@crossauth/sveltekit 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/LICENSE +203 -0
  2. package/README.md +12 -0
  3. package/dist/index.cjs +7018 -0
  4. package/dist/index.d.ts +37 -0
  5. package/dist/index.js +7018 -0
  6. package/dist/sveltekitadminclientendpoints.d.ts +150 -0
  7. package/dist/sveltekitadminendpoints.d.ts +369 -0
  8. package/dist/sveltekitapikey.d.ts +48 -0
  9. package/dist/sveltekitoauthclient.d.ts +704 -0
  10. package/dist/sveltekitoauthserver.d.ts +406 -0
  11. package/dist/sveltekitresserver.d.ts +101 -0
  12. package/dist/sveltekitserver.d.ts +286 -0
  13. package/dist/sveltekitsession.d.ts +629 -0
  14. package/dist/sveltekitsessionadapter.d.ts +48 -0
  15. package/dist/sveltekitsharedclientendpoints.d.ts +289 -0
  16. package/dist/sveltekituserclientendpoints.d.ts +151 -0
  17. package/dist/sveltekituserendpoints.d.ts +730 -0
  18. package/dist/tests/sveltekitadminclientendpoints.test.d.ts +6 -0
  19. package/dist/tests/sveltekitadminendpoints.test.d.ts +6 -0
  20. package/dist/tests/sveltekitapikeyserver.test.d.ts +1 -0
  21. package/dist/tests/sveltekitoauthclient.test.d.ts +11 -0
  22. package/dist/tests/sveltekitoauthresserver.test.d.ts +10 -0
  23. package/dist/tests/sveltekitoauthserver.test.d.ts +6 -0
  24. package/dist/tests/sveltekituserclientendpoints.test.d.ts +6 -0
  25. package/dist/tests/sveltekituserendpoints.test.d.ts +6 -0
  26. package/dist/tests/sveltemock.test.d.ts +1 -0
  27. package/dist/tests/sveltemocks.d.ts +77 -0
  28. package/dist/tests/sveltesessionhooks.test.d.ts +1 -0
  29. package/dist/tests/testshared.d.ts +79 -0
  30. package/dist/utils.d.ts +38 -0
  31. package/package.json +52 -0
package/dist/sveltekitadminclientendpoints.d.ts ADDED
@@ -0,0 +1,150 @@
1
+ import { SvelteKitSessionServer, SvelteKitSessionServerOptions } from './sveltekitsession';
2
+ import { RequestEvent } from '@sveltejs/kit';
3
+ import { SvelteKitSharedClientEndpoints, SearchClientsPageData, UpdateClientPageData, UpdateClientFormData, DeleteClientPageData, DeleteClientFormData } from './sveltekitsharedclientendpoints';
4
+
5
+ /**
6
+ * Endpoints for manipulating the OAuth client table, for use by admins.
7
+ *
8
+ * You do not instantiate this directly - it is created when you create
9
+ * a {@link SvelteKitServer}.
10
+ *
11
+ * **Endpoints**
12
+ *
13
+ * These endpoints can only be called if an admin user is logged in, as defined
14
+ * by the {@link SveltekitSessionServer.isAdminFn}. If the user does not
15
+ * have this permission, a 401 error is raised.
16
+ *
17
+ * | Name | Description | PageData (returned by load) | ActionData (return by actions) | Form fields expected by actions | URL param |
18
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
19
+ * | baseEndpoint | This PageData is returned by all endpoints' load function. | - `user` logged in {@link @crossauth/common!User} | *Not provided* | | |
20
+ * | | | - `csrfToken` CSRF token if enabled | | | | | loginPage |
21
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
22
+ * | searchClientsEndpoint | Returns a paginated set of clients or those matching search | See {@link SearchClientsPageData} | *Not provided* | | |
23
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
24
+ * | updateClientEndpoint | Updates a client | See {@link UpdateClientsPageData} | `default`: | | |
25
+ * | | | | See {@link UpdateClientsFormData} | See {@link SvelteKitSharedClientEndpoints.updateClient_internal} | client_id |
26
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
27
+ * | createClientEndpoint | Creates a new client | See {@link CreateClientsPageData} | `default`: | | |
28
+ * | | | | See {@link CreateClientsFormData} | See {@link SvelteKitSharedClientEndpoints.createClient_internal} | client_id |
29
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
30
+ * | deleteClientEndpoint | Deletes a client | See {@link DeleteClientsPageData} | `default`: | | |
31
+ * | | | | See {@link DeleteClientsFormData} | See {@link SvelteKitSharedClientEndpoints.deleteClient_internal} | client_id |
32
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
33
+ */
34
+ export declare class SvelteKitAdminClientEndpoints extends SvelteKitSharedClientEndpoints {
35
+ /**
36
+ * Constructor
37
+ * @param sessionServer the session server which will have these endpoints
38
+ * @param options See {@link SvelteKitSessionServerOptions}.
39
+ */
40
+ constructor(sessionServer: SvelteKitSessionServer, options: SvelteKitSessionServerOptions);
41
+ /**
42
+ * See {@link SvelteKitSharedClientEndpoints.searchClients_internal}
43
+ */
44
+ searchClients(event: RequestEvent, searchTerm?: string, skip?: number, take?: number, userid?: number | string): Promise<SearchClientsPageData>;
45
+ /**
46
+ * See {@link SvelteKitSharedClientEndpoints.loadClient_internal}
47
+ */
48
+ loadClient(event: RequestEvent): Promise<UpdateClientPageData>;
49
+ /**
50
+ * See {@link SvelteKitSharedClientEndpoints.updateClient_internal}
51
+ */
52
+ updateClient(event: RequestEvent): Promise<UpdateClientFormData>;
53
+ /**
54
+ * See {@link SvelteKitSharedClientEndpoints.emptyClient_internal}
55
+ */
56
+ emptyClient(event: RequestEvent): Promise<UpdateClientPageData>;
57
+ /**
58
+ * See {@link SvelteKitSharedClientEndpoints.createClient_internal}
59
+ */
60
+ createClient(event: RequestEvent): Promise<UpdateClientFormData>;
61
+ /**
62
+ * See {@link SvelteKitSharedClientEndpoints.loadDeleteClient_internal}
63
+ */
64
+ loadDeleteClient(event: RequestEvent): Promise<DeleteClientPageData>;
65
+ /**
66
+ * See {@link SvelteKitSharedClientEndpoints.deleteClient_internal}
67
+ */
68
+ deleteClient(event: RequestEvent): Promise<DeleteClientFormData>;
69
+ /**
70
+ * See class documentation.
71
+ */
72
+ readonly searchClientsEndpoint: {
73
+ load: (event: RequestEvent) => Promise<{
74
+ ok: boolean;
75
+ clients?: import('@crossauth/common').OAuthClient[] | undefined;
76
+ skip: number;
77
+ take: number;
78
+ search?: string | undefined;
79
+ error?: string | undefined;
80
+ exception?: import('@crossauth/common').CrossauthError | undefined;
81
+ hasPrevious: boolean;
82
+ hasNext: boolean;
83
+ clientUserId?: string | number | undefined;
84
+ user: import('@crossauth/common').User | undefined;
85
+ csrfToken: string | undefined;
86
+ }>;
87
+ };
88
+ /**
89
+ * See class documentation.
90
+ */
91
+ readonly updateClientEndpoint: {
92
+ load: (event: RequestEvent) => Promise<{
93
+ ok: boolean;
94
+ client?: import('@crossauth/common').OAuthClient | undefined;
95
+ client_id?: string | undefined;
96
+ clientUsername?: string | undefined;
97
+ error?: string | undefined;
98
+ exception?: import('@crossauth/common').CrossauthError | undefined;
99
+ validFlows: string[];
100
+ valid_flowNames: {
101
+ [key: string]: string;
102
+ };
103
+ user: import('@crossauth/common').User | undefined;
104
+ csrfToken: string | undefined;
105
+ }>;
106
+ actions: {
107
+ default: (event: RequestEvent) => Promise<UpdateClientFormData>;
108
+ };
109
+ };
110
+ /**
111
+ * See class documentation.
112
+ */
113
+ readonly createClientEndpoint: {
114
+ load: (event: RequestEvent) => Promise<{
115
+ ok: boolean;
116
+ client?: import('@crossauth/common').OAuthClient | undefined;
117
+ client_id?: string | undefined;
118
+ clientUsername?: string | undefined;
119
+ error?: string | undefined;
120
+ exception?: import('@crossauth/common').CrossauthError | undefined;
121
+ validFlows: string[];
122
+ valid_flowNames: {
123
+ [key: string]: string;
124
+ };
125
+ user: import('@crossauth/common').User | undefined;
126
+ csrfToken: string | undefined;
127
+ }>;
128
+ actions: {
129
+ default: (event: RequestEvent) => Promise<UpdateClientFormData>;
130
+ };
131
+ };
132
+ /**
133
+ * See class documentation.
134
+ */
135
+ readonly deleteClientEndpoint: {
136
+ load: (event: RequestEvent) => Promise<{
137
+ ok: boolean;
138
+ client?: import('@crossauth/common').OAuthClient | undefined;
139
+ client_id?: string | undefined;
140
+ clientUsername?: string | undefined;
141
+ error?: string | undefined;
142
+ exception?: import('@crossauth/common').CrossauthError | undefined;
143
+ user: import('@crossauth/common').User | undefined;
144
+ csrfToken: string | undefined;
145
+ }>;
146
+ actions: {
147
+ default: (event: RequestEvent) => Promise<DeleteClientFormData>;
148
+ };
149
+ };
150
+ }
package/dist/sveltekitadminendpoints.d.ts ADDED
@@ -0,0 +1,369 @@
1
+ import { SvelteKitSessionServer, SvelteKitSessionServerOptions } from './sveltekitsession';
2
+ import { User, UserInputFields, CrossauthError } from '@crossauth/common';
3
+ import { RequestEvent } from '@sveltejs/kit';
4
+
5
+ /**
6
+ * Return type for {@link SvelteKitAdminEndpoints.updateUser}
7
+ * {@link SvelteKitAdminEndpoints.updateUserEndpoint} action.
8
+ *
9
+ * See class documentation for {@link SvelteKitUserEndpoints} for more details.
10
+ */
11
+ export type AdminUpdateUserReturn = {
12
+ user?: User;
13
+ error?: string;
14
+ exception?: CrossauthError;
15
+ formData?: {
16
+ [key: string]: string;
17
+ };
18
+ ok: boolean;
19
+ };
20
+ /**
21
+ * Return type for {@link SvelteKitAdminEndpoints.changePassword}
22
+ * {@link SvelteKitAdminEndpoints.changePasswordEndpoint} action.
23
+ *
24
+ * See class documentation for {@link SvelteKitUserEndpoints} for more details.
25
+ */
26
+ export type AdminChangePasswordReturn = {
27
+ user?: User;
28
+ error?: string;
29
+ exception?: CrossauthError;
30
+ formData?: {
31
+ [key: string]: string;
32
+ };
33
+ ok: boolean;
34
+ };
35
+ /**
36
+ * Return type for {@link SvelteKitAdminEndpoints.createUser}
37
+ * {@link SvelteKitAdminEndpoints.createUserEndpoint} action.
38
+ *
39
+ * See class documentation for {@link SvelteKitUserEndpoints} for more details.
40
+ */
41
+ export type AdminCreateUserReturn = {
42
+ user?: UserInputFields;
43
+ factor2Data?: {
44
+ userData: {
45
+ [key: string]: any;
46
+ };
47
+ username: string;
48
+ csrfToken?: string | undefined;
49
+ factor2: string;
50
+ };
51
+ error?: string;
52
+ exception?: CrossauthError;
53
+ formData?: {
54
+ [key: string]: string | undefined;
55
+ };
56
+ ok: boolean;
57
+ };
58
+ /**
59
+ * Return type for {@link SvelteKitAdminEndpoints.deleteUser}
60
+ * {@link SvelteKitAdminEndpoints.deleteUserEndpoint} action.
61
+ *
62
+ * See class documentation for {@link SvelteKitUserEndpoints} for more details.
63
+ */
64
+ export type AdminDeleteUserReturn = {
65
+ user?: User;
66
+ error?: string;
67
+ exception?: CrossauthError;
68
+ ok: boolean;
69
+ };
70
+ /**
71
+ * Return type for {@link SvelteKitAdminEndpoints.searchUsers}
72
+ * {@link SvelteKitAdminEndpoints.searchUsersEndpoint} action.
73
+ *
74
+ * See class documentation for {@link SvelteKitUserEndpoints} for more details.
75
+ */
76
+ export type SearchUsersReturn = {
77
+ ok: boolean;
78
+ users?: User[];
79
+ skip: number;
80
+ take: number;
81
+ search?: string;
82
+ error?: string;
83
+ exception?: CrossauthError;
84
+ hasPrevious: boolean;
85
+ hasNext: boolean;
86
+ };
87
+ /**
88
+ * Provides endpoints for users to login, logout and maintain their
89
+ * own account.
90
+ *
91
+ * This is created automatically when {@link SveltekitServer} is instantiated.
92
+ * The endpoints are available through `SveltekitServer.sessionServer.adminEndpoints`.
93
+ *
94
+ * The methods in this class are designed to be used in
95
+ * `+*_server.ts` files in the `load` and `actions` exports. You can
96
+ * either use the low-level functions such as {@link updateUser} or use
97
+ * the `action` and `load` members of the endpoint objects.
98
+ * For example, for {@link updateUserEndpoint}
99
+ *
100
+ * ```
101
+ * export const load = crossauth.sessionServer?.adminEndpoints.updateUserEndpoint.load ?? crossauth.dummyLoad;
102
+ * export const actions = crossauth.sessionServer?.adminEndpoints.updateUserEndpoint.actions ?? crossauth.dummyActions;
103
+ * ```
104
+ * The `?? crossauth.dummyLoad` and `?? crossauth.dummyActions` is to stop
105
+ * typescript complaining as the `sessionServer` member of the
106
+ * {@link @crossauth/sveltekit/SveltekitServer} object may be undefined, because
107
+ * some application do not have a session server.
108
+ *
109
+ * **Endpoints**
110
+ *
111
+ * These endpoints can only be called if an admin user is logged in, as defined
112
+ * by the {@link SveltekitSessionServer.isAdminFn}. If the user does not
113
+ * have this permission, a 401 error is raised.
114
+ *
115
+ * | Name | Description | PageData (returned by load) | ActionData (return by actions) | Form fields expected by actions | URL param |
116
+ * | -------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ----------------------------------------------------------- | --------- |
117
+ * | baseEndpoint | This PageData is returned by all endpoints' load function. | - `user` logged in {@link @crossauth/common!User} | *Not provided* | | |
118
+ * | | | - `csrfToken` CSRF token if enabled | | | | | loginPage |
119
+ * | -------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ----------------------------------------------------------- | --------- |
120
+ * | searchUsersEndpoint | Returns a paginated set of users or those matchign search | See return of {@link SvelteKitAdminEndpoints.searchUsers} | *Not provided* | | |
121
+ * | -------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ----------------------------------------------------------- | --------- |
122
+ * | updateUserEndpoint | Update a user's details | - `allowedFactor2` see {@link SvelteKitAdminEndpoints}.`signupEndpoint` | `default`: | `default`: | `id` |
123
+ * | | | - `editUser` the {@link @crossauth/common!User} being edited | - see {@link SveltekitAdminEndpoint.updateUser} return | - see {@link SveltekitAdminEndpoint.updateUser} event | |
124
+ * | -------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ----------------------------------------------------------- | --------- |
125
+ * | changePasswordEndpoint | Update a user's password | - `next` page to load on szccess | `default`: | `default`: | `id` |
126
+ * | | | - `editUser` the {@link @crossauth/common!User} being edited | - see {@link SveltekitAdminEndpoint.changePassword} return | - see {@link SveltekitAdminEndpoint.changePassword} event | |
127
+ * | -------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ----------------------------------------------------------- | --------- |
128
+ * | createUserEndpoint | Creates a new user | - `allowedFactor2` see {@link SvelteKitAdminEndpoints}.`signupEndpoint` | `default`: | `default`: | `id` |
129
+ * | | | | - see {@link SveltekitAdminEndpoint.createUser} return | - see {@link SveltekitAdminEndpoint.createUser} event | |
130
+ * | -------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ----------------------------------------------------------- | --------- |
131
+ * | deleteUser | Deletes a user | - `error` error message if user ID doesn't exist | `default`: | `default`: | `id` |
132
+ * | | | | - see {@link SveltekitAdminEndpoint.deleteUser} return | - see {@link SveltekitAdminEndpoint.deleteUser} event | |
133
+ */
134
+ export declare class SvelteKitAdminEndpoints {
135
+ private sessionServer;
136
+ private userSearchFn;
137
+ constructor(sessionServer: SvelteKitSessionServer, options: SvelteKitSessionServerOptions);
138
+ /** Returns whether there is a user logged in with a cookie-based session
139
+ */
140
+ isSessionUser(event: RequestEvent): boolean;
141
+ /**
142
+ * Returns either a list of all users or users matching a search term.
143
+ *
144
+ * The returned list is pagenaed using the `skip` and `take` parameters.
145
+ *
146
+ * The searching is done with `userSearchFn` that was passed in the
147
+ * options (see {@link SvelteKitSessionServerOptions }). THe default
148
+ * is an exact username match.
149
+ *
150
+ * By default, the searh and pagination parameters are taken from
151
+ * the query parameters in the request but can be overridden.
152
+ *
153
+ * @param event the Sveltekit request event. The following query parameters
154
+ * are read:
155
+ * - `search` the search term which is ignored if it is undefined, null
156
+ * or the empty string.
157
+ * - `skip` the number to start returning from. 0 if not defined
158
+ * - `take` the maximum number to return. 10 if not defined.
159
+ * @param search overrides the search term from the query.
160
+ * @param skip overrides the skip term from the query
161
+ * @param take overrides the take term from the query
162
+ *
163
+ * @return an object with the following members:
164
+ * - `ok` true or false depending on whether there was an error
165
+ * - `users` the matching array of users
166
+ * - `error` error message if `ok` is false
167
+ * - `exception` a {@link @crossauth/common!CrossauthError} if there was
168
+ * an error.
169
+ * - `search` the search term that was used
170
+ * - `skip` the skip term that was used
171
+ * - `take` the take term that was used
172
+ * - `hasNext` whether there are still more results after the ones that
173
+ * were returned
174
+ * - `hasPrevious` whether there are more results before the ones that
175
+ * were returned.
176
+ */
177
+ searchUsers(event: RequestEvent, searchTerm?: string, skip?: number, take?: number): Promise<SearchUsersReturn>;
178
+ /**
179
+ * Call this to update a user's details.
180
+ *
181
+ * If you try updating factor2, the user will be asked to reset factor2
182
+ * upon next login.
183
+ *
184
+ * If you do not set a password, user will be sent a password reset
185
+ * token to set a new one.
186
+ *
187
+ * @param event the Sveltekit event. The form fields used are
188
+ * - `username` the desired username
189
+ * - `factor2` the desiredf second factor
190
+ * - `state` the desired state, which will be overridden if the
191
+ * user has to reset password and/or factor2
192
+ * - `user_*` anything prefixed with `user` that is also in
193
+ * the `userEditableFields` or `adminEditableFields` options
194
+ * passed when constructing the
195
+ * user storage object will be added to the {@link @crossuath/common!User}
196
+ * object (with `user_` removed).
197
+ *
198
+ * @returns object with:
199
+ *
200
+ * - `ok` true if creation and login were successful,
201
+ * false otherwise.
202
+ * even if factor2 authentication is required, this will still
203
+ * be true if there was no error.
204
+ * - `formData` the form fields extracted from the request
205
+ * - `error` an error message or undefined
206
+ * - `exception` a {@link @crossauth/common!CrossauthError} if an
207
+ * exception was raised
208
+ */
209
+ updateUser(user: User, event: RequestEvent): Promise<AdminUpdateUserReturn>;
210
+ /**
211
+ * Call this with POST data to change the logged-in user's password
212
+ *
213
+ * @param user the user to edit
214
+ * @param event the Sveltekit event. This should contain
215
+ * - `old_`*secrets` (eg `old_password`) the existing secret.
216
+ * - `new_`*secrets` (eg `new_password`) the new secret.
217
+ * - `repeat_`*secrets` (eg `repeat_password`) repeat of the new secret.
218
+
219
+ * @returns object with:
220
+ *
221
+ * - `ok` true if creation and login were successful,
222
+ * false otherwise.
223
+ * - `user` the user if successful
224
+ * - `error` an error message or undefined
225
+ * - `exception` a {@link @crossauth/common!CrossauthError} if an
226
+ * exception was raised
227
+ * - `formData` the form fields extracted from the request
228
+ */
229
+ changePassword(user: User, event: RequestEvent): Promise<AdminChangePasswordReturn>;
230
+ /**
231
+ * Creates an account.
232
+ *
233
+ * Form data is returned unless there was an error extrafting it.
234
+ *
235
+ * Initiates user login if creation was successful.
236
+ *
237
+ * If login was successful, no factor2 is needed
238
+ * and no email verification is needed, the user is returned.
239
+ *
240
+ * If email verification is needed, `emailVerificationRequired` is
241
+ * returned as `true`.
242
+ *
243
+ * If factor2 configuration is required, `factor2Required` is returned
244
+ * as `true`.
245
+ *
246
+ * @param event the Sveltekit event. The form fields used are
247
+ * - `username` the desired username
248
+ * - `factor2` which must be in the `allowedFactor2` option passed
249
+ * to the constructor.
250
+ * - *secrets* (eg `password`) which are factor1 authenticator specific
251
+ * - `repeat_`*secrets* (eg `repeat_password`)
252
+ * - `user_*` anything prefixed with `user` that is also in
253
+ * - the `userEditableFields` option passed when constructing the
254
+ * user storage object will be added to the {@link @crossuath/common!User}
255
+ * object (with `user_` removed).
256
+ *
257
+ * @returns object with:
258
+ *
259
+ * - `ok` true if creation and login were successful,
260
+ * false otherwise.
261
+ * even if factor2 authentication is required, this will still
262
+ * be true if there was no error.
263
+ * - `user` the user if login was successful
264
+ * - `formData` the form fields extracted from the request
265
+ * - `error` an error message or undefined
266
+ * - `exception` a {@link @crossauth/common!CrossauthError} if an
267
+ * exception was raised
268
+ * - `factor2Required` if true, second factor authentication is needed
269
+ * to complete login
270
+ * - `factor2Data` contains data that needs to be passed to the user's
271
+ * chosen factor2 authenticator
272
+ * - `emailVerificationRequired` if true, the user needs to click on
273
+ * the link emailed to them to complete signup.
274
+ */
275
+ createUser(event: RequestEvent): Promise<AdminCreateUserReturn>;
276
+ /**
277
+ * Call this to delete the logged-in user
278
+ *
279
+ * @param userid the user to delete
280
+ * @param event the Sveltekit event.
281
+
282
+ * @returns object with:
283
+ *
284
+ * - `ok` true if creation and login were successful,
285
+ * false otherwise.
286
+ * - `error` an error message or undefined
287
+ * - `exception` a {@link @crossauth/common!CrossauthError} if an
288
+ * exception was raised
289
+ */
290
+ deleteUser(event: RequestEvent): Promise<AdminDeleteUserReturn>;
291
+ baseEndpoint(event: RequestEvent): {
292
+ user: User | undefined;
293
+ csrfToken: string | undefined;
294
+ };
295
+ readonly searchUsersEndpoint: {
296
+ load: (event: RequestEvent) => Promise<{
297
+ ok: boolean;
298
+ users?: User[] | undefined;
299
+ skip: number;
300
+ take: number;
301
+ search?: string | undefined;
302
+ error?: string | undefined;
303
+ exception?: CrossauthError | undefined;
304
+ hasPrevious: boolean;
305
+ hasNext: boolean;
306
+ user: User | undefined;
307
+ csrfToken: string | undefined;
308
+ }>;
309
+ };
310
+ private getUserFromParam;
311
+ readonly updateUserEndpoint: {
312
+ actions: {
313
+ default: (event: RequestEvent) => Promise<AdminUpdateUserReturn>;
314
+ };
315
+ load: (event: RequestEvent) => Promise<{
316
+ user: User | undefined;
317
+ csrfToken: string | undefined;
318
+ allowedFactor2: {
319
+ name: string;
320
+ friendlyName: string;
321
+ configurable: boolean;
322
+ }[];
323
+ editUser: User | undefined;
324
+ }>;
325
+ };
326
+ readonly changePasswordEndpoint: {
327
+ actions: {
328
+ default: (event: RequestEvent) => Promise<AdminChangePasswordReturn>;
329
+ };
330
+ load: (event: RequestEvent) => Promise<{
331
+ user: User | undefined;
332
+ csrfToken: string | undefined;
333
+ editUser: User | undefined;
334
+ } | {
335
+ user: User | undefined;
336
+ csrfToken: string | undefined;
337
+ editUser: User;
338
+ next?: string | undefined;
339
+ }>;
340
+ };
341
+ readonly createUserEndpoint: {
342
+ load: (event: RequestEvent) => Promise<{
343
+ user: User | undefined;
344
+ csrfToken: string | undefined;
345
+ allowedFactor2: {
346
+ name: string;
347
+ friendlyName: string;
348
+ configurable: boolean;
349
+ }[];
350
+ }>;
351
+ actions: {
352
+ default: (event: RequestEvent) => Promise<AdminCreateUserReturn>;
353
+ };
354
+ };
355
+ readonly deleteUserEndpoint: {
356
+ actions: {
357
+ default: (event: RequestEvent) => Promise<AdminDeleteUserReturn>;
358
+ };
359
+ load: (event: RequestEvent) => Promise<{
360
+ user: User | undefined;
361
+ csrfToken: string | undefined;
362
+ error: string;
363
+ } | {
364
+ user: User | undefined;
365
+ csrfToken: string | undefined;
366
+ username: string;
367
+ }>;
368
+ };
369
+ }
package/dist/sveltekitapikey.d.ts ADDED
@@ -0,0 +1,48 @@
1
+ import { UserStorage, KeyStorage, ApiKeyManagerOptions } from '@crossauth/backend';
2
+ import { RequestEvent, MaybePromise } from '@sveltejs/kit';
3
+
4
+ /**
5
+ * Options for {@link SvelteKitApiKeyServer }.
6
+ *
7
+ * See {@link SveltekitApiKeyServer } constructor for description of parameters
8
+ */
9
+ export interface SvelteKitApiKeyServerOptions extends ApiKeyManagerOptions {
10
+ /** Pass the Sveltekit redirect function */
11
+ redirect?: any;
12
+ /** Pass the Sveltekit error function */
13
+ error?: any;
14
+ }
15
+ /**
16
+ * This class adds API key functionality to the Fatify server.
17
+ *
18
+ * You shouldn't have to instantiate this directly. It is created
19
+ * when instantiating {@link SvelteKitServer} if enabling API key support-
20
+ *
21
+ * API keys are bearer tokens than have to be manually created for a user.
22
+ * They can be used in place of username/password login and session cookies.
23
+ *
24
+ * This class adds a `preHandler` hook that sets the `user` field in the
25
+ * Fastify request. It also sets `scopes` in the request object if there
26
+ * is a `scope` field in the JSON object in the `data` field in in the API
27
+ * record in key storage.
28
+ */
29
+ export declare class SvelteKitApiKeyServer {
30
+ private userStorage;
31
+ private apiKeyManager;
32
+ /**
33
+ * Hook to check if the user is logged in and set data in `locals`
34
+ * accordingly.
35
+ */
36
+ readonly hook: (input: {
37
+ event: RequestEvent;
38
+ }) => MaybePromise<void>;
39
+ /**
40
+ * Constructor
41
+ *
42
+ * @param app the Fastify app instance
43
+ * @param userStorage the user storage with user accounts
44
+ * @param keyStorage the storage for finding API keys
45
+ * @param options See {@link FastifyApiKeyServerOptions}
46
+ */
47
+ constructor(userStorage: UserStorage, keyStorage: KeyStorage, options?: SvelteKitApiKeyServerOptions);
48
+ }