@adonisjs/auth 9.0.0-1 → 9.0.0-4

package/build/configure.js

@@ -32,6 +32,15 @@ async function configureProvider(command) {
 export async function configure(command) {
     await configureProvider(command);
     const codemods = await command.createCodemods();
+    /**
+     * Publish middleware to user application
+     */
+    await command.publishStub('middleware/auth_middleware.stub', {
+        entity: command.app.generators.createEntity('auth'),
+    });
+    await command.publishStub('middleware/guest_middleware.stub', {
+        entity: command.app.generators.createEntity('guest'),
+    });
     /**
      * Register provider
      */
@@ -49,7 +58,11 @@ export async function configure(command) {
     await codemods.registerMiddleware('named', [
         {
             name: 'auth',
-            path: '@adonisjs/auth/auth_middleware',
+            path: '#middleware/auth_middleware',
+        },
+        {
+            name: 'guest',
+            path: '#middleware/guest_middleware',
         },
     ]);
 }

package/build/src/auth/authenticator.d.ts

@@ -35,6 +35,13 @@ export declare class Authenticator<KnownGuards extends Record<string, GuardFacto
         default: keyof KnownGuards;
         guards: KnownGuards;
     });
+    /**
+     * Returns an instance of the logged-in user or throws an
+     * exception
+     */
+    getUserOrFail(): {
+        [K in keyof KnownGuards]: ReturnType<ReturnType<KnownGuards[K]>['getUserOrFail']>;
+    }[keyof KnownGuards];
     /**
      * Returns an instance of a known guard. Guards instances are
      * cached during the lifecycle of an HTTP request.
@@ -51,6 +58,6 @@ export declare class Authenticator<KnownGuards extends Record<string, GuardFacto
      * Otherwise, "AuthenticationException" will be raised.
      */
     authenticateUsing(guards?: (keyof KnownGuards)[], options?: {
-        redirectTo?: string;
+        loginRoute?: string;
     }): Promise<boolean>;
 }

package/build/src/auth/authenticator.js

@@ -68,6 +68,13 @@ export class Authenticator {
         this.#config = config;
         debug('creating authenticator. config %O', this.#config);
     }
+    /**
+     * Returns an instance of the logged-in user or throws an
+     * exception
+     */
+    getUserOrFail() {
+        return this.use(this.#authenticatedViaGuard || this.defaultGuard).getUserOrFail();
+    }
     /**
      * Returns an instance of a known guard. Guards instances are
      * cached during the lifecycle of an HTTP request.
@@ -116,7 +123,7 @@ export class Authenticator {
         throw new AuthenticationException('Unauthorized access', {
             code: 'E_UNAUTHORIZED_ACCESS',
             guardDriverName: lastUsedGuardDriver,
-            redirectTo: options?.redirectTo,
+            redirectTo: options?.loginRoute,
         });
     }
 }

package/build/src/auth/define_config.d.ts

@@ -7,6 +7,7 @@ import type { LucidAuthenticatable, LucidUserProviderOptions, DatabaseUserProvid
  */
 export type ResolvedAuthConfig<KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>> = {
     default: keyof KnownGuards;
+    loginRoute: string;
     guards: {
         [K in keyof KnownGuards]: KnownGuards[K] extends GuardConfigProvider<infer A> ? A : KnownGuards[K];
     };
@@ -18,6 +19,7 @@ export type ResolvedAuthConfig<KnownGuards extends Record<string, GuardFactory |
  */
 export declare function defineConfig<KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>>(config: {
     default: keyof KnownGuards;
+    loginRoute: string;
     guards: KnownGuards;
 }): ConfigProvider<ResolvedAuthConfig<KnownGuards>>;
 /**

package/build/src/auth/define_config.js

@@ -28,6 +28,7 @@ export function defineConfig(config) {
         }
         return {
             default: config.default,
+            loginRoute: config.loginRoute,
             guards: guards,
         };
     });

package/build/src/auth/types.d.ts

@@ -10,6 +10,10 @@ export interface GuardContract<User> {
      * Reference to the currently authenticated user
      */
     user?: User;
+    /**
+     * Returns logged-in user or throws an exception
+     */
+    getUserOrFail(): User;
     /**
      * A boolean to know if the current request has
      * been authenticated
@@ -60,6 +64,12 @@ export type InferAuthenticators<Config extends ConfigProvider<{
     default: unknown;
     guards: unknown;
 }>> = Awaited<ReturnType<Config['resolver']>>['guards'];
+/**
+ * Infer events based upon the configure authenticators
+ */
+export type InferAuthEvents<KnownAuthenticators extends Record<string, GuardFactory>> = {
+    [K in keyof KnownAuthenticators]: ReturnType<KnownAuthenticators[K]>[typeof GUARD_KNOWN_EVENTS];
+}[keyof KnownAuthenticators];
 /**
  * Auth service is a singleton instance of the AuthManager
  * configured using the config stored within the user

package/build/src/guards/session/guard.d.ts

@@ -86,13 +86,13 @@ export declare class SessionGuard<UserProvider extends SessionUserProviderContra
      * Attempt to login a user after verifying their
      * credentials.
      */
-    attempt(uid: string, password: string): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    attempt(uid: string, password: string, remember?: boolean): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
     /**
      * Attempt to login a user using the user id. The
      * user will be first fetched from the db before
      * marking them as logged-in
      */
-    loginViaId(id: string | number): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    loginViaId(id: string | number, remember?: boolean): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
     /**
      * Login a user using the user object.
      */
@@ -109,4 +109,8 @@ export declare class SessionGuard<UserProvider extends SessionUserProviderContra
      * succeeded or failed.
      */
     check(): Promise<boolean>;
+    /**
+     * Logout user and revoke remember me token (if any)
+     */
+    logout(): Promise<void>;
 }

package/build/src/guards/session/guard.js

@@ -125,6 +125,7 @@ export class SessionGuard {
     #authenticationFailed(error, sessionId) {
         if (this.#emitter) {
             this.#emitter.emit('session_auth:authentication_failed', {
+                guardName: this.#name,
                 error,
                 sessionId: sessionId,
             });
@@ -137,6 +138,7 @@ export class SessionGuard {
     #loginFailed(error, user) {
         if (this.#emitter) {
             this.#emitter.emit('session_auth:login_failed', {
+                guardName: this.#name,
                 error,
                 user,
             });
@@ -202,6 +204,7 @@ export class SessionGuard {
          */
         if (this.#emitter) {
             this.#emitter.emit('session_auth:credentials_verified', {
+                guardName: this.#name,
                 uid,
                 user,
             });
@@ -212,29 +215,29 @@ export class SessionGuard {
      * Attempt to login a user after verifying their
      * credentials.
      */
-    async attempt(uid, password) {
+    async attempt(uid, password, remember) {
         const user = await this.verifyCredentials(uid, password);
-        return this.login(user);
+        return this.login(user, remember);
     }
     /**
      * Attempt to login a user using the user id. The
      * user will be first fetched from the db before
      * marking them as logged-in
      */
-    async loginViaId(id) {
+    async loginViaId(id, remember) {
         debug('session_guard: attempting to login user via id "%s"', id);
         const providerUser = await this.#userProvider.findById(id);
         if (!providerUser) {
             this.#loginFailed(InvalidCredentialsException.E_INVALID_CREDENTIALS(this.driverName), null);
         }
-        return this.login(providerUser.getOriginal());
+        return this.login(providerUser.getOriginal(), remember);
     }
     /**
      * Login a user using the user object.
      */
     async login(user, remember = false) {
         if (this.#emitter) {
-            this.#emitter.emit('session_auth:login_attempted', { user });
+            this.#emitter.emit('session_auth:login_attempted', { user, guardName: this.#name });
         }
         const providerUser = await this.#userProvider.createUserForGuard(user);
         const session = this.#getSession();
@@ -281,6 +284,7 @@ export class SessionGuard {
          */
         if (this.#emitter) {
             this.#emitter.emit('session_auth:login_succeeded', {
+                guardName: this.#name,
                 user,
                 sessionId: session.sessionId,
                 rememberMeToken: token,
@@ -303,6 +307,7 @@ export class SessionGuard {
          */
         if (this.#emitter) {
             this.#emitter.emit('session_auth:authentication_attempted', {
+                guardName: this.#name,
                 sessionId: session.sessionId,
             });
         }
@@ -331,6 +336,7 @@ export class SessionGuard {
              */
             if (this.#emitter) {
                 this.#emitter.emit('session_auth:authentication_succeeded', {
+                    guardName: this.#name,
                     sessionId: session.sessionId,
                     user: this.user,
                 });
@@ -393,6 +399,7 @@ export class SessionGuard {
          */
         if (this.#emitter) {
             this.#emitter.emit('session_auth:authentication_succeeded', {
+                guardName: this.#name,
                 sessionId: session.sessionId,
                 user: this.user,
                 rememberMeToken: token,
@@ -451,4 +458,37 @@ export class SessionGuard {
             throw error;
         }
     }
+    /**
+     * Logout user and revoke remember me token (if any)
+     */
+    async logout() {
+        debug('session_auth: logging out');
+        const session = this.#getSession();
+        /**
+         * Clear client side state
+         */
+        session.forget(this.sessionKeyName);
+        this.#ctx.response.clearCookie(this.rememberMeKeyName);
+        /**
+         * Notify the user has been logged out
+         */
+        if (this.#emitter) {
+            this.#emitter.emit('session_auth:logged_out', {
+                guardName: this.#name,
+                user: this.user || null,
+                sessionId: session.sessionId,
+            });
+        }
+        const rememberMeCookie = this.#ctx.request.encryptedCookie(this.rememberMeKeyName);
+        if (!rememberMeCookie || !this.#rememberMeTokenProvider) {
+            return;
+        }
+        debug('session_auth: decoding remember me token');
+        const decodedToken = RememberMeToken.decode(rememberMeCookie);
+        if (!decodedToken) {
+            return;
+        }
+        debug('session_auth: deleting remember me token');
+        await this.#rememberMeTokenProvider.deleteTokenBySeries(decodedToken.series);
+    }
 }

package/build/src/guards/session/types.d.ts

@@ -32,6 +32,7 @@ export type SessionGuardEvents<User> = {
      * have been verified successfully.
      */
     'session_auth:credentials_verified': {
+        guardName: string;
         uid: string;
         user: User;
     };
@@ -40,6 +41,7 @@ export type SessionGuardEvents<User> = {
      * user.
      */
     'session_auth:login_failed': {
+        guardName: string;
         error: Exception;
         user: User | null;
     };
@@ -48,6 +50,7 @@ export type SessionGuardEvents<User> = {
      * a given user.
      */
     'session_auth:login_attempted': {
+        guardName: string;
         user: User;
     };
     /**
@@ -55,6 +58,7 @@ export type SessionGuardEvents<User> = {
      * successfully
      */
     'session_auth:login_succeeded': {
+        guardName: string;
         user: User;
         sessionId: string;
         rememberMeToken?: RememberMeToken;
@@ -63,12 +67,14 @@ export type SessionGuardEvents<User> = {
      * Attempting to authenticate the user
      */
     'session_auth:authentication_attempted': {
+        guardName: string;
         sessionId: string;
     };
     /**
      * Authentication was successful
      */
     'session_auth:authentication_succeeded': {
+        guardName: string;
         user: User;
         sessionId: string;
         rememberMeToken?: RememberMeToken;
@@ -77,6 +83,7 @@ export type SessionGuardEvents<User> = {
      * Authentication failed
      */
     'session_auth:authentication_failed': {
+        guardName: string;
         error: Exception;
         sessionId: string;
     };
@@ -85,7 +92,8 @@ export type SessionGuardEvents<User> = {
      * sucessfully
      */
     'session_auth:logged_out': {
-        user: User;
+        guardName: string;
+        user: User | null;
         sessionId: string;
     };
 };

package/build/stubs/config.stub

@@ -2,6 +2,7 @@
   exports({ to: app.configPath('auth.ts') })
 }}}
 import { defineConfig, providers } from '@adonisjs/auth'
+import { InferAuthEvents, Authenticators } from '@adonisjs/auth/types'
 {{#if provider === 'lucid'}}
 /**
  * Using the "models/user" model to find users during
@@ -26,10 +27,16 @@ const userProvider = providers.db({
 {{/if}}
 
 const authConfig = defineConfig({
-  guards: {}
+  default: 'web',
+  guards: {
+    web: {} // to be configured
+  }
 })
 
 export default authConfig
 declare module '@adonisjs/auth/types' {
   interface Authenticators extends InferAuthenticators<typeof authConfig> {}
 }
+declare module '@adonisjs/core/types' {
+  interface EventsList extends InferAuthEvents<Authenticators> {}
+}

package/build/stubs/middleware/auth_middleware.stub

@@ -0,0 +1,30 @@
+{{#var middlewareName = generators.middlewareName(entity.name)}}
+{{#var middlewareFileName = generators.middlewareFileName(entity.name)}}
+{{{
+  exports({ to: app.middlewarePath(entity.path, middlewareFileName) })
+}}}
+import type { HttpContext } from '@adonisjs/core/http'
+import type { NextFn } from '@adonisjs/core/types/http'
+import type { Authenticators } from '@adonisjs/auth/types'
+
+/**
+ * Auth middleware is used authenticate HTTP requests and deny
+ * access to unauthenticated users.
+ */
+export default class {{ middlewareName }} {
+  /**
+   * The URL to redirect to, when authentication fails
+   */
+  redirectTo = '/login'
+
+  async handle(
+    ctx: HttpContext,
+    next: NextFn,
+    options: {
+      guards?: (keyof Authenticators)[]
+    } = {}
+  ) {
+    await ctx.auth.authenticateUsing(options.guards, { loginRoute: this.redirectTo })
+    return next()
+  }
+}

package/build/stubs/middleware/guest_middleware.stub

@@ -0,0 +1,36 @@
+{{#var middlewareName = generators.middlewareName(entity.name)}}
+{{#var middlewareFileName = generators.middlewareFileName(entity.name)}}
+{{{
+  exports({ to: app.middlewarePath(entity.path, middlewareFileName) })
+}}}
+import type { HttpContext } from '@adonisjs/core/http'
+import type { NextFn } from '@adonisjs/core/types/http'
+import type { Authenticators } from '@adonisjs/auth/types'
+
+/**
+ * Guest middleware is used to deny access to routes that should
+ * be accessed by unauthenticated users.
+ *
+ * For example, the login page should not be accessible if the user
+ * is already logged-in
+ */
+export default class {{ middlewareName }} {
+  /**
+   * The URL to redirect to when user is logged-in
+   */
+  redirectTo = '/'
+
+  async handle(
+    ctx: HttpContext,
+    next: NextFn,
+    options: { guards?: (keyof Authenticators)[] } = {}
+  ) {
+    for (let guard of options.guards || [ctx.auth.defaultGuard]) {
+      if (await ctx.auth.use(guard).check()) {
+        return ctx.response.redirect(this.redirectTo, true)
+      }
+    }
+
+    return next()
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adonisjs/auth",
-  "version": "9.0.0-1",
+  "version": "9.0.0-4",
   "description": "Official authentication provider for Adonis framework",
   "type": "module",
   "main": "build/index.js",
@@ -30,7 +30,6 @@
     "./types/core": "./build/src/core/types.js",
     "./session": "./build/src/guards/session/main.js",
     "./initialize_auth_middleware": "./build/src/auth/middleware/initialize_auth_middleware.js",
-    "./auth_middleware": "./build/src/auth/middleware/auth_middleware.js",
     "./types/session": "./build/src/guards/session/types.js"
   },
   "scripts": {
@@ -66,7 +65,7 @@
   },
   "devDependencies": {
     "@adonisjs/assembler": "^6.1.3-25",
-    "@adonisjs/core": "^6.1.5-30",
+    "@adonisjs/core": "^6.1.5-31",
     "@adonisjs/eslint-config": "^1.1.8",
     "@adonisjs/i18n": "^2.0.0-6",
     "@adonisjs/lucid": "^19.0.0-3",

package/build/src/auth/middleware/auth_middleware.d.ts

@@ -1,13 +0,0 @@
-import type { HttpContext } from '@adonisjs/core/http';
-import type { NextFn } from '@adonisjs/core/types/http';
-import type { Authenticators } from '@adonisjs/auth/types';
-/**
- * Options accepted by the middleware options
- */
-export type AuthMiddlewareOptions = {
-    guards?: (keyof Authenticators)[];
-    redirectTo?: string;
-};
-export default class AuthMiddleware {
-    handle(ctx: HttpContext, next: NextFn, options?: AuthMiddlewareOptions): Promise<any>;
-}

package/build/src/auth/middleware/auth_middleware.js

@@ -1,6 +0,0 @@
-export default class AuthMiddleware {
-    async handle(ctx, next, options = {}) {
-        await ctx.auth.authenticateUsing(options.guards, options);
-        return next();
-    }
-}