@aooth/user 0.1.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 aoothjs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,38 @@
+<p align="center">
+  <a href="https://aooth.moost.org">
+    <img src="https://aooth.moost.org/logo.svg" alt="aoothjs" width="120" />
+  </a>
+</p>
+
+<h1 align="center">@aooth/user</h1>
+
+<p align="center">
+  User credential primitives for aoothjs — password hashing, MFA (TOTP, codes, backup codes), lockout, policy engine, and pluggable storage.
+</p>
+
+<p align="center">
+  <a href="https://aooth.moost.org/user/"><strong>Documentation →</strong></a>
+</p>
+
+---
+
+## Install
+
+```bash
+pnpm add @aooth/user
+```
+
+## Documentation
+
+Full docs, API reference, and recipes: **https://aooth.moost.org/user/**
+
+- [Quick start](https://aooth.moost.org/guide/quick-start)
+- [`UserService`](https://aooth.moost.org/user/service)
+- [Password + policy](https://aooth.moost.org/user/password)
+- [MFA](https://aooth.moost.org/user/mfa)
+- [Stores](https://aooth.moost.org/user/stores)
+- [API reference](https://aooth.moost.org/api/user)
+
+## License
+
+MIT

package/dist/atscript-db.cjs

@@ -0,0 +1,44 @@
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const require_user_store = require("./user-store-CdWrTeqR.cjs");
+//#region src/atscript-db/index.ts
+function isConflict(err) {
+	return typeof err === "object" && err !== null && err.code === "CONFLICT";
+}
+/**
+* `@atscript/db`-backed `UserStore`. Pass the resolved table for the
+* `AoothUserCredentials` (or a `.as` interface extending it) shipped at the
+* `@aooth/user/atscript-db/model.as` subpath.
+*/
+var UsersStoreAtscriptDb = class extends require_user_store.UserStore {
+	table;
+	constructor(opts) {
+		super();
+		this.table = opts.table;
+	}
+	async exists(username) {
+		return await this.table.count({ filter: { username } }) > 0;
+	}
+	async findByUsername(username) {
+		return await this.table.findOne({ filter: { username } }) ?? null;
+	}
+	async create(data) {
+		try {
+			await this.table.insertOne(data);
+		} catch (e) {
+			if (isConflict(e)) throw new require_user_store.UserAuthError("ALREADY_EXISTS", `User "${data.username}" already exists`);
+			throw e;
+		}
+	}
+	async update(username, update) {
+		const patch = { username };
+		if (update.set) Object.assign(patch, update.set);
+		if (update.inc) for (const [path, amount] of Object.entries(update.inc)) require_user_store.setAtPath(patch, path, { $inc: amount });
+		if (Object.keys(patch).length <= 1) return true;
+		return (await this.table.updateOne(patch)).matchedCount > 0;
+	}
+	async delete(username) {
+		return (await this.table.deleteMany({ username })).deletedCount > 0;
+	}
+};
+//#endregion
+exports.UsersStoreAtscriptDb = UsersStoreAtscriptDb;

package/dist/atscript-db.d.cts

@@ -0,0 +1,55 @@
+import { C as UserStoreUpdate, t as UserStore, x as UserCredentials } from "./user-store-VJPWNgdp.cjs";
+
+//#region src/atscript-db/index.d.ts
+/**
+ * Persisted row shape — `UserCredentials` plus the consumer's custom user
+ * fields. The `.as` model shipped at `@aooth/user/atscript-db/model.as`
+ * (`AoothUserCredentials`) matches by construction; consumers extend it with
+ * their own `.as` interface to add custom columns.
+ */
+type UserCredentialsRow<TUserCustom extends object = object> = UserCredentials & TUserCustom;
+/**
+ * Structural surface of `AtscriptDbTable` covering exactly the methods this
+ * adapter calls. Kept loose to avoid pulling `@atscript/db` types into the
+ * `@aooth/user` public surface — consumers pass `db.getTable(AoothUserCredentials)`
+ * directly and TypeScript matches by-shape.
+ *
+ * Mirrors `AuthCredentialTable` from `@aooth/auth/atscript-db`.
+ */
+interface AuthUserTable<TUserCustom extends object = object> {
+  count(query: {
+    filter: Record<string, unknown>;
+  }): Promise<number>;
+  findOne(query: {
+    filter: Record<string, unknown>;
+  }): Promise<UserCredentialsRow<TUserCustom> | null>;
+  insertOne(row: Record<string, unknown>): Promise<{
+    insertedId: unknown;
+  }>;
+  updateOne(patch: Record<string, unknown>): Promise<{
+    matchedCount: number;
+    modifiedCount: number;
+  }>;
+  deleteMany(filter: Record<string, unknown>): Promise<{
+    deletedCount: number;
+  }>;
+}
+interface UsersStoreAtscriptDbOptions<TUserCustom extends object> {
+  table: AuthUserTable<TUserCustom>;
+}
+/**
+ * `@atscript/db`-backed `UserStore`. Pass the resolved table for the
+ * `AoothUserCredentials` (or a `.as` interface extending it) shipped at the
+ * `@aooth/user/atscript-db/model.as` subpath.
+ */
+declare class UsersStoreAtscriptDb<TUserCustom extends object = object> extends UserStore<TUserCustom> {
+  protected table: AuthUserTable<TUserCustom>;
+  constructor(opts: UsersStoreAtscriptDbOptions<TUserCustom>);
+  exists(username: string): Promise<boolean>;
+  findByUsername(username: string): Promise<(UserCredentials & TUserCustom) | null>;
+  create(data: UserCredentials & TUserCustom): Promise<void>;
+  update(username: string, update: UserStoreUpdate): Promise<boolean>;
+  delete(username: string): Promise<boolean>;
+}
+//#endregion
+export { AuthUserTable, UserCredentialsRow, UsersStoreAtscriptDb };

package/dist/atscript-db.d.mts

@@ -0,0 +1,55 @@
+import { C as UserStoreUpdate, t as UserStore, x as UserCredentials } from "./user-store-Dbc9unW3.mjs";
+
+//#region src/atscript-db/index.d.ts
+/**
+ * Persisted row shape — `UserCredentials` plus the consumer's custom user
+ * fields. The `.as` model shipped at `@aooth/user/atscript-db/model.as`
+ * (`AoothUserCredentials`) matches by construction; consumers extend it with
+ * their own `.as` interface to add custom columns.
+ */
+type UserCredentialsRow<TUserCustom extends object = object> = UserCredentials & TUserCustom;
+/**
+ * Structural surface of `AtscriptDbTable` covering exactly the methods this
+ * adapter calls. Kept loose to avoid pulling `@atscript/db` types into the
+ * `@aooth/user` public surface — consumers pass `db.getTable(AoothUserCredentials)`
+ * directly and TypeScript matches by-shape.
+ *
+ * Mirrors `AuthCredentialTable` from `@aooth/auth/atscript-db`.
+ */
+interface AuthUserTable<TUserCustom extends object = object> {
+  count(query: {
+    filter: Record<string, unknown>;
+  }): Promise<number>;
+  findOne(query: {
+    filter: Record<string, unknown>;
+  }): Promise<UserCredentialsRow<TUserCustom> | null>;
+  insertOne(row: Record<string, unknown>): Promise<{
+    insertedId: unknown;
+  }>;
+  updateOne(patch: Record<string, unknown>): Promise<{
+    matchedCount: number;
+    modifiedCount: number;
+  }>;
+  deleteMany(filter: Record<string, unknown>): Promise<{
+    deletedCount: number;
+  }>;
+}
+interface UsersStoreAtscriptDbOptions<TUserCustom extends object> {
+  table: AuthUserTable<TUserCustom>;
+}
+/**
+ * `@atscript/db`-backed `UserStore`. Pass the resolved table for the
+ * `AoothUserCredentials` (or a `.as` interface extending it) shipped at the
+ * `@aooth/user/atscript-db/model.as` subpath.
+ */
+declare class UsersStoreAtscriptDb<TUserCustom extends object = object> extends UserStore<TUserCustom> {
+  protected table: AuthUserTable<TUserCustom>;
+  constructor(opts: UsersStoreAtscriptDbOptions<TUserCustom>);
+  exists(username: string): Promise<boolean>;
+  findByUsername(username: string): Promise<(UserCredentials & TUserCustom) | null>;
+  create(data: UserCredentials & TUserCustom): Promise<void>;
+  update(username: string, update: UserStoreUpdate): Promise<boolean>;
+  delete(username: string): Promise<boolean>;
+}
+//#endregion
+export { AuthUserTable, UserCredentialsRow, UsersStoreAtscriptDb };

package/dist/atscript-db.mjs

@@ -0,0 +1,43 @@
+import { c as setAtPath, l as UserAuthError, t as UserStore } from "./user-store-B_l9vqlQ.mjs";
+//#region src/atscript-db/index.ts
+function isConflict(err) {
+	return typeof err === "object" && err !== null && err.code === "CONFLICT";
+}
+/**
+* `@atscript/db`-backed `UserStore`. Pass the resolved table for the
+* `AoothUserCredentials` (or a `.as` interface extending it) shipped at the
+* `@aooth/user/atscript-db/model.as` subpath.
+*/
+var UsersStoreAtscriptDb = class extends UserStore {
+	table;
+	constructor(opts) {
+		super();
+		this.table = opts.table;
+	}
+	async exists(username) {
+		return await this.table.count({ filter: { username } }) > 0;
+	}
+	async findByUsername(username) {
+		return await this.table.findOne({ filter: { username } }) ?? null;
+	}
+	async create(data) {
+		try {
+			await this.table.insertOne(data);
+		} catch (e) {
+			if (isConflict(e)) throw new UserAuthError("ALREADY_EXISTS", `User "${data.username}" already exists`);
+			throw e;
+		}
+	}
+	async update(username, update) {
+		const patch = { username };
+		if (update.set) Object.assign(patch, update.set);
+		if (update.inc) for (const [path, amount] of Object.entries(update.inc)) setAtPath(patch, path, { $inc: amount });
+		if (Object.keys(patch).length <= 1) return true;
+		return (await this.table.updateOne(patch)).matchedCount > 0;
+	}
+	async delete(username) {
+		return (await this.table.deleteMany({ username })).deletedCount > 0;
+	}
+};
+//#endregion
+export { UsersStoreAtscriptDb };