@authhero/kysely-adapter 10.112.0 → 10.113.0

package/dist/kysely-adapter.d.ts

@@ -18107,45 +18107,78 @@ declare const promptScreenSchema: z.ZodEnum<[
 export type PromptScreen = z.infer<typeof promptScreenSchema>;
 declare const customTextSchema: z.ZodRecord<z.ZodString, z.ZodRecord<z.ZodString, z.ZodString>>;
 export type CustomText = z.infer<typeof customTextSchema>;
-declare const mfaEnrollmentInsertSchema: z.ZodEffects<z.ZodObject<{
+declare const authenticationMethodInsertSchema: z.ZodEffects<z.ZodObject<{
 	user_id: z.ZodString;
 	type: z.ZodEnum<[
 		"phone",
 		"totp",
 		"email",
 		"push",
-		"webauthn"
+		"webauthn-roaming",
+		"webauthn-platform",
+		"passkey"
 	]>;
 	phone_number: z.ZodOptional<z.ZodString>;
 	totp_secret: z.ZodOptional<z.ZodString>;
+	credential_id: z.ZodOptional<z.ZodString>;
+	public_key: z.ZodOptional<z.ZodString>;
+	sign_count: z.ZodOptional<z.ZodNumber>;
+	credential_backed_up: z.ZodOptional<z.ZodBoolean>;
+	transports: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+	friendly_name: z.ZodOptional<z.ZodString>;
 	confirmed: z.ZodDefault<z.ZodBoolean>;
 }, "strip", z.ZodTypeAny, {
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	user_id: string;
 	confirmed: boolean;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 }, {
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	user_id: string;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 	confirmed?: boolean | undefined;
 }>, {
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	user_id: string;
 	confirmed: boolean;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 }, {
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	user_id: string;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 	confirmed?: boolean | undefined;
 }>;
-export type MfaEnrollmentInsert = z.infer<typeof mfaEnrollmentInsertSchema>;
-declare const mfaEnrollmentSchema: z.ZodEffects<z.ZodObject<{
+export type AuthenticationMethodInsert = z.infer<typeof authenticationMethodInsertSchema>;
+export type AuthenticationMethodUpdate = Partial<Omit<AuthenticationMethodInsert, "user_id" | "type">>;
+declare const authenticationMethodSchema: z.ZodEffects<z.ZodObject<{
 	id: z.ZodString;
 	created_at: z.ZodString;
 	updated_at: z.ZodString;
@@ -18155,49 +18188,81 @@ declare const mfaEnrollmentSchema: z.ZodEffects<z.ZodObject<{
 		"totp",
 		"email",
 		"push",
-		"webauthn"
+		"webauthn-roaming",
+		"webauthn-platform",
+		"passkey"
 	]>;
 	phone_number: z.ZodOptional<z.ZodString>;
 	totp_secret: z.ZodOptional<z.ZodString>;
+	credential_id: z.ZodOptional<z.ZodString>;
+	public_key: z.ZodOptional<z.ZodString>;
+	sign_count: z.ZodOptional<z.ZodNumber>;
+	credential_backed_up: z.ZodOptional<z.ZodBoolean>;
+	transports: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+	friendly_name: z.ZodOptional<z.ZodString>;
 	confirmed: z.ZodDefault<z.ZodBoolean>;
 }, "strip", z.ZodTypeAny, {
 	created_at: string;
 	updated_at: string;
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	id: string;
 	user_id: string;
 	confirmed: boolean;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 }, {
 	created_at: string;
 	updated_at: string;
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	id: string;
 	user_id: string;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 	confirmed?: boolean | undefined;
 }>, {
 	created_at: string;
 	updated_at: string;
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	id: string;
 	user_id: string;
 	confirmed: boolean;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 }, {
 	created_at: string;
 	updated_at: string;
-	type: "push" | "email" | "phone" | "totp" | "webauthn";
+	type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
 	id: string;
 	user_id: string;
 	phone_number?: string | undefined;
+	friendly_name?: string | undefined;
 	totp_secret?: string | undefined;
+	credential_id?: string | undefined;
+	public_key?: string | undefined;
+	sign_count?: number | undefined;
+	credential_backed_up?: boolean | undefined;
+	transports?: string[] | undefined;
 	confirmed?: boolean | undefined;
 }>;
-export type MfaEnrollment = z.infer<typeof mfaEnrollmentSchema>;
+export type AuthenticationMethod = z.infer<typeof authenticationMethodSchema>;
 export interface ListFlowsResponse extends Totals {
 	flows: Flow[];
 }
@@ -18540,12 +18605,12 @@ export interface GeoAdapter {
 	 */
 	getGeoInfo(headers: Record<string, string>): Promise<GeoInfo | null>;
 }
-export interface MfaEnrollmentsAdapter {
-	create: (tenant_id: string, enrollment: MfaEnrollmentInsert) => Promise<MfaEnrollment>;
-	get: (tenant_id: string, enrollment_id: string) => Promise<MfaEnrollment | null>;
-	list: (tenant_id: string, user_id: string) => Promise<MfaEnrollment[]>;
-	update: (tenant_id: string, enrollment_id: string, data: Partial<MfaEnrollmentInsert>) => Promise<MfaEnrollment>;
-	remove: (tenant_id: string, enrollment_id: string) => Promise<boolean>;
+export interface AuthenticationMethodsAdapter {
+	create: (tenant_id: string, method: AuthenticationMethodInsert) => Promise<AuthenticationMethod>;
+	get: (tenant_id: string, method_id: string) => Promise<AuthenticationMethod | null>;
+	list: (tenant_id: string, user_id: string) => Promise<AuthenticationMethod[]>;
+	update: (tenant_id: string, method_id: string, data: AuthenticationMethodUpdate) => Promise<AuthenticationMethod>;
+	remove: (tenant_id: string, method_id: string) => Promise<boolean>;
 }
 export interface StatsListParams {
 	from?: string;
@@ -18633,7 +18698,7 @@ export interface DataAdapters {
 	users: UserDataAdapter;
 	userRoles: UserRolesAdapter;
 	organizations: OrganizationsAdapter;
-	mfaEnrollments: MfaEnrollmentsAdapter;
+	authenticationMethods: AuthenticationMethodsAdapter;
 	userOrganizations: UserOrganizationsAdapter;
 	/**
 	 * Optional session cleanup function.
@@ -20763,13 +20828,19 @@ declare const sqlClientSchema: z.ZodObject<{
 	compliance_level?: "none" | "fapi1_adv_pkj_par" | "fapi1_adv_mtls_par" | "fapi2_sp_pkj_mtls" | "fapi2_sp_mtls_mtls" | undefined;
 	par_request_expiry?: number | undefined;
 }>;
-declare const sqlMfaEnrollmentSchema: z.ZodObject<{
+declare const sqlAuthenticationMethodSchema: z.ZodObject<{
 	id: z.ZodString;
 	tenant_id: z.ZodString;
 	user_id: z.ZodString;
 	type: z.ZodString;
 	phone_number: z.ZodNullable<z.ZodOptional<z.ZodString>>;
 	totp_secret: z.ZodNullable<z.ZodOptional<z.ZodString>>;
+	credential_id: z.ZodNullable<z.ZodOptional<z.ZodString>>;
+	public_key: z.ZodNullable<z.ZodOptional<z.ZodString>>;
+	sign_count: z.ZodNullable<z.ZodOptional<z.ZodNumber>>;
+	credential_backed_up: z.ZodNullable<z.ZodOptional<z.ZodNumber>>;
+	transports: z.ZodNullable<z.ZodOptional<z.ZodString>>;
+	friendly_name: z.ZodNullable<z.ZodOptional<z.ZodString>>;
 	confirmed: z.ZodNumber;
 	created_at_ts: z.ZodNumber;
 	updated_at_ts: z.ZodNumber;
@@ -20782,7 +20853,13 @@ declare const sqlMfaEnrollmentSchema: z.ZodObject<{
 	id: string;
 	confirmed: number;
 	phone_number?: string | null | undefined;
+	friendly_name?: string | null | undefined;
 	totp_secret?: string | null | undefined;
+	credential_id?: string | null | undefined;
+	public_key?: string | null | undefined;
+	sign_count?: number | null | undefined;
+	credential_backed_up?: number | null | undefined;
+	transports?: string | null | undefined;
 }, {
 	type: string;
 	tenant_id: string;
@@ -20792,7 +20869,13 @@ declare const sqlMfaEnrollmentSchema: z.ZodObject<{
 	id: string;
 	confirmed: number;
 	phone_number?: string | null | undefined;
+	friendly_name?: string | null | undefined;
 	totp_secret?: string | null | undefined;
+	credential_id?: string | null | undefined;
+	public_key?: string | null | undefined;
+	sign_count?: number | null | undefined;
+	credential_backed_up?: number | null | undefined;
+	transports?: string | null | undefined;
 }>;
 export interface Database {
 	flows: z.infer<typeof sqlFlowSchema>;
@@ -20829,7 +20912,7 @@ export interface Database {
 	invites: z.infer<typeof sqlInviteSchema>;
 	universal_login_templates: z.infer<typeof sqlUniversalLoginTemplateSchema>;
 	custom_text: z.infer<typeof sqlCustomTextSchema>;
-	mfa_enrollments: z.infer<typeof sqlMfaEnrollmentSchema>;
+	authentication_methods: z.infer<typeof sqlAuthenticationMethodSchema>;
 }
 export declare function migrateToLatest(db: Kysely<Database>, debug?: boolean): Promise<void>;
 export declare function migrateDown(db: Kysely<Database>): Promise<void>;

package/dist/kysely-adapter.mjs

@@ -282,8 +282,8 @@ function Re(e) {
   };
 }
 function Me(e) {
-  return async (t, a) => (await e.deleteFrom("mfa_enrollments").where("mfa_enrollments.tenant_id", "=", t).where(
-    "mfa_enrollments.user_id",
+  return async (t, a) => (await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id", "=", t).where(
+    "authentication_methods.user_id",
     "in",
     (o) => o.selectFrom("users").select("users.user_id").where("users.tenant_id", "=", t).where(
       (r) => r.or([
@@ -528,7 +528,13 @@ function Ve(e) {
 function Xe(e) {
   return async (t) => {
     let a = e.selectFrom("tenants");
-    const { page: n = 0, per_page: o = 50, include_totals: r = !1, sort: s, q: i } = t || {};
+    const {
+      page: n = 0,
+      per_page: o = 50,
+      include_totals: r = !1,
+      sort: s,
+      q: i
+    } = t || {};
     if (s && s.sort_by) {
       const { ref: _ } = e.dynamic;
       a = a.orderBy(_(s.sort_by), s.sort_order);
@@ -3419,13 +3425,19 @@ function no(e) {
 function oo(e) {
   return async (t, a) => {
     const n = Date.now(), o = fe();
-    return await e.insertInto("mfa_enrollments").values({
+    return await e.insertInto("authentication_methods").values({
       id: o,
       tenant_id: t,
       user_id: a.user_id,
       type: a.type,
       phone_number: a.phone_number,
       totp_secret: a.totp_secret,
+      credential_id: a.credential_id,
+      public_key: a.public_key,
+      sign_count: a.sign_count,
+      credential_backed_up: a.credential_backed_up == null ? void 0 : a.credential_backed_up ? 1 : 0,
+      transports: a.transports ? JSON.stringify(a.transports) : void 0,
+      friendly_name: a.friendly_name,
       confirmed: a.confirmed ? 1 : 0,
       created_at_ts: n,
       updated_at_ts: n
@@ -3435,6 +3447,12 @@ function oo(e) {
       type: a.type,
       phone_number: a.phone_number,
       totp_secret: a.totp_secret,
+      credential_id: a.credential_id,
+      public_key: a.public_key,
+      sign_count: a.sign_count,
+      credential_backed_up: a.credential_backed_up,
+      transports: a.transports,
+      friendly_name: a.friendly_name,
       confirmed: a.confirmed ?? !1,
       created_at: new Date(n).toISOString(),
       updated_at: new Date(n).toISOString()
@@ -3443,13 +3461,19 @@ function oo(e) {
 }
 function ge(e) {
   return async (t, a) => {
-    const n = await e.selectFrom("mfa_enrollments").where("mfa_enrollments.tenant_id", "=", t).where("mfa_enrollments.id", "=", a).selectAll().executeTakeFirst();
+    const n = await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id", "=", t).where("authentication_methods.id", "=", a).selectAll().executeTakeFirst();
     return n ? {
       id: n.id,
       user_id: n.user_id,
       type: n.type,
       phone_number: n.phone_number ?? void 0,
       totp_secret: n.totp_secret ?? void 0,
+      credential_id: n.credential_id ?? void 0,
+      public_key: n.public_key ?? void 0,
+      sign_count: n.sign_count ?? void 0,
+      credential_backed_up: n.credential_backed_up != null ? n.credential_backed_up === 1 : void 0,
+      transports: n.transports ? JSON.parse(n.transports) : void 0,
+      friendly_name: n.friendly_name ?? void 0,
       confirmed: n.confirmed === 1,
       created_at: M(n.created_at_ts),
       updated_at: M(n.updated_at_ts)
@@ -3457,12 +3481,18 @@ function ge(e) {
   };
 }
 function ro(e) {
-  return async (t, a) => (await e.selectFrom("mfa_enrollments").where("mfa_enrollments.tenant_id", "=", t).where("mfa_enrollments.user_id", "=", a).selectAll().execute()).map((o) => ({
+  return async (t, a) => (await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id", "=", t).where("authentication_methods.user_id", "=", a).selectAll().execute()).map((o) => ({
     id: o.id,
     user_id: o.user_id,
     type: o.type,
     phone_number: o.phone_number ?? void 0,
     totp_secret: o.totp_secret ?? void 0,
+    credential_id: o.credential_id ?? void 0,
+    public_key: o.public_key ?? void 0,
+    sign_count: o.sign_count ?? void 0,
+    credential_backed_up: o.credential_backed_up != null ? o.credential_backed_up === 1 : void 0,
+    transports: o.transports ? JSON.parse(o.transports) : void 0,
+    friendly_name: o.friendly_name ?? void 0,
     confirmed: o.confirmed === 1,
     created_at: M(o.created_at_ts),
     updated_at: M(o.updated_at_ts)
@@ -3473,15 +3503,15 @@ function so(e) {
     const r = {
       updated_at_ts: Date.now()
     };
-    n.phone_number !== void 0 && (r.phone_number = n.phone_number), n.totp_secret !== void 0 && (r.totp_secret = n.totp_secret), n.confirmed !== void 0 && (r.confirmed = n.confirmed ? 1 : 0), await e.updateTable("mfa_enrollments").set(r).where("mfa_enrollments.tenant_id", "=", t).where("mfa_enrollments.id", "=", a).execute();
+    n.phone_number !== void 0 && (r.phone_number = n.phone_number), n.totp_secret !== void 0 && (r.totp_secret = n.totp_secret), n.credential_id !== void 0 && (r.credential_id = n.credential_id), n.public_key !== void 0 && (r.public_key = n.public_key), n.sign_count !== void 0 && (r.sign_count = n.sign_count), n.credential_backed_up !== void 0 && (r.credential_backed_up = n.credential_backed_up ? 1 : 0), n.transports !== void 0 && (r.transports = JSON.stringify(n.transports)), n.friendly_name !== void 0 && (r.friendly_name = n.friendly_name), n.confirmed !== void 0 && (r.confirmed = n.confirmed ? 1 : 0), await e.updateTable("authentication_methods").set(r).where("authentication_methods.tenant_id", "=", t).where("authentication_methods.id", "=", a).execute();
     const s = await ge(e)(t, a);
     if (!s)
-      throw new Error(`MFA enrollment ${a} not found`);
+      throw new Error(`Authentication method ${a} not found`);
     return s;
   };
 }
 function io(e) {
-  return async (t, a) => (await e.deleteFrom("mfa_enrollments").where("mfa_enrollments.tenant_id", "=", t).where("mfa_enrollments.id", "=", a).executeTakeFirst()).numDeletedRows > 0;
+  return async (t, a) => (await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id", "=", t).where("authentication_methods.id", "=", a).executeTakeFirst()).numDeletedRows > 0;
 }
 function co(e) {
   return {
@@ -6164,6 +6194,17 @@ const Bu = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   __proto__: null,
   down: Uu,
   up: qu
+}, Symbol.toStringTag, { value: "Module" }));
+async function Qu(e) {
+  await e.schema.alterTable("mfa_enrollments").renameTo("authentication_methods").execute(), await e.schema.alterTable("authentication_methods").addColumn("credential_id", "varchar(512)").execute(), await e.schema.alterTable("authentication_methods").addColumn("public_key", "text").execute(), await e.schema.alterTable("authentication_methods").addColumn("sign_count", "integer").execute(), await e.schema.alterTable("authentication_methods").addColumn("credential_backed_up", "integer").execute(), await e.schema.alterTable("authentication_methods").addColumn("transports", "varchar(512)").execute(), await e.schema.alterTable("authentication_methods").addColumn("friendly_name", "varchar(255)").execute(), await e.schema.createIndex("authentication_methods_credential_id_idx").on("authentication_methods").column("credential_id").execute();
+}
+async function Hu(e) {
+  await e.schema.dropIndex("authentication_methods_credential_id_idx").execute(), await e.schema.alterTable("authentication_methods").dropColumn("friendly_name").execute(), await e.schema.alterTable("authentication_methods").dropColumn("transports").execute(), await e.schema.alterTable("authentication_methods").dropColumn("credential_backed_up").execute(), await e.schema.alterTable("authentication_methods").dropColumn("sign_count").execute(), await e.schema.alterTable("authentication_methods").dropColumn("public_key").execute(), await e.schema.alterTable("authentication_methods").dropColumn("credential_id").execute(), await e.schema.alterTable("authentication_methods").renameTo("mfa_enrollments").execute();
+}
+const Yu = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+  __proto__: null,
+  down: Hu,
+  up: Qu
 }, Symbol.toStringTag, { value: "Module" })), Te = {
   m1_init: _o,
   m2_magicLink: po,
@@ -6300,9 +6341,10 @@ const Bu = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   o035_idle_expires_at_ts_indexes: ju,
   o036_add_connection_to_login_sessions: Mu,
   o037_mfa_enrollments: Ku,
-  o038_add_otp_to_codes: Bu
+  o038_add_otp_to_codes: Bu,
+  o039_rename_mfa_enrollments_to_authentication_methods: Yu
 };
-async function Vu(e, t = !1) {
+async function e_(e, t = !1) {
   t && console.log("migrating...");
   const a = new we(Te), n = new ce({
     db: e,
@@ -6315,7 +6357,7 @@ async function Vu(e, t = !1) {
   }), o)
     throw console.error("failed to migrate"), console.error(o), o;
 }
-async function Xu(e) {
+async function t_(e) {
   console.log("migrating...");
   const t = new we(Te), a = new ce({
     db: e,
@@ -6326,7 +6368,7 @@ async function Xu(e) {
   }), n)
     throw console.error("failed to migrate"), console.error(n), n;
 }
-function Zu(e, t = { useTransactions: !0 }) {
+function a_(e, t = { useTransactions: !0 }) {
   return {
     branding: ga(e),
     clients: Bt(e),
@@ -6343,7 +6385,7 @@ function Zu(e, t = { useTransactions: !0 }) {
     keys: ia(e),
     loginSessions: Ja(e),
     logs: st(e),
-    mfaEnrollments: co(e),
+    authenticationMethods: co(e),
     passwords: gt(e),
     promptSettings: qa(e),
     refreshTokens: en(e),
@@ -6365,7 +6407,7 @@ function Zu(e, t = { useTransactions: !0 }) {
   };
 }
 export {
-  Zu as default,
-  Xu as migrateDown,
-  Vu as migrateToLatest
+  a_ as default,
+  t_ as migrateDown,
+  e_ as migrateToLatest
 };

package/package.json

@@ -11,7 +11,7 @@
     "type": "git",
     "url": "https://github.com/markusahlstrand/authhero"
   },
-  "version": "10.112.0",
+  "version": "10.113.0",
   "files": [
     "dist"
   ],
@@ -42,7 +42,7 @@
   "dependencies": {
     "kysely": "^0.27.4",
     "nanoid": "^5.0.8",
-    "@authhero/adapter-interfaces": "0.149.0"
+    "@authhero/adapter-interfaces": "0.150.0"
   },
   "peerDependencies": {
     "@hono/zod-openapi": "^0.19.2",