npm - @arikajs/auth - Versions diffs - 0.0.4 → 0.0.6 - Mend

@arikajs/auth 0.0.4 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (148) hide show

package/README.md +175 -53
package/dist/AuthContext.d.ts +24 -0
package/dist/AuthContext.d.ts.map +1 -0
package/dist/AuthContext.js +65 -0
package/dist/AuthContext.js.map +1 -0
package/dist/AuthManager.d.ts +33 -8
package/dist/AuthManager.d.ts.map +1 -1
package/dist/AuthManager.js +194 -51
package/dist/AuthManager.js.map +1 -1
package/dist/Contracts/CanResetPassword.d.ts +11 -0
package/dist/Contracts/CanResetPassword.d.ts.map +1 -0
package/dist/Contracts/CanResetPassword.js +3 -0
package/dist/Contracts/CanResetPassword.js.map +1 -0
package/dist/Contracts/CanVerifyEmail.d.ts +19 -0
package/dist/Contracts/CanVerifyEmail.d.ts.map +1 -0
package/dist/Contracts/CanVerifyEmail.js +3 -0
package/dist/Contracts/CanVerifyEmail.js.map +1 -0
package/dist/Contracts/EventDispatcher.d.ts +7 -0
package/dist/Contracts/EventDispatcher.d.ts.map +1 -0
package/dist/Contracts/EventDispatcher.js +3 -0
package/dist/Contracts/EventDispatcher.js.map +1 -0
package/dist/Contracts/PasswordBroker.d.ts +18 -0
package/dist/Contracts/PasswordBroker.d.ts.map +1 -0
package/dist/Contracts/PasswordBroker.js +11 -0
package/dist/Contracts/PasswordBroker.js.map +1 -0
package/dist/Contracts/RateLimiter.d.ts +15 -0
package/dist/Contracts/RateLimiter.d.ts.map +1 -0
package/dist/Contracts/RateLimiter.js +3 -0
package/dist/Contracts/RateLimiter.js.map +1 -0
package/dist/Contracts/UserProvider.d.ts +4 -0
package/dist/Contracts/UserProvider.d.ts.map +1 -1
package/dist/Guards/BasicGuard.d.ts +17 -0
package/dist/Guards/BasicGuard.d.ts.map +1 -0
package/dist/Guards/BasicGuard.js +59 -0
package/dist/Guards/BasicGuard.js.map +1 -0
package/dist/Guards/JwtGuard.d.ts +36 -0
package/dist/Guards/JwtGuard.d.ts.map +1 -0
package/dist/Guards/JwtGuard.js +158 -0
package/dist/Guards/JwtGuard.js.map +1 -0
package/dist/Guards/SessionGuard.d.ts +7 -3
package/dist/Guards/SessionGuard.d.ts.map +1 -1
package/dist/Guards/SessionGuard.js +104 -10
package/dist/Guards/SessionGuard.js.map +1 -1
package/dist/Hasher.d.ts +4 -0
package/dist/Hasher.d.ts.map +1 -1
package/dist/Hasher.js +6 -0
package/dist/Hasher.js.map +1 -1
package/dist/Middleware/Authenticate.d.ts +11 -2
package/dist/Middleware/Authenticate.d.ts.map +1 -1
package/dist/Middleware/Authenticate.js +42 -14
package/dist/Middleware/Authenticate.js.map +1 -1
package/dist/Middleware/EnsureEmailIsVerified.d.ts +8 -0
package/dist/Middleware/EnsureEmailIsVerified.d.ts.map +1 -0
package/dist/Middleware/EnsureEmailIsVerified.js +27 -0
package/dist/Middleware/EnsureEmailIsVerified.js.map +1 -0
package/dist/Passwords/PasswordResetBroker.d.ts +37 -0
package/dist/Passwords/PasswordResetBroker.d.ts.map +1 -0
package/dist/Passwords/PasswordResetBroker.js +128 -0
package/dist/Passwords/PasswordResetBroker.js.map +1 -0
package/dist/Providers/EloquentUserProvider.d.ts +30 -0
package/dist/Providers/EloquentUserProvider.d.ts.map +1 -0
package/dist/Providers/EloquentUserProvider.js +63 -0
package/dist/Providers/EloquentUserProvider.js.map +1 -0
package/dist/index.d.ts +11 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +11 -0
package/dist/index.js.map +1 -1
package/dist/src/AuthContext.d.ts +24 -0
package/dist/src/AuthContext.d.ts.map +1 -0
package/dist/src/AuthContext.js +65 -0
package/dist/src/AuthContext.js.map +1 -0
package/dist/src/AuthManager.d.ts +52 -0
package/dist/src/AuthManager.d.ts.map +1 -0
package/dist/src/AuthManager.js +255 -0
package/dist/src/AuthManager.js.map +1 -0
package/dist/src/Contracts/CanResetPassword.d.ts +11 -0
package/dist/src/Contracts/CanResetPassword.d.ts.map +1 -0
package/dist/src/Contracts/CanResetPassword.js +3 -0
package/dist/src/Contracts/CanResetPassword.js.map +1 -0
package/dist/src/Contracts/CanVerifyEmail.d.ts +19 -0
package/dist/src/Contracts/CanVerifyEmail.d.ts.map +1 -0
package/dist/src/Contracts/CanVerifyEmail.js +3 -0
package/dist/src/Contracts/CanVerifyEmail.js.map +1 -0
package/dist/src/Contracts/EventDispatcher.d.ts +7 -0
package/dist/src/Contracts/EventDispatcher.d.ts.map +1 -0
package/dist/src/Contracts/EventDispatcher.js +3 -0
package/dist/src/Contracts/EventDispatcher.js.map +1 -0
package/dist/src/Contracts/PasswordBroker.d.ts +18 -0
package/dist/src/Contracts/PasswordBroker.d.ts.map +1 -0
package/dist/src/Contracts/PasswordBroker.js +11 -0
package/dist/src/Contracts/PasswordBroker.js.map +1 -0
package/dist/src/Contracts/RateLimiter.d.ts +15 -0
package/dist/src/Contracts/RateLimiter.d.ts.map +1 -0
package/dist/src/Contracts/RateLimiter.js +3 -0
package/dist/src/Contracts/RateLimiter.js.map +1 -0
package/dist/src/Contracts/UserProvider.d.ts +10 -0
package/dist/src/Contracts/UserProvider.d.ts.map +1 -0
package/dist/src/Contracts/UserProvider.js +3 -0
package/dist/src/Contracts/UserProvider.js.map +1 -0
package/dist/src/Guard.d.ts +10 -0
package/dist/src/Guard.d.ts.map +1 -0
package/dist/src/Guard.js +3 -0
package/dist/src/Guard.js.map +1 -0
package/dist/src/Guards/BasicGuard.d.ts +17 -0
package/dist/src/Guards/BasicGuard.d.ts.map +1 -0
package/dist/src/Guards/BasicGuard.js +59 -0
package/dist/src/Guards/BasicGuard.js.map +1 -0
package/dist/src/Guards/JwtGuard.d.ts +36 -0
package/dist/src/Guards/JwtGuard.d.ts.map +1 -0
package/dist/src/Guards/JwtGuard.js +158 -0
package/dist/src/Guards/JwtGuard.js.map +1 -0
package/dist/src/Guards/SessionGuard.d.ts +23 -0
package/dist/src/Guards/SessionGuard.d.ts.map +1 -0
package/dist/src/Guards/SessionGuard.js +162 -0
package/dist/src/Guards/SessionGuard.js.map +1 -0
package/dist/src/Guards/TokenGuard.d.ts +17 -0
package/dist/src/Guards/TokenGuard.d.ts.map +1 -0
package/dist/src/Guards/TokenGuard.js +60 -0
package/dist/src/Guards/TokenGuard.js.map +1 -0
package/dist/src/Hasher.d.ts +15 -0
package/dist/src/Hasher.d.ts.map +1 -0
package/dist/src/Hasher.js +59 -0
package/dist/src/Hasher.js.map +1 -0
package/dist/src/Middleware/Authenticate.d.ts +24 -0
package/dist/src/Middleware/Authenticate.d.ts.map +1 -0
package/dist/src/Middleware/Authenticate.js +66 -0
package/dist/src/Middleware/Authenticate.js.map +1 -0
package/dist/src/Middleware/EnsureEmailIsVerified.d.ts +8 -0
package/dist/src/Middleware/EnsureEmailIsVerified.d.ts.map +1 -0
package/dist/src/Middleware/EnsureEmailIsVerified.js +27 -0
package/dist/src/Middleware/EnsureEmailIsVerified.js.map +1 -0
package/dist/src/Passwords/PasswordResetBroker.d.ts +37 -0
package/dist/src/Passwords/PasswordResetBroker.d.ts.map +1 -0
package/dist/src/Passwords/PasswordResetBroker.js +128 -0
package/dist/src/Passwords/PasswordResetBroker.js.map +1 -0
package/dist/src/Providers/EloquentUserProvider.d.ts +30 -0
package/dist/src/Providers/EloquentUserProvider.d.ts.map +1 -0
package/dist/src/Providers/EloquentUserProvider.js +63 -0
package/dist/src/Providers/EloquentUserProvider.js.map +1 -0
package/dist/src/index.d.ts +19 -0
package/dist/src/index.d.ts.map +1 -0
package/dist/src/index.js +35 -0
package/dist/src/index.js.map +1 -0
package/dist/tests/Auth.test.d.ts +2 -0
package/dist/tests/Auth.test.d.ts.map +1 -0
package/dist/tests/Auth.test.js +177 -0
package/dist/tests/Auth.test.js.map +1 -0
package/package.json +51 -47

package/README.md CHANGED Viewed

@@ -7,9 +7,8 @@ It enables applications to authenticate users using session-based (web) or token
 ```ts
 import { AuthManager } from '@arikajs/auth';
-if (await auth.attempt({ email, password })) {
-  const user = auth.user();
-}
+// Per-request scoped — safe for concurrent requests
+const user = await req.auth.user();
 ```
 ---
@@ -63,18 +62,26 @@ This package is responsible for:
 ## Features
+- **Request-scoped auth context**
+  - Memory-safe, per-request isolation via `req.auth` — no leaks under concurrency.
 - **Multiple authentication guards**
-  - Configure different strategies for API vs Web.
-- **Session-based authentication**
-  - Secure defaults for browser-based apps.
-- **Token-based authentication**
-  - Simple API token validation.
+  - Configure different strategies for API vs Web (Session, JWT, Token, Basic).
+- **Stateless JWT with Refresh Tokens**
+  - Short-lived access tokens + rotating refresh tokens for modern APIs.
+- **"Remember Me" support**
+  - Persistent login across browser restarts with secure cookie rotation.
+- **Email verification system**
+  - Verify user emails with a simple API and `verified` middleware.
+- **Password reset flow**
+  - Token-based resets with expiry and hash-secured storage.
+- **Account locking & throttling**
+  - Soft lock after N failures, auto-unlock, manual unlock.
+- **Auth event dispatching**
+  - Hook into `Auth.Login`, `Auth.Failed`, `Auth.Lockout`, etc.
 - **Pluggable user providers**
   - Connect to any database or ORM.
 - **Secure password hashing**
   - Industry-standard hashing algorithms (Bcrypt/Argon2).
-- **Middleware-based protection**
-  - Easily secure routes.
 ---
@@ -95,13 +102,13 @@ pnpm add @arikajs/auth
 ```
 Request
   ↓
-Authenticate Middleware
+Authenticate Middleware  ← creates req.auth (AuthContext)
   ↓
-Auth Guard
+AuthContext → Guard (Session / JWT / Token / Basic)
   ↓
 User Provider
   ↓
-Authenticated User (or null)
+Authenticated User (or reject)
 ```
 ---
@@ -114,8 +121,10 @@ Guards define how users are authenticated.
 | Guard | Description |
 | :--- | :--- |
-| `session` | Cookie/session-based authentication |
+| `session` | Cookie/session-based authentication with "Remember Me" support |
+| `jwt` | Stateless API authentication using JSON Web Tokens (JWT) |
 | `token` | Header-based token authentication |
+| `basic` | HTTP Basic Authentication support |
 ---
@@ -126,8 +135,12 @@ User providers define how users are retrieved.
 ```ts
 export interface UserProvider {
   retrieveById(id: string | number): Promise<any>;
-  retrieveByCredentials(credentials: object): Promise<any>;
-  validateCredentials(user: any, credentials: object): boolean;
+  retrieveByToken?(id: string | number, token: string): Promise<any>;
+  updateRememberToken?(user: any, token: string | null): Promise<void>;
+  updateRefreshToken?(user: any, token: string | null): Promise<void>;
+  retrieveByRefreshToken?(token: string): Promise<any>;
+  retrieveByCredentials(credentials: Record<string, any>): Promise<any>;
+  validateCredentials(user: any, credentials: Record<string, any>): boolean | Promise<boolean>;
 }
 ```
@@ -137,23 +150,27 @@ Providers allow you to integrate any database or user store.
 ## 🔌 Basic Usage
-### Checking Authentication State
+### Checking Authentication State (per-request)
 ```ts
-import { auth } from '@arikajs/auth';
-if (auth.check()) {
-  const user = auth.user();
+// In your controller — req.auth is automatically bound by the Authenticate middleware
+if (await req.auth.check()) {
+  const user = await req.auth.user();
 }
+// Or via the global facade (backed by AsyncLocalStorage):
+import { auth } from '@arikajs/auth';
+const user = await auth.user();
 ```
 ### Attempting Login
 ```ts
+// The second parameter `true` enables "Remember Me"
 const success = await auth.attempt({
   email: 'test@example.com',
   password: 'secret',
-});
+}, true);
 if (!success) {
   throw new Error('Invalid credentials');
@@ -163,7 +180,7 @@ if (!success) {
 ### Logging Out
 ```ts
-auth.logout();
+await auth.logout();
 ```
 ---
@@ -181,27 +198,117 @@ Route.get('/dashboard', handler)
 ```ts
 Route.get('/api/user', handler)
-  .middleware(['auth:token']);
+  .middleware(['auth:jwt']); // or auth:token, auth:basic
+```
+---
+## 🚀 Advanced Features
+### 🔒 Request-Scoped Auth Context (Critical for Concurrency)
+Every incoming request gets its own isolated `AuthContext`. No shared mutable state, no memory leaks under concurrent load.
+```ts
+// The Authenticate middleware does this automatically:
+const context = authManager.createContext(request);
+// Now: req.auth.user(), req.auth.check(), req.auth.attempt() are all request-scoped
+```
+### 🔑 Stateless JWT with Refresh Tokens
+Short-lived access tokens + secure refresh token rotation for modern API architectures:
+```ts
+// Login returns both tokens
+const result = await req.auth.guard('jwt').attempt({ email, password });
+// result = { access_token: 'eyJhbG...', refresh_token: '9f3a7b...' }
+// Refresh when the access token expires
+const newTokens = await jwtGuard.refresh(oldRefreshToken);
+// Returns rotated access + refresh tokens
+```
+### 🍪 "Remember Me" Capability
+Keep users logged in seamlessly across browser restarts using long-lived secure cookies.
+```ts
+await req.auth.attempt(credentials, true); // true = remember me
+```
+### ✉️ Email Verification System
+Verify user emails with a simple API and protect routes that require verification:
+```ts
+// Send verification email
+await req.auth.sendVerification(user);
+// Protect routes requiring email verification
+Route.get('/billing', handler)
+  .middleware(['auth', 'verified']);
+```
+### 🔐 Password Reset Flow
+Full token-based password reset with expiry and hash-secured storage:
+```ts
+import { PasswordResetBroker } from '@arikajs/auth';
+const broker = new PasswordResetBroker(userProvider);
+// Send reset link
+const status = await broker.sendResetLink({ email: 'user@example.com' });
+// Reset password with token
+const result = await broker.reset(
+  { email, token, password: newPassword },
+  async (user, password) => {
+    user.password = await Hasher.make(password);
+    await user.save();
+  }
+);
+```
+### 🛡️ Account Locking Strategy
+Soft lock accounts after too many failed attempts. Auto-unlock after configured duration. Manual unlock for admins.
+```ts
+// Check if account is locked
+const locked = await req.auth.isLocked({ email });
+// Manually unlock (e.g., admin action)
+await req.auth.unlockAccount({ email });
+// Configuration:
+// { lockout: { maxAttempts: 5, decayMinutes: 15 } }
+```
+### 🛡️ Login Throttling (Rate Limiting)
+ArikaJS Auth automatically integrates with RateLimiters to protect against brute-force attacks!
+```ts
+authManager.setRateLimiter(new RedisRateLimiter());
 ```
+### 📡 Event Dispatching
+ArikaJS fires core auth events so you can hook into the lifecycle:
+- `Auth.Attempting` — login attempt started
+- `Auth.Login` — successful login
+- `Auth.Failed` — failed login attempt
+- `Auth.Logout` — user logged out
+- `Auth.Lockout` — account locked due to too many failures
+- `Auth.VerificationSent` — verification email dispatched
+- `Auth.AccountUnlocked` — account manually unlocked
 ---
 ## ⚙️ Configuration
 Example configuration:
-```json
+```ts
 {
-  "default": "session",
-  "guards": {
-    "session": {
-      "driver": "session",
-      "provider": "users"
-    },
-    "token": {
-      "driver": "token",
-      "provider": "users"
-    }
+  default: 'session',
+  guards: {
+    session: { driver: 'session', provider: 'users' },
+    jwt:     { driver: 'jwt',     provider: 'users', secret: 'your-jwt-secret', options: { expiresIn: '15m' } },
+    token:   { driver: 'token',   provider: 'users' },
+    basic:   { driver: 'basic',   provider: 'users' }
+  },
+  lockout: {
+    maxAttempts: 5,
+    decayMinutes: 15
   }
 }
 ```
@@ -221,23 +328,38 @@ Uses industry-standard hashing algorithms.
 ---
-## 🧱 Project Structure
-- `src/`
-  - `AuthManager.ts` – Main entry point
-  - `Guard.ts` – Guard interface
-  - `Guards/` – Implementations
-    - `SessionGuard.ts`, `TokenGuard.ts`
-  - `Hasher.ts` – Password hashing utility
-  - `Middleware/` – Auth middleware
-    - `Authenticate.ts`
-  - `Contracts/` – Interfaces
-    - `UserProvider.ts`
-  - `index.ts` – Public exports
-- `package.json`
-- `tsconfig.json`
-- `README.md`
-- `LICENSE`
+## 🏗 Architecture
+```text
+auth/
+├── src/
+│   ├── Contracts
+│   │   ├── CanResetPassword.ts
+│   │   ├── CanVerifyEmail.ts
+│   │   ├── EventDispatcher.ts
+│   │   ├── PasswordBroker.ts
+│   │   ├── RateLimiter.ts
+│   │   └── UserProvider.ts
+│   ├── Guards
+│   │   ├── BasicGuard.ts
+│   │   ├── JwtGuard.ts
+│   │   ├── SessionGuard.ts
+│   │   └── TokenGuard.ts
+│   ├── Middleware
+│   │   ├── Authenticate.ts
+│   │   └── EnsureEmailIsVerified.ts
+│   ├── Passwords
+│   │   └── PasswordResetBroker.ts
+│   ├── AuthContext.ts
+│   ├── AuthManager.ts
+│   ├── Guard.ts
+│   ├── Hasher.ts
+│   └── index.ts
+├── tests/
+├── package.json
+├── tsconfig.json
+└── README.md
+```
 ---
@@ -257,4 +379,4 @@ Uses industry-standard hashing algorithms.
 ## 🧠 Philosophy
-> “Authentication identifies the user. Authorization defines their power.”
+> “Authentication identifies the user. Authorization defines their power.”

package/dist/AuthContext.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import { Guard } from './Guard';
+import { AuthManager } from './AuthManager';
+export declare class AuthContext {
+    private guards;
+    private request;
+    private manager;
+    constructor(manager: AuthManager, request: any);
+    guard(name?: string): Guard;
+    check(): Promise<boolean>;
+    guest(): Promise<boolean>;
+    user(): Promise<any>;
+    id(): Promise<string | number | null>;
+    validate(credentials: Record<string, any>): Promise<boolean>;
+    setUser(user: any): void;
+    attempt(credentials: Record<string, any>, remember?: boolean): Promise<boolean | string>;
+    login(user: any, remember?: boolean): Promise<void>;
+    logout(): Promise<void>;
+    sendVerification(user?: any): Promise<void>;
+    isLocked(credentials: Record<string, any>): Promise<boolean>;
+    unlockAccount(credentials: Record<string, any>): Promise<void>;
+    getRequest(): any;
+    resolve(token: any): any;
+}
+//# sourceMappingURL=AuthContext.d.ts.map

package/dist/AuthContext.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AuthContext.d.ts","sourceRoot":"","sources":["../src/AuthContext.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAE5C,qBAAa,WAAW;IACpB,OAAO,CAAC,MAAM,CAAiC;IAC/C,OAAO,CAAC,OAAO,CAAM;IACrB,OAAO,CAAC,OAAO,CAAc;gBAEjB,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG;IAKvC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,KAAK;IAerB,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC;IAIzB,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC;IAIzB,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC;IAIpB,EAAE,IAAI,OAAO,CAAC,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IAIrC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAIlE,OAAO,CAAC,IAAI,EAAE,GAAG,GAAG,IAAI;IAIlB,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,QAAQ,GAAE,OAAe,GAAG,OAAO,CAAC,OAAO,GAAG,MAAM,CAAC;IAI/F,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAI1D,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAIvB,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5D,aAAa,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpE,UAAU,IAAI,GAAG;IAIjB,OAAO,CAAC,KAAK,EAAE,GAAG,GAAG,GAAG;CAGlC"}

package/dist/AuthContext.js ADDED Viewed

@@ -0,0 +1,65 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthContext = void 0;
+class AuthContext {
+    constructor(manager, request) {
+        this.guards = new Map();
+        this.manager = manager;
+        this.request = request;
+    }
+    guard(name) {
+        name = name || this.manager.getDefaultGuard();
+        if (!name) {
+            throw new Error('No auth guard defined.');
+        }
+        if (!this.guards.has(name)) {
+            this.guards.set(name, this.manager.resolveGuard(name, this.request));
+        }
+        return this.guards.get(name);
+    }
+    // Proxy methods to the default guard
+    async check() {
+        return await this.guard().check();
+    }
+    async guest() {
+        return await this.guard().guest();
+    }
+    async user() {
+        return await this.guard().user();
+    }
+    async id() {
+        return await this.guard().id();
+    }
+    async validate(credentials) {
+        return await this.guard().validate(credentials);
+    }
+    setUser(user) {
+        this.guard().setUser(user);
+    }
+    async attempt(credentials, remember = false) {
+        return await this.manager.attemptForContext(this, credentials, remember);
+    }
+    async login(user, remember = false) {
+        return await this.manager.loginForContext(this, user, remember);
+    }
+    async logout() {
+        return await this.manager.logoutForContext(this);
+    }
+    async sendVerification(user) {
+        return await this.manager.sendVerification(this, user);
+    }
+    async isLocked(credentials) {
+        return await this.manager.isLocked(this, credentials);
+    }
+    async unlockAccount(credentials) {
+        return await this.manager.unlockAccount(this, credentials);
+    }
+    getRequest() {
+        return this.request;
+    }
+    resolve(token) {
+        return this.guard(token);
+    }
+}
+exports.AuthContext = AuthContext;
+//# sourceMappingURL=AuthContext.js.map

package/dist/AuthContext.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AuthContext.js","sourceRoot":"","sources":["../src/AuthContext.ts"],"names":[],"mappings":";;;AAGA,MAAa,WAAW;IAKpB,YAAY,OAAoB,EAAE,OAAY;QAJtC,WAAM,GAAuB,IAAI,GAAG,EAAE,CAAC;QAK3C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,IAAa;QACtB,IAAI,GAAG,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC;QAE9C,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACzE,CAAC;QAED,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAE,CAAC;IAClC,CAAC;IAED,qCAAqC;IAC9B,KAAK,CAAC,KAAK;QACd,OAAO,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;IACtC,CAAC;IAEM,KAAK,CAAC,KAAK;QACd,OAAO,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;IACtC,CAAC;IAEM,KAAK,CAAC,IAAI;QACb,OAAO,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAC;IACrC,CAAC;IAEM,KAAK,CAAC,EAAE;QACX,OAAO,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;IACnC,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,WAAgC;QAClD,OAAO,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACpD,CAAC;IAEM,OAAO,CAAC,IAAS;QACpB,IAAI,CAAC,KAAK,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,WAAgC,EAAE,WAAoB,KAAK;QAC5E,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;IAC7E,CAAC;IAEM,KAAK,CAAC,KAAK,CAAC,IAAS,EAAE,WAAoB,KAAK;QACnD,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IACpE,CAAC;IAEM,KAAK,CAAC,MAAM;QACf,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACrD,CAAC;IAEM,KAAK,CAAC,gBAAgB,CAAC,IAAU;QACpC,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,WAAgC;QAClD,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IAC1D,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,WAAgC;QACvD,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IAC/D,CAAC;IAEM,UAAU;QACb,OAAO,IAAI,CAAC,OAAO,CAAC;IACxB,CAAC;IAEM,OAAO,CAAC,KAAU;QACrB,OAAO,IAAI,CAAC,KAAK,CAAC,KAAe,CAAC,CAAC;IACvC,CAAC;CACJ;AAhFD,kCAgFC"}

package/dist/AuthManager.d.ts CHANGED Viewed

@@ -1,27 +1,52 @@
 import { Guard } from './Guard';
 import { UserProvider } from './Contracts/UserProvider';
+import { EventDispatcher } from './Contracts/EventDispatcher';
+import { RateLimiter } from './Contracts/RateLimiter';
+import { AuthContext } from './AuthContext';
 export declare class AuthManager {
-    private guards;
     private providers;
+    private eventDispatcher;
+    private rateLimiter;
     private config;
+    private defaultGuard;
+    private als;
     constructor(config: any);
+    setEventDispatcher(dispatcher: EventDispatcher): void;
+    setRateLimiter(limiter: RateLimiter): void;
     registerProvider(name: string, provider: UserProvider): void;
     extend(name: string, callback: (app: any) => Guard): void;
-    guard(name?: string): Guard;
-    private resolveGuard;
-    private currentRequest;
-    setRequest(request: any): void;
+    getDefaultGuard(): string;
+    createContext(request: any): AuthContext;
+    resolveGuard(name: string, request: any): Guard;
     private createSessionDriver;
     private createTokenDriver;
+    private createJwtDriver;
+    private createBasicDriver;
+    private getProvider;
     shouldUse(name: string): void;
+    runWithContext<T>(context: AuthContext, fn: () => T | Promise<T>): T | Promise<T>;
+    private getContext;
+    guard(name?: string): Guard;
+    resolve(token: any): any;
     check(): Promise<boolean>;
     guest(): Promise<boolean>;
     user(): Promise<any>;
     id(): Promise<string | number | null>;
     validate(credentials: Record<string, any>): Promise<boolean>;
     setUser(user: any): void;
-    attempt(credentials: Record<string, any>): Promise<boolean>;
-    login(user: any): void;
-    logout(): void;
+    attempt(credentials: Record<string, any>, remember?: boolean): Promise<boolean | string>;
+    login(user: any, remember?: boolean): Promise<void>;
+    logout(): Promise<void>;
+    attemptForContext(context: AuthContext, credentials: Record<string, any>, remember?: boolean): Promise<boolean | string>;
+    loginForContext(context: AuthContext, user: any, remember?: boolean): Promise<void>;
+    logoutForContext(context: AuthContext): Promise<void>;
+    sendVerification(context: AuthContext, user?: any): Promise<void>;
+    private get lockoutThreshold();
+    private get lockoutDuration();
+    isLocked(context: AuthContext, credentials: Record<string, any>): Promise<boolean>;
+    unlockAccount(context: AuthContext, credentials: Record<string, any>): Promise<void>;
+    private getLockKey;
+    private fireEvent;
+    private getThrottleKey;
 }
 //# sourceMappingURL=AuthManager.d.ts.map

package/dist/AuthManager.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"AuthManager.d.ts","sourceRoot":"","sources":["../src/AuthManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAChC,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;~~AAIxD~~,~~qBAAa~~,~~WAAW~~;~~IACpB~~,OAAO,CAAC,MAAM,~~CAAiC~~;~~IAC/C~~,OAAO,CAAC,SAAS,CAAwC;IACzD,OAAO,CAAC,MAAM,CAAM;~~gBAER~~,MAAM,EAAE,GAAG;~~IAIhB~~,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,GAAG,IAAI;IAI5D,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,KAAK,GAAG,IAAI;IAIzD,~~KAAK~~,CAAC,~~IAAI~~,CAAC,EAAE,MAAM,GAAG,KAAK;~~IAelC~~,OAAO,CAAC,~~YAAY~~;~~IAkBpB~~,OAAO,CAAC,~~cAAc~~,~~CAAW~~;~~IAE1B~~,~~UAAU~~,CAAC,OAAO,EAAE,~~GAAG~~,GAAG,IAAI;~~IASrC~~,OAAO,CAAC,~~mBAAmB~~;~~IAQ3B~~,OAAO,CAAC,~~iBAAiB~~;~~IAQlB~~,~~SAAS~~,CAAC,IAAI,EAAE,MAAM,GAAG,~~IAAI~~;~~IAKvB~~,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC;IAIzB,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC;IAIzB,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC;IAIpB,EAAE,IAAI,OAAO,CAAC,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IAIrC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAIlE,OAAO,CAAC,IAAI,EAAE,GAAG,GAAG,IAAI;IAIlB,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;~~IAQjE~~,KAAK,CAAC,IAAI,EAAE,GAAG,GAAG,IAAI;~~IAStB~~,MAAM,IAAI,IAAI;~~CAQxB~~"}
1	+ {"version":3,"file":"AuthManager.d.ts","sourceRoot":"","sources":["../src/AuthManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAChC,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAKtD,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAI5C,qBAAa,WAAW;IACpB,OAAO,CAAC,SAAS,CAAwC;IACzD,OAAO,CAAC,eAAe,CAAgC;IACvD,OAAO,CAAC,WAAW,CAA4B;IAC/C,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,GAAG,CAAwC;gBAEvC,MAAM,EAAE,GAAG;IAKhB,kBAAkB,CAAC,UAAU,EAAE,eAAe,GAAG,IAAI;IAIrD,cAAc,CAAC,OAAO,EAAE,WAAW,GAAG,IAAI;IAI1C,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,GAAG,IAAI;IAI5D,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,KAAK,GAAG,IAAI;IAIzD,eAAe,IAAI,MAAM;IAIzB,aAAa,CAAC,OAAO,EAAE,GAAG,GAAG,WAAW;IAWxC,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,KAAK;IA0BtD,OAAO,CAAC,mBAAmB;IAK3B,OAAO,CAAC,iBAAiB;IAKzB,OAAO,CAAC,eAAe;IAKvB,OAAO,CAAC,iBAAiB;IAKzB,OAAO,CAAC,WAAW;IAqBZ,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAI7B,cAAc,CAAC,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAIxF,OAAO,CAAC,UAAU;IASX,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,KAAK;IAI3B,OAAO,CAAC,KAAK,EAAE,GAAG,GAAG,GAAG;IAIlB,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC;IAIzB,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC;IAIzB,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC;IAIpB,EAAE,IAAI,OAAO,CAAC,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IAIrC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAIlE,OAAO,CAAC,IAAI,EAAE,GAAG,GAAG,IAAI;IAIlB,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,QAAQ,GAAE,OAAe,GAAG,OAAO,CAAC,OAAO,GAAG,MAAM,CAAC;IAI/F,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAI1D,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAKvB,iBAAiB,CAAC,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,QAAQ,GAAE,OAAe,GAAG,OAAO,CAAC,OAAO,GAAG,MAAM,CAAC;IAqC/H,eAAe,CAAC,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAW1F,gBAAgB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAarD,gBAAgB,CAAC,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;IAmB9E,OAAO,KAAK,gBAAgB,GAE3B;IAED,OAAO,KAAK,eAAe,GAE1B;IAEY,QAAQ,CAAC,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IASlF,aAAa,CAAC,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAUjG,OAAO,CAAC,UAAU;IASlB,OAAO,CAAC,SAAS;IAMjB,OAAO,CAAC,cAAc;CAOzB"}