npm - @authms/core - Versions diffs - 0.1.0 - Mend

@authms/core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

package/dist/index.d.mts +398 -0
package/dist/index.d.ts +398 -0
package/dist/index.js +1337 -0
package/dist/index.mjs +1294 -0
package/package.json +48 -0
package/src/__tests__/api-client.test.ts +314 -0
package/src/__tests__/auth-client.test.ts +412 -0
package/src/__tests__/discovery.test.ts +129 -0
package/src/__tests__/password-transmission.test.ts +131 -0
package/src/__tests__/sync.test.ts +85 -0
package/src/__tests__/token-manager.test.ts +104 -0
package/src/api-client.ts +203 -0
package/src/auth-client.ts +368 -0
package/src/authms.ts +244 -0
package/src/binding.ts +126 -0
package/src/crypto/index.ts +6 -0
package/src/crypto/password-transmission.ts +198 -0
package/src/crypto/pow-solver.ts +41 -0
package/src/discovery.ts +77 -0
package/src/errors.ts +44 -0
package/src/index.ts +39 -0
package/src/platform/browser.ts +23 -0
package/src/platform/index.ts +3 -0
package/src/platform/memory.ts +19 -0
package/src/platform/types.ts +21 -0
package/src/plugin.ts +8 -0
package/src/sync.ts +51 -0
package/src/token-manager.ts +140 -0
package/src/types.ts +113 -0

package/src/token-manager.ts ADDED Viewed

@@ -0,0 +1,140 @@
+import type { StorageAdapter } from './platform/types';
+import type { TokenClaims } from './types';
+interface TokenStore {
+  accessToken: string | null;
+  refreshToken: string | null;
+  user: Record<string, unknown> | null;
+  tenantId: string | null;
+  expiresAt: number | null;
+}
+const STORAGE_PREFIX = 'authms_';
+export class TokenManager {
+  private storage: StorageAdapter;
+  private prefix: string;
+  private store: TokenStore;
+  private changeListeners: Set<(token: string | null) => void> = new Set();
+  constructor(storage: StorageAdapter, prefix?: string) {
+    this.storage = storage;
+    this.prefix = prefix ?? STORAGE_PREFIX;
+    this.store = this.initialStore();
+  }
+  private initialStore(): TokenStore {
+    return {
+      accessToken: null,
+      refreshToken: null,
+      user: null,
+      tenantId: null,
+      expiresAt: null,
+    };
+  }
+  private storageKey(key: string): string {
+    return `${this.prefix}${key}`;
+  }
+  async load(): Promise<void> {
+    try {
+      const raw = await this.storage.getItem(this.storageKey('tokens'));
+      if (raw) {
+        const parsed = JSON.parse(raw) as TokenStore;
+        this.store = { ...this.initialStore(), ...parsed };
+      }
+    } catch {
+      this.store = this.initialStore();
+    }
+  }
+  async persist(): Promise<void> {
+    try {
+      await this.storage.setItem(this.storageKey('tokens'), JSON.stringify(this.store));
+    } catch { /* quota exceeded, non-critical */ }
+  }
+  getAccessToken(): string | null {
+    if (this.store.accessToken && this.isTokenExpired(this.store.accessToken)) {
+      return null;
+    }
+    return this.store.accessToken;
+  }
+  getRefreshToken(): string | null {
+    return this.store.refreshToken;
+  }
+  getUser(): Record<string, unknown> | null {
+    return this.store.user;
+  }
+  getTenantId(): string | null {
+    return this.store.tenantId;
+  }
+  getExpiresAt(): number | null {
+    return this.store.expiresAt;
+  }
+  isAuthenticated(): boolean {
+    return !!this.store.accessToken && !this.isTokenExpired(this.store.accessToken!);
+  }
+  setTokens(accessToken: string, refreshToken: string, expiresIn: number): void {
+    this.store.accessToken = accessToken;
+    this.store.refreshToken = refreshToken;
+    this.store.expiresAt = Date.now() + expiresIn * 1000;
+    this.notifyListeners(accessToken);
+  }
+  setUser(user: Record<string, unknown>): void {
+    this.store.user = user;
+  }
+  setTenantId(tenantId: string | null): void {
+    this.store.tenantId = tenantId;
+  }
+  clear(): void {
+    this.store = this.initialStore();
+    this.notifyListeners(null);
+  }
+  onTokenChange(listener: (token: string | null) => void): () => void {
+    this.changeListeners.add(listener);
+    return () => this.changeListeners.delete(listener);
+  }
+  private notifyListeners(token: string | null): void {
+    this.changeListeners.forEach(fn => {
+      try { fn(token); } catch { /* listener error shouldn't break others */ }
+    });
+  }
+  decodeToken(token: string): TokenClaims | null {
+    try {
+      const base64Url = token.split('.')[1];
+      const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+      const json = decodeURIComponent(
+        atob(base64).split('').map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)).join('')
+      );
+      return JSON.parse(json) as TokenClaims;
+    } catch {
+      return null;
+    }
+  }
+  isTokenExpired(token: string): boolean {
+    const claims = this.decodeToken(token);
+    if (!claims?.exp) return true;
+    return Date.now() >= claims.exp * 1000;
+  }
+  getTokenRemainingTime(token: string): number {
+    const claims = this.decodeToken(token);
+    if (!claims?.exp) return 0;
+    return Math.max(0, claims.exp * 1000 - Date.now());
+  }
+}

package/src/types.ts ADDED Viewed

@@ -0,0 +1,113 @@
+export interface User {
+  id: string;
+  username?: string;
+  email?: string;
+  phone?: string;
+  status?: string;
+  avatar?: string;
+  [key: string]: unknown;
+}
+export interface AuthResult {
+  user: User;
+  accessToken: string;
+  refreshToken: string;
+  expiresIn: number;
+  tokenType: string;
+}
+export interface LoginRequest {
+  email?: string;
+  phone?: string;
+  username?: string;
+  password: string;
+  tenantId?: string;
+  captchaToken?: string;
+  captchaProvider?: string;
+  captchaChallengeId?: string;
+}
+export interface RegisterRequest {
+  email?: string;
+  phone?: string;
+  username?: string;
+  password: string;
+  tenantId?: string;
+  name?: string;
+}
+export interface OAuthOptions {
+  provider: string;
+  redirectUri?: string;
+}
+export interface TokenClaims {
+  sub?: string;
+  user_id?: string;
+  tenant_id?: string;
+  exp?: number;
+  iat?: number;
+  session_id?: string;
+  type?: string;
+  role?: string;
+  [key: string]: unknown;
+}
+export type AuthmsEvent =
+  | 'READY'
+  | 'USER_CHANGED'
+  | 'TOKEN_CHANGED'
+  | 'NOT_AUTHENTICATED'
+  | 'LOGGED_OUT'
+  | 'SECURITY_ALERT';
+export interface SecurityAlert {
+  reason: 'token_reuse' | 'suspicious_activity' | 'session_revoked';
+  message: string;
+}
+export interface PasswordPolicyConfig {
+  mode: string;
+  minLength: number;
+  maxLength?: number;
+  requireUpper: boolean;
+  requireLower?: boolean;
+  requireDigit?: boolean;
+  requireSpecial?: boolean;
+  tenantId: string;
+  publicKey: string;
+}
+export interface BrandingInfo {
+  logoUrl?: string;
+  primaryColor?: string;
+  companyName?: string;
+  loginPageTitle?: string;
+}
+export interface TenantAuthConfig {
+  tenantId: string;
+  tenantName: string;
+  displayName: string;
+  membershipApproval: string;
+  loginMethods: string[];
+  oauthProviders: string[];
+  passwordPolicy: PasswordPolicyConfig;
+  captchaEnabled: boolean;
+  captchaProvider: string;
+  silentChallengeEnabled: boolean;
+  transmissionPublicKey: string;
+  oauthClientId: string;
+  passkeyEnabled: boolean;
+  magicLinkEnabled: boolean;
+  branding: BrandingInfo | null;
+}
+export const ERROR_CODES = {
+  CAPTCHA_REQUIRED: 'CAPTCHA_REQUIRED',
+  INVALID_CAPTCHA: 'INVALID_CAPTCHA',
+  TOKEN_REUSE: 'TOKEN_REUSE',
+  SESSION_EXPIRED: 'SESSION_EXPIRED',
+  REFRESH_FAILED: 'REFRESH_FAILED',
+  NOT_AUTHENTICATED: 'NOT_AUTHENTICATED',
+} as const;