@adonisjs/auth 9.0.0-6 → 9.0.0-8

package/build/factories/basic_auth_guard_factory.d.ts

@@ -0,0 +1,12 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import { FactoryUser, TestLucidUserProvider } from './lucid_user_provider.js';
+import { BasicAuthGuard } from '../src/guards/basic_auth/guard.js';
+import type { UserProviderContract } from '../src/core/types.js';
+/**
+ * Exposes the API to create a basic auth guard for testing. Under
+ * the hood configures Lucid models for looking up users
+ */
+export declare class BasicAuthGuardFactory {
+    merge(): this;
+    create<UserProvider extends UserProviderContract<unknown> = TestLucidUserProvider<typeof FactoryUser>>(ctx: HttpContext, provider?: UserProvider): BasicAuthGuard<TestLucidUserProvider<typeof FactoryUser> | UserProvider>;
+}

package/build/factories/basic_auth_guard_factory.js

@@ -0,0 +1,22 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { LucidUserProviderFactory, } from './lucid_user_provider.js';
+import { BasicAuthGuard } from '../src/guards/basic_auth/guard.js';
+/**
+ * Exposes the API to create a basic auth guard for testing. Under
+ * the hood configures Lucid models for looking up users
+ */
+export class BasicAuthGuardFactory {
+    merge() {
+        return this;
+    }
+    create(ctx, provider) {
+        return new BasicAuthGuard('basic', ctx, provider || new LucidUserProviderFactory().create());
+    }
+}

package/build/src/auth/define_config.d.ts

@@ -7,7 +7,6 @@ import type { LucidAuthenticatable, LucidUserProviderOptions, DatabaseUserProvid
  */
 export type ResolvedAuthConfig<KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>> = {
     default: keyof KnownGuards;
-    loginRoute: string;
     guards: {
         [K in keyof KnownGuards]: KnownGuards[K] extends GuardConfigProvider<infer A> ? A : KnownGuards[K];
     };
@@ -19,7 +18,6 @@ export type ResolvedAuthConfig<KnownGuards extends Record<string, GuardFactory |
  */
 export declare function defineConfig<KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>>(config: {
     default: keyof KnownGuards;
-    loginRoute: string;
     guards: KnownGuards;
 }): ConfigProvider<ResolvedAuthConfig<KnownGuards>>;
 /**

package/build/src/auth/define_config.js

@@ -28,7 +28,6 @@ export function defineConfig(config) {
         }
         return {
             default: config.default,
-            loginRoute: config.loginRoute,
             guards: guards,
         };
     });

package/build/src/auth/errors.d.ts

@@ -12,6 +12,11 @@ export declare class AuthenticationException extends Exception {
      * is unable to authenticate the request
      */
     static E_INVALID_AUTH_SESSION(): AuthenticationException;
+    /**
+     * Raises authentication exception when session guard
+     * is unable to authenticate the request
+     */
+    static E_INVALID_BASIC_AUTH_CREDENTIALS(): AuthenticationException;
     guardDriverName: string;
     redirectTo?: string;
     identifier: string;

package/build/src/auth/errors.js

@@ -25,6 +25,17 @@ export class AuthenticationException extends Exception {
             guardDriverName: 'session',
         });
     }
+    /**
+     * Raises authentication exception when session guard
+     * is unable to authenticate the request
+     */
+    static E_INVALID_BASIC_AUTH_CREDENTIALS() {
+        return new AuthenticationException('Invalid basic auth credentials', {
+            code: 'E_INVALID_BASIC_AUTH_CREDENTIALS',
+            status: 401,
+            guardDriverName: 'basic_auth',
+        });
+    }
     guardDriverName;
     redirectTo;
     identifier = 'auth.authenticate';
@@ -84,6 +95,12 @@ export class AuthenticationException extends Exception {
                     break;
             }
         },
+        basic_auth: (message, _, ctx) => {
+            ctx.response
+                .status(this.status)
+                .header('WWW-Authenticate', `Basic realm="Authenticate", charset="UTF-8"`)
+                .send(message);
+        },
     };
     /**
      * Self handles the auth exception and converts it to an

package/build/src/auth/plugins/japa/api_client.d.ts

@@ -1,3 +1,4 @@
+import type { PluginFn } from '@japa/runner/types';
 import type { ApplicationService } from '@adonisjs/core/types';
 import type { Authenticators, GuardContract, GuardFactory } from '../../types.js';
 declare module '@japa/api-client' {
@@ -28,4 +29,4 @@ declare module '@japa/api-client' {
  * Auth API client to authenticate users when making
  * HTTP requests using the Japa API client
  */
-export declare const authApiClient: (app: ApplicationService) => void;
+export declare const authApiClient: (app: ApplicationService) => PluginFn;

package/build/src/auth/plugins/japa/api_client.js

@@ -6,51 +6,58 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-/// <reference types="@adonisjs/session/plugins/api_client" />
 import { ApiClient, ApiRequest } from '@japa/api-client';
+import debug from '../../debug.js';
 /**
  * Auth API client to authenticate users when making
  * HTTP requests using the Japa API client
  */
 export const authApiClient = (app) => {
-    ApiRequest.macro('loginAs', function (user) {
-        this.authData = {
-            guard: '__default__',
-            user: user,
-        };
-        return this;
-    });
-    ApiRequest.macro('withGuard', function (guard) {
-        return {
-            loginAs: (user) => {
-                this.authData = {
-                    guard,
-                    user: user,
-                };
-                return this;
-            },
-        };
-    });
-    /**
-     * Hook into the request and login the user
-     */
-    ApiClient.setup(async (request) => {
-        const auth = await app.container.make('auth.manager');
-        const authData = request['authData'];
-        if (!authData) {
-            return;
-        }
-        const client = auth.createAuthenticatorClient();
-        const guard = authData.guard === '__default__' ? client.use() : client.use(authData.guard);
-        const requestData = await guard.authenticateAsClient(authData.user);
-        if (requestData.headers) {
-            request.headers(requestData.headers);
-        }
-        if (requestData.session) {
-            request.withSession(requestData.session);
-        }
-        if (requestData.cookies) {
-            request.cookies(requestData.cookies);
-        }
-    });
+    const pluginFn = function () {
+        debug('installing auth api client plugin');
+        ApiRequest.macro('loginAs', function (user) {
+            this.authData = {
+                guard: '__default__',
+                user: user,
+            };
+            return this;
+        });
+        ApiRequest.macro('withGuard', function (guard) {
+            return {
+                loginAs: (user) => {
+                    this.authData = {
+                        guard,
+                        user: user,
+                    };
+                    return this;
+                },
+            };
+        });
+        /**
+         * Hook into the request and login the user
+         */
+        ApiClient.setup(async (request) => {
+            const auth = await app.container.make('auth.manager');
+            const authData = request['authData'];
+            if (!authData) {
+                return;
+            }
+            const client = auth.createAuthenticatorClient();
+            const guard = authData.guard === '__default__' ? client.use() : client.use(authData.guard);
+            const requestData = await guard.authenticateAsClient(authData.user);
+            if (requestData.headers) {
+                debug('defining headers with api client request %O', requestData.headers);
+                request.headers(requestData.headers);
+            }
+            if (requestData.session) {
+                debug('defining session with api client request %O', requestData.session);
+                request.withSession(requestData.session);
+            }
+            if (requestData.cookies) {
+                debug('defining session with api client request %O', requestData.session);
+                request.cookies(requestData.cookies);
+            }
+        });
+    };
+    return pluginFn;
 };

package/build/src/auth/plugins/japa/browser_client.d.ts

@@ -0,0 +1,25 @@
+import type { PluginFn } from '@japa/runner/types';
+import type { ApplicationService } from '@adonisjs/core/types';
+import type { Authenticators, GuardContract, GuardFactory } from '../../types.js';
+declare module 'playwright' {
+    interface BrowserContext {
+        /**
+         * Login a user using the default authentication
+         * guard when using the browser context to
+         * make page visits
+         */
+        loginAs(user: {
+            [K in keyof Authenticators]: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never;
+        }): Promise<void>;
+        /**
+         * Define the authentication guard for login
+         */
+        withGuard<K extends keyof Authenticators>(guard: K): {
+            /**
+             * Login a user using a specific auth guard
+             */
+            loginAs(user: Authenticators[K] extends GuardFactory ? ReturnType<Authenticators[K]> extends GuardContract<infer A> ? A : never : never): Promise<void>;
+        };
+    }
+}
+export declare const authBrowserClient: (app: ApplicationService) => PluginFn;

package/build/src/auth/plugins/japa/browser_client.js

@@ -0,0 +1,42 @@
+/*
+ * @adoniss/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+/// <reference types="@japa/plugin-adonisjs" />
+/// <reference types="@adonisjs/session/plugins/browser_client" />
+import { RuntimeException } from '@poppinss/utils';
+import { decoratorsCollection } from '@japa/browser-client';
+import debug from '../../debug.js';
+export const authBrowserClient = (app) => {
+    const pluginFn = async function () {
+        debug('installing auth browser client plugin');
+        const auth = await app.container.make('auth.manager');
+        decoratorsCollection.register({
+            context(context) {
+                context.loginAs = async function (user) {
+                    const client = auth.createAuthenticatorClient();
+                    const guard = client.use();
+                    const requestData = await guard.authenticateAsClient(user);
+                    if (requestData.headers) {
+                        throw new RuntimeException(`Cannot use "${guard.driverName}" guard with browser client`);
+                    }
+                    if (requestData.cookies) {
+                        debug('defining cookies with browser context %O', requestData.cookies);
+                        Object.keys(requestData.cookies).forEach((cookie) => {
+                            context.setCookie(cookie, requestData.cookies[cookie]);
+                        });
+                    }
+                    if (requestData.session) {
+                        debug('defining session with browser context %O', requestData.session);
+                        context.setSession(requestData.session);
+                    }
+                };
+            },
+        });
+    };
+    return pluginFn;
+};

package/build/src/guards/basic_auth/define_config.d.ts

@@ -0,0 +1,16 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { ConfigProvider } from '@adonisjs/core/types';
+import type { GuardConfigProvider } from '../../auth/types.js';
+import type { UserProviderContract } from '../../core/types.js';
+import { BasicAuthGuard } from './guard.js';
+/**
+ * Helper function to configure the basic auth guard for
+ * authentication.
+ *
+ * This method returns a config builder, which internally
+ * returns a factory function to construct a guard
+ * during HTTP requests.
+ */
+export declare function basicAuthGuard<UserProvider extends UserProviderContract<unknown>>(config: {
+    provider: ConfigProvider<UserProvider>;
+}): GuardConfigProvider<(ctx: HttpContext) => BasicAuthGuard<UserProvider>>;

package/build/src/guards/basic_auth/define_config.js

@@ -0,0 +1,38 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { configProvider } from '@adonisjs/core';
+import { RuntimeException } from '@poppinss/utils';
+import { BasicAuthGuard } from './guard.js';
+/**
+ * Helper function to configure the basic auth guard for
+ * authentication.
+ *
+ * This method returns a config builder, which internally
+ * returns a factory function to construct a guard
+ * during HTTP requests.
+ */
+export function basicAuthGuard(config) {
+    return {
+        async resolver(guardName, app) {
+            const provider = await configProvider.resolve(app, config.provider);
+            if (!provider) {
+                throw new RuntimeException(`Invalid user provider defined on "${guardName}" guard`);
+            }
+            const emitter = await app.container.make('emitter');
+            /**
+             * Factory function needed by Authenticator to switch
+             * between guards and perform authentication
+             */
+            return (ctx) => {
+                const guard = new BasicAuthGuard(guardName, ctx, provider);
+                return guard.withEmitter(emitter);
+            };
+        },
+    };
+}

package/build/src/guards/basic_auth/guard.d.ts

@@ -0,0 +1,70 @@
+import type { Emitter } from '@adonisjs/core/events';
+import type { HttpContext } from '@adonisjs/core/http';
+import type { BasicAuthGuardEvents } from './types.js';
+import type { GuardContract } from '../../auth/types.js';
+import type { UserProviderContract } from '../../core/types.js';
+import { PROVIDER_REAL_USER, GUARD_KNOWN_EVENTS } from '../../auth/symbols.js';
+/**
+ * Implementation of basic auth as an authentication guard
+ */
+export declare class BasicAuthGuard<UserProvider extends UserProviderContract<unknown>> implements GuardContract<UserProvider[typeof PROVIDER_REAL_USER]> {
+    #private;
+    [GUARD_KNOWN_EVENTS]: BasicAuthGuardEvents<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Driver name of the guard
+     */
+    driverName: 'basic_auth';
+    /**
+     * Whether or not the authentication has been attempted
+     * during the current request
+     */
+    authenticationAttempted: boolean;
+    /**
+     * A boolean to know if the current request has
+     * been authenticated
+     */
+    isAuthenticated: boolean;
+    /**
+     * Reference to an instance of the authenticated or logged-in
+     * user. The value only exists after calling one of the
+     * following methods.
+     *
+     * - authenticate
+     *
+     * You can use the "getUserOrFail" method to throw an exception if
+     * the request is not authenticated.
+     */
+    user?: UserProvider[typeof PROVIDER_REAL_USER];
+    constructor(name: string, ctx: HttpContext, userProvider: UserProvider);
+    /**
+     * Register an event emitter to listen for global events for
+     * authentication lifecycle.
+     */
+    withEmitter(emitter: Emitter<any>): this;
+    /**
+     * Returns an instance of the authenticated user. Or throws
+     * an exception if the request is not authenticated.
+     */
+    getUserOrFail(): UserProvider[typeof PROVIDER_REAL_USER];
+    /**
+     * Verifies user credentials and returns an instance of
+     * the user or throws "E_INVALID_BASIC_AUTH_CREDENTIALS" exception.
+     */
+    verifyCredentials(uid: string, password: string): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Authenticates the current HTTP request for basic
+     * auth credentials
+     */
+    authenticate(): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Silently attempt to authenticate the user.
+     *
+     * The method returns a boolean indicating if the authentication
+     * succeeded or failed.
+     */
+    check(): Promise<boolean>;
+    /**
+     * Not support
+     */
+    authenticateAsClient(_: UserProvider[typeof PROVIDER_REAL_USER]): Promise<never>;
+}

package/build/src/guards/basic_auth/guard.js

@@ -0,0 +1,190 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import auth from 'basic-auth';
+import { RuntimeException } from '@poppinss/utils';
+import debug from '../../auth/debug.js';
+import { AuthenticationException } from '../../auth/errors.js';
+import { GUARD_KNOWN_EVENTS } from '../../auth/symbols.js';
+/**
+ * Implementation of basic auth as an authentication guard
+ */
+export class BasicAuthGuard {
+    /**
+     * A unique name for the guard. It is used while
+     * emitting events
+     */
+    #name;
+    /**
+     * Reference to the current HTTP context
+     */
+    #ctx;
+    /**
+     * Provider to lookup user details
+     */
+    #userProvider;
+    /**
+     * Emitter to emit events
+     */
+    #emitter;
+    /**
+     * Driver name of the guard
+     */
+    driverName = 'basic_auth';
+    /**
+     * Whether or not the authentication has been attempted
+     * during the current request
+     */
+    authenticationAttempted = false;
+    /**
+     * A boolean to know if the current request has
+     * been authenticated
+     */
+    isAuthenticated = false;
+    /**
+     * Reference to an instance of the authenticated or logged-in
+     * user. The value only exists after calling one of the
+     * following methods.
+     *
+     * - authenticate
+     *
+     * You can use the "getUserOrFail" method to throw an exception if
+     * the request is not authenticated.
+     */
+    user;
+    constructor(name, ctx, userProvider) {
+        this.#ctx = ctx;
+        this.#name = name;
+        this.#userProvider = userProvider;
+    }
+    /**
+     * Notifies about authentication failure and throws the exception
+     */
+    #authenticationFailed(error) {
+        if (this.#emitter) {
+            this.#emitter.emit('basic_auth:authentication_failed', {
+                guardName: this.#name,
+                error,
+            });
+        }
+        throw error;
+    }
+    /**
+     * Register an event emitter to listen for global events for
+     * authentication lifecycle.
+     */
+    withEmitter(emitter) {
+        this.#emitter = emitter;
+        return this;
+    }
+    /**
+     * Returns an instance of the authenticated user. Or throws
+     * an exception if the request is not authenticated.
+     */
+    getUserOrFail() {
+        if (!this.user) {
+            throw AuthenticationException.E_INVALID_BASIC_AUTH_CREDENTIALS();
+        }
+        return this.user;
+    }
+    /**
+     * Verifies user credentials and returns an instance of
+     * the user or throws "E_INVALID_BASIC_AUTH_CREDENTIALS" exception.
+     */
+    async verifyCredentials(uid, password) {
+        debug('basic_auth_guard: attempting to verify credentials for uid "%s"', uid);
+        /**
+         * Attempt to find a user by the uid and raise
+         * error when unable to find one
+         */
+        const providerUser = await this.#userProvider.findByUid(uid);
+        if (!providerUser) {
+            this.#authenticationFailed(AuthenticationException.E_INVALID_BASIC_AUTH_CREDENTIALS());
+        }
+        /**
+         * Raise error when unable to verify password
+         */
+        const user = providerUser.getOriginal();
+        /**
+         * Raise error when unable to verify password
+         */
+        if (!(await providerUser.verifyPassword(password))) {
+            this.#authenticationFailed(AuthenticationException.E_INVALID_BASIC_AUTH_CREDENTIALS());
+        }
+        return user;
+    }
+    /**
+     * Authenticates the current HTTP request for basic
+     * auth credentials
+     */
+    async authenticate() {
+        /**
+         * Avoid re-authenticating when already authenticated
+         */
+        if (this.authenticationAttempted) {
+            return this.getUserOrFail();
+        }
+        /**
+         * Beginning authentication attempt
+         */
+        this.authenticationAttempted = true;
+        if (this.#emitter) {
+            this.#emitter.emit('basic_auth:authentication_attempted', {
+                guardName: this.#name,
+            });
+        }
+        /**
+         * Fetch credentials from the header
+         */
+        const credentials = auth(this.#ctx.request.request);
+        if (!credentials) {
+            this.#authenticationFailed(AuthenticationException.E_INVALID_BASIC_AUTH_CREDENTIALS());
+        }
+        debug('basic_auth_guard: authenticating user using credentials');
+        /**
+         * Verifying user credentials
+         */
+        this.user = await this.verifyCredentials(credentials.name, credentials.pass);
+        this.isAuthenticated = true;
+        debug('basic_auth_guard: marking user as authenticated');
+        if (this.#emitter) {
+            this.#emitter.emit('basic_auth:authentication_succeeded', {
+                guardName: this.#name,
+                user: this.user,
+            });
+        }
+        /**
+         * Return user
+         */
+        return this.getUserOrFail();
+    }
+    /**
+     * Silently attempt to authenticate the user.
+     *
+     * The method returns a boolean indicating if the authentication
+     * succeeded or failed.
+     */
+    async check() {
+        try {
+            await this.authenticate();
+            return true;
+        }
+        catch (error) {
+            if (error instanceof AuthenticationException) {
+                return false;
+            }
+            throw error;
+        }
+    }
+    /**
+     * Not support
+     */
+    async authenticateAsClient(_) {
+        throw new RuntimeException('Cannot authenticate as a client when using basic auth');
+    }
+}

package/build/src/guards/basic_auth/main.d.ts

@@ -0,0 +1,2 @@
+export { BasicAuthGuard } from './guard.js';
+export { basicAuthGuard } from './define_config.js';

package/build/src/guards/basic_auth/main.js

@@ -0,0 +1,10 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+export { BasicAuthGuard } from './guard.js';
+export { basicAuthGuard } from './define_config.js';

package/build/src/guards/basic_auth/types.d.ts

@@ -0,0 +1,35 @@
+import { Exception } from '@poppinss/utils';
+/**
+ * Events emitted by the basic auth guard
+ */
+export type BasicAuthGuardEvents<User> = {
+    /**
+     * The event is emitted when the user credentials
+     * have been verified successfully.
+     */
+    'basic_auth:credentials_verified': {
+        guardName: string;
+        uid: string;
+        user: User;
+    };
+    /**
+     * Attempting to authenticate the user
+     */
+    'basic_auth:authentication_attempted': {
+        guardName: string;
+    };
+    /**
+     * Authentication was successful
+     */
+    'basic_auth:authentication_succeeded': {
+        guardName: string;
+        user: User;
+    };
+    /**
+     * Authentication failed
+     */
+    'basic_auth:authentication_failed': {
+        guardName: string;
+        error: Exception;
+    };
+};

package/build/src/guards/basic_auth/types.js

@@ -0,0 +1,9 @@
+/*
+ * @adonisjs/auth
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+export {};

package/build/src/guards/session/guard.js

@@ -327,6 +327,7 @@ export class SessionGuard {
             if (!providerUser) {
                 this.#authenticationFailed(AuthenticationException.E_INVALID_AUTH_SESSION(), session.sessionId);
             }
+            debug('session_guard: marking user with id "%s" as authenticated', providerUser.getId());
             this.user = providerUser.getOriginal();
             this.isAuthenticated = true;
             this.isLoggedOut = false;
@@ -390,6 +391,7 @@ export class SessionGuard {
         debug('session_guard: marking user with id "%s" as logged in from remember me cookie', userId);
         session.put(this.sessionKeyName, userId);
         session.regenerate();
+        debug('session_guard: marking user with id "%s" as authenticated', userId);
         this.user = providerUser.getOriginal();
         this.isAuthenticated = true;
         this.isLoggedOut = false;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adonisjs/auth",
-  "version": "9.0.0-6",
+  "version": "9.0.0-8",
   "description": "Official authentication provider for Adonis framework",
   "type": "module",
   "main": "build/index.js",
@@ -23,6 +23,7 @@
     "./types": "./build/src/auth/types.js",
     "./auth_provider": "./build/providers/auth_provider.js",
     "./plugins/api_client": "./build/src/auth/plugins/japa/api_client.js",
+    "./plugins/browser_client": "./build/src/auth/plugins/japa/browser_client.js",
     "./services/main": "./build/services/auth.js",
     "./core/token": "./build/src/core/token.js",
     "./core/guard_user": "./build/src/core/guard_user.js",
@@ -30,6 +31,7 @@
     "./core/token_providers/*": "./build/src/core/token_providers/*.js",
     "./types/core": "./build/src/core/types.js",
     "./session": "./build/src/guards/session/main.js",
+    "./basic_auth": "./build/src/guards/basic_auth/main.js",
     "./initialize_auth_middleware": "./build/src/auth/middleware/initialize_auth_middleware.js",
     "./types/session": "./build/src/guards/session/types.js"
   },
@@ -77,11 +79,14 @@
     "@commitlint/config-conventional": "^18.0.0",
     "@japa/api-client": "^2.0.0",
     "@japa/assert": "^2.0.0",
+    "@japa/browser-client": "^2.0.0",
     "@japa/expect-type": "^2.0.0",
     "@japa/file-system": "^2.0.0",
+    "@japa/plugin-adonisjs": "^2.0.0",
     "@japa/runner": "^3.0.4",
     "@japa/snapshot": "^2.0.0",
     "@swc/core": "1.3.82",
+    "@types/basic-auth": "^1.1.5",
     "@types/luxon": "^3.3.3",
     "@types/node": "^20.8.7",
     "@types/set-cookie-parser": "^2.4.5",
@@ -94,6 +99,7 @@
     "husky": "^8.0.3",
     "luxon": "^3.4.3",
     "np": "^8.0.4",
+    "playwright": "^1.39.0",
     "prettier": "^3.0.3",
     "set-cookie-parser": "^2.6.0",
     "sqlite3": "^5.1.6",
@@ -131,13 +137,16 @@
     ]
   },
   "dependencies": {
-    "@poppinss/utils": "^6.5.0"
+    "@poppinss/utils": "^6.5.0",
+    "basic-auth": "^2.0.1"
   },
   "peerDependencies": {
     "@adonisjs/core": "^6.1.5-31",
     "@adonisjs/lucid": "^19.0.0-3",
     "@adonisjs/session": "^7.0.0-13",
-    "@japa/api-client": "^2.0.0"
+    "@japa/api-client": "^2.0.0",
+    "@japa/browser-client": "^2.0.0",
+    "@japa/plugin-adonisjs": "^2.0.0"
   },
   "peerDependenciesMeta": {
     "@adonisjs/lucid": {
@@ -148,6 +157,12 @@
     },
     "@japa/api-client": {
       "optional": true
+    },
+    "@japa/browser-client": {
+      "optional": true
+    },
+    "@japa/plugin-adonisjs": {
+      "optional": true
     }
   }
 }