@adonisjs/auth 9.0.1 → 9.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/build/index.js
CHANGED
|
@@ -90,7 +90,7 @@ function withAuthFinder(hash, options) {
|
|
|
90
90
|
static async hashPassword(user) {
|
|
91
91
|
if (user.$dirty[options.passwordColumnName]) {
|
|
92
92
|
;
|
|
93
|
-
user[options.passwordColumnName] = await hash.make(
|
|
93
|
+
user[options.passwordColumnName] = await hash().make(
|
|
94
94
|
user[options.passwordColumnName]
|
|
95
95
|
);
|
|
96
96
|
}
|
|
@@ -115,7 +115,7 @@ function withAuthFinder(hash, options) {
|
|
|
115
115
|
}
|
|
116
116
|
const user = await this.findForAuth(options.uids, uid);
|
|
117
117
|
if (!user) {
|
|
118
|
-
await hash.make(password);
|
|
118
|
+
await hash().make(password);
|
|
119
119
|
throw new E_INVALID_CREDENTIALS("Invalid user credentials");
|
|
120
120
|
}
|
|
121
121
|
const passwordHash = user[options.passwordColumnName];
|
|
@@ -124,7 +124,7 @@ function withAuthFinder(hash, options) {
|
|
|
124
124
|
`Cannot verify password during login. The value of column "${options.passwordColumnName}" is undefined or null`
|
|
125
125
|
);
|
|
126
126
|
}
|
|
127
|
-
if (await hash.verify(passwordHash, password)) {
|
|
127
|
+
if (await hash().verify(passwordHash, password)) {
|
|
128
128
|
return user;
|
|
129
129
|
}
|
|
130
130
|
throw new E_INVALID_CREDENTIALS("Invalid user credentials");
|
package/build/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../configure.ts","../src/symbols.ts","../src/define_config.ts","../src/mixins/with_auth_finder.ts"],"sourcesContent":["/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { presetAuth } from '@adonisjs/presets/auth'\nimport type Configure from '@adonisjs/core/commands/configure'\n\n/**\n * Configures the auth package\n */\nexport async function configure(command: Configure) {\n const codemods = await command.createCodemods()\n let guard: string | undefined = command.parsedFlags.guard\n\n /**\n * Prompts user to select a guard when not mentioned via\n * the CLI\n */\n if (guard === undefined) {\n guard = await command.prompt.choice(\n 'Select the auth guard you want to use',\n [\n {\n name: 'session',\n message: 'Session',\n },\n {\n name: 'access_tokens',\n message: 'Opaque access tokens',\n },\n ],\n {\n validate(value) {\n return !!value\n },\n }\n )\n }\n\n /**\n * Ensure selected or guard defined via the CLI flag is\n * valid\n */\n if (!['session', 'access_tokens'].includes(guard!)) {\n command.logger.error(\n `The selected guard \"${guard}\" is invalid. Select one from: session, access_tokens`\n )\n command.exitCode = 1\n return\n }\n\n await presetAuth(codemods, command.app, {\n guard: guard as 'session' | 'access_tokens',\n userProvider: 'lucid',\n })\n}\n","/*\n * @adonisjs/lucid\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\n/**\n * A symbol to identify the type of the real user for a given\n * user provider\n */\nexport const PROVIDER_REAL_USER = Symbol.for('PROVIDER_REAL_USER')\n\n/**\n * A symbol to identify the type for the events emitted by a guard\n */\nexport const GUARD_KNOWN_EVENTS = Symbol.for('GUARD_KNOWN_EVENTS')\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { configProvider } from '@adonisjs/core'\nimport type { ConfigProvider } from '@adonisjs/core/types'\nimport type { GuardConfigProvider, GuardFactory } from './types.js'\n\n/**\n * Config resolved by the \"defineConfig\" method\n */\nexport type ResolvedAuthConfig<\n KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>,\n> = {\n default: keyof KnownGuards\n guards: {\n [K in keyof KnownGuards]: KnownGuards[K] extends GuardConfigProvider<infer A>\n ? A\n : KnownGuards[K]\n }\n}\n\n/**\n * Define configuration for the auth package. The function returns\n * a config provider that is invoked inside the auth service\n * provider\n */\nexport function defineConfig<\n KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>,\n>(config: {\n default: keyof KnownGuards\n guards: KnownGuards\n}): ConfigProvider<ResolvedAuthConfig<KnownGuards>> {\n return configProvider.create(async (app) => {\n const guardsList = Object.keys(config.guards)\n const guards = {} as Record<string, GuardFactory>\n\n for (let guardName of guardsList) {\n const guard = config.guards[guardName]\n if (typeof guard === 'function') {\n guards[guardName] = guard\n } else {\n guards[guardName] = await guard.resolver(guardName, app)\n }\n }\n\n return {\n default: config.default,\n guards: guards,\n } as ResolvedAuthConfig<KnownGuards>\n })\n}\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport type { Hash } from '@adonisjs/core/hash'\nimport { RuntimeException } from '@adonisjs/core/exceptions'\nimport { beforeSave, type BaseModel } from '@adonisjs/lucid/orm'\nimport type { NormalizeConstructor } from '@adonisjs/core/types/helpers'\nimport { E_INVALID_CREDENTIALS } from '../errors.js'\n\n/**\n * Mixing to add user lookup and password verification methods\n * on a model.\n *\n * Under the hood, this mixin defines following methods and hooks\n *\n * - beforeSave hook to hash user password\n * - findForAuth method to find a user during authentication\n * - verifyCredentials method to verify user credentials and prevent\n * timing attacks.\n */\nexport function withAuthFinder(\n hash: Hash,\n options: {\n uids: string[]\n passwordColumnName: string\n }\n) {\n return <Model extends NormalizeConstructor<typeof BaseModel>>(superclass: Model) => {\n class UserWithUserFinder extends superclass {\n /**\n * Hook to verify user password when creating or updating\n * the user model.\n */\n @beforeSave()\n static async hashPassword<T extends typeof UserWithUserFinder>(\n this: T,\n user: InstanceType<T>\n ) {\n if (user.$dirty[options.passwordColumnName]) {\n ;(user as any)[options.passwordColumnName] = await hash.make(\n (user as any)[options.passwordColumnName]\n )\n }\n }\n\n /**\n * Finds the user for authentication via \"verifyCredentials\".\n * Feel free to override this method customize the user\n * lookup behavior.\n */\n static findForAuth<T extends typeof UserWithUserFinder>(\n this: T,\n uids: string[],\n value: string\n ): Promise<InstanceType<T> | null> {\n const query = this.query()\n uids.forEach((uid) => query.orWhere(uid, value))\n return query.limit(1).first()\n }\n\n /**\n * Find a user by uid and verify their password. This method is\n * safe from timing attacks.\n */\n static async verifyCredentials<T extends typeof UserWithUserFinder>(\n this: T,\n uid: string,\n password: string\n ) {\n /**\n * Fail when uid or the password are missing\n */\n if (!uid || !password) {\n throw new E_INVALID_CREDENTIALS('Invalid user credentials')\n }\n\n const user = await this.findForAuth(options.uids, uid)\n if (!user) {\n await hash.make(password)\n throw new E_INVALID_CREDENTIALS('Invalid user credentials')\n }\n\n const passwordHash = (user as any)[options.passwordColumnName]\n if (!passwordHash) {\n throw new RuntimeException(\n `Cannot verify password during login. The value of column \"${options.passwordColumnName}\" is undefined or null`\n )\n }\n\n if (await hash.verify(passwordHash, password)) {\n return user\n }\n\n throw new E_INVALID_CREDENTIALS('Invalid user credentials')\n }\n }\n\n return UserWithUserFinder\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;AASA,SAAS,kBAAkB;AAM3B,eAAsB,UAAU,SAAoB;AAClD,QAAM,WAAW,MAAM,QAAQ,eAAe;AAC9C,MAAI,QAA4B,QAAQ,YAAY;AAMpD,MAAI,UAAU,QAAW;AACvB,YAAQ,MAAM,QAAQ,OAAO;AAAA,MAC3B;AAAA,MACA;AAAA,QACE;AAAA,UACE,MAAM;AAAA,UACN,SAAS;AAAA,QACX;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MACA;AAAA,QACE,SAAS,OAAO;AACd,iBAAO,CAAC,CAAC;AAAA,QACX;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAMA,MAAI,CAAC,CAAC,WAAW,eAAe,EAAE,SAAS,KAAM,GAAG;AAClD,YAAQ,OAAO;AAAA,MACb,uBAAuB,KAAK;AAAA,IAC9B;AACA,YAAQ,WAAW;AACnB;AAAA,EACF;AAEA,QAAM,WAAW,UAAU,QAAQ,KAAK;AAAA,IACtC;AAAA,IACA,cAAc;AAAA,EAChB,CAAC;AACH;;;AC5DA;AAAA;AAAA;AAAA;AAAA;AAaO,IAAM,qBAAqB,OAAO,IAAI,oBAAoB;AAK1D,IAAM,qBAAqB,OAAO,IAAI,oBAAoB;;;ACTjE,SAAS,sBAAsB;AAuBxB,SAAS,aAEd,QAGkD;AAClD,SAAO,eAAe,OAAO,OAAO,QAAQ;AAC1C,UAAM,aAAa,OAAO,KAAK,OAAO,MAAM;AAC5C,UAAM,SAAS,CAAC;AAEhB,aAAS,aAAa,YAAY;AAChC,YAAM,QAAQ,OAAO,OAAO,SAAS;AACrC,UAAI,OAAO,UAAU,YAAY;AAC/B,eAAO,SAAS,IAAI;AAAA,MACtB,OAAO;AACL,eAAO,SAAS,IAAI,MAAM,MAAM,SAAS,WAAW,GAAG;AAAA,MACzD;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS,OAAO;AAAA,MAChB;AAAA,IACF;AAAA,EACF,CAAC;AACH;;;AC9CA,SAAS,wBAAwB;AACjC,SAAS,kBAAkC;AAepC,SAAS,eACd,MACA,SAIA;AACA,SAAO,CAAuD,eAAsB;AAAA,IAClF,MAAM,2BAA2B,WAAW;AAAA,MAM1C,aAAa,aAEX,MACA;AACA,YAAI,KAAK,OAAO,QAAQ,kBAAkB,GAAG;AAC3C;AAAC,UAAC,KAAa,QAAQ,kBAAkB,IAAI,MAAM,KAAK;AAAA,
|
|
1
|
+
{"version":3,"sources":["../configure.ts","../src/symbols.ts","../src/define_config.ts","../src/mixins/with_auth_finder.ts"],"sourcesContent":["/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { presetAuth } from '@adonisjs/presets/auth'\nimport type Configure from '@adonisjs/core/commands/configure'\n\n/**\n * Configures the auth package\n */\nexport async function configure(command: Configure) {\n const codemods = await command.createCodemods()\n let guard: string | undefined = command.parsedFlags.guard\n\n /**\n * Prompts user to select a guard when not mentioned via\n * the CLI\n */\n if (guard === undefined) {\n guard = await command.prompt.choice(\n 'Select the auth guard you want to use',\n [\n {\n name: 'session',\n message: 'Session',\n },\n {\n name: 'access_tokens',\n message: 'Opaque access tokens',\n },\n ],\n {\n validate(value) {\n return !!value\n },\n }\n )\n }\n\n /**\n * Ensure selected or guard defined via the CLI flag is\n * valid\n */\n if (!['session', 'access_tokens'].includes(guard!)) {\n command.logger.error(\n `The selected guard \"${guard}\" is invalid. Select one from: session, access_tokens`\n )\n command.exitCode = 1\n return\n }\n\n await presetAuth(codemods, command.app, {\n guard: guard as 'session' | 'access_tokens',\n userProvider: 'lucid',\n })\n}\n","/*\n * @adonisjs/lucid\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\n/**\n * A symbol to identify the type of the real user for a given\n * user provider\n */\nexport const PROVIDER_REAL_USER = Symbol.for('PROVIDER_REAL_USER')\n\n/**\n * A symbol to identify the type for the events emitted by a guard\n */\nexport const GUARD_KNOWN_EVENTS = Symbol.for('GUARD_KNOWN_EVENTS')\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { configProvider } from '@adonisjs/core'\nimport type { ConfigProvider } from '@adonisjs/core/types'\nimport type { GuardConfigProvider, GuardFactory } from './types.js'\n\n/**\n * Config resolved by the \"defineConfig\" method\n */\nexport type ResolvedAuthConfig<\n KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>,\n> = {\n default: keyof KnownGuards\n guards: {\n [K in keyof KnownGuards]: KnownGuards[K] extends GuardConfigProvider<infer A>\n ? A\n : KnownGuards[K]\n }\n}\n\n/**\n * Define configuration for the auth package. The function returns\n * a config provider that is invoked inside the auth service\n * provider\n */\nexport function defineConfig<\n KnownGuards extends Record<string, GuardFactory | GuardConfigProvider<GuardFactory>>,\n>(config: {\n default: keyof KnownGuards\n guards: KnownGuards\n}): ConfigProvider<ResolvedAuthConfig<KnownGuards>> {\n return configProvider.create(async (app) => {\n const guardsList = Object.keys(config.guards)\n const guards = {} as Record<string, GuardFactory>\n\n for (let guardName of guardsList) {\n const guard = config.guards[guardName]\n if (typeof guard === 'function') {\n guards[guardName] = guard\n } else {\n guards[guardName] = await guard.resolver(guardName, app)\n }\n }\n\n return {\n default: config.default,\n guards: guards,\n } as ResolvedAuthConfig<KnownGuards>\n })\n}\n","/*\n * @adonisjs/auth\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport type { Hash } from '@adonisjs/core/hash'\nimport { RuntimeException } from '@adonisjs/core/exceptions'\nimport { beforeSave, type BaseModel } from '@adonisjs/lucid/orm'\nimport type { NormalizeConstructor } from '@adonisjs/core/types/helpers'\nimport { E_INVALID_CREDENTIALS } from '../errors.js'\n\n/**\n * Mixing to add user lookup and password verification methods\n * on a model.\n *\n * Under the hood, this mixin defines following methods and hooks\n *\n * - beforeSave hook to hash user password\n * - findForAuth method to find a user during authentication\n * - verifyCredentials method to verify user credentials and prevent\n * timing attacks.\n */\nexport function withAuthFinder(\n hash: () => Hash,\n options: {\n uids: string[]\n passwordColumnName: string\n }\n) {\n return <Model extends NormalizeConstructor<typeof BaseModel>>(superclass: Model) => {\n class UserWithUserFinder extends superclass {\n /**\n * Hook to verify user password when creating or updating\n * the user model.\n */\n @beforeSave()\n static async hashPassword<T extends typeof UserWithUserFinder>(\n this: T,\n user: InstanceType<T>\n ) {\n if (user.$dirty[options.passwordColumnName]) {\n ;(user as any)[options.passwordColumnName] = await hash().make(\n (user as any)[options.passwordColumnName]\n )\n }\n }\n\n /**\n * Finds the user for authentication via \"verifyCredentials\".\n * Feel free to override this method customize the user\n * lookup behavior.\n */\n static findForAuth<T extends typeof UserWithUserFinder>(\n this: T,\n uids: string[],\n value: string\n ): Promise<InstanceType<T> | null> {\n const query = this.query()\n uids.forEach((uid) => query.orWhere(uid, value))\n return query.limit(1).first()\n }\n\n /**\n * Find a user by uid and verify their password. This method is\n * safe from timing attacks.\n */\n static async verifyCredentials<T extends typeof UserWithUserFinder>(\n this: T,\n uid: string,\n password: string\n ) {\n /**\n * Fail when uid or the password are missing\n */\n if (!uid || !password) {\n throw new E_INVALID_CREDENTIALS('Invalid user credentials')\n }\n\n const user = await this.findForAuth(options.uids, uid)\n if (!user) {\n await hash().make(password)\n throw new E_INVALID_CREDENTIALS('Invalid user credentials')\n }\n\n const passwordHash = (user as any)[options.passwordColumnName]\n if (!passwordHash) {\n throw new RuntimeException(\n `Cannot verify password during login. The value of column \"${options.passwordColumnName}\" is undefined or null`\n )\n }\n\n if (await hash().verify(passwordHash, password)) {\n return user\n }\n\n throw new E_INVALID_CREDENTIALS('Invalid user credentials')\n }\n }\n\n return UserWithUserFinder\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;AASA,SAAS,kBAAkB;AAM3B,eAAsB,UAAU,SAAoB;AAClD,QAAM,WAAW,MAAM,QAAQ,eAAe;AAC9C,MAAI,QAA4B,QAAQ,YAAY;AAMpD,MAAI,UAAU,QAAW;AACvB,YAAQ,MAAM,QAAQ,OAAO;AAAA,MAC3B;AAAA,MACA;AAAA,QACE;AAAA,UACE,MAAM;AAAA,UACN,SAAS;AAAA,QACX;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MACA;AAAA,QACE,SAAS,OAAO;AACd,iBAAO,CAAC,CAAC;AAAA,QACX;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAMA,MAAI,CAAC,CAAC,WAAW,eAAe,EAAE,SAAS,KAAM,GAAG;AAClD,YAAQ,OAAO;AAAA,MACb,uBAAuB,KAAK;AAAA,IAC9B;AACA,YAAQ,WAAW;AACnB;AAAA,EACF;AAEA,QAAM,WAAW,UAAU,QAAQ,KAAK;AAAA,IACtC;AAAA,IACA,cAAc;AAAA,EAChB,CAAC;AACH;;;AC5DA;AAAA;AAAA;AAAA;AAAA;AAaO,IAAM,qBAAqB,OAAO,IAAI,oBAAoB;AAK1D,IAAM,qBAAqB,OAAO,IAAI,oBAAoB;;;ACTjE,SAAS,sBAAsB;AAuBxB,SAAS,aAEd,QAGkD;AAClD,SAAO,eAAe,OAAO,OAAO,QAAQ;AAC1C,UAAM,aAAa,OAAO,KAAK,OAAO,MAAM;AAC5C,UAAM,SAAS,CAAC;AAEhB,aAAS,aAAa,YAAY;AAChC,YAAM,QAAQ,OAAO,OAAO,SAAS;AACrC,UAAI,OAAO,UAAU,YAAY;AAC/B,eAAO,SAAS,IAAI;AAAA,MACtB,OAAO;AACL,eAAO,SAAS,IAAI,MAAM,MAAM,SAAS,WAAW,GAAG;AAAA,MACzD;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS,OAAO;AAAA,MAChB;AAAA,IACF;AAAA,EACF,CAAC;AACH;;;AC9CA,SAAS,wBAAwB;AACjC,SAAS,kBAAkC;AAepC,SAAS,eACd,MACA,SAIA;AACA,SAAO,CAAuD,eAAsB;AAAA,IAClF,MAAM,2BAA2B,WAAW;AAAA,MAM1C,aAAa,aAEX,MACA;AACA,YAAI,KAAK,OAAO,QAAQ,kBAAkB,GAAG;AAC3C;AAAC,UAAC,KAAa,QAAQ,kBAAkB,IAAI,MAAM,KAAK,EAAE;AAAA,YACvD,KAAa,QAAQ,kBAAkB;AAAA,UAC1C;AAAA,QACF;AAAA,MACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAOA,OAAO,YAEL,MACA,OACiC;AACjC,cAAM,QAAQ,KAAK,MAAM;AACzB,aAAK,QAAQ,CAAC,QAAQ,MAAM,QAAQ,KAAK,KAAK,CAAC;AAC/C,eAAO,MAAM,MAAM,CAAC,EAAE,MAAM;AAAA,MAC9B;AAAA;AAAA;AAAA;AAAA;AAAA,MAMA,aAAa,kBAEX,KACA,UACA;AAIA,YAAI,CAAC,OAAO,CAAC,UAAU;AACrB,gBAAM,IAAI,sBAAsB,0BAA0B;AAAA,QAC5D;AAEA,cAAM,OAAO,MAAM,KAAK,YAAY,QAAQ,MAAM,GAAG;AACrD,YAAI,CAAC,MAAM;AACT,gBAAM,KAAK,EAAE,KAAK,QAAQ;AAC1B,gBAAM,IAAI,sBAAsB,0BAA0B;AAAA,QAC5D;AAEA,cAAM,eAAgB,KAAa,QAAQ,kBAAkB;AAC7D,YAAI,CAAC,cAAc;AACjB,gBAAM,IAAI;AAAA,YACR,6DAA6D,QAAQ,kBAAkB;AAAA,UACzF;AAAA,QACF;AAEA,YAAI,MAAM,KAAK,EAAE,OAAO,cAAc,QAAQ,GAAG;AAC/C,iBAAO;AAAA,QACT;AAEA,cAAM,IAAI,sBAAsB,0BAA0B;AAAA,MAC5D;AAAA,IACF;AA7De;AAAA,MADZ,WAAW;AAAA,OALR,oBAMS;AA+Df,WAAO;AAAA,EACT;AACF;","names":[]}
|
|
@@ -11,7 +11,7 @@ import type { NormalizeConstructor } from '@adonisjs/core/types/helpers';
|
|
|
11
11
|
* - verifyCredentials method to verify user credentials and prevent
|
|
12
12
|
* timing attacks.
|
|
13
13
|
*/
|
|
14
|
-
export declare function withAuthFinder(hash: Hash, options: {
|
|
14
|
+
export declare function withAuthFinder(hash: () => Hash, options: {
|
|
15
15
|
uids: string[];
|
|
16
16
|
passwordColumnName: string;
|
|
17
17
|
}): <Model extends NormalizeConstructor<import("@adonisjs/lucid/types/model").LucidModel>>(superclass: Model) => {
|