@delopay/sdk 0.3.2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.cjs +55 -16
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +79 -14
  4. package/dist/index.d.ts +79 -14
  5. package/dist/index.js +55 -16
  6. package/dist/index.js.map +1 -1
  7. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -2070,21 +2070,29 @@ var Users = class {
2070
2070
  return this.request("POST", "/user/forgot_password", { body: params });
2071
2071
  }
2072
2072
  /**
2073
- * Reset a user's password using the single-purpose JWT delivered by the
2074
- * forgot-password email.
2073
+ * Commit a password reset.
2075
2074
  *
2076
- * The backend validates the token **twice**: first by the
2077
- * `SinglePurposeJWTAuth` middleware (reads `Authorization: Bearer …`),
2078
- * then by the handler itself (decodes `body.token` as an `EmailToken` and
2079
- * looks up the user by the embedded email — see
2080
- * `crates/router/src/core/user.rs:687`). The same JWT satisfies both, so
2081
- * the SDK sends it in both places. Callers still pass `{ password, token }`.
2075
+ * The caller is responsible for obtaining a `SinglePurposeToken` with
2076
+ * `purpose: reset_password` via the email-token exchange + TOTP flow
2077
+ * (see `fromEmail`, `beginTotp`, `updateTotp`/`verifyTotp`,
2078
+ * `generateRecoveryCodes`, `terminate2fa`) and setting it on the client
2079
+ * via `setJwtToken` before calling this method. `body.token` must still
2080
+ * be the original `EmailToken` from the reset-link URL the handler
2081
+ * decodes it a second time to find the user
2082
+ * (`delopay-backend/crates/router/src/core/user.rs:687`).
2082
2083
  */
2083
2084
  async resetPassword(params) {
2084
- return this.request("POST", "/user/reset_password", {
2085
- body: params,
2086
- headers: { Authorization: `Bearer ${params.token}` }
2087
- });
2085
+ return this.request("POST", "/user/reset_password", { body: params });
2086
+ }
2087
+ /**
2088
+ * Exchange an email-link token (`EmailToken`) for a single-purpose JWT
2089
+ * that drives the next step of the flow (TOTP, verify email, accept
2090
+ * invitation, etc.). No authentication required.
2091
+ *
2092
+ * The `token_type` in the response tells you which step to run next.
2093
+ */
2094
+ async fromEmail(params) {
2095
+ return this.request("POST", "/user/from_email", { body: params });
2088
2096
  }
2089
2097
  async verifyEmail(params) {
2090
2098
  return this.request("POST", "/user/verify_email", { body: params });
@@ -2113,9 +2121,24 @@ var Users = class {
2113
2121
  async acceptInvitation(params) {
2114
2122
  return this.request("POST", "/user/user/invite/accept", { body: params });
2115
2123
  }
2124
+ /**
2125
+ * Start TOTP setup (or no-op if already set).
2126
+ *
2127
+ * Returns the QR-code payload when the user has no TOTP configured yet;
2128
+ * returns `{ secret: null }` when the user is already set up (caller
2129
+ * should then prompt for a 6-digit code and call `verifyTotp`).
2130
+ *
2131
+ * Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2132
+ */
2116
2133
  async beginTotp() {
2117
2134
  return this.request("GET", "/user/2fa/totp/begin");
2118
2135
  }
2136
+ /**
2137
+ * Verify a 6-digit TOTP code for a user whose TOTP is already set up.
2138
+ * Marks the code as used in Redis so subsequent flow steps can advance.
2139
+ *
2140
+ * Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2141
+ */
2119
2142
  async verifyTotp(params) {
2120
2143
  return this.request("POST", "/user/2fa/totp/verify", { body: params });
2121
2144
  }
@@ -2182,13 +2205,29 @@ var Users = class {
2182
2205
  async check2faStatusV2() {
2183
2206
  return this.request("GET", "/user/2fa/v2");
2184
2207
  }
2185
- /** Update TOTP. `PUT /user/2fa/totp/verify` */
2208
+ /**
2209
+ * Finish first-time TOTP setup: commit the secret generated by `beginTotp`
2210
+ * against a 6-digit code from the user's authenticator app.
2211
+ *
2212
+ * `PUT /user/2fa/totp/verify`. Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2213
+ */
2186
2214
  async updateTotp(params) {
2187
2215
  return this.request("PUT", "/user/2fa/totp/verify", { body: params });
2188
2216
  }
2189
- /** Terminate 2FA. `GET /user/2fa/terminate` */
2190
- async terminate2fa() {
2191
- return this.request("GET", "/user/2fa/terminate");
2217
+ /**
2218
+ * Complete the TOTP step and advance to the next flow stage (e.g.
2219
+ * `reset_password`). Returns a fresh single-purpose token with the
2220
+ * next `token_type`.
2221
+ *
2222
+ * `GET /user/2fa/terminate`. Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2223
+ */
2224
+ async terminate2fa(query) {
2225
+ if (query === void 0) {
2226
+ return this.request("GET", "/user/2fa/terminate");
2227
+ }
2228
+ return this.request("GET", "/user/2fa/terminate", {
2229
+ query
2230
+ });
2192
2231
  }
2193
2232
  /** Create auth method. `POST /user/auth` */
2194
2233
  async createAuthMethod(params) {