@adonisjs/auth 9.0.0-4 → 9.0.0-6

package/build/configure.js

@@ -6,31 +6,10 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-/**
- * Configures the user provider to use for finding
- * users
- */
-async function configureProvider(command) {
-    const provider = await command.prompt.choice('Select the user provider you want to use', [
-        {
-            name: 'lucid',
-            message: 'Lucid models',
-        },
-        {
-            name: 'db',
-            message: 'Database query builder',
-        },
-    ]);
-    /**
-     * Publish config file
-     */
-    await command.publishStub('config.stub', { provider });
-}
 /**
  * Configures the auth package
  */
 export async function configure(command) {
-    await configureProvider(command);
     const codemods = await command.createCodemods();
     /**
      * Publish middleware to user application

package/build/index.d.ts

@@ -1,7 +1,7 @@
 export { configure } from './configure.js';
 export { stubsRoot } from './stubs/main.js';
-export * as errors from './src/auth/errors.js';
 export * as symbols from './src/auth/symbols.js';
 export { AuthManager } from './src/auth/auth_manager.js';
 export { Authenticator } from './src/auth/authenticator.js';
 export { defineConfig, providers } from './src/auth/define_config.js';
+export { AuthenticationException, InvalidCredentialsException } from './src/auth/errors.js';

package/build/index.js

@@ -8,8 +8,8 @@
  */
 export { configure } from './configure.js';
 export { stubsRoot } from './stubs/main.js';
-export * as errors from './src/auth/errors.js';
 export * as symbols from './src/auth/symbols.js';
 export { AuthManager } from './src/auth/auth_manager.js';
 export { Authenticator } from './src/auth/authenticator.js';
 export { defineConfig, providers } from './src/auth/define_config.js';
+export { AuthenticationException, InvalidCredentialsException } from './src/auth/errors.js';

package/build/src/auth/auth_manager.d.ts

@@ -1,6 +1,7 @@
 import type { HttpContext } from '@adonisjs/core/http';
 import type { GuardFactory } from './types.js';
 import { Authenticator } from './authenticator.js';
+import { AuthenticatorClient } from './authenticator_client.js';
 /**
  * Auth manager exposes the API to register and manage authentication
  * guards from the config
@@ -19,4 +20,8 @@ export declare class AuthManager<KnownGuards extends Record<string, GuardFactory
      * Create an authenticator for a given HTTP request
      */
     createAuthenticator(ctx: HttpContext): Authenticator<KnownGuards>;
+    /**
+     * Creates an instance of the authenticator client
+     */
+    createAuthenticatorClient(): AuthenticatorClient<KnownGuards>;
 }

package/build/src/auth/auth_manager.js

@@ -7,6 +7,7 @@
  * file that was distributed with this source code.
  */
 import { Authenticator } from './authenticator.js';
+import { AuthenticatorClient } from './authenticator_client.js';
 /**
  * Auth manager exposes the API to register and manage authentication
  * guards from the config
@@ -31,4 +32,10 @@ export class AuthManager {
     createAuthenticator(ctx) {
         return new Authenticator(ctx, this.#config);
     }
+    /**
+     * Creates an instance of the authenticator client
+     */
+    createAuthenticatorClient() {
+        return new AuthenticatorClient(this.#config);
+    }
 }

package/build/src/auth/authenticator_client.d.ts

@@ -0,0 +1,23 @@
+import type { GuardFactory } from './types.js';
+/**
+ * Authenticator client is used to create guard instances for
+ * testing. It passes a fake HTTPContext to the guards, so
+ * make sure to not call server side APIs that might be
+ * relying on a real HTTPContext instance
+ */
+export declare class AuthenticatorClient<KnownGuards extends Record<string, GuardFactory>> {
+    #private;
+    /**
+     * Name of the default guard
+     */
+    get defaultGuard(): keyof KnownGuards;
+    constructor(config: {
+        default: keyof KnownGuards;
+        guards: KnownGuards;
+    });
+    /**
+     * Returns an instance of a known guard. Guards instances are
+     * cached during the lifecycle of an HTTP request.
+     */
+    use<Guard extends keyof KnownGuards>(guard?: Guard): ReturnType<KnownGuards[Guard]>;
+}

package/build/src/auth/authenticator_client.js

@@ -0,0 +1,59 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import debug from './debug.js';
+import { HttpContextFactory } from '@adonisjs/core/factories/http';
+/**
+ * Authenticator client is used to create guard instances for
+ * testing. It passes a fake HTTPContext to the guards, so
+ * make sure to not call server side APIs that might be
+ * relying on a real HTTPContext instance
+ */
+export class AuthenticatorClient {
+    /**
+     * Registered guards
+     */
+    #config;
+    /**
+     * Cache of guards
+     */
+    #guardsCache = {};
+    /**
+     * Name of the default guard
+     */
+    get defaultGuard() {
+        return this.#config.default;
+    }
+    constructor(config) {
+        this.#config = config;
+        debug('creating authenticator client. config %O', this.#config);
+    }
+    /**
+     * Returns an instance of a known guard. Guards instances are
+     * cached during the lifecycle of an HTTP request.
+     */
+    use(guard) {
+        const guardToUse = guard || this.#config.default;
+        /**
+         * Use cached copy if exists
+         */
+        const cachedGuard = this.#guardsCache[guardToUse];
+        if (cachedGuard) {
+            debug('using guard from cache. name: "%s"', guardToUse);
+            return cachedGuard;
+        }
+        const guardFactory = this.#config.guards[guardToUse];
+        /**
+         * Construct guard and cache it
+         */
+        debug('creating guard. name: "%s"', guardToUse);
+        const guardInstance = guardFactory(new HttpContextFactory().create());
+        this.#guardsCache[guardToUse] = guardInstance;
+        return guardInstance;
+    }
+}

package/build/src/auth/errors.d.ts

@@ -5,6 +5,8 @@ import { HttpContext } from '@adonisjs/core/http';
  * made to authenticate an HTTP request
  */
 export declare class AuthenticationException extends Exception {
+    static status?: number | undefined;
+    static code?: string | undefined;
     /**
      * Raises authentication exception when session guard
      * is unable to authenticate the request
@@ -49,6 +51,7 @@ export declare class AuthenticationException extends Exception {
 export declare class InvalidCredentialsException extends Exception {
     static message: string;
     static code: string;
+    static status?: number | undefined;
     static E_INVALID_CREDENTIALS(guardDriverName: string): InvalidCredentialsException;
     guardDriverName: string;
     identifier: string;

package/build/src/auth/errors.js

@@ -12,6 +12,8 @@ import { Exception } from '@poppinss/utils';
  * made to authenticate an HTTP request
  */
 export class AuthenticationException extends Exception {
+    static status = 401;
+    static code = 'E_UNAUTHORIZED_ACCESS';
     /**
      * Raises authentication exception when session guard
      * is unable to authenticate the request
@@ -103,6 +105,7 @@ export class AuthenticationException extends Exception {
 export class InvalidCredentialsException extends Exception {
     static message = 'Invalid credentials';
     static code = 'E_INVALID_CREDENTIALS';
+    static status = 400;
     static E_INVALID_CREDENTIALS(guardDriverName) {
         return new InvalidCredentialsException(InvalidCredentialsException.message, {
             guardDriverName,

package/build/src/auth/plugins/japa/api_client.d.ts

@@ -0,0 +1,31 @@
+import type { ApplicationService } from '@adonisjs/core/types';
+import type { Authenticators, GuardContract, GuardFactory } from '../../types.js';
+declare module '@japa/api-client' {
+    interface ApiRequest {
+        authData: {
+            guard: string;
+            user: unknown;
+        };
+        /**
+         * Login a user using the default authentication
+         * guard when making an API call
+         */
+        loginAs(user: {
+            [K in keyof Authenticators]: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never;
+        }): this;
+        /**
+         * Define the authentication guard for login
+         */
+        withGuard<K extends keyof Authenticators, Self extends ApiRequest>(this: Self, guard: K): {
+            /**
+             * Login a user using a specific auth guard
+             */
+            loginAs(user: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never): Self;
+        };
+    }
+}
+/**
+ * Auth API client to authenticate users when making
+ * HTTP requests using the Japa API client
+ */
+export declare const authApiClient: (app: ApplicationService) => void;

package/build/src/auth/plugins/japa/api_client.js

@@ -0,0 +1,56 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+/// <reference types="@adonisjs/session/plugins/api_client" />
+import { ApiClient, ApiRequest } from '@japa/api-client';
+/**
+ * Auth API client to authenticate users when making
+ * HTTP requests using the Japa API client
+ */
+export const authApiClient = (app) => {
+    ApiRequest.macro('loginAs', function (user) {
+        this.authData = {
+            guard: '__default__',
+            user: user,
+        };
+        return this;
+    });
+    ApiRequest.macro('withGuard', function (guard) {
+        return {
+            loginAs: (user) => {
+                this.authData = {
+                    guard,
+                    user: user,
+                };
+                return this;
+            },
+        };
+    });
+    /**
+     * Hook into the request and login the user
+     */
+    ApiClient.setup(async (request) => {
+        const auth = await app.container.make('auth.manager');
+        const authData = request['authData'];
+        if (!authData) {
+            return;
+        }
+        const client = auth.createAuthenticatorClient();
+        const guard = authData.guard === '__default__' ? client.use() : client.use(authData.guard);
+        const requestData = await guard.authenticateAsClient(authData.user);
+        if (requestData.headers) {
+            request.headers(requestData.headers);
+        }
+        if (requestData.session) {
+            request.withSession(requestData.session);
+        }
+        if (requestData.cookies) {
+            request.cookies(requestData.cookies);
+        }
+    });
+};

package/build/src/auth/types.d.ts

@@ -2,6 +2,14 @@ import type { HttpContext } from '@adonisjs/core/http';
 import type { ApplicationService, ConfigProvider } from '@adonisjs/core/types';
 import type { AuthManager } from './auth_manager.js';
 import type { GUARD_KNOWN_EVENTS } from './symbols.js';
+/**
+ * The client response for authentication.
+ */
+export interface AuthClientResponse {
+    headers?: Record<string, any>;
+    cookies?: Record<string, any>;
+    session?: Record<string, any>;
+}
 /**
  * A set of properties a guard must implement.
  */
@@ -30,6 +38,12 @@ export interface GuardContract<User> {
      * exception
      */
     check(): Promise<boolean>;
+    /**
+     * The method is used to authenticate the user as
+     * client. This method should return cookies,
+     * headers, or session state.
+     */
+    authenticateAsClient(user: User): Promise<AuthClientResponse>;
     /**
      * Authenticates the current request and throws
      * an exception if the request is not authenticated.
@@ -64,12 +78,16 @@ export type InferAuthenticators<Config extends ConfigProvider<{
     default: unknown;
     guards: unknown;
 }>> = Awaited<ReturnType<Config['resolver']>>['guards'];
+/**
+ * Helper to convert union to intersection
+ */
+type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends (k: infer I) => void ? I : never;
 /**
  * Infer events based upon the configure authenticators
  */
-export type InferAuthEvents<KnownAuthenticators extends Record<string, GuardFactory>> = {
+export type InferAuthEvents<KnownAuthenticators extends Record<string, GuardFactory>> = UnionToIntersection<{
     [K in keyof KnownAuthenticators]: ReturnType<KnownAuthenticators[K]>[typeof GUARD_KNOWN_EVENTS];
-}[keyof KnownAuthenticators];
+}[keyof KnownAuthenticators]>;
 /**
  * Auth service is a singleton instance of the AuthManager
  * configured using the config stored within the user
@@ -83,3 +101,4 @@ export interface AuthService extends AuthManager<Authenticators extends Record<s
 export type GuardConfigProvider<Guard extends GuardFactory> = {
     resolver: (name: string, app: ApplicationService) => Promise<Guard>;
 };
+export {};

package/build/src/core/token_providers/database.d.ts

@@ -11,7 +11,7 @@ type DatabaseTokenRow = {
     created_at: Date;
     updated_at: Date;
     expires_at: Date | null;
-};
+} & Record<string, any>;
 /**
  * A generic implementation to read tokens from the database
  */

package/build/src/guards/session/guard.d.ts

@@ -113,4 +113,11 @@ export declare class SessionGuard<UserProvider extends SessionUserProviderContra
      * Logout user and revoke remember me token (if any)
      */
     logout(): Promise<void>;
+    /**
+     * Returns the session state for the user to be
+     * logged-in as a client
+     */
+    authenticateAsClient(user: UserProvider[typeof PROVIDER_REAL_USER]): Promise<{
+        session: Record<string, string | number>;
+    }>;
 }

package/build/src/guards/session/guard.js

@@ -491,4 +491,18 @@ export class SessionGuard {
         debug('session_auth: deleting remember me token');
         await this.#rememberMeTokenProvider.deleteTokenBySeries(decodedToken.series);
     }
+    /**
+     * Returns the session state for the user to be
+     * logged-in as a client
+     */
+    async authenticateAsClient(user) {
+        const providerUser = await this.#userProvider.createUserForGuard(user);
+        const userId = providerUser.getId();
+        debug('session_guard: returning client session for user id "%s"', userId);
+        return {
+            session: {
+                [this.sessionKeyName]: userId,
+            },
+        };
+    }
 }

package/build/src/guards/session/types.d.ts

@@ -1,4 +1,4 @@
-import { Exception } from '@poppinss/utils';
+import type { Exception } from '@poppinss/utils';
 import type { RememberMeToken } from './token.js';
 import type { UserProviderContract, TokenProviderContract, DatabaseTokenProviderOptions } from '../../core/types.js';
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adonisjs/auth",
-  "version": "9.0.0-4",
+  "version": "9.0.0-6",
   "description": "Official authentication provider for Adonis framework",
   "type": "module",
   "main": "build/index.js",
@@ -22,6 +22,7 @@
     ".": "./build/index.js",
     "./types": "./build/src/auth/types.js",
     "./auth_provider": "./build/providers/auth_provider.js",
+    "./plugins/api_client": "./build/src/auth/plugins/japa/api_client.js",
     "./services/main": "./build/services/auth.js",
     "./core/token": "./build/src/core/token.js",
     "./core/guard_user": "./build/src/core/guard_user.js",
@@ -74,6 +75,7 @@
     "@adonisjs/tsconfig": "^1.1.8",
     "@commitlint/cli": "^18.0.0",
     "@commitlint/config-conventional": "^18.0.0",
+    "@japa/api-client": "^2.0.0",
     "@japa/assert": "^2.0.0",
     "@japa/expect-type": "^2.0.0",
     "@japa/file-system": "^2.0.0",
@@ -132,9 +134,10 @@
     "@poppinss/utils": "^6.5.0"
   },
   "peerDependencies": {
-    "@adonisjs/core": "^6.1.5-30",
+    "@adonisjs/core": "^6.1.5-31",
     "@adonisjs/lucid": "^19.0.0-3",
-    "@adonisjs/session": "^7.0.0-13"
+    "@adonisjs/session": "^7.0.0-13",
+    "@japa/api-client": "^2.0.0"
   },
   "peerDependenciesMeta": {
     "@adonisjs/lucid": {
@@ -142,6 +145,9 @@
     },
     "@adonisjs/session": {
       "optional": true
+    },
+    "@japa/api-client": {
+      "optional": true
     }
   }
 }

package/build/stubs/config.stub

@@ -1,42 +0,0 @@
-{{{
-  exports({ to: app.configPath('auth.ts') })
-}}}
-import { defineConfig, providers } from '@adonisjs/auth'
-import { InferAuthEvents, Authenticators } from '@adonisjs/auth/types'
-{{#if provider === 'lucid'}}
-/**
- * Using the "models/user" model to find users during
- * login and authentication
- */
-const userProvider = providers.lucid({
-  model: () => import('#models/user'),
-  uids: ['email'],
-})
-{{/if}}
-{{#if provider === 'db'}}
-/**
- * Using Lucid query builder to directly query the database
- * to find users during login and authentication.
- */
-const userProvider = providers.db({
-  table: 'users',
-  passwordColumnName: 'password',
-  id: 'id',
-  uids: ['email'],
-})
-{{/if}}
-
-const authConfig = defineConfig({
-  default: 'web',
-  guards: {
-    web: {} // to be configured
-  }
-})
-
-export default authConfig
-declare module '@adonisjs/auth/types' {
-  interface Authenticators extends InferAuthenticators<typeof authConfig> {}
-}
-declare module '@adonisjs/core/types' {
-  interface EventsList extends InferAuthEvents<Authenticators> {}
-}