@baxcloud/parse-server-baxverify 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 BaxCloud
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,98 @@
+# @baxcloud/parse-server-baxverify
+
+Parse Server custom auth adapter for **BaxVerify** phone login. Mobile clients verify SMS OTP with BaxVerify, then call `ParseUser.logInWith('baxverify', { id, token })`; Parse Server validates the proof JWT server-side.
+
+## Install
+
+```bash
+npm install @baxcloud/parse-server-baxverify parse-server
+```
+
+Requires Node.js 18+. Your BaxCloud API key must stay on the Parse Server — never in mobile apps.
+
+## Quick start
+
+### 1. Environment
+
+```bash
+BAXCLOUD_PROJECT_ID=your-project-id
+BAXCLOUD_API_KEY=your-api-key
+```
+
+### 2. Parse Server config
+
+```javascript
+const { ParseServer } = require('parse-server');
+
+new ParseServer({
+  databaseURI: process.env.DATABASE_URI,
+  appId: process.env.PARSE_APP_ID,
+  masterKey: process.env.PARSE_MASTER_KEY,
+  serverURL: process.env.PARSE_SERVER_URL,
+  auth: {
+    baxverify: {
+      module: '@baxcloud/parse-server-baxverify',
+    },
+  },
+});
+```
+
+### 3. Flutter client
+
+After BaxVerify `verifyOtp`, pass `result.externalAuth` to Parse:
+
+```dart
+await ParseUser.logInWith('baxverify', result.externalAuth!);
+```
+
+See [Flutter BaxVerify SDK](../flutter-verify/README.md#parse-server) and [BaxCloud docs](https://baxcloud.tech/docs/baxverify/sdk/flutter#parse-server).
+
+## Configuration options
+
+You can pass credentials in Parse auth config instead of env vars:
+
+```javascript
+auth: {
+  baxverify: {
+    module: '@baxcloud/parse-server-baxverify',
+    projectId: process.env.BAXCLOUD_PROJECT_ID,
+    apiKey: process.env.BAXCLOUD_API_KEY,
+    consume: true, // default — single-use token on login
+  },
+},
+```
+
+| Option | Description |
+|--------|-------------|
+| `projectId` | BaxCloud project ID (or `BAXCLOUD_PROJECT_ID`) |
+| `apiKey` | BaxCloud API key (or `BAXCLOUD_API_KEY`) |
+| `consume` | Consume JWT on login (default `true`) |
+
+## Custom factory
+
+For a local auth file or shared defaults:
+
+```javascript
+const { createBaxVerifyParseAuth } = require('@baxcloud/parse-server-baxverify/create');
+
+module.exports = createBaxVerifyParseAuth({
+  projectId: process.env.BAXCLOUD_PROJECT_ID,
+  apiKey: process.env.BAXCLOUD_API_KEY,
+});
+```
+
+## How it works
+
+1. Client sends OTP via BaxVerify (`@baxcloud/baxverify` on your API, or `baxcloud_verify_sdk` on Flutter).
+2. Client verifies OTP and receives a short-lived `accessToken` (JWT proof).
+3. Client calls `ParseUser.logInWith('baxverify', { id: phone, token: accessToken })`.
+4. This adapter calls BaxVerify `validateVerificationToken`, checks phone matches `authData.id`, and stores `{ phone }` on the Parse User.
+
+## Related
+
+- [@baxcloud/baxverify](../node-verify/README.md) — BaxVerify Node.js SDK
+- [BaxVerify docs](https://baxcloud.tech/docs/baxverify)
+
+## License
+
+MIT

package/dist/create.d.ts

@@ -0,0 +1,34 @@
+/** authData from ParseUser.logInWith('baxverify', { id, token }) */
+interface BaxVerifyParseAuthData {
+    id?: string;
+    token?: string;
+}
+/** Fields from Parse Server auth.baxverify config (plus env fallbacks). */
+interface BaxVerifyParseAuthOptions {
+    projectId?: string;
+    apiKey?: string;
+    /** Consume token on login (default true — single use). */
+    consume?: boolean;
+    module?: string;
+}
+interface BaxVerifyParseAuthProvider {
+    validateAuthData: (authData: BaxVerifyParseAuthData, options?: BaxVerifyParseAuthOptions) => Promise<Record<string, string>>;
+    validateAppId: (appIds?: string[], authData?: BaxVerifyParseAuthData) => Promise<void>;
+}
+
+/**
+ * Create a Parse Server auth adapter for BaxVerify phone login.
+ *
+ * @example
+ * ```js
+ * const { createBaxVerifyParseAuth } = require('@baxcloud/parse-server-baxverify/create');
+ *
+ * module.exports = createBaxVerifyParseAuth({
+ *   projectId: process.env.BAXCLOUD_PROJECT_ID,
+ *   apiKey: process.env.BAXCLOUD_API_KEY,
+ * });
+ * ```
+ */
+declare function createBaxVerifyParseAuth(defaults?: BaxVerifyParseAuthOptions): BaxVerifyParseAuthProvider;
+
+export { type BaxVerifyParseAuthData, type BaxVerifyParseAuthOptions, type BaxVerifyParseAuthProvider, createBaxVerifyParseAuth };

package/dist/create.js

@@ -0,0 +1,67 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/create.ts
+var create_exports = {};
+__export(create_exports, {
+  createBaxVerifyParseAuth: () => createBaxVerifyParseAuth
+});
+module.exports = __toCommonJS(create_exports);
+var import_baxverify = require("@baxcloud/baxverify");
+function resolveConfig(defaults, parseOptions) {
+  return {
+    projectId: parseOptions?.projectId ?? defaults?.projectId ?? process.env.BAXCLOUD_PROJECT_ID,
+    apiKey: parseOptions?.apiKey ?? defaults?.apiKey ?? process.env.BAXCLOUD_API_KEY,
+    consume: parseOptions?.consume ?? defaults?.consume ?? true
+  };
+}
+function createBaxVerifyParseAuth(defaults) {
+  return {
+    validateAppId: () => Promise.resolve(),
+    validateAuthData: async (authData, options) => {
+      const phone = authData?.id;
+      const token = authData?.token;
+      if (!phone || !token) {
+        throw new Error("BaxVerify authData requires id (phone) and token");
+      }
+      const config = resolveConfig(defaults, options);
+      if (!config.projectId?.trim() || !config.apiKey?.trim()) {
+        throw new Error(
+          "BaxVerify Parse auth requires projectId and apiKey (Parse auth options or BAXCLOUD_PROJECT_ID / BAXCLOUD_API_KEY env vars)"
+        );
+      }
+      const verify = new import_baxverify.BaxCloudVerifyClient({
+        projectId: config.projectId,
+        apiKey: config.apiKey
+      });
+      const proof = await verify.validateVerificationToken({
+        token,
+        consume: config.consume ?? true
+      });
+      if (proof.phone !== phone) {
+        throw new Error("BaxVerify phone does not match authData.id");
+      }
+      return { phone: proof.phone };
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createBaxVerifyParseAuth
+});

package/dist/index.d.ts

@@ -0,0 +1,5 @@
+import type { BaxVerifyParseAuthProvider } from './create';
+
+/** Default Parse Server auth adapter (env: BAXCLOUD_PROJECT_ID, BAXCLOUD_API_KEY). */
+declare const baxVerifyParseAuth: BaxVerifyParseAuthProvider;
+export = baxVerifyParseAuth;

package/dist/index.js

@@ -0,0 +1,5 @@
+'use strict';
+
+const { createBaxVerifyParseAuth } = require('./create');
+
+module.exports = createBaxVerifyParseAuth();

package/package.json

@@ -0,0 +1,64 @@
+{
+  "name": "@baxcloud/parse-server-baxverify",
+  "version": "1.0.0",
+  "description": "Parse Server custom auth adapter for BaxVerify phone login (SMS OTP)",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    },
+    "./create": {
+      "require": "./dist/create.js",
+      "types": "./dist/create.d.ts"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsup src/create.ts --format cjs --dts --clean && cp src/index.js src/index.d.ts dist/",
+    "dev": "tsup src/create.ts --format cjs --dts --watch",
+    "typecheck": "tsc --noEmit",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "baxcloud",
+    "baxverify",
+    "parse-server",
+    "parse",
+    "auth",
+    "sms",
+    "otp",
+    "phone",
+    "authentication"
+  ],
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/baxcloud/parse-server-baxverify",
+    "directory": "SDK/parse-server-baxverify"
+  },
+  "peerDependencies": {
+    "parse-server": ">=6.0.0"
+  },
+  "peerDependenciesMeta": {
+    "parse-server": {
+      "optional": true
+    }
+  },
+  "dependencies": {
+    "@baxcloud/baxverify": "^1.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.3.0"
+  }
+}