@authrim/sveltekit 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +191 -0
- package/README.md +531 -0
- package/dist/__tests__/client-events.test.d.ts +2 -0
- package/dist/__tests__/client-events.test.d.ts.map +1 -0
- package/dist/__tests__/client-events.test.js +225 -0
- package/dist/__tests__/providers.test.d.ts +2 -0
- package/dist/__tests__/providers.test.d.ts.map +1 -0
- package/dist/__tests__/providers.test.js +68 -0
- package/dist/__tests__/response.test.d.ts +2 -0
- package/dist/__tests__/response.test.d.ts.map +1 -0
- package/dist/__tests__/response.test.js +99 -0
- package/dist/__tests__/stores.test.d.ts +2 -0
- package/dist/__tests__/stores.test.d.ts.map +1 -0
- package/dist/__tests__/stores.test.js +91 -0
- package/dist/client.d.ts +25 -0
- package/dist/client.d.ts.map +1 -0
- package/dist/client.js +411 -0
- package/dist/components/AuthProvider.svelte +56 -0
- package/dist/components/AuthProvider.svelte.d.ts +34 -0
- package/dist/components/AuthProvider.svelte.d.ts.map +1 -0
- package/dist/components/ProtectedRoute.svelte +71 -0
- package/dist/components/ProtectedRoute.svelte.d.ts +38 -0
- package/dist/components/ProtectedRoute.svelte.d.ts.map +1 -0
- package/dist/components/SignInButton.svelte +93 -0
- package/dist/components/SignInButton.svelte.d.ts +43 -0
- package/dist/components/SignInButton.svelte.d.ts.map +1 -0
- package/dist/components/SignOutButton.svelte +72 -0
- package/dist/components/SignOutButton.svelte.d.ts +40 -0
- package/dist/components/SignOutButton.svelte.d.ts.map +1 -0
- package/dist/components/UserProfile.svelte +71 -0
- package/dist/components/UserProfile.svelte.d.ts +51 -0
- package/dist/components/UserProfile.svelte.d.ts.map +1 -0
- package/dist/components/index.d.ts +6 -0
- package/dist/components/index.d.ts.map +1 -0
- package/dist/components/index.js +5 -0
- package/dist/direct-auth/ciba.d.ts +47 -0
- package/dist/direct-auth/ciba.d.ts.map +1 -0
- package/dist/direct-auth/ciba.js +77 -0
- package/dist/direct-auth/consent.d.ts +85 -0
- package/dist/direct-auth/consent.d.ts.map +1 -0
- package/dist/direct-auth/consent.js +57 -0
- package/dist/direct-auth/device-flow.d.ts +40 -0
- package/dist/direct-auth/device-flow.d.ts.map +1 -0
- package/dist/direct-auth/device-flow.js +45 -0
- package/dist/direct-auth/email-code.d.ts +48 -0
- package/dist/direct-auth/email-code.d.ts.map +1 -0
- package/dist/direct-auth/email-code.js +265 -0
- package/dist/direct-auth/index.d.ts +9 -0
- package/dist/direct-auth/index.d.ts.map +1 -0
- package/dist/direct-auth/index.js +8 -0
- package/dist/direct-auth/login-challenge.d.ts +41 -0
- package/dist/direct-auth/login-challenge.d.ts.map +1 -0
- package/dist/direct-auth/login-challenge.js +34 -0
- package/dist/direct-auth/passkey.d.ts +30 -0
- package/dist/direct-auth/passkey.d.ts.map +1 -0
- package/dist/direct-auth/passkey.js +392 -0
- package/dist/direct-auth/session.d.ts +48 -0
- package/dist/direct-auth/session.d.ts.map +1 -0
- package/dist/direct-auth/session.js +219 -0
- package/dist/direct-auth/social.d.ts +56 -0
- package/dist/direct-auth/social.d.ts.map +1 -0
- package/dist/direct-auth/social.js +484 -0
- package/dist/index.d.ts +17 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +14 -0
- package/dist/providers/crypto.d.ts +13 -0
- package/dist/providers/crypto.d.ts.map +1 -0
- package/dist/providers/crypto.js +27 -0
- package/dist/providers/http.d.ts +30 -0
- package/dist/providers/http.d.ts.map +1 -0
- package/dist/providers/http.js +65 -0
- package/dist/providers/index.d.ts +4 -0
- package/dist/providers/index.d.ts.map +1 -0
- package/dist/providers/index.js +3 -0
- package/dist/providers/storage.d.ts +21 -0
- package/dist/providers/storage.d.ts.map +1 -0
- package/dist/providers/storage.js +83 -0
- package/dist/server/handle.d.ts +46 -0
- package/dist/server/handle.d.ts.map +1 -0
- package/dist/server/handle.js +60 -0
- package/dist/server/index.d.ts +4 -0
- package/dist/server/index.d.ts.map +1 -0
- package/dist/server/index.js +3 -0
- package/dist/server/load.d.ts +83 -0
- package/dist/server/load.d.ts.map +1 -0
- package/dist/server/load.js +86 -0
- package/dist/server/session.d.ts +44 -0
- package/dist/server/session.d.ts.map +1 -0
- package/dist/server/session.js +50 -0
- package/dist/stores/auth.d.ts +56 -0
- package/dist/stores/auth.d.ts.map +1 -0
- package/dist/stores/auth.js +64 -0
- package/dist/stores/index.d.ts +2 -0
- package/dist/stores/index.d.ts.map +1 -0
- package/dist/stores/index.js +1 -0
- package/dist/types.d.ts +164 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +4 -0
- package/dist/ui/account/LinkAccountButton.svelte +133 -0
- package/dist/ui/account/LinkAccountButton.svelte.d.ts +37 -0
- package/dist/ui/account/LinkAccountButton.svelte.d.ts.map +1 -0
- package/dist/ui/account/LinkedAccountsList.svelte +233 -0
- package/dist/ui/account/LinkedAccountsList.svelte.d.ts +32 -0
- package/dist/ui/account/LinkedAccountsList.svelte.d.ts.map +1 -0
- package/dist/ui/account/UnlinkAccountButton.svelte +179 -0
- package/dist/ui/account/UnlinkAccountButton.svelte.d.ts +28 -0
- package/dist/ui/account/UnlinkAccountButton.svelte.d.ts.map +1 -0
- package/dist/ui/account/index.d.ts +7 -0
- package/dist/ui/account/index.d.ts.map +1 -0
- package/dist/ui/account/index.js +6 -0
- package/dist/ui/context.d.ts +17 -0
- package/dist/ui/context.d.ts.map +1 -0
- package/dist/ui/context.js +71 -0
- package/dist/ui/forms/CIBARequestCard.svelte +315 -0
- package/dist/ui/forms/CIBARequestCard.svelte.d.ts +50 -0
- package/dist/ui/forms/CIBARequestCard.svelte.d.ts.map +1 -0
- package/dist/ui/forms/ClientInfo.svelte +232 -0
- package/dist/ui/forms/ClientInfo.svelte.d.ts +35 -0
- package/dist/ui/forms/ClientInfo.svelte.d.ts.map +1 -0
- package/dist/ui/forms/ConsentScopesList.svelte +109 -0
- package/dist/ui/forms/ConsentScopesList.svelte.d.ts +30 -0
- package/dist/ui/forms/ConsentScopesList.svelte.d.ts.map +1 -0
- package/dist/ui/forms/EmailCodeForm.svelte +224 -0
- package/dist/ui/forms/EmailCodeForm.svelte.d.ts +39 -0
- package/dist/ui/forms/EmailCodeForm.svelte.d.ts.map +1 -0
- package/dist/ui/forms/OrgSelector.svelte +95 -0
- package/dist/ui/forms/OrgSelector.svelte.d.ts +37 -0
- package/dist/ui/forms/OrgSelector.svelte.d.ts.map +1 -0
- package/dist/ui/forms/PasskeyConditionalInput.svelte +173 -0
- package/dist/ui/forms/PasskeyConditionalInput.svelte.d.ts +36 -0
- package/dist/ui/forms/PasskeyConditionalInput.svelte.d.ts.map +1 -0
- package/dist/ui/forms/QRCodeDisplay.svelte +122 -0
- package/dist/ui/forms/QRCodeDisplay.svelte.d.ts +27 -0
- package/dist/ui/forms/QRCodeDisplay.svelte.d.ts.map +1 -0
- package/dist/ui/forms/SocialLoginButtons.svelte +209 -0
- package/dist/ui/forms/SocialLoginButtons.svelte.d.ts +33 -0
- package/dist/ui/forms/SocialLoginButtons.svelte.d.ts.map +1 -0
- package/dist/ui/forms/UserCodeInput.svelte +183 -0
- package/dist/ui/forms/UserCodeInput.svelte.d.ts +34 -0
- package/dist/ui/forms/UserCodeInput.svelte.d.ts.map +1 -0
- package/dist/ui/forms/index.d.ts +13 -0
- package/dist/ui/forms/index.d.ts.map +1 -0
- package/dist/ui/forms/index.js +12 -0
- package/dist/ui/helpers/AuthError.svelte +124 -0
- package/dist/ui/helpers/AuthError.svelte.d.ts +26 -0
- package/dist/ui/helpers/AuthError.svelte.d.ts.map +1 -0
- package/dist/ui/helpers/AuthLoading.svelte +83 -0
- package/dist/ui/helpers/AuthLoading.svelte.d.ts +25 -0
- package/dist/ui/helpers/AuthLoading.svelte.d.ts.map +1 -0
- package/dist/ui/helpers/OTPInput.svelte +214 -0
- package/dist/ui/helpers/OTPInput.svelte.d.ts +34 -0
- package/dist/ui/helpers/OTPInput.svelte.d.ts.map +1 -0
- package/dist/ui/helpers/ResendCodeButton.svelte +140 -0
- package/dist/ui/helpers/ResendCodeButton.svelte.d.ts +28 -0
- package/dist/ui/helpers/ResendCodeButton.svelte.d.ts.map +1 -0
- package/dist/ui/helpers/index.d.ts +8 -0
- package/dist/ui/helpers/index.d.ts.map +1 -0
- package/dist/ui/helpers/index.js +7 -0
- package/dist/ui/index.d.ts +43 -0
- package/dist/ui/index.d.ts.map +1 -0
- package/dist/ui/index.js +48 -0
- package/dist/ui/passkey/PasskeyDeleteButton.svelte +177 -0
- package/dist/ui/passkey/PasskeyDeleteButton.svelte.d.ts +26 -0
- package/dist/ui/passkey/PasskeyDeleteButton.svelte.d.ts.map +1 -0
- package/dist/ui/passkey/PasskeyList.svelte +225 -0
- package/dist/ui/passkey/PasskeyList.svelte.d.ts +30 -0
- package/dist/ui/passkey/PasskeyList.svelte.d.ts.map +1 -0
- package/dist/ui/passkey/PasskeyRegisterButton.svelte +52 -0
- package/dist/ui/passkey/PasskeyRegisterButton.svelte.d.ts +38 -0
- package/dist/ui/passkey/PasskeyRegisterButton.svelte.d.ts.map +1 -0
- package/dist/ui/passkey/index.d.ts +7 -0
- package/dist/ui/passkey/index.d.ts.map +1 -0
- package/dist/ui/passkey/index.js +6 -0
- package/dist/ui/session/SessionExpiryIndicator.svelte +109 -0
- package/dist/ui/session/SessionExpiryIndicator.svelte.d.ts +23 -0
- package/dist/ui/session/SessionExpiryIndicator.svelte.d.ts.map +1 -0
- package/dist/ui/session/SessionList.svelte +231 -0
- package/dist/ui/session/SessionList.svelte.d.ts +31 -0
- package/dist/ui/session/SessionList.svelte.d.ts.map +1 -0
- package/dist/ui/session/SessionRevokeButton.svelte +72 -0
- package/dist/ui/session/SessionRevokeButton.svelte.d.ts +26 -0
- package/dist/ui/session/SessionRevokeButton.svelte.d.ts.map +1 -0
- package/dist/ui/session/index.d.ts +7 -0
- package/dist/ui/session/index.d.ts.map +1 -0
- package/dist/ui/session/index.js +6 -0
- package/dist/ui/shared/Alert.svelte +246 -0
- package/dist/ui/shared/Alert.svelte.d.ts +36 -0
- package/dist/ui/shared/Alert.svelte.d.ts.map +1 -0
- package/dist/ui/shared/Badge.svelte +100 -0
- package/dist/ui/shared/Badge.svelte.d.ts +35 -0
- package/dist/ui/shared/Badge.svelte.d.ts.map +1 -0
- package/dist/ui/shared/Button.svelte +213 -0
- package/dist/ui/shared/Button.svelte.d.ts +42 -0
- package/dist/ui/shared/Button.svelte.d.ts.map +1 -0
- package/dist/ui/shared/Card.svelte +85 -0
- package/dist/ui/shared/Card.svelte.d.ts +39 -0
- package/dist/ui/shared/Card.svelte.d.ts.map +1 -0
- package/dist/ui/shared/CountdownTimer.svelte +150 -0
- package/dist/ui/shared/CountdownTimer.svelte.d.ts +30 -0
- package/dist/ui/shared/CountdownTimer.svelte.d.ts.map +1 -0
- package/dist/ui/shared/Dialog.svelte +240 -0
- package/dist/ui/shared/Dialog.svelte.d.ts +39 -0
- package/dist/ui/shared/Dialog.svelte.d.ts.map +1 -0
- package/dist/ui/shared/Input.svelte +192 -0
- package/dist/ui/shared/Input.svelte.d.ts +42 -0
- package/dist/ui/shared/Input.svelte.d.ts.map +1 -0
- package/dist/ui/shared/LanguageSwitcher.svelte +99 -0
- package/dist/ui/shared/LanguageSwitcher.svelte.d.ts +31 -0
- package/dist/ui/shared/LanguageSwitcher.svelte.d.ts.map +1 -0
- package/dist/ui/shared/Spinner.svelte +75 -0
- package/dist/ui/shared/Spinner.svelte.d.ts +24 -0
- package/dist/ui/shared/Spinner.svelte.d.ts.map +1 -0
- package/dist/ui/shared/index.d.ts +13 -0
- package/dist/ui/shared/index.d.ts.map +1 -0
- package/dist/ui/shared/index.js +12 -0
- package/dist/ui/styles/base.css +168 -0
- package/dist/ui/styles/theme.css +279 -0
- package/dist/ui/templates/AccountSettingsTemplate.svelte +205 -0
- package/dist/ui/templates/AccountSettingsTemplate.svelte.d.ts +49 -0
- package/dist/ui/templates/AccountSettingsTemplate.svelte.d.ts.map +1 -0
- package/dist/ui/templates/CIBATemplate.svelte +227 -0
- package/dist/ui/templates/CIBATemplate.svelte.d.ts +45 -0
- package/dist/ui/templates/CIBATemplate.svelte.d.ts.map +1 -0
- package/dist/ui/templates/ConsentTemplate.svelte +549 -0
- package/dist/ui/templates/ConsentTemplate.svelte.d.ts +76 -0
- package/dist/ui/templates/ConsentTemplate.svelte.d.ts.map +1 -0
- package/dist/ui/templates/DeviceFlowTemplate.svelte +228 -0
- package/dist/ui/templates/DeviceFlowTemplate.svelte.d.ts +47 -0
- package/dist/ui/templates/DeviceFlowTemplate.svelte.d.ts.map +1 -0
- package/dist/ui/templates/LoginTemplate.svelte +234 -0
- package/dist/ui/templates/LoginTemplate.svelte.d.ts +49 -0
- package/dist/ui/templates/LoginTemplate.svelte.d.ts.map +1 -0
- package/dist/ui/templates/ReauthTemplate.svelte +269 -0
- package/dist/ui/templates/ReauthTemplate.svelte.d.ts +54 -0
- package/dist/ui/templates/ReauthTemplate.svelte.d.ts.map +1 -0
- package/dist/ui/templates/SignUpTemplate.svelte +345 -0
- package/dist/ui/templates/SignUpTemplate.svelte.d.ts +53 -0
- package/dist/ui/templates/SignUpTemplate.svelte.d.ts.map +1 -0
- package/dist/ui/templates/index.d.ts +14 -0
- package/dist/ui/templates/index.d.ts.map +1 -0
- package/dist/ui/templates/index.js +13 -0
- package/dist/ui/types.d.ts +151 -0
- package/dist/ui/types.d.ts.map +1 -0
- package/dist/ui/types.js +4 -0
- package/dist/utils/context.d.ts +12 -0
- package/dist/utils/context.d.ts.map +1 -0
- package/dist/utils/context.js +26 -0
- package/dist/utils/error-mapping.d.ts +29 -0
- package/dist/utils/error-mapping.d.ts.map +1 -0
- package/dist/utils/error-mapping.js +38 -0
- package/dist/utils/index.d.ts +7 -0
- package/dist/utils/index.d.ts.map +1 -0
- package/dist/utils/index.js +6 -0
- package/dist/utils/response.d.ts +21 -0
- package/dist/utils/response.d.ts.map +1 -0
- package/dist/utils/response.js +84 -0
- package/dist/utils/sensitive-data.d.ts +9 -0
- package/dist/utils/sensitive-data.d.ts.map +1 -0
- package/dist/utils/sensitive-data.js +56 -0
- package/dist/utils/ssr.d.ts +38 -0
- package/dist/utils/ssr.d.ts.map +1 -0
- package/dist/utils/ssr.js +73 -0
- package/dist/utils/webauthn-converters.d.ts +9 -0
- package/dist/utils/webauthn-converters.d.ts.map +1 -0
- package/dist/utils/webauthn-converters.js +75 -0
- package/package.json +111 -0
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Browser HTTP Client
|
|
3
|
+
*
|
|
4
|
+
* P0: credentials デフォルトは 'omit' - 必要な場合のみ 'include' を明示指定
|
|
5
|
+
* P0: 機密データのログ出力をマスキング
|
|
6
|
+
*/
|
|
7
|
+
import { sanitizeJsonForLogging } from '../utils/sensitive-data.js';
|
|
8
|
+
export class BrowserHttpClient {
|
|
9
|
+
defaultCredentials;
|
|
10
|
+
defaultTimeout;
|
|
11
|
+
debug;
|
|
12
|
+
constructor(options) {
|
|
13
|
+
this.defaultCredentials = options?.credentials ?? 'omit';
|
|
14
|
+
this.defaultTimeout = options?.timeout ?? 30000;
|
|
15
|
+
this.debug = options?.debug ?? false;
|
|
16
|
+
}
|
|
17
|
+
debugLog(message, data) {
|
|
18
|
+
if (!this.debug)
|
|
19
|
+
return;
|
|
20
|
+
if (data) {
|
|
21
|
+
const sanitized = typeof data === 'string' ? sanitizeJsonForLogging(data) : JSON.stringify(data);
|
|
22
|
+
console.debug(`[Authrim HTTP] ${message}`, sanitized);
|
|
23
|
+
}
|
|
24
|
+
else {
|
|
25
|
+
console.debug(`[Authrim HTTP] ${message}`);
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
async fetch(url, options) {
|
|
29
|
+
const controller = new AbortController();
|
|
30
|
+
const timeout = options?.timeout ?? this.defaultTimeout;
|
|
31
|
+
const timeoutId = setTimeout(() => controller.abort(), timeout);
|
|
32
|
+
this.debugLog(`${options?.method ?? 'GET'} ${url}`, options?.body);
|
|
33
|
+
try {
|
|
34
|
+
const response = await globalThis.fetch(url, {
|
|
35
|
+
method: options?.method ?? 'GET',
|
|
36
|
+
headers: options?.headers,
|
|
37
|
+
body: options?.body,
|
|
38
|
+
signal: options?.signal ?? controller.signal,
|
|
39
|
+
credentials: options?.credentials ?? this.defaultCredentials,
|
|
40
|
+
});
|
|
41
|
+
const contentType = response.headers.get('content-type') ?? '';
|
|
42
|
+
let data;
|
|
43
|
+
if (contentType.includes('application/json')) {
|
|
44
|
+
data = (await response.json());
|
|
45
|
+
}
|
|
46
|
+
else {
|
|
47
|
+
data = (await response.text());
|
|
48
|
+
}
|
|
49
|
+
const headers = {};
|
|
50
|
+
response.headers.forEach((value, key) => {
|
|
51
|
+
headers[key] = value;
|
|
52
|
+
});
|
|
53
|
+
return {
|
|
54
|
+
status: response.status,
|
|
55
|
+
statusText: response.statusText,
|
|
56
|
+
headers,
|
|
57
|
+
data,
|
|
58
|
+
ok: response.ok,
|
|
59
|
+
};
|
|
60
|
+
}
|
|
61
|
+
finally {
|
|
62
|
+
clearTimeout(timeoutId);
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
}
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
export { BrowserHttpClient, type BrowserHttpClientOptions, type BrowserHttpOptions } from './http.js';
|
|
2
|
+
export { BrowserCryptoProvider } from './crypto.js';
|
|
3
|
+
export { createBrowserStorage, type BrowserStorageOptions } from './storage.js';
|
|
4
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lib/providers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,wBAAwB,EAAE,KAAK,kBAAkB,EAAE,MAAM,WAAW,CAAC;AACtG,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,oBAAoB,EAAE,KAAK,qBAAqB,EAAE,MAAM,cAAc,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Browser Storage Provider
|
|
3
|
+
*
|
|
4
|
+
* P2: デフォルトは sessionStorage (XSS耐性優先)
|
|
5
|
+
* localStorage は明示的 opt-in のみ
|
|
6
|
+
*/
|
|
7
|
+
import type { AuthrimStorage } from '@authrim/core';
|
|
8
|
+
export interface BrowserStorageOptions {
|
|
9
|
+
/** Storage key prefix (default: 'authrim') */
|
|
10
|
+
prefix?: string;
|
|
11
|
+
/**
|
|
12
|
+
* Storage type (default: 'sessionStorage')
|
|
13
|
+
*
|
|
14
|
+
* - 'memory': 最も安全。タブを閉じると消える。SPA推奨。
|
|
15
|
+
* - 'sessionStorage': ページリロードで維持、タブを閉じると消える。
|
|
16
|
+
* - 'localStorage': 永続化。XSS脆弱性あり、明示的 opt-in のみ。
|
|
17
|
+
*/
|
|
18
|
+
storage?: 'memory' | 'sessionStorage' | 'localStorage';
|
|
19
|
+
}
|
|
20
|
+
export declare function createBrowserStorage(options?: BrowserStorageOptions): AuthrimStorage;
|
|
21
|
+
//# sourceMappingURL=storage.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../src/lib/providers/storage.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAEpD,MAAM,WAAW,qBAAqB;IACpC,8CAA8C;IAC9C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;;;OAMG;IACH,OAAO,CAAC,EAAE,QAAQ,GAAG,gBAAgB,GAAG,cAAc,CAAC;CACxD;AAiFD,wBAAgB,oBAAoB,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,cAAc,CAepF"}
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Browser Storage Provider
|
|
3
|
+
*
|
|
4
|
+
* P2: デフォルトは sessionStorage (XSS耐性優先)
|
|
5
|
+
* localStorage は明示的 opt-in のみ
|
|
6
|
+
*/
|
|
7
|
+
class MemoryStorage {
|
|
8
|
+
data = new Map();
|
|
9
|
+
async get(key) {
|
|
10
|
+
return this.data.get(key) ?? null;
|
|
11
|
+
}
|
|
12
|
+
async set(key, value) {
|
|
13
|
+
this.data.set(key, value);
|
|
14
|
+
}
|
|
15
|
+
async remove(key) {
|
|
16
|
+
this.data.delete(key);
|
|
17
|
+
}
|
|
18
|
+
async getAll() {
|
|
19
|
+
return Object.fromEntries(this.data);
|
|
20
|
+
}
|
|
21
|
+
async clear() {
|
|
22
|
+
this.data.clear();
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
class WebStorage {
|
|
26
|
+
storage;
|
|
27
|
+
prefix;
|
|
28
|
+
constructor(storage, prefix) {
|
|
29
|
+
this.storage = storage;
|
|
30
|
+
this.prefix = prefix;
|
|
31
|
+
}
|
|
32
|
+
key(key) {
|
|
33
|
+
return `${this.prefix}:${key}`;
|
|
34
|
+
}
|
|
35
|
+
async get(key) {
|
|
36
|
+
return this.storage.getItem(this.key(key));
|
|
37
|
+
}
|
|
38
|
+
async set(key, value) {
|
|
39
|
+
this.storage.setItem(this.key(key), value);
|
|
40
|
+
}
|
|
41
|
+
async remove(key) {
|
|
42
|
+
this.storage.removeItem(this.key(key));
|
|
43
|
+
}
|
|
44
|
+
async getAll() {
|
|
45
|
+
const result = {};
|
|
46
|
+
const prefixWithColon = `${this.prefix}:`;
|
|
47
|
+
for (let i = 0; i < this.storage.length; i++) {
|
|
48
|
+
const fullKey = this.storage.key(i);
|
|
49
|
+
if (fullKey?.startsWith(prefixWithColon)) {
|
|
50
|
+
const key = fullKey.slice(prefixWithColon.length);
|
|
51
|
+
const value = this.storage.getItem(fullKey);
|
|
52
|
+
if (value !== null) {
|
|
53
|
+
result[key] = value;
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
return result;
|
|
58
|
+
}
|
|
59
|
+
async clear() {
|
|
60
|
+
const prefixWithColon = `${this.prefix}:`;
|
|
61
|
+
const keysToRemove = [];
|
|
62
|
+
for (let i = 0; i < this.storage.length; i++) {
|
|
63
|
+
const fullKey = this.storage.key(i);
|
|
64
|
+
if (fullKey?.startsWith(prefixWithColon)) {
|
|
65
|
+
keysToRemove.push(fullKey);
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
keysToRemove.forEach((key) => this.storage.removeItem(key));
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
export function createBrowserStorage(options) {
|
|
72
|
+
const storageType = options?.storage ?? 'sessionStorage';
|
|
73
|
+
const prefix = options?.prefix ?? 'authrim';
|
|
74
|
+
if (storageType === 'memory') {
|
|
75
|
+
return new MemoryStorage();
|
|
76
|
+
}
|
|
77
|
+
if (typeof window === 'undefined') {
|
|
78
|
+
// SSR: use memory storage
|
|
79
|
+
return new MemoryStorage();
|
|
80
|
+
}
|
|
81
|
+
const storage = storageType === 'localStorage' ? localStorage : sessionStorage;
|
|
82
|
+
return new WebStorage(storage, prefix);
|
|
83
|
+
}
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SvelteKit Handle Hook for Authentication
|
|
3
|
+
*/
|
|
4
|
+
import type { Handle, RequestEvent } from '@sveltejs/kit';
|
|
5
|
+
import { type ServerSessionManager, type ServerSessionManagerOptions, type ServerAuthContext } from './session.js';
|
|
6
|
+
export interface AuthHandleOptions extends ServerSessionManagerOptions {
|
|
7
|
+
/**
|
|
8
|
+
* Callback URL paths that should handle auth callbacks
|
|
9
|
+
* Default: ['/auth/callback']
|
|
10
|
+
*/
|
|
11
|
+
callbackPaths?: string[];
|
|
12
|
+
}
|
|
13
|
+
/**
|
|
14
|
+
* Create auth handle for SvelteKit hooks
|
|
15
|
+
*
|
|
16
|
+
* @example
|
|
17
|
+
* ```typescript
|
|
18
|
+
* // src/hooks.server.ts
|
|
19
|
+
* import { createAuthHandle } from '@authrim/sveltekit/server';
|
|
20
|
+
*
|
|
21
|
+
* export const handle = createAuthHandle();
|
|
22
|
+
* ```
|
|
23
|
+
*/
|
|
24
|
+
export declare function createAuthHandle(options?: AuthHandleOptions): Handle;
|
|
25
|
+
/**
|
|
26
|
+
* Get session manager for use in server-side code
|
|
27
|
+
*/
|
|
28
|
+
export declare function getServerSessionManager(options?: ServerSessionManagerOptions): ServerSessionManager;
|
|
29
|
+
/**
|
|
30
|
+
* Get auth context from event (requires createAuthHandle to be used)
|
|
31
|
+
*
|
|
32
|
+
* Note: For full type safety, add this to your src/app.d.ts:
|
|
33
|
+
* ```typescript
|
|
34
|
+
* import type { ServerAuthContext } from '@authrim/sveltekit/server';
|
|
35
|
+
*
|
|
36
|
+
* declare global {
|
|
37
|
+
* namespace App {
|
|
38
|
+
* interface Locals {
|
|
39
|
+
* auth?: ServerAuthContext;
|
|
40
|
+
* }
|
|
41
|
+
* }
|
|
42
|
+
* }
|
|
43
|
+
* ```
|
|
44
|
+
*/
|
|
45
|
+
export declare function getAuthFromEvent(event: RequestEvent): ServerAuthContext | null;
|
|
46
|
+
//# sourceMappingURL=handle.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"handle.d.ts","sourceRoot":"","sources":["../../src/lib/server/handle.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,EAEL,KAAK,oBAAoB,EACzB,KAAK,2BAA2B,EAChC,KAAK,iBAAiB,EACvB,MAAM,cAAc,CAAC;AAEtB,MAAM,WAAW,iBAAkB,SAAQ,2BAA2B;IACpE;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,MAAM,CAmBpE;AAMD;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,CAAC,EAAE,2BAA2B,GACpC,oBAAoB,CAEtB;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,YAAY,GAAG,iBAAiB,GAAG,IAAI,CAE9E"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SvelteKit Handle Hook for Authentication
|
|
3
|
+
*/
|
|
4
|
+
import { createServerSessionManager, } from './session.js';
|
|
5
|
+
/**
|
|
6
|
+
* Create auth handle for SvelteKit hooks
|
|
7
|
+
*
|
|
8
|
+
* @example
|
|
9
|
+
* ```typescript
|
|
10
|
+
* // src/hooks.server.ts
|
|
11
|
+
* import { createAuthHandle } from '@authrim/sveltekit/server';
|
|
12
|
+
*
|
|
13
|
+
* export const handle = createAuthHandle();
|
|
14
|
+
* ```
|
|
15
|
+
*/
|
|
16
|
+
export function createAuthHandle(options) {
|
|
17
|
+
const sessionManager = createServerSessionManager(options);
|
|
18
|
+
const callbackPaths = options?.callbackPaths ?? ['/auth/callback'];
|
|
19
|
+
return async ({ event, resolve }) => {
|
|
20
|
+
// Load session into locals
|
|
21
|
+
const authContext = await sessionManager.get(event);
|
|
22
|
+
if (authContext) {
|
|
23
|
+
event.locals.auth = authContext;
|
|
24
|
+
}
|
|
25
|
+
// Handle auth callbacks
|
|
26
|
+
if (isCallbackPath(event.url.pathname, callbackPaths)) {
|
|
27
|
+
// Let the page handle the callback
|
|
28
|
+
return resolve(event);
|
|
29
|
+
}
|
|
30
|
+
return resolve(event);
|
|
31
|
+
};
|
|
32
|
+
}
|
|
33
|
+
function isCallbackPath(pathname, callbackPaths) {
|
|
34
|
+
return callbackPaths.some((path) => pathname.startsWith(path));
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Get session manager for use in server-side code
|
|
38
|
+
*/
|
|
39
|
+
export function getServerSessionManager(options) {
|
|
40
|
+
return createServerSessionManager(options);
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Get auth context from event (requires createAuthHandle to be used)
|
|
44
|
+
*
|
|
45
|
+
* Note: For full type safety, add this to your src/app.d.ts:
|
|
46
|
+
* ```typescript
|
|
47
|
+
* import type { ServerAuthContext } from '@authrim/sveltekit/server';
|
|
48
|
+
*
|
|
49
|
+
* declare global {
|
|
50
|
+
* namespace App {
|
|
51
|
+
* interface Locals {
|
|
52
|
+
* auth?: ServerAuthContext;
|
|
53
|
+
* }
|
|
54
|
+
* }
|
|
55
|
+
* }
|
|
56
|
+
* ```
|
|
57
|
+
*/
|
|
58
|
+
export function getAuthFromEvent(event) {
|
|
59
|
+
return event.locals.auth ?? null;
|
|
60
|
+
}
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
export { createServerSessionManager, type ServerSessionManager, type ServerSessionManagerOptions, type ServerAuthContext, } from './session.js';
|
|
2
|
+
export { createAuthHandle, getServerSessionManager, getAuthFromEvent, type AuthHandleOptions, } from './handle.js';
|
|
3
|
+
export { requireAuth, createAuthLoad, isAuthenticated, getUser, getSession, type AuthLoadOptions, } from './load.js';
|
|
4
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lib/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0BAA0B,EAC1B,KAAK,oBAAoB,EACzB,KAAK,2BAA2B,EAChC,KAAK,iBAAiB,GACvB,MAAM,cAAc,CAAC;AAEtB,OAAO,EACL,gBAAgB,EAChB,uBAAuB,EACvB,gBAAgB,EAChB,KAAK,iBAAiB,GACvB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,WAAW,EACX,cAAc,EACd,eAAe,EACf,OAAO,EACP,UAAU,EACV,KAAK,eAAe,GACrB,MAAM,WAAW,CAAC"}
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SvelteKit Load Helpers for Authentication
|
|
3
|
+
*
|
|
4
|
+
* For full type safety, add this to your src/app.d.ts:
|
|
5
|
+
* ```typescript
|
|
6
|
+
* import type { ServerAuthContext } from '@authrim/sveltekit/server';
|
|
7
|
+
*
|
|
8
|
+
* declare global {
|
|
9
|
+
* namespace App {
|
|
10
|
+
* interface Locals {
|
|
11
|
+
* auth?: ServerAuthContext;
|
|
12
|
+
* }
|
|
13
|
+
* }
|
|
14
|
+
* }
|
|
15
|
+
* ```
|
|
16
|
+
*/
|
|
17
|
+
import type { RequestEvent } from '@sveltejs/kit';
|
|
18
|
+
import type { ServerAuthContext } from './session.js';
|
|
19
|
+
export interface AuthLoadOptions {
|
|
20
|
+
/**
|
|
21
|
+
* Redirect URL for unauthenticated users
|
|
22
|
+
* Default: '/login'
|
|
23
|
+
*/
|
|
24
|
+
loginUrl?: string;
|
|
25
|
+
/**
|
|
26
|
+
* URL parameter to store the original URL
|
|
27
|
+
* Default: 'redirectTo'
|
|
28
|
+
*/
|
|
29
|
+
redirectParam?: string;
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Create auth load helper for protected routes
|
|
33
|
+
*
|
|
34
|
+
* @example
|
|
35
|
+
* ```typescript
|
|
36
|
+
* // src/routes/dashboard/+page.server.ts
|
|
37
|
+
* import { requireAuth } from '@authrim/sveltekit/server';
|
|
38
|
+
*
|
|
39
|
+
* export const load = requireAuth();
|
|
40
|
+
* ```
|
|
41
|
+
*/
|
|
42
|
+
export declare function requireAuth(options?: AuthLoadOptions): ({ locals, url }: RequestEvent) => Promise<{
|
|
43
|
+
auth: ServerAuthContext;
|
|
44
|
+
}>;
|
|
45
|
+
/**
|
|
46
|
+
* Create auth load helper that passes auth data without requiring it
|
|
47
|
+
*
|
|
48
|
+
* @example
|
|
49
|
+
* ```typescript
|
|
50
|
+
* // src/routes/+layout.server.ts
|
|
51
|
+
* import { createAuthLoad } from '@authrim/sveltekit/server';
|
|
52
|
+
*
|
|
53
|
+
* export const load = createAuthLoad();
|
|
54
|
+
* ```
|
|
55
|
+
*/
|
|
56
|
+
export declare function createAuthLoad(): ({ locals }: RequestEvent) => Promise<{
|
|
57
|
+
auth: ServerAuthContext | null;
|
|
58
|
+
}>;
|
|
59
|
+
/**
|
|
60
|
+
* Check if user is authenticated in server-side code
|
|
61
|
+
*
|
|
62
|
+
* @param locals - App.Locals from SvelteKit (requires auth?: ServerAuthContext in app.d.ts)
|
|
63
|
+
*/
|
|
64
|
+
export declare function isAuthenticated(locals: {
|
|
65
|
+
auth?: ServerAuthContext;
|
|
66
|
+
}): boolean;
|
|
67
|
+
/**
|
|
68
|
+
* Get user from locals
|
|
69
|
+
*
|
|
70
|
+
* @param locals - App.Locals from SvelteKit (requires auth?: ServerAuthContext in app.d.ts)
|
|
71
|
+
*/
|
|
72
|
+
export declare function getUser(locals: {
|
|
73
|
+
auth?: ServerAuthContext;
|
|
74
|
+
}): import("@authrim/core").User | null;
|
|
75
|
+
/**
|
|
76
|
+
* Get session from locals
|
|
77
|
+
*
|
|
78
|
+
* @param locals - App.Locals from SvelteKit (requires auth?: ServerAuthContext in app.d.ts)
|
|
79
|
+
*/
|
|
80
|
+
export declare function getSession(locals: {
|
|
81
|
+
auth?: ServerAuthContext;
|
|
82
|
+
}): import("@authrim/core").Session | null;
|
|
83
|
+
//# sourceMappingURL=load.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"load.d.ts","sourceRoot":"","sources":["../../src/lib/server/load.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC9B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,eAAe,IAIrC,iBAAiB,YAAY;;GAa5C;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,cAAc,KACd,YAAY,YAAY;;GAOvC;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE;IAAE,IAAI,CAAC,EAAE,iBAAiB,CAAA;CAAE,GAAG,OAAO,CAE7E;AAED;;;;GAIG;AACH,wBAAgB,OAAO,CAAC,MAAM,EAAE;IAAE,IAAI,CAAC,EAAE,iBAAiB,CAAA;CAAE,uCAE3D;AAED;;;;GAIG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE;IAAE,IAAI,CAAC,EAAE,iBAAiB,CAAA;CAAE,0CAE9D"}
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SvelteKit Load Helpers for Authentication
|
|
3
|
+
*
|
|
4
|
+
* For full type safety, add this to your src/app.d.ts:
|
|
5
|
+
* ```typescript
|
|
6
|
+
* import type { ServerAuthContext } from '@authrim/sveltekit/server';
|
|
7
|
+
*
|
|
8
|
+
* declare global {
|
|
9
|
+
* namespace App {
|
|
10
|
+
* interface Locals {
|
|
11
|
+
* auth?: ServerAuthContext;
|
|
12
|
+
* }
|
|
13
|
+
* }
|
|
14
|
+
* }
|
|
15
|
+
* ```
|
|
16
|
+
*/
|
|
17
|
+
import { redirect } from '@sveltejs/kit';
|
|
18
|
+
/**
|
|
19
|
+
* Create auth load helper for protected routes
|
|
20
|
+
*
|
|
21
|
+
* @example
|
|
22
|
+
* ```typescript
|
|
23
|
+
* // src/routes/dashboard/+page.server.ts
|
|
24
|
+
* import { requireAuth } from '@authrim/sveltekit/server';
|
|
25
|
+
*
|
|
26
|
+
* export const load = requireAuth();
|
|
27
|
+
* ```
|
|
28
|
+
*/
|
|
29
|
+
export function requireAuth(options) {
|
|
30
|
+
const loginUrl = options?.loginUrl ?? '/login';
|
|
31
|
+
const redirectParam = options?.redirectParam ?? 'redirectTo';
|
|
32
|
+
return async ({ locals, url }) => {
|
|
33
|
+
const auth = locals.auth;
|
|
34
|
+
if (!auth) {
|
|
35
|
+
const redirectUrl = new URL(loginUrl, url.origin);
|
|
36
|
+
redirectUrl.searchParams.set(redirectParam, url.pathname + url.search);
|
|
37
|
+
throw redirect(302, redirectUrl.toString());
|
|
38
|
+
}
|
|
39
|
+
return {
|
|
40
|
+
auth,
|
|
41
|
+
};
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Create auth load helper that passes auth data without requiring it
|
|
46
|
+
*
|
|
47
|
+
* @example
|
|
48
|
+
* ```typescript
|
|
49
|
+
* // src/routes/+layout.server.ts
|
|
50
|
+
* import { createAuthLoad } from '@authrim/sveltekit/server';
|
|
51
|
+
*
|
|
52
|
+
* export const load = createAuthLoad();
|
|
53
|
+
* ```
|
|
54
|
+
*/
|
|
55
|
+
export function createAuthLoad() {
|
|
56
|
+
return async ({ locals }) => {
|
|
57
|
+
const auth = locals.auth;
|
|
58
|
+
return {
|
|
59
|
+
auth: auth ?? null,
|
|
60
|
+
};
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Check if user is authenticated in server-side code
|
|
65
|
+
*
|
|
66
|
+
* @param locals - App.Locals from SvelteKit (requires auth?: ServerAuthContext in app.d.ts)
|
|
67
|
+
*/
|
|
68
|
+
export function isAuthenticated(locals) {
|
|
69
|
+
return locals.auth !== undefined && locals.auth !== null;
|
|
70
|
+
}
|
|
71
|
+
/**
|
|
72
|
+
* Get user from locals
|
|
73
|
+
*
|
|
74
|
+
* @param locals - App.Locals from SvelteKit (requires auth?: ServerAuthContext in app.d.ts)
|
|
75
|
+
*/
|
|
76
|
+
export function getUser(locals) {
|
|
77
|
+
return locals.auth?.user ?? null;
|
|
78
|
+
}
|
|
79
|
+
/**
|
|
80
|
+
* Get session from locals
|
|
81
|
+
*
|
|
82
|
+
* @param locals - App.Locals from SvelteKit (requires auth?: ServerAuthContext in app.d.ts)
|
|
83
|
+
*/
|
|
84
|
+
export function getSession(locals) {
|
|
85
|
+
return locals.auth?.session ?? null;
|
|
86
|
+
}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Server Session Manager
|
|
3
|
+
*
|
|
4
|
+
* Cookie を完全に抽象化するレイヤー
|
|
5
|
+
*/
|
|
6
|
+
import type { RequestEvent } from '@sveltejs/kit';
|
|
7
|
+
import type { Session, User } from '@authrim/core';
|
|
8
|
+
/**
|
|
9
|
+
* サーバー側の認証コンテキスト
|
|
10
|
+
*/
|
|
11
|
+
export interface ServerAuthContext {
|
|
12
|
+
session: Session;
|
|
13
|
+
user: User;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* ServerSessionManager のオプション
|
|
17
|
+
*/
|
|
18
|
+
export interface ServerSessionManagerOptions {
|
|
19
|
+
/** Cookie 名 (default: 'authrim_session') */
|
|
20
|
+
cookieName?: string;
|
|
21
|
+
/** SameSite 設定 (default: 'lax') */
|
|
22
|
+
sameSite?: 'strict' | 'lax' | 'none';
|
|
23
|
+
/** Secure フラグ (default: true in production) */
|
|
24
|
+
secure?: boolean;
|
|
25
|
+
/** Path (default: '/') */
|
|
26
|
+
path?: string;
|
|
27
|
+
/** 有効期限(秒)(default: 7 days) */
|
|
28
|
+
maxAge?: number;
|
|
29
|
+
/** HttpOnly フラグ (default: true) */
|
|
30
|
+
httpOnly?: boolean;
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Cookie API を隠す抽象化レイヤー
|
|
34
|
+
*/
|
|
35
|
+
export interface ServerSessionManager {
|
|
36
|
+
get(event: RequestEvent): Promise<ServerAuthContext | null>;
|
|
37
|
+
set(event: RequestEvent, context: ServerAuthContext): void;
|
|
38
|
+
clear(event: RequestEvent): void;
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* ServerSessionManager ファクトリ
|
|
42
|
+
*/
|
|
43
|
+
export declare function createServerSessionManager(options?: ServerSessionManagerOptions): ServerSessionManager;
|
|
44
|
+
//# sourceMappingURL=session.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/lib/server/session.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,IAAI,CAAC;CACZ;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,4CAA4C;IAC5C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mCAAmC;IACnC,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,+CAA+C;IAC/C,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,0BAA0B;IAC1B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,+BAA+B;IAC/B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,mCAAmC;IACnC,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,GAAG,CAAC,KAAK,EAAE,YAAY,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;IAC5D,GAAG,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,iBAAiB,GAAG,IAAI,CAAC;IAC3D,KAAK,CAAC,KAAK,EAAE,YAAY,GAAG,IAAI,CAAC;CAClC;AAKD;;GAEG;AACH,wBAAgB,0BAA0B,CACxC,OAAO,CAAC,EAAE,2BAA2B,GACpC,oBAAoB,CA0CtB"}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Server Session Manager
|
|
3
|
+
*
|
|
4
|
+
* Cookie を完全に抽象化するレイヤー
|
|
5
|
+
*/
|
|
6
|
+
const DEFAULT_COOKIE_NAME = 'authrim_session';
|
|
7
|
+
const DEFAULT_MAX_AGE = 7 * 24 * 60 * 60; // 7 days
|
|
8
|
+
/**
|
|
9
|
+
* ServerSessionManager ファクトリ
|
|
10
|
+
*/
|
|
11
|
+
export function createServerSessionManager(options) {
|
|
12
|
+
const cookieName = options?.cookieName ?? DEFAULT_COOKIE_NAME;
|
|
13
|
+
const sameSite = options?.sameSite ?? 'lax';
|
|
14
|
+
const secure = options?.secure ?? process.env.NODE_ENV === 'production';
|
|
15
|
+
const path = options?.path ?? '/';
|
|
16
|
+
const maxAge = options?.maxAge ?? DEFAULT_MAX_AGE;
|
|
17
|
+
const httpOnly = options?.httpOnly ?? true;
|
|
18
|
+
return {
|
|
19
|
+
async get(event) {
|
|
20
|
+
const cookie = event.cookies.get(cookieName);
|
|
21
|
+
if (!cookie) {
|
|
22
|
+
return null;
|
|
23
|
+
}
|
|
24
|
+
try {
|
|
25
|
+
const data = JSON.parse(cookie);
|
|
26
|
+
// Validate structure
|
|
27
|
+
if (!data.session || !data.user) {
|
|
28
|
+
return null;
|
|
29
|
+
}
|
|
30
|
+
return data;
|
|
31
|
+
}
|
|
32
|
+
catch {
|
|
33
|
+
return null;
|
|
34
|
+
}
|
|
35
|
+
},
|
|
36
|
+
set(event, context) {
|
|
37
|
+
const value = JSON.stringify(context);
|
|
38
|
+
event.cookies.set(cookieName, value, {
|
|
39
|
+
path,
|
|
40
|
+
sameSite,
|
|
41
|
+
secure,
|
|
42
|
+
httpOnly,
|
|
43
|
+
maxAge,
|
|
44
|
+
});
|
|
45
|
+
},
|
|
46
|
+
clear(event) {
|
|
47
|
+
event.cookies.delete(cookieName, { path });
|
|
48
|
+
},
|
|
49
|
+
};
|
|
50
|
+
}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Svelte Auth Stores
|
|
3
|
+
*
|
|
4
|
+
* 設計原則:
|
|
5
|
+
* - 全て Readable(Writable は export しない)
|
|
6
|
+
* - イベントが Source of Truth(Store はイベントの projection)
|
|
7
|
+
* - loadingState は 'idle' が完全安定状態
|
|
8
|
+
*/
|
|
9
|
+
import { type Readable, type Writable } from 'svelte/store';
|
|
10
|
+
import type { Session, User, DirectAuthError } from '@authrim/core';
|
|
11
|
+
/**
|
|
12
|
+
* ローディング状態
|
|
13
|
+
*
|
|
14
|
+
* ルール:
|
|
15
|
+
* - 'idle' は「完全に安定」状態
|
|
16
|
+
* - 全処理完了後は必ず 'idle' に戻る
|
|
17
|
+
* - エラー発生時も 'idle' に戻す(error !== null が唯一の異常判定)
|
|
18
|
+
*/
|
|
19
|
+
export type AuthLoadingState = 'idle' | 'initializing' | 'authenticating' | 'refreshing' | 'signing_out';
|
|
20
|
+
/**
|
|
21
|
+
* Auth Error (UI 向けに簡略化)
|
|
22
|
+
*/
|
|
23
|
+
export interface AuthError {
|
|
24
|
+
code: string;
|
|
25
|
+
message: string;
|
|
26
|
+
details?: unknown;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* 公開ストアインターフェース(全て Readable)
|
|
30
|
+
*/
|
|
31
|
+
export interface AuthStores {
|
|
32
|
+
session: Readable<Session | null>;
|
|
33
|
+
user: Readable<User | null>;
|
|
34
|
+
isAuthenticated: Readable<boolean>;
|
|
35
|
+
loadingState: Readable<AuthLoadingState>;
|
|
36
|
+
error: Readable<AuthError | null>;
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* 内部ストアインターフェース(writable アクセス)
|
|
40
|
+
*/
|
|
41
|
+
export interface InternalAuthStores {
|
|
42
|
+
_session: Writable<Session | null>;
|
|
43
|
+
_user: Writable<User | null>;
|
|
44
|
+
_loadingState: Writable<AuthLoadingState>;
|
|
45
|
+
_error: Writable<AuthError | null>;
|
|
46
|
+
public: AuthStores;
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* ストアファクトリ
|
|
50
|
+
*/
|
|
51
|
+
export declare function createAuthStores(): InternalAuthStores;
|
|
52
|
+
/**
|
|
53
|
+
* DirectAuthError から AuthError への変換
|
|
54
|
+
*/
|
|
55
|
+
export declare function toAuthError(error: DirectAuthError | Error | unknown): AuthError;
|
|
56
|
+
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/lib/stores/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAqB,KAAK,QAAQ,EAAE,KAAK,QAAQ,EAAE,MAAM,cAAc,CAAC;AAC/E,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAEpE;;;;;;;GAOG;AACH,MAAM,MAAM,gBAAgB,GACxB,MAAM,GACN,cAAc,GACd,gBAAgB,GAChB,YAAY,GACZ,aAAa,CAAC;AAElB;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,QAAQ,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAClC,IAAI,EAAE,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IAC5B,eAAe,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;IACnC,YAAY,EAAE,QAAQ,CAAC,gBAAgB,CAAC,CAAC;IACzC,KAAK,EAAE,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,QAAQ,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IACnC,KAAK,EAAE,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IAC7B,aAAa,EAAE,QAAQ,CAAC,gBAAgB,CAAC,CAAC;IAC1C,MAAM,EAAE,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACnC,MAAM,EAAE,UAAU,CAAC;CACpB;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,kBAAkB,CA0BrD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,eAAe,GAAG,KAAK,GAAG,OAAO,GAAG,SAAS,CAoB/E"}
|