npm - @adonisjs/auth - Versions diffs - 9.0.0-9 → 9.0.1 - Mend

@adonisjs/auth 9.0.0-9 → 9.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (125) hide show

package/build/chunk-3HZHOWKL.js +8 -0
package/build/chunk-3HZHOWKL.js.map +1 -0
package/build/chunk-CZCFTIBB.js +21 -0
package/build/chunk-CZCFTIBB.js.map +1 -0
package/build/chunk-OL2Z3AO5.js +246 -0
package/build/chunk-OL2Z3AO5.js.map +1 -0
package/build/chunk-UGHJLKDI.js +197 -0
package/build/chunk-UGHJLKDI.js.map +1 -0
package/build/index.d.ts +7 -6
package/build/index.js +149 -15
package/build/index.js.map +1 -0
package/build/modules/access_tokens_guard/access_token.d.ts +137 -0
package/build/modules/access_tokens_guard/crc32.d.ts +16 -0
package/build/modules/access_tokens_guard/define_config.d.ts +17 -0
package/build/modules/access_tokens_guard/guard.d.ts +81 -0
package/build/modules/access_tokens_guard/main.d.ts +5 -0
package/build/modules/access_tokens_guard/main.js +929 -0
package/build/modules/access_tokens_guard/main.js.map +1 -0
package/build/modules/access_tokens_guard/token_providers/db.d.ts +76 -0
package/build/modules/access_tokens_guard/types.d.ts +208 -0
package/build/modules/access_tokens_guard/types.js +1 -0
package/build/modules/access_tokens_guard/types.js.map +1 -0
package/build/modules/access_tokens_guard/user_providers/lucid.d.ts +53 -0
package/build/modules/session_guard/define_config.d.ts +17 -0
package/build/modules/session_guard/guard.d.ts +98 -0
package/build/modules/session_guard/main.d.ts +5 -0
package/build/modules/session_guard/main.js +741 -0
package/build/modules/session_guard/main.js.map +1 -0
package/build/modules/session_guard/remember_me_token.d.ts +88 -0
package/build/modules/session_guard/token_providers/db.d.ts +69 -0
package/build/modules/session_guard/types.d.ts +243 -0
package/build/modules/session_guard/types.js +1 -0
package/build/modules/session_guard/types.js.map +1 -0
package/build/modules/session_guard/user_providers/lucid.d.ts +57 -0
package/build/providers/auth_provider.d.ts +1 -1
package/build/providers/auth_provider.js +31 -27
package/build/providers/auth_provider.js.map +1 -0
package/build/services/auth.d.ts +1 -1
package/build/services/auth.js +10 -15
package/build/services/auth.js.map +1 -0
package/build/src/{auth/auth_manager.d.ts → auth_manager.d.ts} +8 -3
package/build/src/authenticator.d.ts +81 -0
package/build/src/{auth/authenticator_client.d.ts → authenticator_client.d.ts} +4 -4
package/build/src/{auth/define_config.d.ts → define_config.d.ts} +0 -10
package/build/src/errors.d.ts +105 -0
package/build/src/{auth/middleware → middleware}/initialize_auth_middleware.d.ts +3 -2
package/build/src/middleware/initialize_auth_middleware.js +17 -0
package/build/src/middleware/initialize_auth_middleware.js.map +1 -0
package/build/src/mixins/with_auth_finder.d.ts +156 -0
package/build/src/{auth/plugins → plugins}/japa/api_client.d.ts +8 -8
package/build/src/plugins/japa/api_client.js +59 -0
package/build/src/plugins/japa/api_client.js.map +1 -0
package/build/src/{auth/plugins → plugins}/japa/browser_client.d.ts +10 -7
package/build/src/plugins/japa/browser_client.js +67 -0
package/build/src/plugins/japa/browser_client.js.map +1 -0
package/build/src/{auth/types.d.ts → types.d.ts} +31 -26
package/build/src/types.js +1 -0
package/build/src/types.js.map +1 -0
package/package.json +88 -68
package/build/configure.js +0 -47
package/build/factories/basic_auth_guard_factory.d.ts +0 -12
package/build/factories/basic_auth_guard_factory.js +0 -22
package/build/factories/database_token_factory.d.ts +0 -36
package/build/factories/database_token_factory.js +0 -54
package/build/factories/database_user_provider.d.ts +0 -14
package/build/factories/database_user_provider.js +0 -27
package/build/factories/lucid_user_provider.d.ts +0 -28
package/build/factories/lucid_user_provider.js +0 -68
package/build/factories/main.d.ts +0 -4
package/build/factories/main.js +0 -12
package/build/factories/session_guard_factory.d.ts +0 -13
package/build/factories/session_guard_factory.js +0 -24
package/build/src/auth/auth_manager.js +0 -41
package/build/src/auth/authenticator.d.ts +0 -63
package/build/src/auth/authenticator.js +0 -129
package/build/src/auth/authenticator_client.js +0 -59
package/build/src/auth/debug.js +0 -10
package/build/src/auth/define_config.js +0 -54
package/build/src/auth/errors.d.ts +0 -90
package/build/src/auth/errors.js +0 -201
package/build/src/auth/middleware/initialize_auth_middleware.js +0 -25
package/build/src/auth/plugins/japa/api_client.js +0 -63
package/build/src/auth/plugins/japa/browser_client.js +0 -64
package/build/src/auth/symbols.js +0 -17
package/build/src/auth/types.js +0 -9
package/build/src/auth/user_providers/main.d.ts +0 -15
package/build/src/auth/user_providers/main.js +0 -22
package/build/src/core/guard_user.d.ts +0 -26
package/build/src/core/guard_user.js +0 -29
package/build/src/core/token.d.ts +0 -89
package/build/src/core/token.js +0 -114
package/build/src/core/token_providers/database.d.ts +0 -77
package/build/src/core/token_providers/database.js +0 -113
package/build/src/core/types.d.ts +0 -178
package/build/src/core/types.js +0 -9
package/build/src/core/user_providers/database.d.ts +0 -78
package/build/src/core/user_providers/database.js +0 -117
package/build/src/core/user_providers/lucid.d.ts +0 -61
package/build/src/core/user_providers/lucid.js +0 -122
package/build/src/guards/basic_auth/define_config.d.ts +0 -16
package/build/src/guards/basic_auth/define_config.js +0 -38
package/build/src/guards/basic_auth/guard.d.ts +0 -70
package/build/src/guards/basic_auth/guard.js +0 -190
package/build/src/guards/basic_auth/main.d.ts +0 -2
package/build/src/guards/basic_auth/main.js +0 -10
package/build/src/guards/basic_auth/types.d.ts +0 -35
package/build/src/guards/basic_auth/types.js +0 -9
package/build/src/guards/session/define_config.d.ts +0 -23
package/build/src/guards/session/define_config.js +0 -56
package/build/src/guards/session/guard.d.ts +0 -123
package/build/src/guards/session/guard.js +0 -510
package/build/src/guards/session/main.d.ts +0 -3
package/build/src/guards/session/main.js +0 -11
package/build/src/guards/session/token.d.ts +0 -57
package/build/src/guards/session/token.js +0 -58
package/build/src/guards/session/token_providers/main.d.ts +0 -33
package/build/src/guards/session/token_providers/main.js +0 -42
package/build/src/guards/session/types.d.ts +0 -104
package/build/src/guards/session/types.js +0 -9
package/build/stubs/main.d.ts +0 -1
package/build/stubs/main.js +0 -10
package/build/stubs/middleware/auth_middleware.stub +0 -30
package/build/stubs/middleware/guest_middleware.stub +0 -36
/package/build/src/{auth/debug.d.ts → debug.d.ts} +0 -0
/package/build/src/{auth/symbols.d.ts → symbols.d.ts} +0 -0

package/build/modules/access_tokens_guard/main.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../modules/access_tokens_guard/access_token.ts","../../../modules/access_tokens_guard/crc32.ts","../../../modules/access_tokens_guard/guard.ts","../../../modules/access_tokens_guard/token_providers/db.ts","../../../modules/access_tokens_guard/user_providers/lucid.ts","../../../modules/access_tokens_guard/define_config.ts"],"sourcesContent":["/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { createHash } from 'node:crypto'\nimport string from '@adonisjs/core/helpers/string'\nimport { RuntimeException } from '@adonisjs/core/exceptions'\nimport { Secret, base64, safeEqual } from '@adonisjs/core/helpers'\n\nimport { CRC32 } from './crc32.js'\nimport { E_UNAUTHORIZED_ACCESS } from '../../src/errors.js'\n\n/**\n * Access token represents a token created for a user to authenticate\n * using the auth module.\n *\n * It encapsulates the logic of creating an opaque token, generating\n * its hash and verifying its hash.\n */\nexport class AccessToken {\n /**\n * Decodes a publicly shared token and return the series\n * and the token value from it.\n *\n * Returns null when unable to decode the token because of\n * invalid format or encoding.\n */\n static decode(\n prefix: string,\n value: string\n ): null | { identifier: string; secret: Secret<string> } {\n /**\n * Ensure value is a string and starts with the prefix.\n */\n if (typeof value !== 'string' || !value.startsWith(`${prefix}`)) {\n return null\n }\n\n /**\n * Remove prefix from the rest of the token.\n */\n const token = value.replace(new RegExp(`^${prefix}`), '')\n if (!token) {\n return null\n }\n\n const [identifier, ...tokenValue] = token.split('.')\n if (!identifier || tokenValue.length === 0) {\n return null\n }\n\n const decodedIdentifier = base64.urlDecode(identifier)\n const decodedSecret = base64.urlDecode(tokenValue.join('.'))\n if (!decodedIdentifier || !decodedSecret) {\n return null\n }\n\n return {\n identifier: decodedIdentifier,\n secret: new Secret(decodedSecret),\n }\n }\n\n /**\n * Creates a transient token that can be shared with the persistence\n * layer.\n */\n static createTransientToken(\n userId: string | number | BigInt,\n size: number,\n expiresIn?: string | number\n ) {\n let expiresAt: Date | undefined\n if (expiresIn) {\n expiresAt = new Date()\n expiresAt.setSeconds(expiresAt.getSeconds() + string.seconds.parse(expiresIn))\n }\n\n return {\n userId,\n expiresAt,\n ...this.seed(size),\n }\n }\n\n /**\n * Creates a secret opaque token and its hash. The secret is\n * suffixed with a crc32 checksum for secret scanning tools\n * to easily identify the token.\n */\n static seed(size: number) {\n const seed = string.random(size)\n const secret = new Secret(`${seed}${new CRC32().calculate(seed)}`)\n const hash = createHash('sha256').update(secret.release()).digest('hex')\n return { secret, hash }\n }\n\n /**\n * Identifer is a unique sequence to identify the\n * token within database. It should be the\n * primary/unique key\n */\n identifier: string | number | BigInt\n\n /**\n * Reference to the user id for whom the token\n * is generated.\n */\n tokenableId: string | number | BigInt\n\n /**\n * The value is a public representation of a token. It is created\n * by combining the \"identifier\".\"secret\"\n */\n value?: Secret<string>\n\n /**\n * Recognizable name for the token\n */\n name: string | null\n\n /**\n * A unique type to identify a bucket of tokens inside the\n * storage layer.\n */\n type: string\n\n /**\n * Hash is computed from the seed to later verify the validity\n * of seed\n */\n hash: string\n\n /**\n * Date/time when the token instance was created\n */\n createdAt: Date\n\n /**\n * Date/time when the token was updated\n */\n updatedAt: Date\n\n /**\n * Timestamp at which the token was used for authentication\n */\n lastUsedAt: Date | null\n\n /**\n * Timestamp at which the token will expire\n */\n expiresAt: Date | null\n\n /**\n * An array of abilities the token can perform. The abilities\n * is an array of abritary string values\n */\n abilities: string[]\n\n constructor(attributes: {\n identifier: string | number | BigInt\n tokenableId: string | number | BigInt\n type: string\n hash: string\n createdAt: Date\n updatedAt: Date\n lastUsedAt: Date | null\n expiresAt: Date | null\n name: string | null\n prefix?: string\n secret?: Secret<string>\n abilities?: string[]\n }) {\n this.identifier = attributes.identifier\n this.tokenableId = attributes.tokenableId\n this.name = attributes.name\n this.hash = attributes.hash\n this.type = attributes.type\n this.createdAt = attributes.createdAt\n this.updatedAt = attributes.updatedAt\n this.expiresAt = attributes.expiresAt\n this.lastUsedAt = attributes.lastUsedAt\n this.abilities = attributes.abilities || ['*']\n\n /**\n * Compute value when secret is provided\n */\n if (attributes.secret) {\n if (!attributes.prefix) {\n throw new RuntimeException('Cannot compute token value without the prefix')\n }\n this.value = new Secret(\n `${attributes.prefix}${base64.urlEncode(String(this.identifier))}.${base64.urlEncode(\n attributes.secret.release()\n )}`\n )\n }\n }\n\n /**\n * Check if the token allows the given ability.\n */\n allows(ability: string) {\n return this.abilities.includes(ability) || this.abilities.includes('*')\n }\n\n /**\n * Check if the token denies the ability.\n */\n denies(ability: string) {\n return !this.abilities.includes(ability) && !this.abilities.includes('*')\n }\n\n /**\n * Authorize ability access using the current access token\n */\n authorize(ability: string) {\n if (this.denies(ability)) {\n throw new E_UNAUTHORIZED_ACCESS('Unauthorized access', { guardDriverName: 'access_tokens' })\n }\n }\n\n /**\n * Check if the token has been expired. Verifies\n * the \"expiresAt\" timestamp with the current\n * date.\n *\n * Tokens with no expiry never expire\n */\n isExpired() {\n if (!this.expiresAt) {\n return false\n }\n\n return this.expiresAt < new Date()\n }\n\n /**\n * Verifies the value of a token against the pre-defined hash\n */\n verify(secret: Secret<string>): boolean {\n const newHash = createHash('sha256').update(secret.release()).digest('hex')\n return safeEqual(this.hash, newHash)\n }\n\n toJSON() {\n return {\n type: 'bearer',\n name: this.name,\n token: this.value ? this.value.release() : undefined,\n abilities: this.abilities,\n lastUsedAt: this.lastUsedAt,\n expiresAt: this.expiresAt,\n }\n }\n}\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\n/**\n * We use CRC32 just to add a recognizable checksum to tokens. This helps\n * secret scanning tools like https://docs.github.com/en/github/administering-a-repository/about-secret-scanning easily detect tokens generated by a given program.\n *\n * You can learn more about appending checksum to a hash here in this Github\n * article. https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/\n *\n * Code taken from:\n * https://github.com/tsxper/crc32/blob/main/src/CRC32.ts\n */\n\nexport class CRC32 {\n /**\n * Lookup table calculated for 0xEDB88320 divisor\n */\n #lookupTable = [\n 0, 1996959894, 3993919788, 2567524794, 124634137, 1886057615, 3915621685, 2657392035, 249268274,\n 2044508324, 3772115230, 2547177864, 162941995, 2125561021, 3887607047, 2428444049, 498536548,\n 1789927666, 4089016648, 2227061214, 450548861, 1843258603, 4107580753, 2211677639, 325883990,\n 1684777152, 4251122042, 2321926636, 335633487, 1661365465, 4195302755, 2366115317, 997073096,\n 1281953886, 3579855332, 2724688242, 1006888145, 1258607687, 3524101629, 2768942443, 901097722,\n 1119000684, 3686517206, 2898065728, 853044451, 1172266101, 3705015759, 2882616665, 651767980,\n 1373503546, 3369554304, 3218104598, 565507253, 1454621731, 3485111705, 3099436303, 671266974,\n 1594198024, 3322730930, 2970347812, 795835527, 1483230225, 3244367275, 3060149565, 1994146192,\n 31158534, 2563907772, 4023717930, 1907459465, 112637215, 2680153253, 3904427059, 2013776290,\n 251722036, 2517215374, 3775830040, 2137656763, 141376813, 2439277719, 3865271297, 1802195444,\n 476864866, 2238001368, 4066508878, 1812370925, 453092731, 2181625025, 4111451223, 1706088902,\n 314042704, 2344532202, 4240017532, 1658658271, 366619977, 2362670323, 4224994405, 1303535960,\n 984961486, 2747007092, 3569037538, 1256170817, 1037604311, 2765210733, 3554079995, 1131014506,\n 879679996, 2909243462, 3663771856, 1141124467, 855842277, 2852801631, 3708648649, 1342533948,\n 654459306, 3188396048, 3373015174, 1466479909, 544179635, 3110523913, 3462522015, 1591671054,\n 702138776, 2966460450, 3352799412, 1504918807, 783551873, 3082640443, 3233442989, 3988292384,\n 2596254646, 62317068, 1957810842, 3939845945, 2647816111, 81470997, 1943803523, 3814918930,\n 2489596804, 225274430, 2053790376, 3826175755, 2466906013, 167816743, 2097651377, 4027552580,\n 2265490386, 503444072, 1762050814, 4150417245, 2154129355, 426522225, 1852507879, 4275313526,\n 2312317920, 282753626, 1742555852, 4189708143, 2394877945, 397917763, 1622183637, 3604390888,\n 2714866558, 953729732, 1340076626, 3518719985, 2797360999, 1068828381, 1219638859, 3624741850,\n 2936675148, 906185462, 1090812512, 3747672003, 2825379669, 829329135, 1181335161, 3412177804,\n 3160834842, 628085408, 1382605366, 3423369109, 3138078467, 570562233, 1426400815, 3317316542,\n 2998733608, 733239954, 1555261956, 3268935591, 3050360625, 752459403, 1541320221, 2607071920,\n 3965973030, 1969922972, 40735498, 2617837225, 3943577151, 1913087877, 83908371, 2512341634,\n 3803740692, 2075208622, 213261112, 2463272603, 3855990285, 2094854071, 198958881, 2262029012,\n 4057260610, 1759359992, 534414190, 2176718541, 4139329115, 1873836001, 414664567, 2282248934,\n 4279200368, 1711684554, 285281116, 2405801727, 4167216745, 1634467795, 376229701, 2685067896,\n 3608007406, 1308918612, 956543938, 2808555105, 3495958263, 1231636301, 1047427035, 2932959818,\n 3654703836, 1088359270, 936918000, 2847714899, 3736837829, 1202900863, 817233897, 3183342108,\n 3401237130, 1404277552, 615818150, 3134207493, 3453421203, 1423857449, 601450431, 3009837614,\n 3294710456, 1567103746, 711928724, 3020668471, 3272380065, 1510334235, 755167117,\n ]\n\n #initialCRC = 0xffffffff\n\n #calculateBytes(bytes: Uint8Array, accumulator?: number): number {\n let crc = accumulator || this.#initialCRC\n for (const byte of bytes) {\n const tableIndex = (crc ^ byte) & 0xff\n const tableVal = this.#lookupTable[tableIndex] as number\n crc = (crc >>> 8) ^ tableVal\n }\n return crc\n }\n\n #crcToUint(crc: number): number {\n return this.#toUint32(crc ^ 0xffffffff)\n }\n\n #strToBytes(input: string): Uint8Array {\n const encoder = new TextEncoder()\n return encoder.encode(input)\n }\n\n #toUint32(num: number): number {\n if (num >= 0) {\n return num\n }\n return 0xffffffff - num * -1 + 1\n }\n\n calculate(input: string): number {\n return this.forString(input)\n }\n\n forString(input: string): number {\n const bytes = this.#strToBytes(input)\n return this.forBytes(bytes)\n }\n\n forBytes(bytes: Uint8Array, accumulator?: number): number {\n const crc = this.#calculateBytes(bytes, accumulator)\n return this.#crcToUint(crc)\n }\n}\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { Secret } from '@adonisjs/core/helpers'\nimport type { HttpContext } from '@adonisjs/core/http'\nimport type { EmitterLike } from '@adonisjs/core/types/events'\n\nimport type { AccessToken } from './access_token.js'\nimport { E_UNAUTHORIZED_ACCESS } from '../../src/errors.js'\nimport type { AuthClientResponse, GuardContract } from '../../src/types.js'\nimport { GUARD_KNOWN_EVENTS, PROVIDER_REAL_USER } from '../../src/symbols.js'\nimport type { AccessTokensGuardEvents, AccessTokensUserProviderContract } from './types.js'\n\n/**\n * Implementation of access tokens guard for the Auth layer. The heavy lifting\n * of verifying tokens is done by the user provider. However, the guard is\n * used to seamlessly integrate with the auth layer of the package.\n */\nexport class AccessTokensGuard<UserProvider extends AccessTokensUserProviderContract<unknown>>\n implements\n GuardContract<UserProvider[typeof PROVIDER_REAL_USER] & { currentAccessToken: AccessToken }>\n{\n /**\n * Events emitted by the guard\n */\n declare [GUARD_KNOWN_EVENTS]: AccessTokensGuardEvents<\n UserProvider[typeof PROVIDER_REAL_USER] & { currentAccessToken: AccessToken }\n >\n\n /**\n * A unique name for the guard.\n */\n #name: string\n\n /**\n * Reference to the current HTTP context\n */\n #ctx: HttpContext\n\n /**\n * Provider to lookup user details\n */\n #userProvider: UserProvider\n\n /**\n * Emitter to emit events\n */\n #emitter: EmitterLike<\n AccessTokensGuardEvents<\n UserProvider[typeof PROVIDER_REAL_USER] & { currentAccessToken: AccessToken }\n >\n >\n\n /**\n * Driver name of the guard\n */\n driverName: 'access_tokens' = 'access_tokens'\n\n /**\n * Whether or not the authentication has been attempted\n * during the current request.\n */\n authenticationAttempted = false\n\n /**\n * A boolean to know if the current request has\n * been authenticated\n */\n isAuthenticated = false\n\n /**\n * Reference to an instance of the authenticated user.\n * The value only exists after calling one of the\n * following methods.\n *\n * - authenticate\n * - check\n *\n * You can use the \"getUserOrFail\" method to throw an exception if\n * the request is not authenticated.\n */\n user?: UserProvider[typeof PROVIDER_REAL_USER] & { currentAccessToken: AccessToken }\n\n constructor(\n name: string,\n ctx: HttpContext,\n emitter: EmitterLike<\n AccessTokensGuardEvents<\n UserProvider[typeof PROVIDER_REAL_USER] & { currentAccessToken: AccessToken }\n >\n >,\n userProvider: UserProvider\n ) {\n this.#name = name\n this.#ctx = ctx\n this.#emitter = emitter\n this.#userProvider = userProvider\n }\n\n /**\n * Emits authentication failure and returns an exception\n * to end the authentication cycle.\n */\n #authenticationFailed() {\n const error = new E_UNAUTHORIZED_ACCESS('Unauthorized access', {\n guardDriverName: this.driverName,\n })\n\n this.#emitter.emit('access_tokens_auth:authentication_failed', {\n ctx: this.#ctx,\n guardName: this.#name,\n error,\n })\n\n return error\n }\n\n /**\n * Returns the bearer token from the request headers or fails\n */\n #getBearerToken(): string {\n const bearerToken = this.#ctx.request.header('authorization', '')!\n const [, token] = bearerToken.split('Bearer ')\n if (!token) {\n throw this.#authenticationFailed()\n }\n\n return token\n }\n\n /**\n * Returns an instance of the authenticated user. Or throws\n * an exception if the request is not authenticated.\n */\n getUserOrFail(): UserProvider[typeof PROVIDER_REAL_USER] & { currentAccessToken: AccessToken } {\n if (!this.user) {\n throw new E_UNAUTHORIZED_ACCESS('Unauthorized access', {\n guardDriverName: this.driverName,\n })\n }\n\n return this.user\n }\n\n /**\n * Authenticate the current HTTP request by verifying the bearer\n * token or fails with an exception\n */\n async authenticate(): Promise<\n UserProvider[typeof PROVIDER_REAL_USER] & { currentAccessToken: AccessToken }\n > {\n /**\n * Return early when authentication has already\n * been attempted\n */\n if (this.authenticationAttempted) {\n return this.getUserOrFail()\n }\n\n /**\n * Notify we begin to attempt the authentication\n */\n this.authenticationAttempted = true\n this.#emitter.emit('access_tokens_auth:authentication_attempted', {\n ctx: this.#ctx,\n guardName: this.#name,\n })\n\n /**\n * Decode token or fail when unable to do so\n */\n const bearerToken = new Secret(this.#getBearerToken())\n\n /**\n * Verify for token via the user provider\n */\n const token = await this.#userProvider.verifyToken(bearerToken)\n if (!token) {\n throw this.#authenticationFailed()\n }\n\n /**\n * Check if a user for the token exists. Otherwise abort\n * authentication\n */\n const providerUser = await this.#userProvider.findById(token.tokenableId)\n if (!providerUser) {\n throw this.#authenticationFailed()\n }\n\n /**\n * Update local state\n */\n this.isAuthenticated = true\n this.user = providerUser.getOriginal() as UserProvider[typeof PROVIDER_REAL_USER] & {\n currentAccessToken: AccessToken\n }\n this.user!.currentAccessToken = token\n\n /**\n * Notify\n */\n this.#emitter.emit('access_tokens_auth:authentication_succeeded', {\n ctx: this.#ctx,\n token,\n guardName: this.#name,\n user: this.user,\n })\n\n return this.user\n }\n\n /**\n * Returns the Authorization header clients can use to authenticate\n * the request.\n */\n async authenticateAsClient(\n user: UserProvider[typeof PROVIDER_REAL_USER],\n abilities?: string[],\n options?: {\n expiresIn?: string | number\n name?: string\n }\n ): Promise<AuthClientResponse> {\n const token = await this.#userProvider.createToken(user, abilities, options)\n return {\n headers: {\n authorization: `Bearer ${token.value!.release()}`,\n },\n }\n }\n\n /**\n * Silently check if the user is authenticated or not. The\n * method is same the \"authenticate\" method but does not\n * throw any exceptions.\n */\n async check(): Promise<boolean> {\n try {\n await this.authenticate()\n return true\n } catch (error) {\n if (error instanceof E_UNAUTHORIZED_ACCESS) {\n return false\n }\n\n throw error\n }\n }\n}\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport type { Secret } from '@adonisjs/core/helpers'\nimport { RuntimeException } from '@adonisjs/core/exceptions'\nimport type { LucidModel } from '@adonisjs/lucid/types/model'\n\nimport { AccessToken } from '../access_token.js'\nimport type {\n AccessTokenDbColumns,\n AccessTokensProviderContract,\n DbAccessTokensProviderOptions,\n} from '../types.js'\n\n/**\n * DbAccessTokensProvider uses lucid database service to fetch and\n * persist tokens for a given user.\n *\n * The user must be an instance of the associated user model.\n */\nexport class DbAccessTokensProvider<TokenableModel extends LucidModel>\n implements AccessTokensProviderContract<TokenableModel>\n{\n /**\n * Create tokens provider instance for a given Lucid model\n */\n static forModel<TokenableModel extends LucidModel>(\n model: DbAccessTokensProviderOptions<TokenableModel>['tokenableModel'],\n options?: Omit<DbAccessTokensProviderOptions<TokenableModel>, 'tokenableModel'>\n ) {\n return new DbAccessTokensProvider<TokenableModel>({ tokenableModel: model, ...(options || {}) })\n }\n\n /**\n * A unique type for the value. The type is used to identify a\n * bucket of tokens within the storage layer.\n *\n * Defaults to auth_token\n */\n protected type: string\n\n /**\n * A unique prefix to append to the publicly shared token value.\n *\n * Defaults to oat\n */\n protected prefix: string\n\n /**\n * Database table to use for querying access tokens\n */\n protected table: string\n\n /**\n * The length for the token secret. A secret is a cryptographically\n * secure random string.\n */\n protected tokenSecretLength: number\n\n constructor(protected options: DbAccessTokensProviderOptions<TokenableModel>) {\n this.table = options.table || 'auth_access_tokens'\n this.tokenSecretLength = options.tokenSecretLength || 40\n this.type = options.type || 'auth_token'\n this.prefix = options.prefix || 'oat_'\n }\n\n /**\n * Ensure the provided user is an instance of the user model and\n * has a primary key\n */\n #ensureIsPersisted(user: InstanceType<TokenableModel>) {\n const model = this.options.tokenableModel\n if (user instanceof model === false) {\n throw new RuntimeException(\n `Invalid user object. It must be an instance of the \"${model.name}\" model`\n )\n }\n\n if (!user.$primaryKeyValue) {\n throw new RuntimeException(\n `Cannot use \"${model.name}\" model for managing access tokens. The value of column \"${model.primaryKey}\" is undefined or null`\n )\n }\n }\n\n /**\n * Maps a database row to an instance token instance\n */\n protected dbRowToAccessToken(dbRow: AccessTokenDbColumns): AccessToken {\n return new AccessToken({\n identifier: dbRow.id,\n tokenableId: dbRow.tokenable_id,\n type: dbRow.type,\n name: dbRow.name,\n hash: dbRow.hash,\n abilities: JSON.parse(dbRow.abilities),\n createdAt:\n typeof dbRow.created_at === 'number' ? new Date(dbRow.created_at) : dbRow.created_at,\n updatedAt:\n typeof dbRow.updated_at === 'number' ? new Date(dbRow.updated_at) : dbRow.updated_at,\n lastUsedAt:\n typeof dbRow.last_used_at === 'number' ? new Date(dbRow.last_used_at) : dbRow.last_used_at,\n expiresAt:\n typeof dbRow.expires_at === 'number' ? new Date(dbRow.expires_at) : dbRow.expires_at,\n })\n }\n\n /**\n * Returns a query client instance from the parent model\n */\n protected async getDb() {\n const model = this.options.tokenableModel\n return model.$adapter.query(model).client\n }\n\n /**\n * Create a token for a user\n */\n async create(\n user: InstanceType<TokenableModel>,\n abilities: string[] = ['*'],\n options?: {\n name?: string\n expiresIn?: string | number\n }\n ) {\n this.#ensureIsPersisted(user)\n\n const queryClient = await this.getDb()\n\n /**\n * Creating a transient token. Transient token abstracts\n * the logic of creating a random secure secret and its\n * hash\n */\n const transientToken = AccessToken.createTransientToken(\n user.$primaryKeyValue!,\n this.tokenSecretLength,\n options?.expiresIn || this.options.expiresIn\n )\n\n /**\n * Row to insert inside the database. We expect exactly these\n * columns to exist.\n */\n const dbRow: Omit<AccessTokenDbColumns, 'id'> = {\n tokenable_id: transientToken.userId,\n type: this.type,\n name: options?.name || null,\n hash: transientToken.hash,\n abilities: JSON.stringify(abilities),\n created_at: new Date(),\n updated_at: new Date(),\n last_used_at: null,\n expires_at: transientToken.expiresAt || null,\n }\n\n /**\n * Insert data to the database.\n */\n const [id] = await queryClient.table(this.table).insert(dbRow)\n\n /**\n * Convert db row to an access token\n */\n return new AccessToken({\n identifier: id,\n tokenableId: dbRow.tokenable_id,\n type: dbRow.type,\n prefix: this.prefix,\n secret: transientToken.secret,\n name: dbRow.name,\n hash: dbRow.hash,\n abilities: JSON.parse(dbRow.abilities),\n createdAt: dbRow.created_at,\n updatedAt: dbRow.updated_at,\n lastUsedAt: dbRow.last_used_at,\n expiresAt: dbRow.expires_at,\n })\n }\n\n /**\n * Find a token for a user by the token id\n */\n async find(user: InstanceType<TokenableModel>, identifier: string | number | BigInt) {\n this.#ensureIsPersisted(user)\n\n const queryClient = await this.getDb()\n const dbRow = await queryClient\n .query<AccessTokenDbColumns>()\n .from(this.table)\n .where({ id: identifier, tokenable_id: user.$primaryKeyValue, type: this.type })\n .limit(1)\n .first()\n\n if (!dbRow) {\n return null\n }\n\n return this.dbRowToAccessToken(dbRow)\n }\n\n /**\n * Delete a token by its id\n */\n async delete(\n user: InstanceType<TokenableModel>,\n identifier: string | number | BigInt\n ): Promise<number> {\n this.#ensureIsPersisted(user)\n\n const queryClient = await this.getDb()\n const affectedRows = await queryClient\n .query<number>()\n .from(this.table)\n .where({ id: identifier, tokenable_id: user.$primaryKeyValue, type: this.type })\n .del()\n .exec()\n\n return affectedRows as unknown as number\n }\n\n /**\n * Returns all the tokens a given user\n */\n async all(user: InstanceType<TokenableModel>) {\n this.#ensureIsPersisted(user)\n\n const queryClient = await this.getDb()\n const dbRows = await queryClient\n .query<AccessTokenDbColumns>()\n .from(this.table)\n .where({ tokenable_id: user.$primaryKeyValue, type: this.type })\n .orderBy('last_used_at', 'desc')\n .orderBy('id', 'desc')\n .exec()\n\n return dbRows.map((dbRow) => {\n return this.dbRowToAccessToken(dbRow)\n })\n }\n\n /**\n * Verifies a publicly shared access token and returns an\n * access token for it.\n *\n * Returns null when unable to verify the token or find it\n * inside the storage\n */\n async verify(tokenValue: Secret<string>) {\n const decodedToken = AccessToken.decode(this.prefix, tokenValue.release())\n if (!decodedToken) {\n return null\n }\n\n const db = await this.getDb()\n const dbRow = await db\n .query<AccessTokenDbColumns>()\n .from(this.table)\n .where({ id: decodedToken.identifier, type: this.type })\n .limit(1)\n .first()\n\n if (!dbRow) {\n return null\n }\n\n /**\n * Update last time the token is used\n */\n dbRow.last_used_at = new Date()\n await db\n .from(this.table)\n .where({ id: dbRow.id, type: dbRow.type })\n .update({ last_used_at: dbRow.last_used_at })\n\n /**\n * Convert to access token instance\n */\n const accessToken = this.dbRowToAccessToken(dbRow)\n\n /**\n * Ensure the token secret matches the token hash\n */\n if (!accessToken.verify(decodedToken.secret) || accessToken.isExpired()) {\n return null\n }\n\n return accessToken\n }\n}\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { Secret } from '@adonisjs/core/helpers'\nimport type { LucidRow } from '@adonisjs/lucid/types/model'\nimport { RuntimeException } from '@adonisjs/core/exceptions'\n\nimport { AccessToken } from '../access_token.js'\nimport { PROVIDER_REAL_USER } from '../../../src/symbols.js'\nimport type {\n LucidTokenable,\n AccessTokensGuardUser,\n AccessTokensUserProviderContract,\n AccessTokensLucidUserProviderOptions,\n} from '../types.js'\n\n/**\n * Uses a lucid model to verify access tokens and find a user during\n * authentication\n */\nexport class AccessTokensLucidUserProvider<\n TokenableProperty extends string,\n UserModel extends LucidTokenable<TokenableProperty>,\n> implements AccessTokensUserProviderContract<InstanceType<UserModel>>\n{\n declare [PROVIDER_REAL_USER]: InstanceType<UserModel>\n\n /**\n * Reference to the lazily imported model\n */\n protected model?: UserModel\n\n constructor(\n /**\n * Lucid provider options\n */\n protected options: AccessTokensLucidUserProviderOptions<TokenableProperty, UserModel>\n ) {}\n\n /**\n * Imports the model from the provider, returns and caches it\n * for further operations.\n */\n protected async getModel() {\n if (this.model) {\n return this.model\n }\n\n const importedModel = await this.options.model()\n this.model = importedModel.default\n return this.model\n }\n\n /**\n * Returns the tokens provider associated with the user model\n */\n protected async getTokensProvider() {\n const model = await this.getModel()\n\n if (!model[this.options.tokens]) {\n throw new RuntimeException(\n `Cannot use \"${model.name}\" model for verifying access tokens. Make sure to assign a token provider to the model.`\n )\n }\n\n return model[this.options.tokens]\n }\n\n /**\n * Creates an adapter user for the guard\n */\n async createUserForGuard(\n user: InstanceType<UserModel>\n ): Promise<AccessTokensGuardUser<InstanceType<UserModel>>> {\n const model = await this.getModel()\n if (user instanceof model === false) {\n throw new RuntimeException(\n `Invalid user object. It must be an instance of the \"${model.name}\" model`\n )\n }\n\n return {\n getId() {\n /**\n * Ensure user has a primary key\n */\n if (!user.$primaryKeyValue) {\n throw new RuntimeException(\n `Cannot use \"${model.name}\" model for authentication. The value of column \"${model.primaryKey}\" is undefined or null`\n )\n }\n\n return user.$primaryKeyValue\n },\n getOriginal() {\n return user\n },\n }\n }\n\n /**\n * Create a token for a given user\n */\n async createToken(\n user: InstanceType<UserModel>,\n abilities?: string[] | undefined,\n options?: {\n name?: string\n expiresIn?: string | number\n }\n ): Promise<AccessToken> {\n const tokensProvider = await this.getTokensProvider()\n return tokensProvider.create(user as LucidRow, abilities, options)\n }\n\n /**\n * Finds a user by the user id\n */\n async findById(\n identifier: string | number | BigInt\n ): Promise<AccessTokensGuardUser<InstanceType<UserModel>> | null> {\n const model = await this.getModel()\n const user = await model.find(identifier)\n\n if (!user) {\n return null\n }\n\n return this.createUserForGuard(user)\n }\n\n /**\n * Verifies a publicly shared access token and returns an\n * access token for it.\n */\n async verifyToken(tokenValue: Secret<string>): Promise<AccessToken | null> {\n const tokensProvider = await this.getTokensProvider()\n return tokensProvider.verify(tokenValue)\n }\n}\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport type { HttpContext } from '@adonisjs/core/http'\nimport type { ConfigProvider } from '@adonisjs/core/types'\n\nimport { AccessTokensGuard } from './guard.js'\nimport type { GuardConfigProvider } from '../../src/types.js'\nimport { AccessTokensLucidUserProvider } from './user_providers/lucid.js'\nimport type {\n LucidTokenable,\n AccessTokensUserProviderContract,\n AccessTokensLucidUserProviderOptions,\n} from './types.js'\n\n/**\n * Configures access tokens guard for authentication\n */\nexport function tokensGuard<\n UserProvider extends AccessTokensUserProviderContract<unknown>,\n>(config: {\n provider: UserProvider | ConfigProvider<UserProvider>\n}): GuardConfigProvider<(ctx: HttpContext) => AccessTokensGuard<UserProvider>> {\n return {\n async resolver(name, app) {\n const emitter = await app.container.make('emitter')\n const provider =\n 'resolver' in config.provider ? await config.provider.resolver(app) : config.provider\n return (ctx) => new AccessTokensGuard(name, ctx, emitter as any, provider)\n },\n }\n}\n\n/**\n * Configures user provider that uses Lucid models to verify\n * access tokens and find users during authentication.\n */\nexport function tokensUserProvider<\n TokenableProperty extends string,\n Model extends LucidTokenable<TokenableProperty>,\n>(\n config: AccessTokensLucidUserProviderOptions<TokenableProperty, Model>\n): AccessTokensLucidUserProvider<TokenableProperty, Model> {\n return new AccessTokensLucidUserProvider(config)\n}\n"],"mappings":";;;;;;AASA,SAAS,kBAAkB;AAC3B,OAAO,YAAY;AACnB,SAAS,wBAAwB;AACjC,SAAS,QAAQ,QAAQ,iBAAiB;;;ACQnC,IAAM,QAAN,MAAY;AAAA;AAAA;AAAA;AAAA,EAIjB,eAAe;AAAA,IACb;AAAA,IAAG;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACtF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACpF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAU;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IACjF;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAClF;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAClF;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAClF;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAClF;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAClF;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAClF;AAAA,IAAY;AAAA,IAAU;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAU;AAAA,IAAY;AAAA,IAChF;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAClF;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAClF;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAClF;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAClF;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAClF;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAClF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAU;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAU;AAAA,IAChF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAClF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAClF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAClF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IACnF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAClF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAClF;AAAA,IAAY;AAAA,IAAY;AAAA,IAAW;AAAA,IAAY;AAAA,IAAY;AAAA,IAAY;AAAA,EACzE;AAAA,EAEA,cAAc;AAAA,EAEd,gBAAgB,OAAmB,aAA8B;AAC/D,QAAI,MAAM,eAAe,KAAK;AAC9B,eAAW,QAAQ,OAAO;AACxB,YAAM,cAAc,MAAM,QAAQ;AAClC,YAAM,WAAW,KAAK,aAAa,UAAU;AAC7C,YAAO,QAAQ,IAAK;AAAA,IACtB;AACA,WAAO;AAAA,EACT;AAAA,EAEA,WAAW,KAAqB;AAC9B,WAAO,KAAK,UAAU,MAAM,UAAU;AAAA,EACxC;AAAA,EAEA,YAAY,OAA2B;AACrC,UAAM,UAAU,IAAI,YAAY;AAChC,WAAO,QAAQ,OAAO,KAAK;AAAA,EAC7B;AAAA,EAEA,UAAU,KAAqB;AAC7B,QAAI,OAAO,GAAG;AACZ,aAAO;AAAA,IACT;AACA,WAAO,aAAa,MAAM,KAAK;AAAA,EACjC;AAAA,EAEA,UAAU,OAAuB;AAC/B,WAAO,KAAK,UAAU,KAAK;AAAA,EAC7B;AAAA,EAEA,UAAU,OAAuB;AAC/B,UAAM,QAAQ,KAAK,YAAY,KAAK;AACpC,WAAO,KAAK,SAAS,KAAK;AAAA,EAC5B;AAAA,EAEA,SAAS,OAAmB,aAA8B;AACxD,UAAM,MAAM,KAAK,gBAAgB,OAAO,WAAW;AACnD,WAAO,KAAK,WAAW,GAAG;AAAA,EAC5B;AACF;;;AD5EO,IAAM,cAAN,MAAkB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQvB,OAAO,OACL,QACA,OACuD;AAIvD,QAAI,OAAO,UAAU,YAAY,CAAC,MAAM,WAAW,GAAG,MAAM,EAAE,GAAG;AAC/D,aAAO;AAAA,IACT;AAKA,UAAM,QAAQ,MAAM,QAAQ,IAAI,OAAO,IAAI,MAAM,EAAE,GAAG,EAAE;AACxD,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,IACT;AAEA,UAAM,CAAC,YAAY,GAAG,UAAU,IAAI,MAAM,MAAM,GAAG;AACnD,QAAI,CAAC,cAAc,WAAW,WAAW,GAAG;AAC1C,aAAO;AAAA,IACT;AAEA,UAAM,oBAAoB,OAAO,UAAU,UAAU;AACrD,UAAM,gBAAgB,OAAO,UAAU,WAAW,KAAK,GAAG,CAAC;AAC3D,QAAI,CAAC,qBAAqB,CAAC,eAAe;AACxC,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,MACL,YAAY;AAAA,MACZ,QAAQ,IAAI,OAAO,aAAa;AAAA,IAClC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAO,qBACL,QACA,MACA,WACA;AACA,QAAI;AACJ,QAAI,WAAW;AACb,kBAAY,oBAAI,KAAK;AACrB,gBAAU,WAAW,UAAU,WAAW,IAAI,OAAO,QAAQ,MAAM,SAAS,CAAC;AAAA,IAC/E;AAEA,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,GAAG,KAAK,KAAK,IAAI;AAAA,IACnB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,KAAK,MAAc;AACxB,UAAM,OAAO,OAAO,OAAO,IAAI;AAC/B,UAAM,SAAS,IAAI,OAAO,GAAG,IAAI,GAAG,IAAI,MAAM,EAAE,UAAU,IAAI,CAAC,EAAE;AACjE,UAAM,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,QAAQ,CAAC,EAAE,OAAO,KAAK;AACvE,WAAO,EAAE,QAAQ,KAAK;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA;AAAA,EAEA,YAAY,YAaT;AACD,SAAK,aAAa,WAAW;AAC7B,SAAK,cAAc,WAAW;AAC9B,SAAK,OAAO,WAAW;AACvB,SAAK,OAAO,WAAW;AACvB,SAAK,OAAO,WAAW;AACvB,SAAK,YAAY,WAAW;AAC5B,SAAK,YAAY,WAAW;AAC5B,SAAK,YAAY,WAAW;AAC5B,SAAK,aAAa,WAAW;AAC7B,SAAK,YAAY,WAAW,aAAa,CAAC,GAAG;AAK7C,QAAI,WAAW,QAAQ;AACrB,UAAI,CAAC,WAAW,QAAQ;AACtB,cAAM,IAAI,iBAAiB,+CAA+C;AAAA,MAC5E;AACA,WAAK,QAAQ,IAAI;AAAA,QACf,GAAG,WAAW,MAAM,GAAG,OAAO,UAAU,OAAO,KAAK,UAAU,CAAC,CAAC,IAAI,OAAO;AAAA,UACzE,WAAW,OAAO,QAAQ;AAAA,QAC5B,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,SAAiB;AACtB,WAAO,KAAK,UAAU,SAAS,OAAO,KAAK,KAAK,UAAU,SAAS,GAAG;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,SAAiB;AACtB,WAAO,CAAC,KAAK,UAAU,SAAS,OAAO,KAAK,CAAC,KAAK,UAAU,SAAS,GAAG;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,SAAiB;AACzB,QAAI,KAAK,OAAO,OAAO,GAAG;AACxB,YAAM,IAAI,sBAAsB,uBAAuB,EAAE,iBAAiB,gBAAgB,CAAC;AAAA,IAC7F;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,YAAY;AACV,QAAI,CAAC,KAAK,WAAW;AACnB,aAAO;AAAA,IACT;AAEA,WAAO,KAAK,YAAY,oBAAI,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,QAAiC;AACtC,UAAM,UAAU,WAAW,QAAQ,EAAE,OAAO,OAAO,QAAQ,CAAC,EAAE,OAAO,KAAK;AAC1E,WAAO,UAAU,KAAK,MAAM,OAAO;AAAA,EACrC;AAAA,EAEA,SAAS;AACP,WAAO;AAAA,MACL,MAAM;AAAA,MACN,MAAM,KAAK;AAAA,MACX,OAAO,KAAK,QAAQ,KAAK,MAAM,QAAQ,IAAI;AAAA,MAC3C,WAAW,KAAK;AAAA,MAChB,YAAY,KAAK;AAAA,MACjB,WAAW,KAAK;AAAA,IAClB;AAAA,EACF;AACF;;;AE3PA,SAAS,UAAAA,eAAc;AAehB,IAAM,oBAAN,MAGP;AAAA;AAAA;AAAA;AAAA,EAWE;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EASA,aAA8B;AAAA;AAAA;AAAA;AAAA;AAAA,EAM9B,0BAA0B;AAAA;AAAA;AAAA;AAAA;AAAA,EAM1B,kBAAkB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAalB;AAAA,EAEA,YACE,MACA,KACA,SAKA,cACA;AACA,SAAK,QAAQ;AACb,SAAK,OAAO;AACZ,SAAK,WAAW;AAChB,SAAK,gBAAgB;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,wBAAwB;AACtB,UAAM,QAAQ,IAAI,sBAAsB,uBAAuB;AAAA,MAC7D,iBAAiB,KAAK;AAAA,IACxB,CAAC;AAED,SAAK,SAAS,KAAK,4CAA4C;AAAA,MAC7D,KAAK,KAAK;AAAA,MACV,WAAW,KAAK;AAAA,MAChB;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,kBAA0B;AACxB,UAAM,cAAc,KAAK,KAAK,QAAQ,OAAO,iBAAiB,EAAE;AAChE,UAAM,CAAC,EAAE,KAAK,IAAI,YAAY,MAAM,SAAS;AAC7C,QAAI,CAAC,OAAO;AACV,YAAM,KAAK,sBAAsB;AAAA,IACnC;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gBAA+F;AAC7F,QAAI,CAAC,KAAK,MAAM;AACd,YAAM,IAAI,sBAAsB,uBAAuB;AAAA,QACrD,iBAAiB,KAAK;AAAA,MACxB,CAAC;AAAA,IACH;AAEA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,eAEJ;AAKA,QAAI,KAAK,yBAAyB;AAChC,aAAO,KAAK,cAAc;AAAA,IAC5B;AAKA,SAAK,0BAA0B;AAC/B,SAAK,SAAS,KAAK,+CAA+C;AAAA,MAChE,KAAK,KAAK;AAAA,MACV,WAAW,KAAK;AAAA,IAClB,CAAC;AAKD,UAAM,cAAc,IAAIC,QAAO,KAAK,gBAAgB,CAAC;AAKrD,UAAM,QAAQ,MAAM,KAAK,cAAc,YAAY,WAAW;AAC9D,QAAI,CAAC,OAAO;AACV,YAAM,KAAK,sBAAsB;AAAA,IACnC;AAMA,UAAM,eAAe,MAAM,KAAK,cAAc,SAAS,MAAM,WAAW;AACxE,QAAI,CAAC,cAAc;AACjB,YAAM,KAAK,sBAAsB;AAAA,IACnC;AAKA,SAAK,kBAAkB;AACvB,SAAK,OAAO,aAAa,YAAY;AAGrC,SAAK,KAAM,qBAAqB;AAKhC,SAAK,SAAS,KAAK,+CAA+C;AAAA,MAChE,KAAK,KAAK;AAAA,MACV;AAAA,MACA,WAAW,KAAK;AAAA,MAChB,MAAM,KAAK;AAAA,IACb,CAAC;AAED,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,qBACJ,MACA,WACA,SAI6B;AAC7B,UAAM,QAAQ,MAAM,KAAK,cAAc,YAAY,MAAM,WAAW,OAAO;AAC3E,WAAO;AAAA,MACL,SAAS;AAAA,QACP,eAAe,UAAU,MAAM,MAAO,QAAQ,CAAC;AAAA,MACjD;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,QAA0B;AAC9B,QAAI;AACF,YAAM,KAAK,aAAa;AACxB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,uBAAuB;AAC1C,eAAO;AAAA,MACT;AAEA,YAAM;AAAA,IACR;AAAA,EACF;AACF;;;ACrPA,SAAS,oBAAAC,yBAAwB;AAgB1B,IAAM,yBAAN,MAAM,wBAEb;AAAA,EAqCE,YAAsB,SAAwD;AAAxD;AACpB,SAAK,QAAQ,QAAQ,SAAS;AAC9B,SAAK,oBAAoB,QAAQ,qBAAqB;AACtD,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,SAAS,QAAQ,UAAU;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAtCA,OAAO,SACL,OACA,SACA;AACA,WAAO,IAAI,wBAAuC,EAAE,gBAAgB,OAAO,GAAI,WAAW,CAAC,EAAG,CAAC;AAAA,EACjG;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaV,mBAAmB,MAAoC;AACrD,UAAM,QAAQ,KAAK,QAAQ;AAC3B,QAAI,gBAAgB,UAAU,OAAO;AACnC,YAAM,IAAIC;AAAA,QACR,uDAAuD,MAAM,IAAI;AAAA,MACnE;AAAA,IACF;AAEA,QAAI,CAAC,KAAK,kBAAkB;AAC1B,YAAM,IAAIA;AAAA,QACR,eAAe,MAAM,IAAI,4DAA4D,MAAM,UAAU;AAAA,MACvG;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKU,mBAAmB,OAA0C;AACrE,WAAO,IAAI,YAAY;AAAA,MACrB,YAAY,MAAM;AAAA,MAClB,aAAa,MAAM;AAAA,MACnB,MAAM,MAAM;AAAA,MACZ,MAAM,MAAM;AAAA,MACZ,MAAM,MAAM;AAAA,MACZ,WAAW,KAAK,MAAM,MAAM,SAAS;AAAA,MACrC,WACE,OAAO,MAAM,eAAe,WAAW,IAAI,KAAK,MAAM,UAAU,IAAI,MAAM;AAAA,MAC5E,WACE,OAAO,MAAM,eAAe,WAAW,IAAI,KAAK,MAAM,UAAU,IAAI,MAAM;AAAA,MAC5E,YACE,OAAO,MAAM,iBAAiB,WAAW,IAAI,KAAK,MAAM,YAAY,IAAI,MAAM;AAAA,MAChF,WACE,OAAO,MAAM,eAAe,WAAW,IAAI,KAAK,MAAM,UAAU,IAAI,MAAM;AAAA,IAC9E,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAgB,QAAQ;AACtB,UAAM,QAAQ,KAAK,QAAQ;AAC3B,WAAO,MAAM,SAAS,MAAM,KAAK,EAAE;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OACJ,MACA,YAAsB,CAAC,GAAG,GAC1B,SAIA;AACA,SAAK,mBAAmB,IAAI;AAE5B,UAAM,cAAc,MAAM,KAAK,MAAM;AAOrC,UAAM,iBAAiB,YAAY;AAAA,MACjC,KAAK;AAAA,MACL,KAAK;AAAA,MACL,SAAS,aAAa,KAAK,QAAQ;AAAA,IACrC;AAMA,UAAM,QAA0C;AAAA,MAC9C,cAAc,eAAe;AAAA,MAC7B,MAAM,KAAK;AAAA,MACX,MAAM,SAAS,QAAQ;AAAA,MACvB,MAAM,eAAe;AAAA,MACrB,WAAW,KAAK,UAAU,SAAS;AAAA,MACnC,YAAY,oBAAI,KAAK;AAAA,MACrB,YAAY,oBAAI,KAAK;AAAA,MACrB,cAAc;AAAA,MACd,YAAY,eAAe,aAAa;AAAA,IAC1C;AAKA,UAAM,CAAC,EAAE,IAAI,MAAM,YAAY,MAAM,KAAK,KAAK,EAAE,OAAO,KAAK;AAK7D,WAAO,IAAI,YAAY;AAAA,MACrB,YAAY;AAAA,MACZ,aAAa,MAAM;AAAA,MACnB,MAAM,MAAM;AAAA,MACZ,QAAQ,KAAK;AAAA,MACb,QAAQ,eAAe;AAAA,MACvB,MAAM,MAAM;AAAA,MACZ,MAAM,MAAM;AAAA,MACZ,WAAW,KAAK,MAAM,MAAM,SAAS;AAAA,MACrC,WAAW,MAAM;AAAA,MACjB,WAAW,MAAM;AAAA,MACjB,YAAY,MAAM;AAAA,MAClB,WAAW,MAAM;AAAA,IACnB,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,KAAK,MAAoC,YAAsC;AACnF,SAAK,mBAAmB,IAAI;AAE5B,UAAM,cAAc,MAAM,KAAK,MAAM;AACrC,UAAM,QAAQ,MAAM,YACjB,MAA4B,EAC5B,KAAK,KAAK,KAAK,EACf,MAAM,EAAE,IAAI,YAAY,cAAc,KAAK,kBAAkB,MAAM,KAAK,KAAK,CAAC,EAC9E,MAAM,CAAC,EACP,MAAM;AAET,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,IACT;AAEA,WAAO,KAAK,mBAAmB,KAAK;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OACJ,MACA,YACiB;AACjB,SAAK,mBAAmB,IAAI;AAE5B,UAAM,cAAc,MAAM,KAAK,MAAM;AACrC,UAAM,eAAe,MAAM,YACxB,MAAc,EACd,KAAK,KAAK,KAAK,EACf,MAAM,EAAE,IAAI,YAAY,cAAc,KAAK,kBAAkB,MAAM,KAAK,KAAK,CAAC,EAC9E,IAAI,EACJ,KAAK;AAER,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,IAAI,MAAoC;AAC5C,SAAK,mBAAmB,IAAI;AAE5B,UAAM,cAAc,MAAM,KAAK,MAAM;AACrC,UAAM,SAAS,MAAM,YAClB,MAA4B,EAC5B,KAAK,KAAK,KAAK,EACf,MAAM,EAAE,cAAc,KAAK,kBAAkB,MAAM,KAAK,KAAK,CAAC,EAC9D,QAAQ,gBAAgB,MAAM,EAC9B,QAAQ,MAAM,MAAM,EACpB,KAAK;AAER,WAAO,OAAO,IAAI,CAAC,UAAU;AAC3B,aAAO,KAAK,mBAAmB,KAAK;AAAA,IACtC,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,OAAO,YAA4B;AACvC,UAAM,eAAe,YAAY,OAAO,KAAK,QAAQ,WAAW,QAAQ,CAAC;AACzE,QAAI,CAAC,cAAc;AACjB,aAAO;AAAA,IACT;AAEA,UAAM,KAAK,MAAM,KAAK,MAAM;AAC5B,UAAM,QAAQ,MAAM,GACjB,MAA4B,EAC5B,KAAK,KAAK,KAAK,EACf,MAAM,EAAE,IAAI,aAAa,YAAY,MAAM,KAAK,KAAK,CAAC,EACtD,MAAM,CAAC,EACP,MAAM;AAET,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,IACT;AAKA,UAAM,eAAe,oBAAI,KAAK;AAC9B,UAAM,GACH,KAAK,KAAK,KAAK,EACf,MAAM,EAAE,IAAI,MAAM,IAAI,MAAM,MAAM,KAAK,CAAC,EACxC,OAAO,EAAE,cAAc,MAAM,aAAa,CAAC;AAK9C,UAAM,cAAc,KAAK,mBAAmB,KAAK;AAKjD,QAAI,CAAC,YAAY,OAAO,aAAa,MAAM,KAAK,YAAY,UAAU,GAAG;AACvE,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT;AACF;;;AC7RA,SAAS,oBAAAC,yBAAwB;AAe1B,IAAM,gCAAN,MAIP;AAAA,EAQE,YAIY,SACV;AADU;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAPO;AAAA;AAAA;AAAA;AAAA;AAAA,EAaV,MAAgB,WAAW;AACzB,QAAI,KAAK,OAAO;AACd,aAAO,KAAK;AAAA,IACd;AAEA,UAAM,gBAAgB,MAAM,KAAK,QAAQ,MAAM;AAC/C,SAAK,QAAQ,cAAc;AAC3B,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAgB,oBAAoB;AAClC,UAAM,QAAQ,MAAM,KAAK,SAAS;AAElC,QAAI,CAAC,MAAM,KAAK,QAAQ,MAAM,GAAG;AAC/B,YAAM,IAAIA;AAAA,QACR,eAAe,MAAM,IAAI;AAAA,MAC3B;AAAA,IACF;AAEA,WAAO,MAAM,KAAK,QAAQ,MAAM;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBACJ,MACyD;AACzD,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,QAAI,gBAAgB,UAAU,OAAO;AACnC,YAAM,IAAIA;AAAA,QACR,uDAAuD,MAAM,IAAI;AAAA,MACnE;AAAA,IACF;AAEA,WAAO;AAAA,MACL,QAAQ;AAIN,YAAI,CAAC,KAAK,kBAAkB;AAC1B,gBAAM,IAAIA;AAAA,YACR,eAAe,MAAM,IAAI,oDAAoD,MAAM,UAAU;AAAA,UAC/F;AAAA,QACF;AAEA,eAAO,KAAK;AAAA,MACd;AAAA,MACA,cAAc;AACZ,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YACJ,MACA,WACA,SAIsB;AACtB,UAAM,iBAAiB,MAAM,KAAK,kBAAkB;AACpD,WAAO,eAAe,OAAO,MAAkB,WAAW,OAAO;AAAA,EACnE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SACJ,YACgE;AAChE,UAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,UAAM,OAAO,MAAM,MAAM,KAAK,UAAU;AAExC,QAAI,CAAC,MAAM;AACT,aAAO;AAAA,IACT;AAEA,WAAO,KAAK,mBAAmB,IAAI;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,YAAY,YAAyD;AACzE,UAAM,iBAAiB,MAAM,KAAK,kBAAkB;AACpD,WAAO,eAAe,OAAO,UAAU;AAAA,EACzC;AACF;;;ACzHO,SAAS,YAEd,QAE6E;AAC7E,SAAO;AAAA,IACL,MAAM,SAAS,MAAM,KAAK;AACxB,YAAM,UAAU,MAAM,IAAI,UAAU,KAAK,SAAS;AAClD,YAAM,WACJ,cAAc,OAAO,WAAW,MAAM,OAAO,SAAS,SAAS,GAAG,IAAI,OAAO;AAC/E,aAAO,CAAC,QAAQ,IAAI,kBAAkB,MAAM,KAAK,SAAgB,QAAQ;AAAA,IAC3E;AAAA,EACF;AACF;AAMO,SAAS,mBAId,QACyD;AACzD,SAAO,IAAI,8BAA8B,MAAM;AACjD;","names":["Secret","Secret","RuntimeException","RuntimeException","RuntimeException"]}

package/build/modules/access_tokens_guard/token_providers/db.d.ts ADDED Viewed

@@ -0,0 +1,76 @@
+import type { Secret } from '@adonisjs/core/helpers';
+import type { LucidModel } from '@adonisjs/lucid/types/model';
+import { AccessToken } from '../access_token.js';
+import type { AccessTokenDbColumns, AccessTokensProviderContract, DbAccessTokensProviderOptions } from '../types.js';
+/**
+ * DbAccessTokensProvider uses lucid database service to fetch and
+ * persist tokens for a given user.
+ *
+ * The user must be an instance of the associated user model.
+ */
+export declare class DbAccessTokensProvider<TokenableModel extends LucidModel> implements AccessTokensProviderContract<TokenableModel> {
+    #private;
+    protected options: DbAccessTokensProviderOptions<TokenableModel>;
+    /**
+     * Create tokens provider instance for a given Lucid model
+     */
+    static forModel<TokenableModel extends LucidModel>(model: DbAccessTokensProviderOptions<TokenableModel>['tokenableModel'], options?: Omit<DbAccessTokensProviderOptions<TokenableModel>, 'tokenableModel'>): DbAccessTokensProvider<TokenableModel>;
+    /**
+     * A unique type for the value. The type is used to identify a
+     * bucket of tokens within the storage layer.
+     *
+     * Defaults to auth_token
+     */
+    protected type: string;
+    /**
+     * A unique prefix to append to the publicly shared token value.
+     *
+     * Defaults to oat
+     */
+    protected prefix: string;
+    /**
+     * Database table to use for querying access tokens
+     */
+    protected table: string;
+    /**
+     * The length for the token secret. A secret is a cryptographically
+     * secure random string.
+     */
+    protected tokenSecretLength: number;
+    constructor(options: DbAccessTokensProviderOptions<TokenableModel>);
+    /**
+     * Maps a database row to an instance token instance
+     */
+    protected dbRowToAccessToken(dbRow: AccessTokenDbColumns): AccessToken;
+    /**
+     * Returns a query client instance from the parent model
+     */
+    protected getDb(): Promise<import("@adonisjs/lucid/types/database").QueryClientContract>;
+    /**
+     * Create a token for a user
+     */
+    create(user: InstanceType<TokenableModel>, abilities?: string[], options?: {
+        name?: string;
+        expiresIn?: string | number;
+    }): Promise<AccessToken>;
+    /**
+     * Find a token for a user by the token id
+     */
+    find(user: InstanceType<TokenableModel>, identifier: string | number | BigInt): Promise<AccessToken | null>;
+    /**
+     * Delete a token by its id
+     */
+    delete(user: InstanceType<TokenableModel>, identifier: string | number | BigInt): Promise<number>;
+    /**
+     * Returns all the tokens a given user
+     */
+    all(user: InstanceType<TokenableModel>): Promise<AccessToken[]>;
+    /**
+     * Verifies a publicly shared access token and returns an
+     * access token for it.
+     *
+     * Returns null when unable to verify the token or find it
+     * inside the storage
+     */
+    verify(tokenValue: Secret<string>): Promise<AccessToken | null>;
+}

package/build/modules/access_tokens_guard/types.d.ts ADDED Viewed

@@ -0,0 +1,208 @@
+import type { Secret } from '@adonisjs/core/helpers';
+import type { HttpContext } from '@adonisjs/core/http';
+import type { Exception } from '@adonisjs/core/exceptions';
+import type { LucidModel } from '@adonisjs/lucid/types/model';
+import type { AccessToken } from './access_token.js';
+import type { PROVIDER_REAL_USER } from '../../src/symbols.js';
+/**
+ * Options accepted by the tokens provider that uses lucid
+ * database service to fetch and persist tokens.
+ */
+export type DbAccessTokensProviderOptions<TokenableModel extends LucidModel> = {
+    /**
+     * The user model for which to generate tokens. Note, the model
+     * is not used for tokens, but is used to associate a user
+     * with the token
+     */
+    tokenableModel: TokenableModel;
+    /**
+     * Database table to use for querying tokens.
+     *
+     * Defaults to "auth_access_tokens"
+     */
+    table?: string;
+    /**
+     * The default expiry for all the tokens. You can also customize
+     * expiry at the time of creating a token as well.
+     *
+     * By default tokens do not expire
+     */
+    expiresIn?: string | number;
+    /**
+     * The length for the token secret. A secret is a cryptographically
+     * secure random string.
+     *
+     * Defaults to 40
+     */
+    tokenSecretLength?: number;
+    /**
+     * A unique type for the value. The type is used to identify a
+     * bucket of tokens within the storage layer.
+     *
+     * Defaults to auth_token
+     */
+    type?: string;
+    /**
+     * A unique prefix to append to the publicly shared token value.
+     *
+     * Defaults to oat_
+     */
+    prefix?: string;
+};
+/**
+ * The database columns expected at the database level
+ */
+export type AccessTokenDbColumns = {
+    /**
+     * Token primary key. It can be an integer, bigInteger or
+     * even a UUID or any other string based value.
+     *
+     * The id should not have ". (dots)" inside it.
+     */
+    id: number | string | BigInt;
+    /**
+     * The user or entity for whom the token is
+     * generated
+     */
+    tokenable_id: string | number | BigInt;
+    /**
+     * A unique type for the token. It is used to
+     * unique identify tokens within the storage
+     * layer.
+     */
+    type: string;
+    /**
+     * Optional name for the token
+     */
+    name: string | null;
+    /**
+     * Token hash is used to verify the token shared
+     * with the user
+     */
+    hash: string;
+    /**
+     * Timestamps
+     */
+    created_at: Date;
+    updated_at: Date;
+    /**
+     * An array of abilities stored as JSON.
+     */
+    abilities: string;
+    /**
+     * The date after which the token will be considered
+     * expired.
+     *
+     * A null value means the token is long-lived
+     */
+    expires_at: null | Date;
+    /**
+     * Last time the token was used for authentication
+     */
+    last_used_at: null | Date;
+};
+/**
+ * Access token providers are used verify an access token
+ * during authentication
+ */
+export interface AccessTokensProviderContract<Tokenable extends LucidModel> {
+    /**
+     * Create a token for a given user
+     */
+    create(user: InstanceType<Tokenable>, abilities?: string[], options?: {
+        name?: string;
+        expiresIn?: string | number;
+    }): Promise<AccessToken>;
+    /**
+     * Verifies a publicly shared access token and returns an
+     * access token for it.
+     */
+    verify(tokenValue: Secret<string>): Promise<AccessToken | null>;
+}
+/**
+ * A lucid model with a tokens provider to verify tokens during
+ * authentication
+ */
+export type LucidTokenable<TokenableProperty extends string> = LucidModel & {
+    [K in TokenableProperty]: AccessTokensProviderContract<LucidModel>;
+};
+/**
+ * Options accepted by the user provider that uses a lucid
+ * model to lookup a user during authentication and verify
+ * tokens
+ */
+export type AccessTokensLucidUserProviderOptions<TokenableProperty extends string, Model extends LucidTokenable<TokenableProperty>> = {
+    tokens: TokenableProperty;
+    model: () => Promise<{
+        default: Model;
+    }>;
+};
+/**
+ * Guard user is an adapter between the user provider
+ * and the guard.
+ *
+ * The guard is user provider agnostic and therefore it
+ * needs a adapter to known some basic info about the
+ * user.
+ */
+export type AccessTokensGuardUser<RealUser> = {
+    getId(): string | number | BigInt;
+    getOriginal(): RealUser;
+};
+/**
+ * The user provider used by access tokens guard to lookup
+ * users and verify tokens.
+ */
+export interface AccessTokensUserProviderContract<RealUser> {
+    [PROVIDER_REAL_USER]: RealUser;
+    /**
+     * Create a user object that acts as an adapter between
+     * the guard and real user value.
+     */
+    createUserForGuard(user: RealUser): Promise<AccessTokensGuardUser<RealUser>>;
+    /**
+     * Create a token for a given user
+     */
+    createToken(user: RealUser, abilities?: string[], options?: {
+        name?: string;
+        expiresIn?: string | number;
+    }): Promise<AccessToken>;
+    /**
+     * Find a user by the user id.
+     */
+    findById(identifier: string | number | BigInt): Promise<AccessTokensGuardUser<RealUser> | null>;
+    /**
+     * Verify a token by its publicly shared value.
+     */
+    verifyToken(tokenValue: Secret<string>): Promise<AccessToken | null>;
+}
+/**
+ * Events emitted by the access tokens guard during
+ * authentication
+ */
+export type AccessTokensGuardEvents<RealUser> = {
+    /**
+     * Attempting to authenticate the user
+     */
+    'access_tokens_auth:authentication_attempted': {
+        ctx: HttpContext;
+        guardName: string;
+    };
+    /**
+     * Authentication was successful
+     */
+    'access_tokens_auth:authentication_succeeded': {
+        ctx: HttpContext;
+        guardName: string;
+        user: RealUser;
+        token: AccessToken;
+    };
+    /**
+     * Authentication failed
+     */
+    'access_tokens_auth:authentication_failed': {
+        ctx: HttpContext;
+        guardName: string;
+        error: Exception;
+    };
+};

package/build/modules/access_tokens_guard/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=types.js.map

package/build/modules/access_tokens_guard/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/build/modules/access_tokens_guard/user_providers/lucid.d.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import { Secret } from '@adonisjs/core/helpers';
+import { AccessToken } from '../access_token.js';
+import { PROVIDER_REAL_USER } from '../../../src/symbols.js';
+import type { LucidTokenable, AccessTokensGuardUser, AccessTokensUserProviderContract, AccessTokensLucidUserProviderOptions } from '../types.js';
+/**
+ * Uses a lucid model to verify access tokens and find a user during
+ * authentication
+ */
+export declare class AccessTokensLucidUserProvider<TokenableProperty extends string, UserModel extends LucidTokenable<TokenableProperty>> implements AccessTokensUserProviderContract<InstanceType<UserModel>> {
+    /**
+     * Lucid provider options
+     */
+    protected options: AccessTokensLucidUserProviderOptions<TokenableProperty, UserModel>;
+    [PROVIDER_REAL_USER]: InstanceType<UserModel>;
+    /**
+     * Reference to the lazily imported model
+     */
+    protected model?: UserModel;
+    constructor(
+    /**
+     * Lucid provider options
+     */
+    options: AccessTokensLucidUserProviderOptions<TokenableProperty, UserModel>);
+    /**
+     * Imports the model from the provider, returns and caches it
+     * for further operations.
+     */
+    protected getModel(): Promise<UserModel>;
+    /**
+     * Returns the tokens provider associated with the user model
+     */
+    protected getTokensProvider(): Promise<UserModel[TokenableProperty]>;
+    /**
+     * Creates an adapter user for the guard
+     */
+    createUserForGuard(user: InstanceType<UserModel>): Promise<AccessTokensGuardUser<InstanceType<UserModel>>>;
+    /**
+     * Create a token for a given user
+     */
+    createToken(user: InstanceType<UserModel>, abilities?: string[] | undefined, options?: {
+        name?: string;
+        expiresIn?: string | number;
+    }): Promise<AccessToken>;
+    /**
+     * Finds a user by the user id
+     */
+    findById(identifier: string | number | BigInt): Promise<AccessTokensGuardUser<InstanceType<UserModel>> | null>;
+    /**
+     * Verifies a publicly shared access token and returns an
+     * access token for it.
+     */
+    verifyToken(tokenValue: Secret<string>): Promise<AccessToken | null>;
+}

package/build/modules/session_guard/define_config.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { ConfigProvider } from '@adonisjs/core/types';
+import { SessionGuard } from './guard.js';
+import type { GuardConfigProvider } from '../../src/types.js';
+import { SessionLucidUserProvider } from './user_providers/lucid.js';
+import type { SessionGuardOptions, LucidAuthenticatable, SessionUserProviderContract, SessionLucidUserProviderOptions, SessionWithTokensUserProviderContract } from './types.js';
+/**
+ * Configures session tokens guard for authentication
+ */
+export declare function sessionGuard<UseRememberTokens extends boolean, UserProvider extends UseRememberTokens extends true ? SessionWithTokensUserProviderContract<unknown> : SessionUserProviderContract<unknown>>(config: {
+    provider: UserProvider | ConfigProvider<UserProvider>;
+} & SessionGuardOptions<UseRememberTokens>): GuardConfigProvider<(ctx: HttpContext) => SessionGuard<UseRememberTokens, UserProvider>>;
+/**
+ * Configures user provider that uses Lucid models to authenticate
+ * users using sessions
+ */
+export declare function sessionUserProvider<Model extends LucidAuthenticatable>(config: SessionLucidUserProviderOptions<Model>): SessionLucidUserProvider<Model>;

package/build/modules/session_guard/guard.d.ts ADDED Viewed

@@ -0,0 +1,98 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { EmitterLike } from '@adonisjs/core/types/events';
+import type { AuthClientResponse, GuardContract } from '../../src/types.js';
+import { GUARD_KNOWN_EVENTS, PROVIDER_REAL_USER } from '../../src/symbols.js';
+import type { SessionGuardEvents, SessionGuardOptions, SessionUserProviderContract, SessionWithTokensUserProviderContract } from './types.js';
+/**
+ * Session guard uses AdonisJS session store to track logged-in
+ * user information.
+ */
+export declare class SessionGuard<UseRememberTokens extends boolean, UserProvider extends UseRememberTokens extends true ? SessionWithTokensUserProviderContract<unknown> : SessionUserProviderContract<unknown>> implements GuardContract<UserProvider[typeof PROVIDER_REAL_USER]> {
+    #private;
+    /**
+     * Events emitted by the guard
+     */
+    [GUARD_KNOWN_EVENTS]: SessionGuardEvents<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Driver name of the guard
+     */
+    driverName: 'session';
+    /**
+     * Whether or not the authentication has been attempted
+     * during the current request.
+     */
+    authenticationAttempted: boolean;
+    /**
+     * A boolean to know if a remember me token was used in attempt
+     * to login a user.
+     */
+    attemptedViaRemember: boolean;
+    /**
+     * A boolean to know if the current request has
+     * been authenticated
+     */
+    isAuthenticated: boolean;
+    /**
+     * A boolean to know if the current request is authenticated
+     * using the "rememember_me" token.
+     */
+    viaRemember: boolean;
+    /**
+     * Find if the user has been logged out during
+     * the current request
+     */
+    isLoggedOut: boolean;
+    /**
+     * Reference to an instance of the authenticated user.
+     * The value only exists after calling one of the
+     * following methods.
+     *
+     * - authenticate
+     * - check
+     *
+     * You can use the "getUserOrFail" method to throw an exception if
+     * the request is not authenticated.
+     */
+    user?: UserProvider[typeof PROVIDER_REAL_USER];
+    /**
+     * The key used to store the logged-in user id inside
+     * session
+     */
+    get sessionKeyName(): string;
+    /**
+     * The key used to store the remember me token cookie
+     */
+    get rememberMeKeyName(): string;
+    constructor(name: string, ctx: HttpContext, options: SessionGuardOptions<UseRememberTokens>, emitter: EmitterLike<SessionGuardEvents<UserProvider[typeof PROVIDER_REAL_USER]>>, userProvider: UserProvider);
+    /**
+     * Returns an instance of the authenticated user. Or throws
+     * an exception if the request is not authenticated.
+     */
+    getUserOrFail(): UserProvider[typeof PROVIDER_REAL_USER];
+    /**
+     * Login user using sessions. Optionally, you can also create
+     * a remember me token to automatically login user when their
+     * session expires.
+     */
+    login(user: UserProvider[typeof PROVIDER_REAL_USER], remember?: boolean): Promise<void>;
+    /**
+     * Logout a user by removing its state from the session
+     * store and delete the remember me cookie (if any).
+     */
+    logout(): Promise<void>;
+    /**
+     * Authenticate the current HTTP request by verifying the bearer
+     * token or fails with an exception
+     */
+    authenticate(): Promise<UserProvider[typeof PROVIDER_REAL_USER]>;
+    /**
+     * Silently check if the user is authenticated or not, without
+     * throwing any exceptions
+     */
+    check(): Promise<boolean>;
+    /**
+     * Returns the session info for the clients to send during
+     * an HTTP request to mark the user as logged-in.
+     */
+    authenticateAsClient(user: UserProvider[typeof PROVIDER_REAL_USER]): Promise<AuthClientResponse>;
+}

package/build/modules/session_guard/main.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export { RememberMeToken } from './remember_me_token.js';
+export { SessionGuard } from './guard.js';
+export { DbRememberMeTokensProvider } from './token_providers/db.js';
+export { sessionGuard, sessionUserProvider } from './define_config.js';
+export { SessionLucidUserProvider } from './user_providers/lucid.js';