@aooth/user 0.1.16 → 0.1.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/atscript-db.cjs +1 -1
  2. package/dist/atscript-db.mjs +1 -1
  3. package/dist/{federated-identity-store-CHW1xtMp.mjs → federated-identity-store-CRycYlMj.mjs} +18 -25
  4. package/dist/{federated-identity-store-BEEEcoaP.cjs → federated-identity-store-D-LvRXdx.cjs} +17 -30
  5. package/dist/index.cjs +4 -2
  6. package/dist/index.mjs +5 -3
  7. package/package.json +7 -7
package/dist/atscript-db.cjs CHANGED
@@ -1,5 +1,5 @@
1
1
  Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
2
- const require_federated_identity_store = require("./federated-identity-store-BEEEcoaP.cjs");
2
+ const require_federated_identity_store = require("./federated-identity-store-D-LvRXdx.cjs");
3
3
  let node_crypto = require("node:crypto");
4
4
  //#region src/atscript-db/federated-identity-store.ts
5
5
  function isConflict$1(err) {
package/dist/atscript-db.mjs CHANGED
@@ -1,4 +1,4 @@
1
- import { d as UserAuthError, n as pickDefinedProfile, r as UserStore, t as FederatedIdentityStore, u as setAtPath } from "./federated-identity-store-CHW1xtMp.mjs";
1
+ import { c as setAtPath, l as UserStore, n as pickDefinedProfile, t as FederatedIdentityStore, u as UserAuthError } from "./federated-identity-store-CRycYlMj.mjs";
2
2
  import { randomUUID } from "node:crypto";
3
3
  //#region src/atscript-db/federated-identity-store.ts
4
4
  function isConflict$1(err) {
package/dist/{federated-identity-store-CHW1xtMp.mjs → federated-identity-store-CRycYlMj.mjs} RENAMED
@@ -1,4 +1,4 @@
1
- import { randomBytes } from "node:crypto";
1
+ import "node:crypto";
2
2
  //#region src/errors.ts
3
3
  const defaultMessages = {
4
4
  NOT_FOUND: "User not found",
@@ -25,6 +25,22 @@ var UserAuthError = class extends Error {
25
25
  }
26
26
  };
27
27
  //#endregion
28
+ //#region src/store/user-store.ts
29
+ /**
30
+ * Storage seam for user credentials, keyed by the stable surrogate **`id`**
31
+ * (the token subject). Reads come in three flavours:
32
+ *
33
+ * - `findById` — strict, by the surrogate id; the canonical identity read used
34
+ * by authenticated flows that resolve the session subject (`getUserId()`).
35
+ * - `findByHandle` — deterministic LOGIN resolver (`username`, then the
36
+ * annotation-resolved handle fields — email, then phone — in order).
37
+ * - `findByIdentifier` — permissive internal/admin/recovery lookup (`id`, then
38
+ * the `findByHandle` chain).
39
+ *
40
+ * Writes (`update`/`delete`/`withCas`) all key on the surrogate `id`.
41
+ */
42
+ var UserStore = class {};
43
+ //#endregion
28
44
  //#region src/utils.ts
29
45
  function maskEmail(email) {
30
46
  if (!email) return "";
@@ -48,13 +64,6 @@ function mask(s) {
48
64
  const show = Math.max(1, Math.floor(s.length / 4));
49
65
  return s.slice(0, show) + "***" + s.slice(-show);
50
66
  }
51
- const DEFAULT_CHARSET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_=+";
52
- function generateSecureRandom(length, charset = DEFAULT_CHARSET) {
53
- const bytes = randomBytes(length);
54
- const result = Array.from({ length });
55
- for (let i = 0; i < length; i++) result[i] = charset[bytes[i] % charset.length];
56
- return result.join("");
57
- }
58
67
  function deepMerge(target, source) {
59
68
  const t = target;
60
69
  for (const key of Object.keys(source)) {
@@ -93,22 +102,6 @@ function incrementAtPath(obj, path, amount) {
93
102
  current[leaf] = (typeof existing === "number" ? existing : 0) + amount;
94
103
  }
95
104
  //#endregion
96
- //#region src/store/user-store.ts
97
- /**
98
- * Storage seam for user credentials, keyed by the stable surrogate **`id`**
99
- * (the token subject). Reads come in three flavours:
100
- *
101
- * - `findById` — strict, by the surrogate id; the canonical identity read used
102
- * by authenticated flows that resolve the session subject (`getUserId()`).
103
- * - `findByHandle` — deterministic LOGIN resolver (`username`, then the
104
- * annotation-resolved handle fields — email, then phone — in order).
105
- * - `findByIdentifier` — permissive internal/admin/recovery lookup (`id`, then
106
- * the `findByHandle` chain).
107
- *
108
- * Writes (`update`/`delete`/`withCas`) all key on the surrogate `id`.
109
- */
110
- var UserStore = class {};
111
- //#endregion
112
105
  //#region src/store/federated-identity-store.ts
113
106
  /**
114
107
  * Copy only the DEFINED display fields — so a `touchLogin` / `link` with a
@@ -134,4 +127,4 @@ function pickDefinedProfile(src) {
134
127
  */
135
128
  var FederatedIdentityStore = class {};
136
129
  //#endregion
137
- export { generateSecureRandom as a, maskMfaValue as c, UserAuthError as d, deepMerge as i, maskPhone as l, pickDefinedProfile as n, incrementAtPath as o, UserStore as r, maskEmail as s, FederatedIdentityStore as t, setAtPath as u };
130
+ export { maskEmail as a, setAtPath as c, incrementAtPath as i, UserStore as l, pickDefinedProfile as n, maskMfaValue as o, deepMerge as r, maskPhone as s, FederatedIdentityStore as t, UserAuthError as u };
package/dist/{federated-identity-store-BEEEcoaP.cjs → federated-identity-store-D-LvRXdx.cjs} RENAMED
@@ -1,4 +1,4 @@
1
- let node_crypto = require("node:crypto");
1
+ require("node:crypto");
2
2
  //#region src/errors.ts
3
3
  const defaultMessages = {
4
4
  NOT_FOUND: "User not found",
@@ -25,6 +25,22 @@ var UserAuthError = class extends Error {
25
25
  }
26
26
  };
27
27
  //#endregion
28
+ //#region src/store/user-store.ts
29
+ /**
30
+ * Storage seam for user credentials, keyed by the stable surrogate **`id`**
31
+ * (the token subject). Reads come in three flavours:
32
+ *
33
+ * - `findById` — strict, by the surrogate id; the canonical identity read used
34
+ * by authenticated flows that resolve the session subject (`getUserId()`).
35
+ * - `findByHandle` — deterministic LOGIN resolver (`username`, then the
36
+ * annotation-resolved handle fields — email, then phone — in order).
37
+ * - `findByIdentifier` — permissive internal/admin/recovery lookup (`id`, then
38
+ * the `findByHandle` chain).
39
+ *
40
+ * Writes (`update`/`delete`/`withCas`) all key on the surrogate `id`.
41
+ */
42
+ var UserStore = class {};
43
+ //#endregion
28
44
  //#region src/utils.ts
29
45
  function maskEmail(email) {
30
46
  if (!email) return "";
@@ -48,13 +64,6 @@ function mask(s) {
48
64
  const show = Math.max(1, Math.floor(s.length / 4));
49
65
  return s.slice(0, show) + "***" + s.slice(-show);
50
66
  }
51
- const DEFAULT_CHARSET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_=+";
52
- function generateSecureRandom(length, charset = DEFAULT_CHARSET) {
53
- const bytes = (0, node_crypto.randomBytes)(length);
54
- const result = Array.from({ length });
55
- for (let i = 0; i < length; i++) result[i] = charset[bytes[i] % charset.length];
56
- return result.join("");
57
- }
58
67
  function deepMerge(target, source) {
59
68
  const t = target;
60
69
  for (const key of Object.keys(source)) {
@@ -93,22 +102,6 @@ function incrementAtPath(obj, path, amount) {
93
102
  current[leaf] = (typeof existing === "number" ? existing : 0) + amount;
94
103
  }
95
104
  //#endregion
96
- //#region src/store/user-store.ts
97
- /**
98
- * Storage seam for user credentials, keyed by the stable surrogate **`id`**
99
- * (the token subject). Reads come in three flavours:
100
- *
101
- * - `findById` — strict, by the surrogate id; the canonical identity read used
102
- * by authenticated flows that resolve the session subject (`getUserId()`).
103
- * - `findByHandle` — deterministic LOGIN resolver (`username`, then the
104
- * annotation-resolved handle fields — email, then phone — in order).
105
- * - `findByIdentifier` — permissive internal/admin/recovery lookup (`id`, then
106
- * the `findByHandle` chain).
107
- *
108
- * Writes (`update`/`delete`/`withCas`) all key on the surrogate `id`.
109
- */
110
- var UserStore = class {};
111
- //#endregion
112
105
  //#region src/store/federated-identity-store.ts
113
106
  /**
114
107
  * Copy only the DEFINED display fields — so a `touchLogin` / `link` with a
@@ -158,12 +151,6 @@ Object.defineProperty(exports, "deepMerge", {
158
151
  return deepMerge;
159
152
  }
160
153
  });
161
- Object.defineProperty(exports, "generateSecureRandom", {
162
- enumerable: true,
163
- get: function() {
164
- return generateSecureRandom;
165
- }
166
- });
167
154
  Object.defineProperty(exports, "incrementAtPath", {
168
155
  enumerable: true,
169
156
  get: function() {
package/dist/index.cjs CHANGED
@@ -1,5 +1,5 @@
1
1
  Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
2
- const require_federated_identity_store = require("./federated-identity-store-BEEEcoaP.cjs");
2
+ const require_federated_identity_store = require("./federated-identity-store-D-LvRXdx.cjs");
3
3
  let node_crypto = require("node:crypto");
4
4
  //#region src/base-x/base32.ts
5
5
  /**
@@ -113,7 +113,9 @@ function verifyTotpCode(secret, code, config) {
113
113
  return matchedCounter;
114
114
  }
115
115
  function generateMfaCode(length = 6) {
116
- return require_federated_identity_store.generateSecureRandom(length, "0123456789");
116
+ let code = "";
117
+ for (let i = 0; i < length; i++) code += (0, node_crypto.randomInt)(10).toString();
118
+ return code;
117
119
  }
118
120
  function hotpCode(key, counter, digits) {
119
121
  const counterBuf = Buffer.alloc(8);
package/dist/index.mjs CHANGED
@@ -1,5 +1,5 @@
1
- import { a as generateSecureRandom, c as maskMfaValue, d as UserAuthError, i as deepMerge, l as maskPhone, n as pickDefinedProfile, o as incrementAtPath, r as UserStore, s as maskEmail, t as FederatedIdentityStore, u as setAtPath } from "./federated-identity-store-CHW1xtMp.mjs";
2
- import { createHash, createHmac, randomBytes, randomUUID, scrypt, timingSafeEqual } from "node:crypto";
1
+ import { a as maskEmail, c as setAtPath, i as incrementAtPath, l as UserStore, n as pickDefinedProfile, o as maskMfaValue, r as deepMerge, s as maskPhone, t as FederatedIdentityStore, u as UserAuthError } from "./federated-identity-store-CRycYlMj.mjs";
2
+ import { createHash, createHmac, randomBytes, randomInt, randomUUID, scrypt, timingSafeEqual } from "node:crypto";
3
3
  //#region src/base-x/base32.ts
4
4
  /**
5
5
  * Partially copied from "thirty-two" library, all credits to Chris Umbel.
@@ -112,7 +112,9 @@ function verifyTotpCode(secret, code, config) {
112
112
  return matchedCounter;
113
113
  }
114
114
  function generateMfaCode(length = 6) {
115
- return generateSecureRandom(length, "0123456789");
115
+ let code = "";
116
+ for (let i = 0; i < length; i++) code += randomInt(10).toString();
117
+ return code;
116
118
  }
117
119
  function hotpCode(key, counter, digits) {
118
120
  const counterBuf = Buffer.alloc(8);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aooth/user",
3
- "version": "0.1.16",
3
+ "version": "0.1.17",
4
4
  "description": "User credential primitives for aoothjs",
5
5
  "keywords": [
6
6
  "aoothjs",
@@ -60,14 +60,14 @@
60
60
  "access": "public"
61
61
  },
62
62
  "devDependencies": {
63
- "@atscript/core": "^0.1.74",
64
- "@atscript/db": "^0.1.102",
65
- "@atscript/db-sql-tools": "^0.1.102",
66
- "@atscript/db-sqlite": "^0.1.102",
67
- "@atscript/typescript": "^0.1.74",
63
+ "@atscript/core": "^0.1.75",
64
+ "@atscript/db": "^0.1.104",
65
+ "@atscript/db-sql-tools": "^0.1.104",
66
+ "@atscript/db-sqlite": "^0.1.104",
67
+ "@atscript/typescript": "^0.1.75",
68
68
  "@types/better-sqlite3": "^7.6.13",
69
69
  "better-sqlite3": "^12.6.2",
70
- "unplugin-atscript": "^0.1.74"
70
+ "unplugin-atscript": "^0.1.75"
71
71
  },
72
72
  "peerDependencies": {
73
73
  "@atscript/db": ">=0.1.79"