 export declare class InvalidCredentialsException extends Exception {
     static message: string;
     static code: string;
+    static status?: number | undefined;
     static E_INVALID_CREDENTIALS(guardDriverName: string): InvalidCredentialsException;
     guardDriverName: string;
     identifier: string;

package/build/src/auth/errors.js

@@ -12,6 +12,8 @@ import { Exception } from '@poppinss/utils';
  * made to authenticate an HTTP request
  */
 export class AuthenticationException extends Exception {
+    static status = 401;
+    static code = 'E_UNAUTHORIZED_ACCESS';
     /**
      * Raises authentication exception when session guard
      * is unable to authenticate the request
@@ -23,6 +25,17 @@ export class AuthenticationException extends Exception {
             guardDriverName: 'session',
         });
     }
+    /**
+     * Raises authentication exception when session guard
+     * is unable to authenticate the request
+     */
+    static E_INVALID_BASIC_AUTH_CREDENTIALS() {
+        return new AuthenticationException('Invalid basic auth credentials', {
+            code: 'E_INVALID_BASIC_AUTH_CREDENTIALS',
+            status: 401,
+            guardDriverName: 'basic_auth',
+        });
+    }
     guardDriverName;
     redirectTo;
     identifier = 'auth.authenticate';
@@ -58,7 +71,7 @@ export class AuthenticationException extends Exception {
                 case 'html':
                 case null:
                     ctx.session.flashExcept(['_csrf']);
-                    ctx.session.flash({ errors: { [error.identifier]: [message] } });
+                    ctx.session.flashErrors({ [error.identifier]: [message] });
                     ctx.response.redirect(error.redirectTo || '/', true);
                     break;
                 case 'json':
@@ -82,6 +95,12 @@ export class AuthenticationException extends Exception {
                     break;
             }
         },
+        basic_auth: (message, _, ctx) => {
+            ctx.response
+                .status(this.status)
+                .header('WWW-Authenticate', `Basic realm="Authenticate", charset="UTF-8"`)
+                .send(message);
+        },
     };
     /**
      * Self handles the auth exception and converts it to an
@@ -103,6 +122,7 @@ export class AuthenticationException extends Exception {
 export class InvalidCredentialsException extends Exception {
     static message = 'Invalid credentials';
     static code = 'E_INVALID_CREDENTIALS';
+    static status = 400;
     static E_INVALID_CREDENTIALS(guardDriverName) {
         return new InvalidCredentialsException(InvalidCredentialsException.message, {
             guardDriverName,
@@ -141,7 +161,7 @@ export class InvalidCredentialsException extends Exception {
                 case 'html':
                 case null:
                     ctx.session.flashExcept(['_csrf']);
-                    ctx.session.flash({ errors: { [this.identifier]: [message] } });
+                    ctx.session.flashErrors({ [this.identifier]: [message] });
                     ctx.response.redirect().withQs().back();
                     break;
                 case 'json':

package/build/src/auth/plugins/japa/api_client.d.ts

@@ -0,0 +1,32 @@
+import type { PluginFn } from '@japa/runner/types';
+import type { ApplicationService } from '@adonisjs/core/types';
+import type { Authenticators, GuardContract, GuardFactory } from '../../types.js';
+declare module '@japa/api-client' {
+    interface ApiRequest {
+        authData: {
+            guard: string;
+            user: unknown;
+        };
+        /**
+         * Login a user using the default authentication
+         * guard when making an API call
+         */
+        loginAs(user: {
+            [K in keyof Authenticators]: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never;
+        }): this;
+        /**
+         * Define the authentication guard for login
+         */
+        withGuard<K extends keyof Authenticators, Self extends ApiRequest>(this: Self, guard: K): {
+            /**
+             * Login a user using a specific auth guard
+             */
+            loginAs(user: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never): Self;
+        };
+    }
+}
+/**
+ * Auth API client to authenticate users when making
+ * HTTP requests using the Japa API client
+ */
+export declare const authApiClient: (app: ApplicationService) => PluginFn;

package/build/src/auth/plugins/japa/api_client.js

@@ -0,0 +1,63 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { ApiClient, ApiRequest } from '@japa/api-client';
+import debug from '../../debug.js';
+/**
+ * Auth API client to authenticate users when making
+ * HTTP requests using the Japa API client
+ */
+export const authApiClient = (app) => {
+    const pluginFn = function () {
+        debug('installing auth api client plugin');
+        ApiRequest.macro('loginAs', function (user) {
+            this.authData = {
+                guard: '__default__',
+                user: user,
+            };
+            return this;
+        });
+        ApiRequest.macro('withGuard', function (guard) {
+            return {
+                loginAs: (user) => {
+                    this.authData = {
+                        guard,
+                        user: user,
+                    };
+                    return this;
+                },
+            };
+        });
+        /**
+         * Hook into the request and login the user
+         */
+        ApiClient.setup(async (request) => {
+            const auth = await app.container.make('auth.manager');
+            const authData = request['authData'];
+            if (!authData) {
+                return;
+            }
+            const client = auth.createAuthenticatorClient();
+            const guard = authData.guard === '__default__' ? client.use() : client.use(authData.guard);
+            const requestData = await guard.authenticateAsClient(authData.user);
+            if (requestData.headers) {
+                debug('defining headers with api client request %O', requestData.headers);
+                request.headers(requestData.headers);
+            }
+            if (requestData.session) {
+                debug('defining session with api client request %O', requestData.session);
+                request.withSession(requestData.session);
+            }
+            if (requestData.cookies) {
+                debug('defining session with api client request %O', requestData.session);
+                request.cookies(requestData.cookies);
+            }
+        });
+    };
+    return pluginFn;
+};

package/build/src/auth/plugins/japa/browser_client.d.ts

@@ -0,0 +1,25 @@
+import type { PluginFn } from '@japa/runner/types';
+import type { ApplicationService } from '@adonisjs/core/types';
+import type { Authenticators, GuardContract, GuardFactory } from '../../types.js';
+declare module 'playwright' {
+    interface BrowserContext {
+        /**
+         * Login a user using the default authentication
+         * guard when using the browser context to
+         * make page visits
+         */
+        loginAs(user: {
+            [K in keyof Authenticators]: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never;
+        }): Promise<void>;
+        /**
+         * Define the authentication guard for login
+         */
+        withGuard<K extends keyof Authenticators>(guard: K): {
+            /**
+             * Login a user using a specific auth guard
+             */
+            loginAs(user: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never): Promise<void>;
+        };
+    }
+}
+export declare const authBrowserClient: (app: ApplicationService) => PluginFn;

package/build/src/auth/plugins/japa/browser_client.js

@@ -0,0 +1,64 @@
+/*
+ * @adoniss/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+/// <reference types="@japa/plugin-adonisjs" />
+/// <reference types="@adonisjs/session/plugins/browser_client" />
+import { RuntimeException } from '@poppinss/utils';
+import { decoratorsCollection } from '@japa/browser-client';
+import debug from '../../debug.js';
+export const authBrowserClient = (app) => {
+    const pluginFn = async function () {
+        debug('installing auth browser client plugin');
+        const auth = await app.container.make('auth.manager');
+        decoratorsCollection.register({
+            context(context) {
+                context.withGuard = function (guardName) {
+                    return {
+                        async loginAs(user) {
+                            const client = auth.createAuthenticatorClient();
+                            const guard = client.use(guardName);
+                            const requestData = await guard.authenticateAsClient(user);
+                            if (requestData.headers) {
+                                throw new RuntimeException(`Cannot use "${guard.driverName}" guard with browser client`);
+                            }
+                            if (requestData.cookies) {
+                                debug('defining cookies with browser context %O', requestData.cookies);
+                                Object.keys(requestData.cookies).forEach((cookie) => {
+                                    context.setCookie(cookie, requestData.cookies[cookie]);
+                                });
+                            }
+                            if (requestData.session) {
+                                debug('defining session with browser context %O', requestData.session);
+                                context.setSession(requestData.session);
+                            }
+                        },
+                    };
+                };
+                context.loginAs = async function (user) {
+                    const client = auth.createAuthenticatorClient();
+                    const guard = client.use();
+                    const requestData = await guard.authenticateAsClient(user);
+                    if (requestData.headers) {
+                        throw new RuntimeException(`Cannot use "${guard.driverName}" guard with browser client`);
+                    }
+                    if (requestData.cookies) {
+                        debug('defining cookies with browser context %O', requestData.cookies);
+                        Object.keys(requestData.cookies).forEach((cookie) => {
+                            context.setCookie(cookie, requestData.cookies[cookie]);
+                        });
+                    }
+                    if (requestData.session) {
+                        debug('defining session with browser context %O', requestData.session);
+                        context.setSession(requestData.session);
+                    }
+                };
+            },
+        });
+    };
+    return pluginFn;
+};

package/build/src/auth/types.d.ts

@@ -2,6 +2,14 @@ import type { HttpContext } from '@adonisjs/core/http';
 import type { ApplicationService, ConfigProvider } from '@adonisjs/core/types';
 import type { AuthManager } from './auth_manager.js';
 import type { GUARD_KNOWN_EVENTS } from './symbols.js';
+/**
+ * The client response for authentication.
+ */
+export interface AuthClientResponse {
+    headers?: Record<string, any>;
+    cookies?: Record<string, any>;
+    session?: Record<string, any>;
+}
 /**
  * A set of properties a guard must implement.
  */
@@ -10,6 +18,10 @@ export interface GuardContract<User> {
      * Reference to the currently authenticated user
      */
     user?: User;
+    /**
+     * Returns logged-in user or throws an exception
+     */
+    getUserOrFail(): User;
     /**
      * A boolean to know if the current request has
      * been authenticated
@@ -26,6 +38,12 @@ export interface GuardContract<User> {
      * exception
      */
     check(): Promise<boolean>;
+    /**
+     * The method is used to authenticate the user as
+     * client. This method should return cookies,
+     * headers, or session state.
+     */
+    authenticateAsClient(user: User): Promise<AuthClientResponse>;
     /**
      * Authenticates the current request and throws
      * an exception if the request is not authenticated.
@@ -60,6 +78,16 @@ export type InferAuthenticators<Config extends ConfigProvider<{
     default: unknown;
     guards: unknown;
 }>> = Awaited<ReturnType<Config['resolver']>>['guards'];
+/**
+ * Helper to convert union to intersection
+ */
+type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends (k: infer I) => void ? I : never;
+/**
+ * Infer events based upon the configure authenticators
+ */
+export type InferAuthEvents<KnownAuthenticators extends Record<string, GuardFactory>> = UnionToIntersection<{
+    [K in keyof KnownAuthenticators]: ReturnType<KnownAuthenticators[K]>[typeof GUARD_KNOWN_EVENTS];
+}[keyof KnownAuthenticators]>;
 /**
  * Auth service is a singleton instance of the AuthManager
  * configured using the config stored within the user
@@ -73,3 +101,4 @@ export interface AuthService extends AuthManager<Authenticators extends Record<s
 export type GuardConfigProvider<Guard extends GuardFactory> = {
     resolver: (name: string, app: ApplicationService) => Promise<Guard>;
 };
+export {};

package/build/src/core/token_providers/database.d.ts

@@ -11,7 +11,7 @@ type DatabaseTokenRow = {
     created_at: Date;
     updated_at: Date;
     expires_at: Date | null;
-};
+} & Record<string, any>;
 /**
  * A generic implementation to read tokens from the database
  */

package/build/src/guards/basic_auth/define_config.d.ts

@@ -0,0 +1,16 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { ConfigProvider } from '@adonisjs/core/types';
+import type { GuardConfigProvider } from '../../auth/types.js';
+import type { UserProviderContract } from '../../core/types.js';
+import { BasicAuthGuard } from './guard.js';
+/**
+ * Helper function to configure the basic auth guard for
+ * authentication.
+ *
+ * This method returns a config builder, which internally
+ * returns a factory function to construct a guard
+ * during HTTP requests.
+ */
+export declare function basicAuthGuard<UserProvider extends UserProviderContract<unknown>>(config: {
+    provider: ConfigProvider<UserProvider>;
+}): GuardConfigProvider<(ctx: HttpContext) => BasicAuthGuard<UserProvider>>;