@casual-simulation/aux-records 3.3.9 → 3.3.11-alpha.11019730384

package/AuthController.d.ts

@@ -1,4 +1,4 @@
-import { AddressType, AuthListedUserAuthenticator, AuthStore, AuthUser, SaveNewUserFailure, UserRole } from './AuthStore';
+import { AddressType, AuthListedUserAuthenticator, AuthSession, AuthStore, AuthUser, SaveNewUserFailure, UserRole } from './AuthStore';
 import { NotAuthorizedError, NotLoggedInError, NotSupportedError, ServerError } from '@casual-simulation/aux-common/Errors';
 import { AuthMessenger } from './AuthMessenger';
 import { RegexRule } from './Utils';
@@ -100,7 +100,8 @@ export declare class AuthController {
     set relyingParties(value: RelyingParty[]);
     constructor(authStore: AuthStore, messenger: AuthMessenger, configStore: ConfigurationStore, forceAllowSubscriptionFeatures?: boolean, privoClient?: PrivoClientInterface, relyingParties?: RelyingParty[]);
     createAccount(request: CreateAccountRequest): Promise<CreateAccountResult>;
-    hashHighEntropyPasswordWithSalt(sessionSecret: string, sessionId: string): string;
+    issueSession(request: IssueSessionRequest): Promise<IssueSessionResult>;
+    private _hashHighEntropyPasswordWithSalt;
     requestLogin(request: LoginRequest): Promise<LoginRequestResult>;
     private _validateAddress;
     completeLogin(request: CompleteLoginRequest): Promise<CompleteLoginResult>;
@@ -159,6 +160,93 @@ export declare class AuthController {
     listSmsRules(): Promise<ListSmsRulesResult>;
     isValidEmailAddress(email: string): Promise<IsValidEmailAddressResult>;
     isValidDisplayName(displayName: string, name?: string): Promise<IsValidDisplayNameResult>;
+    /**
+     * Issues a new session for the given user.
+     * @param userId The ID of the user to issue the session for.
+     * @param lifetimeMs The lifetime of the session in milliseconds. If null, then the session will not expire.
+     * @param previousSession The previous session that this session is replacing. If null, then this session is not related to another session.
+     * @param ipAddress The IP address that the session is being issued to. Should be null if the ip address is not known.
+     */
+    private _issueSession;
+}
+/**
+ * Validates the given session key using the given auth controller.
+ * @param sessionKey The session key to validate.
+ */
+export declare function validateSessionKey(auth: AuthController, sessionKey: string | null): Promise<ValidateSessionKeyResult | NoSessionKeyResult>;
+export interface IssueSessionRequest {
+    /**
+     * The ID of the user to issue the session for.
+     */
+    userId: string;
+    /**
+     * The role of the user that is requesting the session.
+     */
+    requestingUserRole: UserRole;
+    /**
+     * The ID of the user that is requesting the session.
+     * Null if the session is not being requested by another user.
+     */
+    requestingUserId: string | null;
+    /**
+     * The number of miliseconds that the session should last.
+     * If null, then the session will not expire.
+     * If undefined, then the default session lifetime will be used.
+     */
+    lifetimeMs?: number | null | undefined;
+    /**
+     * The IP address that the session is being issued from.
+     */
+    ipAddress: string | null;
+}
+export type IssueSessionResult = IssueSessionSuccess | IssueSessionFailure;
+export interface IssueSessionSuccess extends AuthSessionInfo {
+    success: true;
+}
+export interface IssueSessionFailure {
+    success: false;
+    errorCode: ServerError | 'not_authorized';
+    errorMessage: string;
+}
+export interface IssueSessionOptions extends Omit<AuthSession, 'secretHash' | 'sessionId' | 'connectionSecret' | 'revokeTimeMs' | 'grantedTimeMs' | 'nextSessionId' | 'previousSessionId' | 'expireTimeMs' | 'requestId'> {
+    /**
+     * The lifetime of the session in milliseconds. If null, then the session will not expire.
+     */
+    lifetimeMs: number | null;
+    /**
+     * The previous session that is being used to issue this session.
+     * If null, then the session is not being issued from another session.
+     */
+    previousSession?: AuthSession | null;
+    /**
+     * The ID of the login request that this session is being issued from.
+     */
+    requestId?: string | null;
+}
+export interface AuthSessionInfo {
+    /**
+     * The ID of the user that the session is for.
+     */
+    userId: string;
+    /**
+     * The secret key that provides access for the session.
+     */
+    sessionKey: string;
+    /**
+     * The connection key that provides websocket access for the session.
+     */
+    connectionKey: string;
+    /**
+     * The unix timestamp in miliseconds that the session will expire at.
+     * If null, then the session will not expire.
+     */
+    expireTimeMs: number | null;
+}
+export interface NoSessionKeyResult {
+    success: false;
+    userId: null;
+    errorCode: 'no_session_key';
+    errorMessage: string;
 }
 export interface PrivoSignUpRequest {
     /**
@@ -248,24 +336,8 @@ export interface CompleteOpenIDLoginRequest {
     ipAddress: string;
 }
 export type CompleteOpenIDLoginResult = CompleteOpenIDLoginSuccess | CompleteOpenIDLoginFailure;
-export interface CompleteOpenIDLoginSuccess {
+export interface CompleteOpenIDLoginSuccess extends AuthSessionInfo {
     success: true;
-    /**
-     * The ID of the user that the session is for.
-     */
-    userId: string;
-    /**
-     * The secret key that provides access for the session.
-     */
-    sessionKey: string;
-    /**
-     * The connection key that provides websocket access for the session.
-     */
-    connectionKey: string;
-    /**
-     * The unix timestamp in miliseconds that the session will expire at.
-     */
-    expireTimeMs: number;
 }
 export interface CompleteOpenIDLoginFailure {
     success: false;
@@ -273,28 +345,12 @@ export interface CompleteOpenIDLoginFailure {
     errorMessage: string;
 }
 export type PrivoSignUpRequestResult = PrivoSignUpRequestSuccess | PrivoSignUpRequestFailure;
-export interface PrivoSignUpRequestSuccess {
+export interface PrivoSignUpRequestSuccess extends AuthSessionInfo {
     success: true;
-    /**
-     * The ID of the user that was created.
-     */
-    userId: string;
     /**
      * The URL that the user can be sent to in order to complete the sign up and set their password.
      */
     updatePasswordUrl: string;
-    /**
-     * The session key that was issued for the session.
-     */
-    sessionKey: string;
-    /**
-     * The connection key that was issued for the session.
-     */
-    connectionKey: string;
-    /**
-     * The expiration time of the session in miliseconds in Unix time.
-     */
-    expireTimeMs: number;
 }
 export interface PrivoSignUpRequestFailure {
     success: false;
@@ -318,28 +374,18 @@ export interface CreateAccountRequest {
     userRole: UserRole;
     /**
      * The IP Address that the request is being made from.
+     * Can be set to null if not creating a session.
      */
-    ipAddress: string;
+    ipAddress: string | null;
+    /**
+     * Whether or not to create a session for the user.
+     * Defaults to true.
+     */
+    createSession?: boolean;
 }
 export type CreateAccountResult = CreateAccountSuccess | CreateAccountFailure;
-export interface CreateAccountSuccess {
+export interface CreateAccountSuccess extends AuthSessionInfo {
     success: true;
-    /**
-     * The ID of the user that was created.
-     */
-    userId: string;
-    /**
-     * The session key that was issued for the session.
-     */
-    sessionKey: string;
-    /**
-     * The connection key that was issued for the session.
-     */
-    connectionKey: string;
-    /**
-     * The expiration time of the session in miliseconds in Unix time.
-     */
-    expireTimeMs: number;
 }
 export interface CreateAccountFailure {
     success: false;
@@ -433,24 +479,8 @@ export interface CompleteLoginRequest {
     ipAddress: string;
 }
 export type CompleteLoginResult = CompleteLoginSuccess | CompleteLoginFailure;
-export interface CompleteLoginSuccess {
+export interface CompleteLoginSuccess extends AuthSessionInfo {
     success: true;
-    /**
-     * The ID of the user that the session is for.
-     */
-    userId: string;
-    /**
-     * The secret key that provides access for the session.
-     */
-    sessionKey: string;
-    /**
-     * The connection key that provides websocket access for the session.
-     */
-    connectionKey: string;
-    /**
-     * The unix timestamp in miliseconds that the session will expire at.
-     */
-    expireTimeMs: number;
 }
 export interface CompleteLoginFailure {
     success: false;
@@ -658,24 +688,8 @@ export interface ReplaceSessionRequest {
     ipAddress: string;
 }
 export type ReplaceSessionResult = ReplaceSessionSuccess | ReplaceSessionFailure;
-export interface ReplaceSessionSuccess {
+export interface ReplaceSessionSuccess extends AuthSessionInfo {
     success: true;
-    /**
-     * The ID of the user that the session is for.
-     */
-    userId: string;
-    /**
-     * The secret key that provides access for the session.
-     */
-    sessionKey: string;
-    /**
-     * The connection key that provides websocket access for the session.
-     */
-    connectionKey: string;
-    /**
-     * The unix timestamp in miliseconds that the session will expire at.
-     */
-    expireTimeMs: number;
 }
 export interface ReplaceSessionFailure {
     success: false;