@adonisjs/auth 9.0.0-9 → 9.0.0

package/build/src/auth/errors.js

@@ -1,201 +0,0 @@
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-import { Exception } from '@poppinss/utils';
-/**
- * Authentication exception is raised when an attempt is
- * made to authenticate an HTTP request
- */
-export class AuthenticationException extends Exception {
-    static status = 401;
-    static code = 'E_UNAUTHORIZED_ACCESS';
-    /**
-     * Raises authentication exception when session guard
-     * is unable to authenticate the request
-     */
-    static E_INVALID_AUTH_SESSION() {
-        return new AuthenticationException('Invalid or expired authentication session', {
-            code: 'E_INVALID_AUTH_SESSION',
-            status: 401,
-            guardDriverName: 'session',
-        });
-    }
-    /**
-     * Raises authentication exception when session guard
-     * is unable to authenticate the request
-     */
-    static E_INVALID_BASIC_AUTH_CREDENTIALS() {
-        return new AuthenticationException('Invalid basic auth credentials', {
-            code: 'E_INVALID_BASIC_AUTH_CREDENTIALS',
-            status: 401,
-            guardDriverName: 'basic_auth',
-        });
-    }
-    guardDriverName;
-    redirectTo;
-    identifier = 'auth.authenticate';
-    constructor(message, options) {
-        super(message, options);
-        this.guardDriverName = options.guardDriverName;
-        this.redirectTo = options.redirectTo;
-    }
-    /**
-     * Returns the message to be sent in the HTTP response.
-     * Feel free to override this method and return a custom
-     * response.
-     */
-    getResponseMessage(error, ctx) {
-        if ('i18n' in ctx) {
-            return ctx.i18n.t(error.identifier, {}, error.message);
-        }
-        return error.message;
-    }
-    /**
-     * A collection of authentication exception
-     * renderers to render the exception to a
-     * response.
-     *
-     * The collection is a key-value pair, where the
-     * key is the guard driver name and value is
-     * a factory function to respond to the
-     * request.
-     */
-    renderers = {
-        session: (message, error, ctx) => {
-            switch (ctx.request.accepts(['html', 'application/vnd.api+json', 'json'])) {
-                case 'html':
-                case null:
-                    ctx.session.flashExcept(['_csrf']);
-                    ctx.session.flash({ errors: { [error.identifier]: [message] } });
-                    ctx.response.redirect(error.redirectTo || '/', true);
-                    break;
-                case 'json':
-                    ctx.response.status(error.status).send({
-                        errors: [
-                            {
-                                message,
-                            },
-                        ],
-                    });
-                    break;
-                case 'application/vnd.api+json':
-                    ctx.response.status(error.status).send({
-                        errors: [
-                            {
-                                code: error.identifier,
-                                title: message,
-                            },
-                        ],
-                    });
-                    break;
-            }
-        },
-        basic_auth: (message, _, ctx) => {
-            ctx.response
-                .status(this.status)
-                .header('WWW-Authenticate', `Basic realm="Authenticate", charset="UTF-8"`)
-                .send(message);
-        },
-    };
-    /**
-     * Self handles the auth exception and converts it to an
-     * HTTP response
-     */
-    async handle(error, ctx) {
-        const renderer = this.renderers[this.guardDriverName];
-        const message = error.getResponseMessage(error, ctx);
-        if (!renderer) {
-            return ctx.response.status(error.status).send(message);
-        }
-        return renderer(message, error, ctx);
-    }
-}
-/**
- * Invalid credentials exception is raised when unable
- * to verify user credentials during login
- */
-export class InvalidCredentialsException extends Exception {
-    static message = 'Invalid credentials';
-    static code = 'E_INVALID_CREDENTIALS';
-    static status = 400;
-    static E_INVALID_CREDENTIALS(guardDriverName) {
-        return new InvalidCredentialsException(InvalidCredentialsException.message, {
-            guardDriverName,
-        });
-    }
-    guardDriverName;
-    identifier = 'auth.login';
-    constructor(message, options) {
-        super(message, options);
-        this.guardDriverName = options.guardDriverName;
-    }
-    /**
-     * Returns the message to be sent in the HTTP response.
-     * Feel free to override this method and return a custom
-     * response.
-     */
-    getResponseMessage(error, ctx) {
-        if ('i18n' in ctx) {
-            return ctx.i18n.t(this.identifier, {}, error.message);
-        }
-        return error.message;
-    }
-    /**
-     * A collection of authentication exception
-     * renderers to render the exception to a
-     * response.
-     *
-     * The collection is a key-value pair, where the
-     * key is the guard driver name and value is
-     * a factory function to respond to the
-     * request.
-     */
-    renderers = {
-        session: (message, error, ctx) => {
-            switch (ctx.request.accepts(['html', 'application/vnd.api+json', 'json'])) {
-                case 'html':
-                case null:
-                    ctx.session.flashExcept(['_csrf']);
-                    ctx.session.flash({ errors: { [this.identifier]: [message] } });
-                    ctx.response.redirect().withQs().back();
-                    break;
-                case 'json':
-                    ctx.response.status(error.status).send({
-                        errors: [
-                            {
-                                message: message,
-                            },
-                        ],
-                    });
-                    break;
-                case 'application/vnd.api+json':
-                    ctx.response.status(error.status).send({
-                        errors: [
-                            {
-                                code: this.identifier,
-                                title: message,
-                            },
-                        ],
-                    });
-                    break;
-            }
-        },
-    };
-    /**
-     * Self handles the auth exception and converts it to an
-     * HTTP response
-     */
-    async handle(error, ctx) {
-        const renderer = this.renderers[this.guardDriverName];
-        const message = this.getResponseMessage(error, ctx);
-        if (!renderer) {
-            return ctx.response.status(error.status).send(message);
-        }
-        return renderer(message, error, ctx);
-    }
-}

package/build/src/auth/middleware/initialize_auth_middleware.js

@@ -1,25 +0,0 @@
-/// <reference types="@adonisjs/core/providers/edge_provider" />
-import auth from '@adonisjs/auth/services/main';
-/**
- * The "InitializeAuthMiddleware" is used to create a request
- * specific authenticator instance for every HTTP request.
- *
- * This middleware does not protect routes from unauthenticated
- * users. Please use the "auth" middleware for that.
- */
-export default class InitializeAuthMiddleware {
-    async handle(ctx, next) {
-        /**
-         * Initialize the authenticator for the current HTTP
-         * request
-         */
-        ctx.auth = auth.createAuthenticator(ctx);
-        /**
-         * Sharing authenticator with templates
-         */
-        if ('view' in ctx) {
-            ctx.view.share({ auth: ctx.auth });
-        }
-        return next();
-    }
-}

package/build/src/auth/plugins/japa/api_client.js

@@ -1,63 +0,0 @@
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-import { ApiClient, ApiRequest } from '@japa/api-client';
-import debug from '../../debug.js';
-/**
- * Auth API client to authenticate users when making
- * HTTP requests using the Japa API client
- */
-export const authApiClient = (app) => {
-    const pluginFn = function () {
-        debug('installing auth api client plugin');
-        ApiRequest.macro('loginAs', function (user) {
-            this.authData = {
-                guard: '__default__',
-                user: user,
-            };
-            return this;
-        });
-        ApiRequest.macro('withGuard', function (guard) {
-            return {
-                loginAs: (user) => {
-                    this.authData = {
-                        guard,
-                        user: user,
-                    };
-                    return this;
-                },
-            };
-        });
-        /**
-         * Hook into the request and login the user
-         */
-        ApiClient.setup(async (request) => {
-            const auth = await app.container.make('auth.manager');
-            const authData = request['authData'];
-            if (!authData) {
-                return;
-            }
-            const client = auth.createAuthenticatorClient();
-            const guard = authData.guard === '__default__' ? client.use() : client.use(authData.guard);
-            const requestData = await guard.authenticateAsClient(authData.user);
-            if (requestData.headers) {
-                debug('defining headers with api client request %O', requestData.headers);
-                request.headers(requestData.headers);
-            }
-            if (requestData.session) {
-                debug('defining session with api client request %O', requestData.session);
-                request.withSession(requestData.session);
-            }
-            if (requestData.cookies) {
-                debug('defining session with api client request %O', requestData.session);
-                request.cookies(requestData.cookies);
-            }
-        });
-    };
-    return pluginFn;
-};

package/build/src/auth/plugins/japa/browser_client.js

@@ -1,64 +0,0 @@
-/*
- * @adoniss/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-/// <reference types="@japa/plugin-adonisjs" />
-/// <reference types="@adonisjs/session/plugins/browser_client" />
-import { RuntimeException } from '@poppinss/utils';
-import { decoratorsCollection } from '@japa/browser-client';
-import debug from '../../debug.js';
-export const authBrowserClient = (app) => {
-    const pluginFn = async function () {
-        debug('installing auth browser client plugin');
-        const auth = await app.container.make('auth.manager');
-        decoratorsCollection.register({
-            context(context) {
-                context.withGuard = function (guardName) {
-                    return {
-                        async loginAs(user) {
-                            const client = auth.createAuthenticatorClient();
-                            const guard = client.use(guardName);
-                            const requestData = await guard.authenticateAsClient(user);
-                            if (requestData.headers) {
-                                throw new RuntimeException(`Cannot use "${guard.driverName}" guard with browser client`);
-                            }
-                            if (requestData.cookies) {
-                                debug('defining cookies with browser context %O', requestData.cookies);
-                                Object.keys(requestData.cookies).forEach((cookie) => {
-                                    context.setCookie(cookie, requestData.cookies[cookie]);
-                                });
-                            }
-                            if (requestData.session) {
-                                debug('defining session with browser context %O', requestData.session);
-                                context.setSession(requestData.session);
-                            }
-                        },
-                    };
-                };
-                context.loginAs = async function (user) {
-                    const client = auth.createAuthenticatorClient();
-                    const guard = client.use();
-                    const requestData = await guard.authenticateAsClient(user);
-                    if (requestData.headers) {
-                        throw new RuntimeException(`Cannot use "${guard.driverName}" guard with browser client`);
-                    }
-                    if (requestData.cookies) {
-                        debug('defining cookies with browser context %O', requestData.cookies);
-                        Object.keys(requestData.cookies).forEach((cookie) => {
-                            context.setCookie(cookie, requestData.cookies[cookie]);
-                        });
-                    }
-                    if (requestData.session) {
-                        debug('defining session with browser context %O', requestData.session);
-                        context.setSession(requestData.session);
-                    }
-                };
-            },
-        });
-    };
-    return pluginFn;
-};

package/build/src/auth/symbols.js

@@ -1,17 +0,0 @@
-/*
- * @adonisjs/lucid
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-/**
- * A symbol to identify the type of the real user for a given
- * user provider
- */
-export const PROVIDER_REAL_USER = Symbol.for('PROVIDER_REAL_USER');
-/**
- * A symbol to identify the type for the events emitted by a guard
- */
-export const GUARD_KNOWN_EVENTS = Symbol.for('GUARD_KNOWN_EVENTS');

package/build/src/auth/types.js

@@ -1,9 +0,0 @@
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-export {};

package/build/src/auth/user_providers/main.d.ts

@@ -1,15 +0,0 @@
-import { BaseLucidUserProvider } from '../../core/user_providers/lucid.js';
-import { BaseDatabaseUserProvider } from '../../core/user_providers/database.js';
-import type { LucidAuthenticatable, UserProviderContract } from '../../core/types.js';
-/**
- * Using lucid models to find users for session
- * auth
- */
-export declare class LucidUserProvider<UserModel extends LucidAuthenticatable> extends BaseLucidUserProvider<UserModel> implements UserProviderContract<InstanceType<UserModel>> {
-}
-/**
- * Using database query builder to find users for
- * session auth
- */
-export declare class DatabaseUserProvider<User extends Record<string, any>> extends BaseDatabaseUserProvider<User> implements UserProviderContract<User> {
-}

package/build/src/auth/user_providers/main.js

@@ -1,22 +0,0 @@
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-import { BaseLucidUserProvider } from '../../core/user_providers/lucid.js';
-import { BaseDatabaseUserProvider } from '../../core/user_providers/database.js';
-/**
- * Using lucid models to find users for session
- * auth
- */
-export class LucidUserProvider extends BaseLucidUserProvider {
-}
-/**
- * Using database query builder to find users for
- * session auth
- */
-export class DatabaseUserProvider extends BaseDatabaseUserProvider {
-}

package/build/src/core/guard_user.d.ts

@@ -1,26 +0,0 @@
-/**
- * Guard user represents a user independent of the storage
- * provider. It contains a standard set of properties
- * used by authentication guards to interact with
- * a user.
- *
- * Think of it as a bridge between a user and the authentication
- * guard.
- */
-export declare abstract class GuardUser<RealUser> {
-    protected realUser: RealUser;
-    constructor(realUser: RealUser);
-    /**
-     * Verifies the plain text password against the user password
-     * hash
-     */
-    abstract verifyPassword(plainTextPassword: string): Promise<boolean>;
-    /**
-     * Returns a value to uniquely identify the user.
-     */
-    abstract getId(): number | string;
-    /**
-     * Returns the original provider specific user object.
-     */
-    getOriginal(): RealUser;
-}

package/build/src/core/guard_user.js

@@ -1,29 +0,0 @@
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-/**
- * Guard user represents a user independent of the storage
- * provider. It contains a standard set of properties
- * used by authentication guards to interact with
- * a user.
- *
- * Think of it as a bridge between a user and the authentication
- * guard.
- */
-export class GuardUser {
-    realUser;
-    constructor(realUser) {
-        this.realUser = realUser;
-    }
-    /**
-     * Returns the original provider specific user object.
-     */
-    getOriginal() {
-        return this.realUser;
-    }
-}

package/build/src/core/token.d.ts

@@ -1,89 +0,0 @@
-import type { TokenContract } from './types.js';
-/**
- * A token represents an opaque token issued to a client
- * to perform a specific task.
- *
- * The raw value of a token is only visible at the time of
- * issuing it and one must persist hash to the database.
- */
-export declare abstract class Token implements TokenContract {
-    /**
-     * Series is a random number stored inside the database as it is
-     */
-    series: string;
-    /**
-     * Value is a random number only available at the time of issuing
-     * the token. Afterwards, the value is undefined.
-     */
-    value: string | undefined;
-    /**
-     * Hash reference to the token hash
-     */
-    hash: string;
-    /**
-     * Token type to uniquely identify a bucket of tokens
-     */
-    abstract readonly type: string;
-    /**
-     * Arbitary meta-data associated with the token
-     */
-    metaData?: Record<string, any>;
-    /**
-     * Timestamp when the token will expire
-     */
-    expiresAt?: Date;
-    /**
-     * Date/time when the token instance was created
-     */
-    createdAt: Date;
-    /**
-     * Date/time when the token was updated
-     */
-    updatedAt: Date;
-    constructor(
-    /**
-     * Series is a random number stored inside the database as it is
-     */
-    series: string, 
-    /**
-     * Value is a random number only available at the time of issuing
-     * the token. Afterwards, the value is undefined.
-     */
-    value: string | undefined, 
-    /**
-     * Hash reference to the token hash
-     */
-    hash: string);
-    /**
-     * Define metadata for the token
-     */
-    setMetaData(metaData: Record<string, any>): this;
-    /**
-     * Verifies the value of a token against the pre-defined hash
-     */
-    verify(value: string): boolean;
-    /**
-     * Define the token expiresAt timestamp from a duration. The value
-     * value must be a number in seconds or a string expression.
-     */
-    setExpiry(duration: string | number): void;
-    /**
-     * Creates token value, series, and hash
-     */
-    static seed(size?: number): {
-        series: string;
-        value: string;
-        hash: string;
-    };
-    /**
-     * Decodes a publicly shared token and return the series
-     * and the token value from it.
-     *
-     * Returns null when unable to decode the token because of
-     * invalid format or encoding.
-     */
-    static decode(value: string): null | {
-        series: string;
-        value: string;
-    };
-}

package/build/src/core/token.js

@@ -1,114 +0,0 @@
-/*
- * @adonisjs/auth
- *
- * (c) AdonisJS
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-import { createHash } from 'node:crypto';
-import string from '@adonisjs/core/helpers/string';
-import { base64, safeEqual } from '@adonisjs/core/helpers';
-/**
- * A token represents an opaque token issued to a client
- * to perform a specific task.
- *
- * The raw value of a token is only visible at the time of
- * issuing it and one must persist hash to the database.
- */
-export class Token {
-    series;
-    value;
-    hash;
-    /**
-     * Arbitary meta-data associated with the token
-     */
-    metaData;
-    /**
-     * Timestamp when the token will expire
-     */
-    expiresAt;
-    /**
-     * Date/time when the token instance was created
-     */
-    createdAt = new Date();
-    /**
-     * Date/time when the token was updated
-     */
-    updatedAt = new Date();
-    constructor(
-    /**
-     * Series is a random number stored inside the database as it is
-     */
-    series, 
-    /**
-     * Value is a random number only available at the time of issuing
-     * the token. Afterwards, the value is undefined.
-     */
-    value, 
-    /**
-     * Hash reference to the token hash
-     */
-    hash) {
-        this.series = series;
-        this.value = value;
-        this.hash = hash;
-    }
-    /**
-     * Define metadata for the token
-     */
-    setMetaData(metaData) {
-        this.metaData = metaData;
-        return this;
-    }
-    /**
-     * Verifies the value of a token against the pre-defined hash
-     */
-    verify(value) {
-        const newHash = createHash('sha256').update(value).digest('hex');
-        return safeEqual(this.hash, newHash);
-    }
-    /**
-     * Define the token expiresAt timestamp from a duration. The value
-     * value must be a number in seconds or a string expression.
-     */
-    setExpiry(duration) {
-        /**
-         * Defining a date object and adding seconds since the
-         * creation of the token
-         */
-        this.expiresAt = new Date();
-        this.expiresAt.setSeconds(this.createdAt.getSeconds() + string.seconds.parse(duration));
-    }
-    /**
-     * Creates token value, series, and hash
-     */
-    static seed(size = 30) {
-        const series = string.random(15);
-        const value = string.random(size);
-        const hash = createHash('sha256').update(value).digest('hex');
-        return { series, value: `${base64.urlEncode(series)}.${base64.urlEncode(value)}`, hash };
-    }
-    /**
-     * Decodes a publicly shared token and return the series
-     * and the token value from it.
-     *
-     * Returns null when unable to decode the token because of
-     * invalid format or encoding.
-     */
-    static decode(value) {
-        const [series, ...tokenValue] = value.split('.');
-        if (!series || tokenValue.length === 0) {
-            return null;
-        }
-        const decodedSeries = base64.urlDecode(series);
-        const decodedValue = base64.urlDecode(tokenValue.join('.'));
-        if (!decodedSeries || !decodedValue) {
-            return null;
-        }
-        return {
-            series: decodedSeries,
-            value: decodedValue,
-        };
-    }
-}