@authcore/core 0.7.0 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -21
- package/README.md +141 -125
- package/dist/auth.d.ts +140 -12
- package/dist/auth.d.ts.map +1 -1
- package/dist/auth.js +265 -7
- package/dist/auth.js.map +1 -1
- package/dist/features/emailVerification.d.ts +6 -1
- package/dist/features/emailVerification.d.ts.map +1 -1
- package/dist/features/emailVerification.js +7 -10
- package/dist/features/emailVerification.js.map +1 -1
- package/dist/features/invitation.d.ts +7 -1
- package/dist/features/invitation.d.ts.map +1 -1
- package/dist/features/invitation.js +7 -9
- package/dist/features/invitation.js.map +1 -1
- package/dist/features/magicLink.d.ts +56 -0
- package/dist/features/magicLink.d.ts.map +1 -0
- package/dist/features/magicLink.js +88 -0
- package/dist/features/magicLink.js.map +1 -0
- package/dist/features/oauth.d.ts +39 -0
- package/dist/features/oauth.d.ts.map +1 -0
- package/dist/features/oauth.js +161 -0
- package/dist/features/oauth.js.map +1 -0
- package/dist/features/passwordReset.d.ts +6 -1
- package/dist/features/passwordReset.d.ts.map +1 -1
- package/dist/features/passwordReset.js +7 -10
- package/dist/features/passwordReset.js.map +1 -1
- package/dist/features/refresh.d.ts +41 -0
- package/dist/features/refresh.d.ts.map +1 -0
- package/dist/features/refresh.js +58 -0
- package/dist/features/refresh.js.map +1 -0
- package/dist/features/templates.d.ts +46 -0
- package/dist/features/templates.d.ts.map +1 -0
- package/dist/features/templates.js +67 -0
- package/dist/features/templates.js.map +1 -0
- package/dist/features/twoFactor.d.ts +72 -0
- package/dist/features/twoFactor.d.ts.map +1 -0
- package/dist/features/twoFactor.js +119 -0
- package/dist/features/twoFactor.js.map +1 -0
- package/dist/index.d.ts +21 -5
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +13 -2
- package/dist/index.js.map +1 -1
- package/dist/oauth/apple.d.ts +80 -0
- package/dist/oauth/apple.d.ts.map +1 -0
- package/dist/oauth/apple.js +148 -0
- package/dist/oauth/apple.js.map +1 -0
- package/dist/oauth/discord.d.ts +32 -0
- package/dist/oauth/discord.d.ts.map +1 -0
- package/dist/oauth/discord.js +86 -0
- package/dist/oauth/discord.js.map +1 -0
- package/dist/oauth/github.d.ts +35 -0
- package/dist/oauth/github.d.ts.map +1 -0
- package/dist/oauth/github.js +114 -0
- package/dist/oauth/github.js.map +1 -0
- package/dist/oauth/google.d.ts +21 -0
- package/dist/oauth/google.d.ts.map +1 -0
- package/dist/oauth/google.js +76 -0
- package/dist/oauth/google.js.map +1 -0
- package/dist/oauth/microsoft.d.ts +40 -0
- package/dist/oauth/microsoft.d.ts.map +1 -0
- package/dist/oauth/microsoft.js +126 -0
- package/dist/oauth/microsoft.js.map +1 -0
- package/dist/utils/token.d.ts +37 -0
- package/dist/utils/token.d.ts.map +1 -1
- package/dist/utils/token.js +53 -0
- package/dist/utils/token.js.map +1 -1
- package/dist/utils/totp.d.ts +59 -0
- package/dist/utils/totp.d.ts.map +1 -0
- package/dist/utils/totp.js +176 -0
- package/dist/utils/totp.js.map +1 -0
- package/dist/utils/validation.d.ts +18 -0
- package/dist/utils/validation.d.ts.map +1 -1
- package/dist/utils/validation.js +8 -0
- package/dist/utils/validation.js.map +1 -1
- package/package.json +2 -2
- package/dist/adapters/database.interface.d.ts +0 -42
- package/dist/adapters/database.interface.d.ts.map +0 -1
- package/dist/adapters/database.interface.js +0 -2
- package/dist/adapters/database.interface.js.map +0 -1
- package/dist/adapters/email.interface.d.ts +0 -31
- package/dist/adapters/email.interface.d.ts.map +0 -1
- package/dist/adapters/email.interface.js +0 -2
- package/dist/adapters/email.interface.js.map +0 -1
- package/dist/types.d.ts +0 -76
- package/dist/types.d.ts.map +0 -1
- package/dist/types.js +0 -6
- package/dist/types.js.map +0 -1
package/dist/auth.js
CHANGED
|
@@ -1,10 +1,27 @@
|
|
|
1
1
|
import { hashPassword, verifyPassword } from './utils/password.js';
|
|
2
|
-
import { signJwt, verifyJwt } from './utils/token.js';
|
|
2
|
+
import { signJwt, verifyJwt, signTwoFactorChallenge, verifyTwoFactorChallenge } from './utils/token.js';
|
|
3
3
|
import { registerSchema, loginSchema, forgotPasswordSchema, resetPasswordSchema, verifyEmailSchema, } from './utils/validation.js';
|
|
4
4
|
import { createEmailVerification, verifyEmail as verifyEmailFeature, } from './features/emailVerification.js';
|
|
5
5
|
import { createPasswordReset, resetPassword as resetPasswordFeature, } from './features/passwordReset.js';
|
|
6
6
|
import { createInvitation, acceptInvitation as acceptInvitationFeature, } from './features/invitation.js';
|
|
7
|
-
import {
|
|
7
|
+
import { issueRefreshToken, rotateRefreshToken, revokeRefreshToken, revokeAllRefreshTokensForUser, } from './features/refresh.js';
|
|
8
|
+
import { startOAuth, completeOAuth } from './features/oauth.js';
|
|
9
|
+
import { sendMagicLink as sendMagicLinkFeature, consumeMagicLink as consumeMagicLinkFeature } from './features/magicLink.js';
|
|
10
|
+
import { setupTwoFactor as setupTwoFactorFeature, enableTwoFactor as enableTwoFactorFeature, disableTwoFactor as disableTwoFactorFeature, verifyTwoFactor as verifyTwoFactorFeature, useRecoveryCode as useRecoveryCodeFeature, } from './features/twoFactor.js';
|
|
11
|
+
import { inviteSchema, acceptInvitationSchema, sendMagicLinkSchema, consumeMagicLinkSchema, } from './utils/validation.js';
|
|
12
|
+
/** Parse an `expiresIn` value (e.g. '30d', '15m', '2h', '90s') into milliseconds. */
|
|
13
|
+
function parseDurationMs(value, fallbackMs) {
|
|
14
|
+
if (!value)
|
|
15
|
+
return fallbackMs;
|
|
16
|
+
const match = value.match(/^(\d+)\s*([smhd])$/);
|
|
17
|
+
if (!match)
|
|
18
|
+
return fallbackMs;
|
|
19
|
+
const n = Number(match[1]);
|
|
20
|
+
const unit = match[2];
|
|
21
|
+
const mult = unit === 's' ? 1000 : unit === 'm' ? 60_000 : unit === 'h' ? 3_600_000 : 86_400_000;
|
|
22
|
+
return n * mult;
|
|
23
|
+
}
|
|
24
|
+
const DEFAULT_REFRESH_TTL_MS = 30 * 24 * 60 * 60 * 1000; // 30d
|
|
8
25
|
export class AuthError extends Error {
|
|
9
26
|
code;
|
|
10
27
|
statusCode;
|
|
@@ -21,6 +38,7 @@ function toPublicUser(user) {
|
|
|
21
38
|
email: user.email,
|
|
22
39
|
emailVerified: user.emailVerified,
|
|
23
40
|
role: user.role,
|
|
41
|
+
twoFactorEnabled: user.twoFactorEnabled,
|
|
24
42
|
createdAt: user.createdAt,
|
|
25
43
|
updatedAt: user.updatedAt,
|
|
26
44
|
};
|
|
@@ -46,9 +64,11 @@ export function createAuth(config) {
|
|
|
46
64
|
const minPasswordLength = pwConfig.minLength ?? 8;
|
|
47
65
|
const expiresIn = session.expiresIn ?? '7d';
|
|
48
66
|
const defaultRole = rbac.defaultRole ?? 'user';
|
|
67
|
+
const refreshTtlMs = parseDurationMs(session.refreshExpiresIn, DEFAULT_REFRESH_TTL_MS);
|
|
49
68
|
const hasEmailVerification = features.includes('emailVerification');
|
|
50
69
|
const hasPasswordReset = features.includes('passwordReset');
|
|
51
70
|
const hasInvitation = features.includes('invitation');
|
|
71
|
+
const hasMagicLink = features.includes('magicLink');
|
|
52
72
|
return {
|
|
53
73
|
async register(input) {
|
|
54
74
|
const schema = registerSchema(minPasswordLength);
|
|
@@ -65,8 +85,9 @@ export function createAuth(config) {
|
|
|
65
85
|
const user = await db.createUser({ email: userEmail, passwordHash, role: defaultRole });
|
|
66
86
|
const publicUser = toPublicUser(user);
|
|
67
87
|
const token = signJwt({ sub: user.id, email: user.email, role: user.role }, session.secret, expiresIn);
|
|
88
|
+
const refreshToken = await issueRefreshToken({ userId: user.id, db, ttlMs: refreshTtlMs });
|
|
68
89
|
await callbacks.onSignUp?.(publicUser);
|
|
69
|
-
return { user: publicUser, token };
|
|
90
|
+
return { user: publicUser, token, refreshToken };
|
|
70
91
|
},
|
|
71
92
|
async login(input) {
|
|
72
93
|
const parsed = loginSchema.safeParse(input);
|
|
@@ -76,19 +97,30 @@ export function createAuth(config) {
|
|
|
76
97
|
const { email: userEmail, password } = parsed.data;
|
|
77
98
|
const user = await db.findUserByEmail(userEmail);
|
|
78
99
|
if (!user) {
|
|
100
|
+
await callbacks.onFailedLogin?.(userEmail, 'INVALID_CREDENTIALS');
|
|
79
101
|
throw new AuthError('Invalid email or password', 'INVALID_CREDENTIALS', 401);
|
|
80
102
|
}
|
|
81
103
|
const valid = await verifyPassword(password, user.passwordHash);
|
|
82
104
|
if (!valid) {
|
|
105
|
+
await callbacks.onFailedLogin?.(userEmail, 'INVALID_CREDENTIALS');
|
|
83
106
|
throw new AuthError('Invalid email or password', 'INVALID_CREDENTIALS', 401);
|
|
84
107
|
}
|
|
85
108
|
if (hasEmailVerification && !user.emailVerified) {
|
|
109
|
+
await callbacks.onFailedLogin?.(userEmail, 'EMAIL_NOT_VERIFIED');
|
|
86
110
|
throw new AuthError('Please verify your email address before signing in', 'EMAIL_NOT_VERIFIED', 403);
|
|
87
111
|
}
|
|
112
|
+
// 2FA gate: if enabled for this user, short-circuit before minting a session.
|
|
113
|
+
// The caller receives a challenge token that they pass back to
|
|
114
|
+
// verifyTwoFactor / useRecoveryCode along with the user's code.
|
|
115
|
+
if (user.twoFactorEnabled) {
|
|
116
|
+
const challengeToken = signTwoFactorChallenge(user.id, session.secret);
|
|
117
|
+
return { requires2FA: true, challengeToken };
|
|
118
|
+
}
|
|
88
119
|
const publicUser = toPublicUser(user);
|
|
89
120
|
const token = signJwt({ sub: user.id, email: user.email, role: user.role }, session.secret, expiresIn);
|
|
121
|
+
const refreshToken = await issueRefreshToken({ userId: user.id, db, ttlMs: refreshTtlMs });
|
|
90
122
|
await callbacks.onSignIn?.(publicUser);
|
|
91
|
-
return { user: publicUser, token };
|
|
123
|
+
return { user: publicUser, token, refreshToken };
|
|
92
124
|
},
|
|
93
125
|
async verifyToken(token) {
|
|
94
126
|
const payload = verifyJwt(token, session.secret);
|
|
@@ -113,6 +145,7 @@ export function createAuth(config) {
|
|
|
113
145
|
emailProvider: email.provider,
|
|
114
146
|
from: email.from,
|
|
115
147
|
verificationUrl,
|
|
148
|
+
...(email.templates?.verifyEmail ? { template: email.templates.verifyEmail } : {}),
|
|
116
149
|
});
|
|
117
150
|
},
|
|
118
151
|
async verifyEmail(input) {
|
|
@@ -128,7 +161,7 @@ export function createAuth(config) {
|
|
|
128
161
|
throw new AuthError(message, 'INVALID_TOKEN', 400);
|
|
129
162
|
}
|
|
130
163
|
},
|
|
131
|
-
async forgotPassword(input) {
|
|
164
|
+
async forgotPassword(input, params) {
|
|
132
165
|
if (!hasPasswordReset) {
|
|
133
166
|
// Silently ignore — don't reveal feature status
|
|
134
167
|
return;
|
|
@@ -140,6 +173,9 @@ export function createAuth(config) {
|
|
|
140
173
|
}
|
|
141
174
|
if (!email)
|
|
142
175
|
return;
|
|
176
|
+
if (!params?.resetUrl) {
|
|
177
|
+
throw new AuthError('resetUrl is required when the passwordReset feature is enabled', 'MISSING_URL', 500);
|
|
178
|
+
}
|
|
143
179
|
// Intentionally swallow errors — always return 200
|
|
144
180
|
try {
|
|
145
181
|
await createPasswordReset({
|
|
@@ -147,7 +183,8 @@ export function createAuth(config) {
|
|
|
147
183
|
db,
|
|
148
184
|
emailProvider: email.provider,
|
|
149
185
|
from: email.from,
|
|
150
|
-
resetUrl:
|
|
186
|
+
resetUrl: params.resetUrl,
|
|
187
|
+
...(email.templates?.resetPassword ? { template: email.templates.resetPassword } : {}),
|
|
151
188
|
});
|
|
152
189
|
}
|
|
153
190
|
catch {
|
|
@@ -199,6 +236,7 @@ export function createAuth(config) {
|
|
|
199
236
|
emailProvider: email.provider,
|
|
200
237
|
from: email.from,
|
|
201
238
|
inviteUrl,
|
|
239
|
+
...(email.templates?.invitation ? { template: email.templates.invitation } : {}),
|
|
202
240
|
});
|
|
203
241
|
}
|
|
204
242
|
catch (err) {
|
|
@@ -227,7 +265,8 @@ export function createAuth(config) {
|
|
|
227
265
|
}
|
|
228
266
|
const publicUser = toPublicUser(user);
|
|
229
267
|
const token = signJwt({ sub: user.id, email: user.email, role: user.role }, session.secret, expiresIn);
|
|
230
|
-
|
|
268
|
+
const refreshToken = await issueRefreshToken({ userId: user.id, db, ttlMs: refreshTtlMs });
|
|
269
|
+
return { user: publicUser, token, refreshToken };
|
|
231
270
|
}
|
|
232
271
|
catch (err) {
|
|
233
272
|
if (err instanceof AuthError)
|
|
@@ -236,6 +275,225 @@ export function createAuth(config) {
|
|
|
236
275
|
throw new AuthError(message, 'INVALID_TOKEN', 400);
|
|
237
276
|
}
|
|
238
277
|
},
|
|
278
|
+
async refresh(rawRefreshToken) {
|
|
279
|
+
if (!rawRefreshToken) {
|
|
280
|
+
throw new AuthError('Refresh token is required', 'INVALID_TOKEN', 401);
|
|
281
|
+
}
|
|
282
|
+
let rotated;
|
|
283
|
+
try {
|
|
284
|
+
rotated = await rotateRefreshToken({ rawToken: rawRefreshToken, db, ttlMs: refreshTtlMs });
|
|
285
|
+
}
|
|
286
|
+
catch (err) {
|
|
287
|
+
const message = err instanceof Error ? err.message : 'Invalid refresh token';
|
|
288
|
+
throw new AuthError(message, 'INVALID_TOKEN', 401);
|
|
289
|
+
}
|
|
290
|
+
const user = await db.findUserById(rotated.userId);
|
|
291
|
+
if (!user) {
|
|
292
|
+
throw new AuthError('User no longer exists', 'INVALID_TOKEN', 401);
|
|
293
|
+
}
|
|
294
|
+
const publicUser = toPublicUser(user);
|
|
295
|
+
const token = signJwt({ sub: user.id, email: user.email, role: user.role }, session.secret, expiresIn);
|
|
296
|
+
await callbacks.onTokenRefresh?.(publicUser);
|
|
297
|
+
return { user: publicUser, token, refreshToken: rotated.newRawToken };
|
|
298
|
+
},
|
|
299
|
+
async revoke(rawRefreshToken) {
|
|
300
|
+
if (!rawRefreshToken)
|
|
301
|
+
return;
|
|
302
|
+
await revokeRefreshToken({ rawToken: rawRefreshToken, db });
|
|
303
|
+
},
|
|
304
|
+
async revokeAll(userId) {
|
|
305
|
+
await revokeAllRefreshTokensForUser({ userId, db });
|
|
306
|
+
},
|
|
307
|
+
async sendMagicLink(input, { magicLinkUrl }) {
|
|
308
|
+
if (!hasMagicLink) {
|
|
309
|
+
throw new AuthError('magicLink feature is not enabled', 'FEATURE_DISABLED', 500);
|
|
310
|
+
}
|
|
311
|
+
if (!email) {
|
|
312
|
+
throw new AuthError('Email provider is not configured', 'EMAIL_NOT_CONFIGURED', 500);
|
|
313
|
+
}
|
|
314
|
+
if (!magicLinkUrl) {
|
|
315
|
+
throw new AuthError('magicLinkUrl is required when the magicLink feature is enabled', 'MISSING_URL', 500);
|
|
316
|
+
}
|
|
317
|
+
const parsed = sendMagicLinkSchema.safeParse(input);
|
|
318
|
+
if (!parsed.success) {
|
|
319
|
+
// Always return successfully to prevent enumeration
|
|
320
|
+
return;
|
|
321
|
+
}
|
|
322
|
+
// Intentionally swallow downstream errors — always 200
|
|
323
|
+
try {
|
|
324
|
+
await sendMagicLinkFeature({
|
|
325
|
+
email: parsed.data.email,
|
|
326
|
+
db,
|
|
327
|
+
emailProvider: email.provider,
|
|
328
|
+
from: email.from,
|
|
329
|
+
magicLinkUrl,
|
|
330
|
+
defaultRole,
|
|
331
|
+
...(email.templates?.magicLink ? { template: email.templates.magicLink } : {}),
|
|
332
|
+
});
|
|
333
|
+
}
|
|
334
|
+
catch {
|
|
335
|
+
// Swallow — no email enumeration
|
|
336
|
+
}
|
|
337
|
+
},
|
|
338
|
+
async consumeMagicLink(input) {
|
|
339
|
+
if (!hasMagicLink) {
|
|
340
|
+
throw new AuthError('magicLink feature is not enabled', 'FEATURE_DISABLED', 500);
|
|
341
|
+
}
|
|
342
|
+
const parsed = consumeMagicLinkSchema.safeParse(input);
|
|
343
|
+
if (!parsed.success) {
|
|
344
|
+
throw new AuthError('Token is required', 'INVALID_TOKEN', 400);
|
|
345
|
+
}
|
|
346
|
+
let consumed;
|
|
347
|
+
try {
|
|
348
|
+
consumed = await consumeMagicLinkFeature({ rawToken: parsed.data.token, db });
|
|
349
|
+
}
|
|
350
|
+
catch (err) {
|
|
351
|
+
const message = err instanceof Error ? err.message : 'Invalid token';
|
|
352
|
+
throw new AuthError(message, 'INVALID_TOKEN', 400);
|
|
353
|
+
}
|
|
354
|
+
const publicUser = toPublicUser(consumed.user);
|
|
355
|
+
const token = signJwt({ sub: consumed.user.id, email: consumed.user.email, role: consumed.user.role }, session.secret, expiresIn);
|
|
356
|
+
const refreshToken = await issueRefreshToken({ userId: consumed.user.id, db, ttlMs: refreshTtlMs });
|
|
357
|
+
await callbacks.onSignIn?.(publicUser);
|
|
358
|
+
return { user: publicUser, token, refreshToken };
|
|
359
|
+
},
|
|
360
|
+
async oauthStart(providerId, redirectUri) {
|
|
361
|
+
const provider = config.oauth?.[providerId];
|
|
362
|
+
if (!provider) {
|
|
363
|
+
throw new AuthError(`OAuth provider '${providerId}' is not configured`, 'OAUTH_PROVIDER_UNKNOWN', 400);
|
|
364
|
+
}
|
|
365
|
+
return startOAuth({ provider, redirectUri, secret: session.secret });
|
|
366
|
+
},
|
|
367
|
+
async oauthCallback(providerId, { code, state, redirectUri }) {
|
|
368
|
+
const provider = config.oauth?.[providerId];
|
|
369
|
+
if (!provider) {
|
|
370
|
+
throw new AuthError(`OAuth provider '${providerId}' is not configured`, 'OAUTH_PROVIDER_UNKNOWN', 400);
|
|
371
|
+
}
|
|
372
|
+
let result;
|
|
373
|
+
try {
|
|
374
|
+
result = await completeOAuth({
|
|
375
|
+
provider,
|
|
376
|
+
state,
|
|
377
|
+
code,
|
|
378
|
+
redirectUri,
|
|
379
|
+
secret: session.secret,
|
|
380
|
+
db,
|
|
381
|
+
defaultRole,
|
|
382
|
+
});
|
|
383
|
+
}
|
|
384
|
+
catch (err) {
|
|
385
|
+
// Re-wrap OAuthError-shaped errors as AuthError so callers get a consistent type.
|
|
386
|
+
if (err && typeof err === 'object' && err.isOAuthError) {
|
|
387
|
+
const e = err;
|
|
388
|
+
throw new AuthError(e.message, e.code, e.statusCode);
|
|
389
|
+
}
|
|
390
|
+
throw err;
|
|
391
|
+
}
|
|
392
|
+
const { user, isNewUser } = result;
|
|
393
|
+
const publicUser = toPublicUser(user);
|
|
394
|
+
const token = signJwt({ sub: user.id, email: user.email, role: user.role }, session.secret, expiresIn);
|
|
395
|
+
const refreshToken = await issueRefreshToken({ userId: user.id, db, ttlMs: refreshTtlMs });
|
|
396
|
+
// Fire onSignUp if this was a brand-new user; otherwise fire onSignIn.
|
|
397
|
+
if (isNewUser) {
|
|
398
|
+
await callbacks.onSignUp?.(publicUser);
|
|
399
|
+
}
|
|
400
|
+
else {
|
|
401
|
+
await callbacks.onSignIn?.(publicUser);
|
|
402
|
+
}
|
|
403
|
+
return { user: publicUser, token, refreshToken, isNewUser };
|
|
404
|
+
},
|
|
405
|
+
async setupTwoFactor(userId) {
|
|
406
|
+
const user = await db.findUserById(userId);
|
|
407
|
+
if (!user)
|
|
408
|
+
throw new AuthError('User not found', 'USER_NOT_FOUND', 404);
|
|
409
|
+
const issuer = config.appName ?? 'AuthCore';
|
|
410
|
+
return setupTwoFactorFeature({ userId, email: user.email, issuer, db });
|
|
411
|
+
},
|
|
412
|
+
async enableTwoFactor(userId, code) {
|
|
413
|
+
try {
|
|
414
|
+
await enableTwoFactorFeature({ userId, code, db });
|
|
415
|
+
}
|
|
416
|
+
catch (err) {
|
|
417
|
+
const message = err instanceof Error ? err.message : 'Failed to enable 2FA';
|
|
418
|
+
if (message === 'USER_NOT_FOUND') {
|
|
419
|
+
throw new AuthError('User not found', 'USER_NOT_FOUND', 404);
|
|
420
|
+
}
|
|
421
|
+
if (message === 'TWO_FACTOR_NOT_SET_UP') {
|
|
422
|
+
throw new AuthError('2FA has not been set up — call setupTwoFactor first', message, 400);
|
|
423
|
+
}
|
|
424
|
+
if (message === 'INVALID_TWO_FACTOR_CODE') {
|
|
425
|
+
throw new AuthError('Invalid authenticator code', message, 400);
|
|
426
|
+
}
|
|
427
|
+
throw err;
|
|
428
|
+
}
|
|
429
|
+
},
|
|
430
|
+
async disableTwoFactor(userId, password) {
|
|
431
|
+
const user = await db.findUserById(userId);
|
|
432
|
+
if (!user)
|
|
433
|
+
throw new AuthError('User not found', 'USER_NOT_FOUND', 404);
|
|
434
|
+
const valid = await verifyPassword(password, user.passwordHash);
|
|
435
|
+
if (!valid) {
|
|
436
|
+
throw new AuthError('Invalid password', 'INVALID_CREDENTIALS', 401);
|
|
437
|
+
}
|
|
438
|
+
await disableTwoFactorFeature({ userId, db });
|
|
439
|
+
},
|
|
440
|
+
async verifyTwoFactor(challengeToken, code) {
|
|
441
|
+
const payload = verifyTwoFactorChallenge(challengeToken, session.secret);
|
|
442
|
+
if (!payload) {
|
|
443
|
+
throw new AuthError('Invalid or expired 2FA challenge', 'INVALID_TOKEN', 401);
|
|
444
|
+
}
|
|
445
|
+
let user;
|
|
446
|
+
try {
|
|
447
|
+
user = await verifyTwoFactorFeature({ userId: payload.sub, code, db });
|
|
448
|
+
}
|
|
449
|
+
catch (err) {
|
|
450
|
+
const message = err instanceof Error ? err.message : 'Failed to verify 2FA code';
|
|
451
|
+
if (message === 'INVALID_TWO_FACTOR_CODE') {
|
|
452
|
+
throw new AuthError('Invalid authenticator code', message, 401);
|
|
453
|
+
}
|
|
454
|
+
if (message === 'TWO_FACTOR_NOT_ENABLED') {
|
|
455
|
+
throw new AuthError('2FA is not enabled for this user', message, 400);
|
|
456
|
+
}
|
|
457
|
+
if (message === 'USER_NOT_FOUND') {
|
|
458
|
+
throw new AuthError('User not found', 'USER_NOT_FOUND', 404);
|
|
459
|
+
}
|
|
460
|
+
throw err;
|
|
461
|
+
}
|
|
462
|
+
const publicUser = toPublicUser(user);
|
|
463
|
+
const token = signJwt({ sub: user.id, email: user.email, role: user.role }, session.secret, expiresIn);
|
|
464
|
+
const refreshToken = await issueRefreshToken({ userId: user.id, db, ttlMs: refreshTtlMs });
|
|
465
|
+
await callbacks.onSignIn?.(publicUser);
|
|
466
|
+
return { user: publicUser, token, refreshToken };
|
|
467
|
+
},
|
|
468
|
+
async useRecoveryCode(challengeToken, code) {
|
|
469
|
+
const payload = verifyTwoFactorChallenge(challengeToken, session.secret);
|
|
470
|
+
if (!payload) {
|
|
471
|
+
throw new AuthError('Invalid or expired 2FA challenge', 'INVALID_TOKEN', 401);
|
|
472
|
+
}
|
|
473
|
+
let user;
|
|
474
|
+
try {
|
|
475
|
+
user = await useRecoveryCodeFeature({ userId: payload.sub, rawCode: code, db });
|
|
476
|
+
}
|
|
477
|
+
catch (err) {
|
|
478
|
+
const message = err instanceof Error ? err.message : 'Failed to use recovery code';
|
|
479
|
+
if (message === 'INVALID_RECOVERY_CODE') {
|
|
480
|
+
throw new AuthError('Invalid recovery code', message, 401);
|
|
481
|
+
}
|
|
482
|
+
if (message === 'TWO_FACTOR_NOT_ENABLED') {
|
|
483
|
+
throw new AuthError('2FA is not enabled for this user', message, 400);
|
|
484
|
+
}
|
|
485
|
+
if (message === 'USER_NOT_FOUND') {
|
|
486
|
+
throw new AuthError('User not found', 'USER_NOT_FOUND', 404);
|
|
487
|
+
}
|
|
488
|
+
throw err;
|
|
489
|
+
}
|
|
490
|
+
const publicUser = toPublicUser(user);
|
|
491
|
+
const token = signJwt({ sub: user.id, email: user.email, role: user.role }, session.secret, expiresIn);
|
|
492
|
+
const refreshToken = await issueRefreshToken({ userId: user.id, db, ttlMs: refreshTtlMs });
|
|
493
|
+
await callbacks.onSignIn?.(publicUser);
|
|
494
|
+
return { user: publicUser, token, refreshToken };
|
|
495
|
+
},
|
|
496
|
+
config,
|
|
239
497
|
};
|
|
240
498
|
}
|
|
241
499
|
//# sourceMappingURL=auth.js.map
|
package/dist/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAClE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AACrD,OAAO,EACL,cAAc,EACd,WAAW,EACX,oBAAoB,EACpB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,uBAAuB,EACvB,WAAW,IAAI,kBAAkB,GAClC,MAAM,iCAAiC,CAAA;AACxC,OAAO,EACL,mBAAmB,EACnB,aAAa,IAAI,oBAAoB,GACtC,MAAM,6BAA6B,CAAA;AACpC,OAAO,EACL,gBAAgB,EAChB,gBAAgB,IAAI,uBAAuB,GAC5C,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAA;AAE5E,MAAM,OAAO,SAAU,SAAQ,KAAK;IAGhB;IACA;IAHlB,YACE,OAAe,EACC,IAAY,EACZ,UAAkB;QAElC,KAAK,CAAC,OAAO,CAAC,CAAA;QAHE,SAAI,GAAJ,IAAI,CAAQ;QACZ,eAAU,GAAV,UAAU,CAAQ;QAGlC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAA;IACzB,CAAC;CACF;AAkED,SAAS,YAAY,CAAC,IAQrB;IACC,OAAO;QACL,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,SAAS,EAAE,IAAI,CAAC,SAAS;KAC1B,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,UAAU,CAAC,MAAsB;IAC/C,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,GAAG,EAAE,EAAE,QAAQ,EAAE,QAAQ,GAAG,EAAE,EAAE,SAAS,GAAG,EAAE,EAAE,IAAI,GAAG,EAAE,EAAE,GAAG,MAAM,CAAA;IACxG,MAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAA;IAC5C,MAAM,iBAAiB,GAAG,QAAQ,CAAC,SAAS,IAAI,CAAC,CAAA;IACjD,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAA;IAC3C,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,MAAM,CAAA;IAE9C,MAAM,oBAAoB,GAAG,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAA;IACnE,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;IAC3D,MAAM,aAAa,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;IAErD,OAAO;QACL,KAAK,CAAC,QAAQ,CAAC,KAAK;YAClB,MAAM,MAAM,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAA;YAChD,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC,IAAI,CAAA;YAElD,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;YACpD,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,IAAI,SAAS,CAAC,2CAA2C,EAAE,cAAc,EAAE,GAAG,CAAC,CAAA;YACvF,CAAC;YAED,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAA;YAC7D,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAA;YACvF,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YAErC,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;YAEtG,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YAEtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAA;QACpC,CAAC;QAED,KAAK,CAAC,KAAK,CAAC,KAAK;YACf,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YAC3C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC,IAAI,CAAA;YAElD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;YAChD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,SAAS,CAAC,2BAA2B,EAAE,qBAAqB,EAAE,GAAG,CAAC,CAAA;YAC9E,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;YAC/D,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,SAAS,CAAC,2BAA2B,EAAE,qBAAqB,EAAE,GAAG,CAAC,CAAA;YAC9E,CAAC;YAED,IAAI,oBAAoB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;gBAChD,MAAM,IAAI,SAAS,CACjB,oDAAoD,EACpD,oBAAoB,EACpB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;YAEtG,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YAEtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAA;QACpC,CAAC;QAED,KAAK,CAAC,WAAW,CAAC,KAAK;YACrB,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;YAChD,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAA;YAEzB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAC/C,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAA;YAEtB,OAAO,YAAY,CAAC,IAAI,CAAC,CAAA;QAC3B,CAAC;QAED,KAAK,CAAC,qBAAqB,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE;YACvE,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC1B,MAAM,IAAI,SAAS,CACjB,0CAA0C,EAC1C,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,sBAAsB,EAAE,GAAG,CAAC,CAAA;YACtF,CAAC;YACD,MAAM,uBAAuB,CAAC;gBAC5B,MAAM;gBACN,KAAK,EAAE,SAAS;gBAChB,EAAE;gBACF,aAAa,EAAE,KAAK,CAAC,QAAQ;gBAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,eAAe;aAChB,CAAC,CAAA;QACJ,CAAC;QAED,KAAK,CAAC,WAAW,CAAC,KAAK;YACrB,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACjD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,kBAAkB,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC,CAAA;YAC/D,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;QAED,KAAK,CAAC,cAAc,CAAC,KAAK;YACxB,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,gDAAgD;gBAChD,OAAM;YACR,CAAC;YAED,MAAM,MAAM,GAAG,oBAAoB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACpD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,mDAAmD;gBACnD,OAAM;YACR,CAAC;YAED,IAAI,CAAC,KAAK;gBAAE,OAAM;YAElB,mDAAmD;YACnD,IAAI,CAAC;gBACH,MAAM,mBAAmB,CAAC;oBACxB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,EAAE;oBACF,aAAa,EAAE,KAAK,CAAC,QAAQ;oBAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,QAAQ,EAAE,GAAG,OAAO,CAAC,MAAM,iBAAiB,EAAE,kCAAkC;iBACjF,CAAC,CAAA;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,iCAAiC;YACnC,CAAC;QACH,CAAC;QAED,KAAK,CAAC,aAAa,CAAC,KAAK;YACvB,MAAM,MAAM,GAAG,mBAAmB,CAAC,iBAAiB,CAAC,CAAA;YACrD,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,oBAAoB,CAAC;oBACzB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBAC3B,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ;oBACjC,EAAE;oBACF,UAAU;iBACX,CAAC,CAAA;gBACF,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAA;gBAC3E,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;oBACtD,IAAI,IAAI,EAAE,CAAC;wBACT,MAAM,SAAS,CAAC,eAAe,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAA;oBACvD,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE;YAC/B,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,MAAM,IAAI,SAAS,CAAC,mCAAmC,EAAE,kBAAkB,EAAE,GAAG,CAAC,CAAA;YACnF,CAAC;YACD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,sBAAsB,EAAE,GAAG,CAAC,CAAA;YACtF,CAAC;YAED,MAAM,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YAC5C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,gBAAgB,CAAC;oBACrB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,WAAW;oBACrC,EAAE;oBACF,aAAa,EAAE,KAAK,CAAC,QAAQ;oBAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,SAAS;iBACV,CAAC,CAAA;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;oBACnE,MAAM,IAAI,SAAS,CAAC,uCAAuC,EAAE,cAAc,EAAE,GAAG,CAAC,CAAA;gBACnF,CAAC;gBACD,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,KAAK;YAC1B,MAAM,MAAM,GAAG,sBAAsB,CAAC,iBAAiB,CAAC,CAAA;YACxD,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,uBAAuB,CAAC;oBAC/C,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBAC3B,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ;oBACjC,EAAE;oBACF,UAAU;iBACX,CAAC,CAAA;gBAEF,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;gBAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;gBAC9D,CAAC;gBAED,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;gBACrC,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;gBAEtG,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAA;YACpC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,SAAS;oBAAE,MAAM,GAAG,CAAA;gBACvC,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;KACF,CAAA;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAClE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,sBAAsB,EAAE,wBAAwB,EAAE,MAAM,kBAAkB,CAAA;AACvG,OAAO,EACL,cAAc,EACd,WAAW,EACX,oBAAoB,EACpB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,uBAAuB,EACvB,WAAW,IAAI,kBAAkB,GAClC,MAAM,iCAAiC,CAAA;AACxC,OAAO,EACL,mBAAmB,EACnB,aAAa,IAAI,oBAAoB,GACtC,MAAM,6BAA6B,CAAA;AACpC,OAAO,EACL,gBAAgB,EAChB,gBAAgB,IAAI,uBAAuB,GAC5C,MAAM,0BAA0B,CAAA;AACjC,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,kBAAkB,EAClB,6BAA6B,GAC9B,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAC/D,OAAO,EAAE,aAAa,IAAI,oBAAoB,EAAE,gBAAgB,IAAI,uBAAuB,EAAE,MAAM,yBAAyB,CAAA;AAC5H,OAAO,EACL,cAAc,IAAI,qBAAqB,EACvC,eAAe,IAAI,sBAAsB,EACzC,gBAAgB,IAAI,uBAAuB,EAC3C,eAAe,IAAI,sBAAsB,EACzC,eAAe,IAAI,sBAAsB,GAC1C,MAAM,yBAAyB,CAAA;AAChC,OAAO,EACL,YAAY,EACZ,sBAAsB,EACtB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,uBAAuB,CAAA;AAE9B,qFAAqF;AACrF,SAAS,eAAe,CAAC,KAAyB,EAAE,UAAkB;IACpE,IAAI,CAAC,KAAK;QAAE,OAAO,UAAU,CAAA;IAC7B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;IAC/C,IAAI,CAAC,KAAK;QAAE,OAAO,UAAU,CAAA;IAC7B,MAAM,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;IACrB,MAAM,IAAI,GAAG,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,CAAA;IAChG,OAAO,CAAC,GAAG,IAAI,CAAA;AACjB,CAAC;AAED,MAAM,sBAAsB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA,CAAC,MAAM;AAE9D,MAAM,OAAO,SAAU,SAAQ,KAAK;IAGhB;IACA;IAHlB,YACE,OAAe,EACC,IAAY,EACZ,UAAkB;QAElC,KAAK,CAAC,OAAO,CAAC,CAAA;QAHE,SAAI,GAAJ,IAAI,CAAQ;QACZ,eAAU,GAAV,UAAU,CAAQ;QAGlC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAA;IACzB,CAAC;CACF;AAgND,SAAS,YAAY,CAAC,IASrB;IACC,OAAO;QACL,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;QACvC,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,SAAS,EAAE,IAAI,CAAC,SAAS;KAC1B,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,UAAU,CAAC,MAAsB;IAC/C,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,GAAG,EAAE,EAAE,QAAQ,EAAE,QAAQ,GAAG,EAAE,EAAE,SAAS,GAAG,EAAE,EAAE,IAAI,GAAG,EAAE,EAAE,GAAG,MAAM,CAAA;IACxG,MAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAA;IAC5C,MAAM,iBAAiB,GAAG,QAAQ,CAAC,SAAS,IAAI,CAAC,CAAA;IACjD,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAA;IAC3C,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,MAAM,CAAA;IAC9C,MAAM,YAAY,GAAG,eAAe,CAAC,OAAO,CAAC,gBAAgB,EAAE,sBAAsB,CAAC,CAAA;IAEtF,MAAM,oBAAoB,GAAG,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAA;IACnE,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;IAC3D,MAAM,aAAa,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;IACrD,MAAM,YAAY,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;IAEnD,OAAO;QACL,KAAK,CAAC,QAAQ,CAAC,KAAK;YAClB,MAAM,MAAM,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAA;YAChD,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC,IAAI,CAAA;YAElD,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;YACpD,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,IAAI,SAAS,CAAC,2CAA2C,EAAE,cAAc,EAAE,GAAG,CAAC,CAAA;YACvF,CAAC;YAED,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAA;YAC7D,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAA;YACvF,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YAErC,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;YACtG,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;YAE1F,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YAEtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,CAAA;QAClD,CAAC;QAED,KAAK,CAAC,KAAK,CAAC,KAAK;YACf,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YAC3C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC,IAAI,CAAA;YAElD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;YAChD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,SAAS,CAAC,aAAa,EAAE,CAAC,SAAS,EAAE,qBAAqB,CAAC,CAAA;gBACjE,MAAM,IAAI,SAAS,CAAC,2BAA2B,EAAE,qBAAqB,EAAE,GAAG,CAAC,CAAA;YAC9E,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;YAC/D,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,SAAS,CAAC,aAAa,EAAE,CAAC,SAAS,EAAE,qBAAqB,CAAC,CAAA;gBACjE,MAAM,IAAI,SAAS,CAAC,2BAA2B,EAAE,qBAAqB,EAAE,GAAG,CAAC,CAAA;YAC9E,CAAC;YAED,IAAI,oBAAoB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;gBAChD,MAAM,SAAS,CAAC,aAAa,EAAE,CAAC,SAAS,EAAE,oBAAoB,CAAC,CAAA;gBAChE,MAAM,IAAI,SAAS,CACjB,oDAAoD,EACpD,oBAAoB,EACpB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,8EAA8E;YAC9E,+DAA+D;YAC/D,gEAAgE;YAChE,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBAC1B,MAAM,cAAc,GAAG,sBAAsB,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;gBACtE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,cAAc,EAAE,CAAA;YAC9C,CAAC;YAED,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;YACtG,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;YAE1F,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YAEtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,CAAA;QAClD,CAAC;QAED,KAAK,CAAC,WAAW,CAAC,KAAK;YACrB,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;YAChD,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAA;YAEzB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAC/C,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAA;YAEtB,OAAO,YAAY,CAAC,IAAI,CAAC,CAAA;QAC3B,CAAC;QAED,KAAK,CAAC,qBAAqB,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE;YACvE,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC1B,MAAM,IAAI,SAAS,CACjB,0CAA0C,EAC1C,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,sBAAsB,EAAE,GAAG,CAAC,CAAA;YACtF,CAAC;YACD,MAAM,uBAAuB,CAAC;gBAC5B,MAAM;gBACN,KAAK,EAAE,SAAS;gBAChB,EAAE;gBACF,aAAa,EAAE,KAAK,CAAC,QAAQ;gBAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,eAAe;gBACf,GAAG,CAAC,KAAK,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACnF,CAAC,CAAA;QACJ,CAAC;QAED,KAAK,CAAC,WAAW,CAAC,KAAK;YACrB,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACjD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,kBAAkB,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC,CAAA;YAC/D,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;QAED,KAAK,CAAC,cAAc,CAAC,KAAK,EAAE,MAAM;YAChC,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,gDAAgD;gBAChD,OAAM;YACR,CAAC;YAED,MAAM,MAAM,GAAG,oBAAoB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACpD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,mDAAmD;gBACnD,OAAM;YACR,CAAC;YAED,IAAI,CAAC,KAAK;gBAAE,OAAM;YAElB,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC;gBACtB,MAAM,IAAI,SAAS,CACjB,gEAAgE,EAChE,aAAa,EACb,GAAG,CACJ,CAAA;YACH,CAAC;YAED,mDAAmD;YACnD,IAAI,CAAC;gBACH,MAAM,mBAAmB,CAAC;oBACxB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,EAAE;oBACF,aAAa,EAAE,KAAK,CAAC,QAAQ;oBAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,GAAG,CAAC,KAAK,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACvF,CAAC,CAAA;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,iCAAiC;YACnC,CAAC;QACH,CAAC;QAED,KAAK,CAAC,aAAa,CAAC,KAAK;YACvB,MAAM,MAAM,GAAG,mBAAmB,CAAC,iBAAiB,CAAC,CAAA;YACrD,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,oBAAoB,CAAC;oBACzB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBAC3B,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ;oBACjC,EAAE;oBACF,UAAU;iBACX,CAAC,CAAA;gBACF,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAA;gBAC3E,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;oBACtD,IAAI,IAAI,EAAE,CAAC;wBACT,MAAM,SAAS,CAAC,eAAe,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAA;oBACvD,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE;YAC/B,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,MAAM,IAAI,SAAS,CAAC,mCAAmC,EAAE,kBAAkB,EAAE,GAAG,CAAC,CAAA;YACnF,CAAC;YACD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,sBAAsB,EAAE,GAAG,CAAC,CAAA;YACtF,CAAC;YAED,MAAM,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YAC5C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,gBAAgB,CAAC;oBACrB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,WAAW;oBACrC,EAAE;oBACF,aAAa,EAAE,KAAK,CAAC,QAAQ;oBAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,SAAS;oBACT,GAAG,CAAC,KAAK,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACjF,CAAC,CAAA;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;oBACnE,MAAM,IAAI,SAAS,CAAC,uCAAuC,EAAE,cAAc,EAAE,GAAG,CAAC,CAAA;gBACnF,CAAC;gBACD,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,KAAK;YAC1B,MAAM,MAAM,GAAG,sBAAsB,CAAC,iBAAiB,CAAC,CAAA;YACxD,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,mBAAmB,EACtD,kBAAkB,EAClB,GAAG,CACJ,CAAA;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,uBAAuB,CAAC;oBAC/C,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBAC3B,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ;oBACjC,EAAE;oBACF,UAAU;iBACX,CAAC,CAAA;gBAEF,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;gBAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;gBAC9D,CAAC;gBAED,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;gBACrC,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;gBACtG,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;gBAE1F,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,CAAA;YAClD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,SAAS;oBAAE,MAAM,GAAG,CAAA;gBACvC,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;QAED,KAAK,CAAC,OAAO,CAAC,eAAe;YAC3B,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,MAAM,IAAI,SAAS,CAAC,2BAA2B,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACxE,CAAC;YACD,IAAI,OAAgD,CAAA;YACpD,IAAI,CAAC;gBACH,OAAO,GAAG,MAAM,kBAAkB,CAAC,EAAE,QAAQ,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;YAC5F,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAA;gBAC5E,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;YAClD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,SAAS,CAAC,uBAAuB,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpE,CAAC;YACD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;YACtG,MAAM,SAAS,CAAC,cAAc,EAAE,CAAC,UAAU,CAAC,CAAA;YAC5C,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,CAAC,WAAW,EAAE,CAAA;QACvE,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,eAAe;YAC1B,IAAI,CAAC,eAAe;gBAAE,OAAM;YAC5B,MAAM,kBAAkB,CAAC,EAAE,QAAQ,EAAE,eAAe,EAAE,EAAE,EAAE,CAAC,CAAA;QAC7D,CAAC;QAED,KAAK,CAAC,SAAS,CAAC,MAAM;YACpB,MAAM,6BAA6B,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;QACrD,CAAC;QAED,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,YAAY,EAAE;YACzC,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,kBAAkB,EAAE,GAAG,CAAC,CAAA;YAClF,CAAC;YACD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,sBAAsB,EAAE,GAAG,CAAC,CAAA;YACtF,CAAC;YACD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,SAAS,CACjB,gEAAgE,EAChE,aAAa,EACb,GAAG,CACJ,CAAA;YACH,CAAC;YAED,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACnD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,oDAAoD;gBACpD,OAAM;YACR,CAAC;YAED,uDAAuD;YACvD,IAAI,CAAC;gBACH,MAAM,oBAAoB,CAAC;oBACzB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,EAAE;oBACF,aAAa,EAAE,KAAK,CAAC,QAAQ;oBAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,YAAY;oBACZ,WAAW;oBACX,GAAG,CAAC,KAAK,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAC/E,CAAC,CAAA;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,iCAAiC;YACnC,CAAC;QACH,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,KAAK;YAC1B,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,kBAAkB,EAAE,GAAG,CAAC,CAAA;YAClF,CAAC;YACD,MAAM,MAAM,GAAG,sBAAsB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;YACtD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,SAAS,CAAC,mBAAmB,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YAChE,CAAC;YAED,IAAI,QAA6D,CAAA;YACjE,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,uBAAuB,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC,CAAA;YAC/E,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC;YAED,MAAM,UAAU,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;YAC9C,MAAM,KAAK,GAAG,OAAO,CACnB,EAAE,GAAG,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAC/E,OAAO,CAAC,MAAM,EACd,SAAS,CACV,CAAA;YACD,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;YAEnG,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YACtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,CAAA;QAClD,CAAC;QAED,KAAK,CAAC,UAAU,CAAC,UAAU,EAAE,WAAW;YACtC,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC,UAAU,CAAC,CAAA;YAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,SAAS,CACjB,mBAAmB,UAAU,qBAAqB,EAClD,wBAAwB,EACxB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,OAAO,UAAU,CAAC,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;QACtE,CAAC;QAED,KAAK,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAC1D,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC,UAAU,CAAC,CAAA;YAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,SAAS,CACjB,mBAAmB,UAAU,qBAAqB,EAClD,wBAAwB,EACxB,GAAG,CACJ,CAAA;YACH,CAAC;YACD,IAAI,MAAM,CAAA;YACV,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,aAAa,CAAC;oBAC3B,QAAQ;oBACR,KAAK;oBACL,IAAI;oBACJ,WAAW;oBACX,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,EAAE;oBACF,WAAW;iBACZ,CAAC,CAAA;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,kFAAkF;gBAClF,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAK,GAAkC,CAAC,YAAY,EAAE,CAAC;oBACvF,MAAM,CAAC,GAAG,GAAmD,CAAA;oBAC7D,MAAM,IAAI,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,UAAU,CAAC,CAAA;gBACtD,CAAC;gBACD,MAAM,GAAG,CAAA;YACX,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;YAClC,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,KAAK,GAAG,OAAO,CACnB,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EACpD,OAAO,CAAC,MAAM,EACd,SAAS,CACV,CAAA;YACD,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;YAE1F,uEAAuE;YACvE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YACxC,CAAC;iBAAM,CAAC;gBACN,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YACxC,CAAC;YAED,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,SAAS,EAAE,CAAA;QAC7D,CAAC;QAED,KAAK,CAAC,cAAc,CAAC,MAAM;YACzB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;YAC1C,IAAI,CAAC,IAAI;gBAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;YACvE,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,IAAI,UAAU,CAAA;YAC3C,OAAO,qBAAqB,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;QACzE,CAAC;QAED,KAAK,CAAC,eAAe,CAAC,MAAM,EAAE,IAAI;YAChC,IAAI,CAAC;gBACH,MAAM,sBAAsB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAA;YACpD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,sBAAsB,CAAA;gBAC3E,IAAI,OAAO,KAAK,gBAAgB,EAAE,CAAC;oBACjC,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;gBAC9D,CAAC;gBACD,IAAI,OAAO,KAAK,uBAAuB,EAAE,CAAC;oBACxC,MAAM,IAAI,SAAS,CAAC,qDAAqD,EAAE,OAAO,EAAE,GAAG,CAAC,CAAA;gBAC1F,CAAC;gBACD,IAAI,OAAO,KAAK,yBAAyB,EAAE,CAAC;oBAC1C,MAAM,IAAI,SAAS,CAAC,4BAA4B,EAAE,OAAO,EAAE,GAAG,CAAC,CAAA;gBACjE,CAAC;gBACD,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,MAAM,EAAE,QAAQ;YACrC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;YAC1C,IAAI,CAAC,IAAI;gBAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;YACvE,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;YAC/D,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,qBAAqB,EAAE,GAAG,CAAC,CAAA;YACrE,CAAC;YACD,MAAM,uBAAuB,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;QAC/C,CAAC;QAED,KAAK,CAAC,eAAe,CAAC,cAAc,EAAE,IAAI;YACxC,MAAM,OAAO,GAAG,wBAAwB,CAAC,cAAc,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;YACxE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YAC/E,CAAC;YACD,IAAI,IAAI,CAAA;YACR,IAAI,CAAC;gBACH,IAAI,GAAG,MAAM,sBAAsB,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAA;YACxE,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,CAAA;gBAChF,IAAI,OAAO,KAAK,yBAAyB,EAAE,CAAC;oBAC1C,MAAM,IAAI,SAAS,CAAC,4BAA4B,EAAE,OAAO,EAAE,GAAG,CAAC,CAAA;gBACjE,CAAC;gBACD,IAAI,OAAO,KAAK,wBAAwB,EAAE,CAAC;oBACzC,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,OAAO,EAAE,GAAG,CAAC,CAAA;gBACvE,CAAC;gBACD,IAAI,OAAO,KAAK,gBAAgB,EAAE,CAAC;oBACjC,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;gBAC9D,CAAC;gBACD,MAAM,GAAG,CAAA;YACX,CAAC;YACD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,KAAK,GAAG,OAAO,CACnB,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EACpD,OAAO,CAAC,MAAM,EACd,SAAS,CACV,CAAA;YACD,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;YAC1F,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YACtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,CAAA;QAClD,CAAC;QAED,KAAK,CAAC,eAAe,CAAC,cAAc,EAAE,IAAI;YACxC,MAAM,OAAO,GAAG,wBAAwB,CAAC,cAAc,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;YACxE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YAC/E,CAAC;YACD,IAAI,IAAI,CAAA;YACR,IAAI,CAAC;gBACH,IAAI,GAAG,MAAM,sBAAsB,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAA;YACjF,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,6BAA6B,CAAA;gBAClF,IAAI,OAAO,KAAK,uBAAuB,EAAE,CAAC;oBACxC,MAAM,IAAI,SAAS,CAAC,uBAAuB,EAAE,OAAO,EAAE,GAAG,CAAC,CAAA;gBAC5D,CAAC;gBACD,IAAI,OAAO,KAAK,wBAAwB,EAAE,CAAC;oBACzC,MAAM,IAAI,SAAS,CAAC,kCAAkC,EAAE,OAAO,EAAE,GAAG,CAAC,CAAA;gBACvE,CAAC;gBACD,IAAI,OAAO,KAAK,gBAAgB,EAAE,CAAC;oBACjC,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;gBAC9D,CAAC;gBACD,MAAM,GAAG,CAAA;YACX,CAAC;YACD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,KAAK,GAAG,OAAO,CACnB,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EACpD,OAAO,CAAC,MAAM,EACd,SAAS,CACV,CAAA;YACD,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAA;YAC1F,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAA;YACtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY,EAAE,CAAA;QAClD,CAAC;QAED,MAAM;KACP,CAAA;AACH,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { DatabaseAdapter, EmailAdapter } from '@authcore/types';
|
|
1
|
+
import type { DatabaseAdapter, EmailAdapter, EmailTemplate } from '@authcore/types';
|
|
2
2
|
/**
|
|
3
3
|
* Create an email verification token and send the verification email.
|
|
4
4
|
*
|
|
@@ -11,6 +11,11 @@ export declare function createEmailVerification(params: {
|
|
|
11
11
|
emailProvider: EmailAdapter;
|
|
12
12
|
from: string;
|
|
13
13
|
verificationUrl: string;
|
|
14
|
+
template?: EmailTemplate<{
|
|
15
|
+
email: string;
|
|
16
|
+
link: string;
|
|
17
|
+
ttlHours: number;
|
|
18
|
+
}>;
|
|
14
19
|
}): Promise<string>;
|
|
15
20
|
/**
|
|
16
21
|
* Verify an email address using the raw token from the user's email link.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"emailVerification.d.ts","sourceRoot":"","sources":["../../src/features/emailVerification.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAS,MAAM,iBAAiB,CAAA;
|
|
1
|
+
{"version":3,"file":"emailVerification.d.ts","sourceRoot":"","sources":["../../src/features/emailVerification.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,aAAa,EAAS,MAAM,iBAAiB,CAAA;AAO1F;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,MAAM,EAAE;IACpD,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IACb,EAAE,EAAE,eAAe,CAAA;IACnB,aAAa,EAAE,YAAY,CAAA;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,eAAe,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,EAAE,aAAa,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAC5E,GAAG,OAAO,CAAC,MAAM,CAAC,CA4BlB;AAED;;;;GAIG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE;IACxC,QAAQ,EAAE,MAAM,CAAA;IAChB,EAAE,EAAE,eAAe,CAAA;CACpB,GAAG,OAAO,CAAC,IAAI,CAAC,CAgBhB"}
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
import { generateOpaqueToken, hashToken } from '../utils/token.js';
|
|
2
|
+
import { defaultVerifyEmailTemplate } from './templates.js';
|
|
2
3
|
const EMAIL_VERIFICATION_TTL_MS = 24 * 60 * 60 * 1000; // 24 hours
|
|
4
|
+
const EMAIL_VERIFICATION_TTL_HOURS = 24;
|
|
3
5
|
/**
|
|
4
6
|
* Create an email verification token and send the verification email.
|
|
5
7
|
*
|
|
6
8
|
* @returns The raw token (not the hash). Store only the hash in DB.
|
|
7
9
|
*/
|
|
8
10
|
export async function createEmailVerification(params) {
|
|
9
|
-
const { userId, email, db, emailProvider, from, verificationUrl } = params;
|
|
11
|
+
const { userId, email, db, emailProvider, from, verificationUrl, template = defaultVerifyEmailTemplate, } = params;
|
|
10
12
|
const rawToken = generateOpaqueToken();
|
|
11
13
|
const hashedToken = hashToken(rawToken);
|
|
12
14
|
await db.createToken({
|
|
@@ -16,18 +18,13 @@ export async function createEmailVerification(params) {
|
|
|
16
18
|
expiresAt: new Date(Date.now() + EMAIL_VERIFICATION_TTL_MS),
|
|
17
19
|
});
|
|
18
20
|
const link = `${verificationUrl}?token=${rawToken}`;
|
|
21
|
+
const rendered = template({ email, link, ttlHours: EMAIL_VERIFICATION_TTL_HOURS });
|
|
19
22
|
await emailProvider.send({
|
|
20
23
|
from,
|
|
21
24
|
to: email,
|
|
22
|
-
subject:
|
|
23
|
-
html:
|
|
24
|
-
|
|
25
|
-
<p>Please verify your email address by clicking the link below:</p>
|
|
26
|
-
<p><a href="${link}">${link}</a></p>
|
|
27
|
-
<p>This link expires in 24 hours.</p>
|
|
28
|
-
<p>If you did not create an account, you can ignore this email.</p>
|
|
29
|
-
`,
|
|
30
|
-
text: `Please verify your email by visiting: ${link}\n\nThis link expires in 24 hours.`,
|
|
25
|
+
subject: rendered.subject,
|
|
26
|
+
html: rendered.html,
|
|
27
|
+
text: rendered.text,
|
|
31
28
|
});
|
|
32
29
|
return rawToken;
|
|
33
30
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"emailVerification.js","sourceRoot":"","sources":["../../src/features/emailVerification.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;
|
|
1
|
+
{"version":3,"file":"emailVerification.js","sourceRoot":"","sources":["../../src/features/emailVerification.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAA;AAE3D,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA,CAAC,WAAW;AACjE,MAAM,4BAA4B,GAAG,EAAE,CAAA;AAEvC;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,MAQ7C;IACC,MAAM,EACJ,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,eAAe,EACvD,QAAQ,GAAG,0BAA0B,GACtC,GAAG,MAAM,CAAA;IAEV,MAAM,QAAQ,GAAG,mBAAmB,EAAE,CAAA;IACtC,MAAM,WAAW,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAA;IAEvC,MAAM,EAAE,CAAC,WAAW,CAAC;QACnB,MAAM;QACN,IAAI,EAAE,oBAAoB;QAC1B,KAAK,EAAE,WAAW;QAClB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,yBAAyB,CAAC;KAC5D,CAAC,CAAA;IAEF,MAAM,IAAI,GAAG,GAAG,eAAe,UAAU,QAAQ,EAAE,CAAA;IACnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,4BAA4B,EAAE,CAAC,CAAA;IAElF,MAAM,aAAa,CAAC,IAAI,CAAC;QACvB,IAAI;QACJ,EAAE,EAAE,KAAK;QACT,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,IAAI,EAAE,QAAQ,CAAC,IAAI;KACpB,CAAC,CAAA;IAEF,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAGjC;IACC,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,MAAM,CAAA;IAE/B,MAAM,WAAW,GAAiB,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAA;IAEpF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;IAC1D,CAAC;IAED,IAAI,WAAW,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACvC,MAAM,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QACpC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;IAC1D,CAAC;IAED,MAAM,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,MAAM,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;IAChE,MAAM,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;AACtC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { DatabaseAdapter, EmailAdapter } from '@authcore/types';
|
|
1
|
+
import type { DatabaseAdapter, EmailAdapter, EmailTemplate } from '@authcore/types';
|
|
2
2
|
/**
|
|
3
3
|
* Create an invitation for a new user.
|
|
4
4
|
* Creates the user record (with no usable password) and sends an invitation email.
|
|
@@ -12,6 +12,12 @@ export declare function createInvitation(params: {
|
|
|
12
12
|
emailProvider: EmailAdapter;
|
|
13
13
|
from: string;
|
|
14
14
|
inviteUrl: string;
|
|
15
|
+
template?: EmailTemplate<{
|
|
16
|
+
email: string;
|
|
17
|
+
link: string;
|
|
18
|
+
ttlHours: number;
|
|
19
|
+
role: string;
|
|
20
|
+
}>;
|
|
15
21
|
}): Promise<string>;
|
|
16
22
|
/**
|
|
17
23
|
* Accept an invitation by setting the user's password.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invitation.d.ts","sourceRoot":"","sources":["../../src/features/invitation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,
|
|
1
|
+
{"version":3,"file":"invitation.d.ts","sourceRoot":"","sources":["../../src/features/invitation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,aAAa,EAAS,MAAM,iBAAiB,CAAA;AAQ1F;;;;;GAKG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE;IAC7C,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;IACZ,EAAE,EAAE,eAAe,CAAA;IACnB,aAAa,EAAE,YAAY,CAAA;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,aAAa,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAC1F,GAAG,OAAO,CAAC,MAAM,CAAC,CAwClB;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE;IAC7C,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,EAAE,EAAE,eAAe,CAAA;IACnB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,GAAG,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAmB9B"}
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import { generateOpaqueToken, hashToken } from '../utils/token.js';
|
|
2
2
|
import { hashPassword } from '../utils/password.js';
|
|
3
|
+
import { defaultInvitationTemplate } from './templates.js';
|
|
3
4
|
const INVITATION_TTL_MS = 48 * 60 * 60 * 1000; // 48 hours
|
|
5
|
+
const INVITATION_TTL_HOURS = 48;
|
|
4
6
|
/**
|
|
5
7
|
* Create an invitation for a new user.
|
|
6
8
|
* Creates the user record (with no usable password) and sends an invitation email.
|
|
@@ -8,7 +10,7 @@ const INVITATION_TTL_MS = 48 * 60 * 60 * 1000; // 48 hours
|
|
|
8
10
|
* @throws Error if a user with the given email already exists
|
|
9
11
|
*/
|
|
10
12
|
export async function createInvitation(params) {
|
|
11
|
-
const { email, role, db, emailProvider, from, inviteUrl } = params;
|
|
13
|
+
const { email, role, db, emailProvider, from, inviteUrl, template = defaultInvitationTemplate, } = params;
|
|
12
14
|
const existing = await db.findUserByEmail(email);
|
|
13
15
|
if (existing) {
|
|
14
16
|
throw new Error('A user with this email already exists');
|
|
@@ -28,17 +30,13 @@ export async function createInvitation(params) {
|
|
|
28
30
|
expiresAt: new Date(Date.now() + INVITATION_TTL_MS),
|
|
29
31
|
});
|
|
30
32
|
const link = `${inviteUrl}?token=${rawToken}`;
|
|
33
|
+
const rendered = template({ email, link, ttlHours: INVITATION_TTL_HOURS, role });
|
|
31
34
|
await emailProvider.send({
|
|
32
35
|
from,
|
|
33
36
|
to: email,
|
|
34
|
-
subject:
|
|
35
|
-
html:
|
|
36
|
-
|
|
37
|
-
<p>You have been invited to create an account. Click the link below to set your password:</p>
|
|
38
|
-
<p><a href="${link}">${link}</a></p>
|
|
39
|
-
<p>This link expires in 48 hours.</p>
|
|
40
|
-
`,
|
|
41
|
-
text: `You have been invited. Set your password by visiting: ${link}\n\nThis link expires in 48 hours.`,
|
|
37
|
+
subject: rendered.subject,
|
|
38
|
+
html: rendered.html,
|
|
39
|
+
text: rendered.text,
|
|
42
40
|
});
|
|
43
41
|
return rawToken;
|
|
44
42
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invitation.js","sourceRoot":"","sources":["../../src/features/invitation.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAA;
|
|
1
|
+
{"version":3,"file":"invitation.js","sourceRoot":"","sources":["../../src/features/invitation.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAA;AACnD,OAAO,EAAE,yBAAyB,EAAE,MAAM,gBAAgB,CAAA;AAE1D,MAAM,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA,CAAC,WAAW;AACzD,MAAM,oBAAoB,GAAG,EAAE,CAAA;AAE/B;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAQtC;IACC,MAAM,EACJ,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,SAAS,EAC/C,QAAQ,GAAG,yBAAyB,GACrC,GAAG,MAAM,CAAA;IAEV,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,eAAe,CAAC,KAAK,CAAC,CAAA;IAChD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;IAC1D,CAAC;IAED,yEAAyE;IACzE,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,UAAU,CAAC;QAC/B,KAAK;QACL,YAAY,EAAE,sBAAsB;QACpC,IAAI;KACL,CAAC,CAAA;IAEF,MAAM,QAAQ,GAAG,mBAAmB,EAAE,CAAA;IACtC,MAAM,WAAW,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAA;IAEvC,MAAM,EAAE,CAAC,WAAW,CAAC;QACnB,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,IAAI,EAAE,YAAY;QAClB,KAAK,EAAE,WAAW;QAClB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,iBAAiB,CAAC;KACpD,CAAC,CAAA;IAEF,MAAM,IAAI,GAAG,GAAG,SAAS,UAAU,QAAQ,EAAE,CAAA;IAC7C,MAAM,QAAQ,GAAG,QAAQ,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,CAAA;IAEhF,MAAM,aAAa,CAAC,IAAI,CAAC;QACvB,IAAI;QACJ,EAAE,EAAE,KAAK;QACT,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,IAAI,EAAE,QAAQ,CAAC,IAAI;KACpB,CAAC,CAAA;IAEF,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAKtC;IACC,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,MAAM,CAAA;IAExD,MAAM,WAAW,GAAiB,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;IAE5E,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;IAED,IAAI,WAAW,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACvC,MAAM,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QACpC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,UAAU,CAAC,CAAA;IAChE,MAAM,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,MAAM,EAAE,EAAE,YAAY,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;IAC9E,MAAM,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;IAEpC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,EAAE,CAAA;AACvC,CAAC"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import type { DatabaseAdapter, EmailAdapter, EmailTemplate, User } from '@authcore/types';
|
|
2
|
+
/**
|
|
3
|
+
* Sentinel passwordHash used when magic-link creates a brand-new user.
|
|
4
|
+
*
|
|
5
|
+
* Same shape as the OAuth sentinel — the user has no password initially and
|
|
6
|
+
* can claim one via the standard forgot-password flow. This means a magic-link
|
|
7
|
+
* signup is functionally identical to OAuth signup: an authenticated session
|
|
8
|
+
* with no password set, and the standard "set a password" recovery path open.
|
|
9
|
+
*/
|
|
10
|
+
export declare const MAGIC_LINK_NO_PASSWORD_SENTINEL = "!MAGIC_LINK_NO_PASSWORD";
|
|
11
|
+
/**
|
|
12
|
+
* Send a magic-link email. Always returns successfully (whether the user
|
|
13
|
+
* exists or not) to prevent email enumeration.
|
|
14
|
+
*
|
|
15
|
+
* If `autoCreate` is true (the default) and no user exists for the email,
|
|
16
|
+
* a new user is created with a sentinel password hash. The user's email is
|
|
17
|
+
* marked verified — clicking a magic link from the inbox proves email
|
|
18
|
+
* ownership the same way clicking a verification link does.
|
|
19
|
+
*
|
|
20
|
+
* @returns `true` if an email was sent, `false` otherwise. Callers should
|
|
21
|
+
* not surface this to the client — return 200 either way.
|
|
22
|
+
*/
|
|
23
|
+
export declare function sendMagicLink(params: {
|
|
24
|
+
email: string;
|
|
25
|
+
db: DatabaseAdapter;
|
|
26
|
+
emailProvider: EmailAdapter;
|
|
27
|
+
from: string;
|
|
28
|
+
magicLinkUrl: string;
|
|
29
|
+
/**
|
|
30
|
+
* Defaults to `true`. When `false`, magic-link is login-only — emails to
|
|
31
|
+
* unknown addresses are silently dropped (the response is still 200).
|
|
32
|
+
*/
|
|
33
|
+
autoCreate?: boolean;
|
|
34
|
+
defaultRole?: string;
|
|
35
|
+
template?: EmailTemplate<{
|
|
36
|
+
email: string;
|
|
37
|
+
link: string;
|
|
38
|
+
ttlMinutes: number;
|
|
39
|
+
}>;
|
|
40
|
+
}): Promise<boolean>;
|
|
41
|
+
/**
|
|
42
|
+
* Consume a magic-link token. Returns the user (still as a stored DB record).
|
|
43
|
+
* Caller is responsible for minting the session JWT + refresh token.
|
|
44
|
+
*
|
|
45
|
+
* Idempotency: tokens are single-use. After consumption the token row is
|
|
46
|
+
* deleted, so a second call with the same raw token throws.
|
|
47
|
+
*
|
|
48
|
+
* @throws Error if the token is invalid or expired
|
|
49
|
+
*/
|
|
50
|
+
export declare function consumeMagicLink(params: {
|
|
51
|
+
rawToken: string;
|
|
52
|
+
db: DatabaseAdapter;
|
|
53
|
+
}): Promise<{
|
|
54
|
+
user: User;
|
|
55
|
+
}>;
|
|
56
|
+
//# sourceMappingURL=magicLink.d.ts.map
|